Create an account

Very important

  • To access the important data of the forums, you must be active in each forum and especially in the leaks and database leaks section, send data and after sending the data and activity, data and important content will be opened and visible for you.
  • You will only see chat messages from people who are at or below your level.
  • More than 500,000 database leaks and millions of account leaks are waiting for you, so access and view with more activity.
  • Many important data are inactive and inaccessible for you, so open them with activity. (This will be done automatically)

0Day Forums Coding Assembly objdump and ARM vs Thumb

Thread Rating:
  • 630 Vote(s) - 3.47 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Options
objdump and ARM vs Thumb

Offline sinistrodextral492538


Member
*
Member
Posts: 0
Threads: 0
Joined: Dec 2019
Reputation: 0
Level: inf [Level]
Total Points: inf
Rank nan / 1
100% to upload Level
Rank
Activity inf / 1
99% to upload your Rank
Activity
Experience nan
100% to upload Experience
Experience

Points: 50
#1
07-24-2023, 12:13 PM
I'm trying to disassemble an object built for ARM with gcc. Unfortunately, objdump is trying to guess whether the code is ARM and Thumb, and is getting it wrong: it thinks my code is Thumb when it's actually ARM.

I see that objdump has an option to force it to interpret all instructions as Thumb (`-Mforce-thumb`), but it doesn't have one to force ARM mode!

This seems like a really weird omission to me, and it's seriously hampering my ability to get work done (I'm on an embedded device and my only means of debugging is to look at the disassembly). I've tried various approaches, including trying to tell objdump to use an ARM architecture that doesn't support Thumb, but nothing seems to work. Any ideas?

(And yes, I know that the instructions *really are* ARM...)
Reply

Offline Mrskyjwigfday


Member
*
Member
Posts: 0
Threads: 0
Joined: Jan 2021
Reputation: 0
Level: inf [Level]
Total Points: inf
Rank nan / 1
100% to upload Level
Rank
Activity inf / 1
99% to upload your Rank
Activity
Experience nan
100% to upload Experience
Experience

Points: 50
#2
07-24-2023, 12:35 PM
This sounds like a bug in either compiler/linker or objdump. Normally the symbols should be marked properly if they're Thumb or ARM and disassembled accordingly.

That said, there's a few things you can try:

1. interpret file as plain binary (-b binary -D) - this will disable symbol checking and will disassemble whole file as ARM. Downside: lots of garbage in the output, no nice addresses.
2. use [IDA Pro][1]. Even if it guesses incorrectly, you can always override its decision. Also, it's a much nicer disassembly environment :)


[1]:

[To see links please register here]

Reply

Offline equimolecular165


Member
*
Member
Posts: 0
Threads: 0
Joined: Jun 2021
Reputation: 0
Level: inf [Level]
Total Points: inf
Rank nan / 1
100% to upload Level
Rank
Activity inf / 1
99% to upload your Rank
Activity
Experience nan
100% to upload Experience
Experience

Points: 50
#3
07-24-2023, 12:45 PM
`arm-linux-gnueabi-objdump -marm -b binary -D` does the trick for me. It doesn't preserve the symbol information though, so it's not quite what you are looking for, but it gives you the disassemble, which is a start.
Reply

« Next Oldest
Next Newest »


Forum Jump:


Users browsing this thread:
1 Guest(s)

©0Day  2016 - 2023 | All Rights Reserved.  Made with    for the community. Connected through