ARMV4i (Windows Mobile 6) Native Code disassembler

StackOverflow https://stackoverflow.com/questions/22309

  •  09-06-2019
  •  | 
  •  

Question

Does anyone know of a disassembler for ARMV4i executables and DLLs?

I've got a plug-in DLL I'm writing with a very rare data abort (<5% of the time) that I have narrowed down to a specific function (via dumpbin and the address output by the data abort). However, it is a fairly large function and I would like to narrow it down a little. I know it's happening in a memset() call, but that particular function has about 35 of them, so I was hoping that by looking at the disassembly I could figure out where about the problem actually is.

Was it helpful?

Solution

IDA Pro will definitely do ARM disassembly. And they (Datarescue) once arranged me a licence at about 11PM local time, so I like to recommend them...

I see from http://www.datarescue.com/idabase/ that there's been some rearrangement of the company, but I guess it's still a good product.

Here's the link to the new publisher: http://www.hex-rays.com/idapro/

OTHER TIPS

I believe that IDA Pro will do what you want. It was mentioned in the O'Reilly Security Warrior book and I've seen it recommended on Windows Mobile developer forums.

ChARMeD is a Windows Mobile / Pocket PC / Win CE (for ARM CPUs) Disassembler and Assembler

You might also look at BDASM, a shareware disassembler - later versions have ARM plugins. The website seems to be down, but if you search for it you'll find the shareware distribution.

The source code for the simple ARM disassembler, DISARM, is available as well.

The binutils (linux compiler tools) objdump can be used to produce disassembly, "objdump -b binary -m arm7tdmi -D file_name"

-Adam

A couple of years ago I found an ARM disassembler I used while doing some embedded work. However, I don't remember its name - though I think it was part of a larger package like an emulator or something.

In your case, could you ask your compiler to generate an assembly listing of the compiled code? That might help give you some scope.

Failing that, you could break up your function into one or more new functions, if all you can get is the stack trace. Then break up the new function into one or more again. This is the tried-and-true "divide and conquer" method. And if you have 35 calls to memset() in one function, it might be a good idea from a design standpoint too!

Update: I found the package I used: ARMphetamine. It worked for the ARM9 code I was developing, but it looks like it hasn't been updated in quite some time.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top