Hello Expert.!!
I have a only code in elf file .text section.
I want make a dis-assembler but i don't know which is thumb or arm code.
how to distinguish arm or thumb. i can not read cpsr regester infomation. only have a code...
thanks
this is idea scan in libc..
sometimes mixed arm code and thumb code.
how to distinguish .. that....
.text:0000DD8C 08 48 LDR R0, =(unk_4C540 - 0xDD96)
.text:0000DD8E 09 49 LDR R1, =(sub_E02C+1 - 0xDD98)
.text:0000DD90 08 B5 PUSH {R3,LR}
.text:0000DD92 78 44 ADD R0, PC ; unk_4C540
.text:0000DD94 79 44 ADD R1, PC ; sub_E02C
.text:0000DD96 01 F0 92 E9 BLX pthread_once
.text:0000DD9A 40 B1 CBZ R0, locret_DDAE
.text:0000DD9C 06 49 LDR R1, =(aMalloc_leak_ch - 0xDDA6)
.text:0000DD9E 06 20 MOVS R0, #6
.text:0000DDA0 06 4A LDR R2, =(aUnableToInitia - 0xDDA8)
.text:0000DDA2 79 44 ADD R1, PC ; "malloc_leak_check"
.text:0000DDA4 7A 44 ADD R2, PC ; "Unable to initialize malloc_debug compo"...
.text:0000DDA6 BD E8 08 40 POP.W {R3,LR}
.text:0000DDAA 04 F0 FF BD B.W sub_129AC
Hi 박주병,
although I am not familiar with the elf format, I think there would be boundary addresses of ARM and Thumb codes in an elf header.
As for my previous example, the boundaries would be 0x8000, 0x8009, 0x8010, 0x8018, 0x801c, 0x8020 and 0x8024. All addresses exists in the elf header.
Best regards,
Yasuhiko Koumoto.
umm... so such as idea or objdump (dissassembler) may be parsing elf format and finding bx or blx instruction.
so guess these instruction arm or not.
and blanched address space thumb or arm... humm...
thanks for your opnion and i will more study for that.