Stack Overflow
Stack Overflow

Questions tagged [disassembly]

Involves turning "compiled" code (such as machine code, byte code or IR code) back in higher-level assembly mnemonics.

Disassembly is the process for turning a binary form back into its higher-level counterpart so that it can be inspected or altered in a human-readable form.

This is normally done with the aid of a disassembler, some notable examples being:

1640 questions
21
votes
3 answers

Why does 64-bit VC++ compiler add nop instruction after function calls?

I've compiled the following using Visual Studio C++ 2008 SP1, x64 C++ compiler: I'm curious, why did compiler add those nop instructions after those calls? PS1. I would understand that the 2nd and 3rd nops would be to align the code on a 4 byte…
c00000fd
  • 20,994
  • 29
  • 177
  • 400
21
votes
5 answers

Using objdump for ARM architecture: Disassembling to ARM

I have an object file and am trying to disassemble it. When I use: objdump -d example.o I get an assembly in code in the file format of elf64-x86-64. I am trying to disassemble this into ARM, how do I go about doing this?
Steve
  • 211
  • 1
  • 2
  • 3
21
votes
3 answers

Are there any IDA Pro alternatives?

Are there any disassembler which provide a feature set comparable to IDA Pro? I'm interested in both free and commercial products. Please use one answer per product and if possible write a short comment about it, like "easy to use", "many features",…
Daniel Rikowski
  • 71,375
  • 57
  • 251
  • 329
20
votes
2 answers

Need help understanding E8 asm call instruction x86

I need a helping hand in order to understand the following assembly instruction. It seems to me that I am calling a address at someUnknownValue += 20994A? E8 32F6FFFF - call std::_Init_locks::operator=+20994A
Michael
  • 892
  • 2
  • 10
  • 28
19
votes
3 answers

Can I give objdump an address and have it disassemble the containing function?

I'm finding it really annoying to have to disassemble large swathes of library code just to get enough context to see what is causing a crash. Is there any way that I can just hand objdump an address, and have it find the boundaries of the…
alexgolec
  • 26,898
  • 33
  • 107
  • 159
19
votes
2 answers

Is there a disassembler + debugger for java (ala OllyDbg / SoftICE for assembler)?

Is there a utility similar to OllyDbg / SoftICE for java? I.e. execute class (from jar / with class path) and, without source code, show the disassembly of the intermediate code with ability to step through / step over / search for references / edit…
Ran Biron
  • 6,317
  • 5
  • 37
  • 67
19
votes
9 answers

reverse engineering c programs

every c program is converted to machine code, if this binary is distributed. Since the instruction set of a computer is well known, is it possible to get back the C original program?
shreyasva
  • 13,126
  • 25
  • 78
  • 101
19
votes
4 answers

What are efficient ways to debug an optimized C/C++ program?

Many times I work with optimized code (sometimes even involving vectorized loops), which contain bugs and such. How would one debug such code? I'm looking for any kind of tools or techniques. I use the following (possibly outdated) tools, so I'm…
vehomzzz
  • 42,832
  • 72
  • 186
  • 216
18
votes
4 answers

How do I compare the contents of two dlls?

I would like to compare several dlls of one install to several dlls of another install of the application I'm working with. I need to ensure they are exact same. How do I compare two dlls to ensure they have the exact same methods, properties,…
Eric
  • 2,202
  • 2
  • 26
  • 30
18
votes
2 answers

Why is the stack filled with 0xCCCCCCCC

I'm currently disassembling some small C programs made in Visual Studio 2012 Express, and i've noticed a trend amongst the binaries. The first set of instructions executed in the main function are always: SUB ESP,154 ; Doesn't…
Volatile
  • 677
  • 2
  • 8
  • 17
18
votes
3 answers

Is a C-Style array to std::array transition completely safe for arrays?

First time questioner :) Is it possible to transform global c-style arrays to std::arrays without breaking the code? I'm working on a project which consists of decompiling the source code of an old game. We have already managed to refactor a large…
Silvester
  • 421
  • 5
  • 13
17
votes
2 answers

Dynamically Mocking iOS Dynamic Type System Text Size (UIContentSizeCategory)

I'd like to easily test my app with different selections of system text size, including accessibility sizes. These can be set in the Settings app (Display & Brightness => Text Size or General => Accessibility => Larger Text). The only way I can…
Tim Arnold
  • 8,359
  • 8
  • 44
  • 67
17
votes
1 answer

Meaning of BND RET in x86

I was going through some disassembly of a CRT library (the SEH prolog in particular) when I suddenly came across this strange instruction bnd ret. Can anyone explain the meaning of the f2 prefix right before c3 (ret opcode)?
NTAuthority
  • 351
  • 3
  • 10
17
votes
5 answers

How can I view the disassembly of optimised jitted .NET code?

For one reason or another, I sometimes find it useful or just interesting to look at the optimised compiler output for a function. For unmanaged C/C++ code, my favourite way to do this has been to compile in Release mode, stick a breakpoint in the…
Wesley Hill
  • 1,789
  • 1
  • 16
  • 27
17
votes
5 answers

Could not load file or assembly 'AssemblyName PublicKeyToken=null' or one of its dependencies

{"Could not load file or assembly 'AssemblyName, PublicKeyToken=null' or one of its dependencies. The located assembly's manifest definition does not match the assembly reference. (Exception from HRESULT: 0x80131040)":"AssemblyName,…
Pantelis
  • 2,060
  • 3
  • 25
  • 40
1 2
3
99 100