Let's say you're in a gdb session and you're printing instructions of libc functions via x/[num_of_instructions]i [address]. How does gdb know whether they are to be interpreted as thumb or arm instructions?
Asked
Active
Viewed 245 times
2
-
1it can only tell from hints left by the binary file format, it is not possible to tell instructions from data or arm from thumb, etc... – old_timer Apr 28 '18 at 00:22
-
unless you disassemble in execution order and even there a computed branch is essentially a dead end. – old_timer Apr 28 '18 at 00:22
-
also understand that the gnu tools often dont get it right, there is some luck involved if it works...and this is not an arm/thumb thing but disassembly in general, look at x86 disassembly as a good example of this, one mode, still cant get it right all the time. – old_timer May 02 '18 at 19:41
-
@old_timer: thanks – Narc Eritor May 07 '18 at 22:05