It's just a wrapper around LLVM. So any project would be forced to ship also the corresponding LLVM version, if it's not present on the system - e.g. for Windows or embedded applications. A bit too much for a simple disassembler. So it's not a direct replacement for Capstone.
Full disclosure, I'm one of the nyxstone developers - so I might be biased.
In comparison to capstone, nyxstone lacks the features of instruction decomposition and providing read/written registers.
In addition, nyxstone directly interfaces with LLVM and thus is expected to be a lot slower than capstone, which uses
instruction tables generated by a modified LLVM.
I want to note here that Nyxstone is intended more as a replacement for Keystone than Capstone. We added the disassembler
mainly because we could. Compared to Keystone, nyxstone allows precise definition of target triple and ISA extensions,
allows definition of external labels, supports structured output with instruction details (address, bytes, assembly),
rejects partial and invalid inputs and rejects instructions not supported by the specific core
(for example UMAAL is supported by Cortex-M4, but not by Cortex-M3), and is more up to date.
Nyxstone does not require patches in the LLVM source tree, and thus is (I'd argue) more maintainable and easier to keep
up to date.
Capstone doesn't vendor LLVM either. It just contains some pieces of the LLVM-ish infrastructure that were converted from C++ to the pure C and are pretty lean, without any external dependency.
xvilka|1 year ago
ashvardanian|1 year ago
stuxnot|1 year ago
In comparison to capstone, nyxstone lacks the features of instruction decomposition and providing read/written registers. In addition, nyxstone directly interfaces with LLVM and thus is expected to be a lot slower than capstone, which uses instruction tables generated by a modified LLVM.
I want to note here that Nyxstone is intended more as a replacement for Keystone than Capstone. We added the disassembler mainly because we could. Compared to Keystone, nyxstone allows precise definition of target triple and ISA extensions, allows definition of external labels, supports structured output with instruction details (address, bytes, assembly), rejects partial and invalid inputs and rejects instructions not supported by the specific core (for example UMAAL is supported by Cortex-M4, but not by Cortex-M3), and is more up to date. Nyxstone does not require patches in the LLVM source tree, and thus is (I'd argue) more maintainable and easier to keep up to date.
saagarjha|1 year ago
xvilka|1 year ago