社区成员推荐我分析以下内容以了解在 ARM 架构中发出的系统调用。我怀疑如何在这种结构中获取程序。我已经尝试过 gdb disas 命令,但是部分不可见。请帮忙。
.data
HelloWorldString:
.ascii "Hello World\n"
.text
.globl _start
_start:
# Load all the arguments for write ()
mov r7, #4
mov r0, #1
ldr r1,=HelloWorldString
mov r2, #12
svc #0
# Need to exit the program
mov r7, #1
mov r0, #0
svc #0
gcc -S filename.c -o filename.S
如果您使用的是 GNU 工具链,您可以尝试 objdump 实用程序。它会是这样的:
arm-xxx-objdump -d your-binar-or-object-file
使用以下命令,您必须能够更好地读取对象转储。
你的工具链objdump -d -S a.out > dump.txt
这是使用 arc-gcc 的示例 C 代码和相应的对象转储。
int f2()
{
int f2_var1 = 10;
int f2_var2 = 20;
return f2_var1+f2_var2;
}
void f1()
{
int f1_var1 = 0;
f1_var1 = f2();
}
int main(void)
{
f1();
return 0;
}
我使用的命令是 arc-linux-uclibc-objdump -d -S a.out > dump.txt
dump.txt 如下。(文件有点大。但无能为力)
a.out: file format elf32-littlearc
Disassembly of section .init:
00010240 <_init-0x4>:
10240: 00 00 00 00
00010244 <_init>:
10244: f1 c0 push_s blink
10246: e0 78 nop_s
10248: c6 08 00 00 bl 1030c <frame_dummy>
1024c: 7a 09 00 00 bl 103c4 <__do_global_ctors_aux>
10250: d1 c0 pop_s blink
10252: e0 7e j_s [blink]
Disassembly of section .plt:
00010254 <.plt>:
10254: 00 16 0b 70 01 00 d0 24 ld r11,[0x000124d0]
1025c: 00 16 0a 70 01 00 d4 24 ld r10,[0x000124d4]
10264: 20 20 80 02 j [r10]
10268: cc 24 01 00 cmp.z r4,r0
1026c: 30 27 8c 7f 00 00 6c 22 ld r12,[pcl,0x226c]
10274: 20 7c j_s.d [r12]
10276: ef 74 mov_s r12,pcl
Disassembly of section .text:
00010278 <__start>:
10278: 4a 23 00 30 mov fp,0
1027c: 00 c1 ld_s r1,[sp,0]
1027e: b8 70 mov_s r5,r0
10280: 81 c2 add_s r2,sp,4
10282: cf 70 01 00 a4 03 mov_s r0,0x000103a4
10288: cf 73 01 00 44 02 mov_s r3,0x00010244
1028e: 0a 24 80 0f 01 00 0c 04 mov r4,0x0001040c
10296: 84 24 3f 3e and sp,sp,-8
1029a: 0a 26 00 07 mov r6,sp
1029e: d2 0f cf ff bl 1026c <_init+0x28>
102a2: 07 00 00 00 b 102a6 <_exit_halt>
000102a6 <_exit_halt>:
102a6: e9 20 60 00 flag 1
102aa: 4a 26 00 70 nop
102ae: 4a 26 00 70 nop
102b2: 4a 26 00 70 nop
102b6: f3 07 cf ff b 102a6 <_exit_halt>
102ba: 4a 26 00 70 nop
...
000102c0 <__do_global_dtors_aux>:
102c0: f1 c0 push_s blink
102c2: fc 1c c8 b6 st.a fp,[sp,-4]
102c6: 0a 23 00 37 mov fp,sp
102ca: 00 16 82 70 01 00 dc 24 ldb r2,[0x000124dc]
102d2: 0b ea breq_s r2,0,102e6 <__do_global_dtors_aux+0x26>
102d4: 29 00 00 00 b 102fc <__do_global_dtors_aux+0x3c>
102d8: 44 6a add_s r2,r2,4
102da: 00 1e 80 70 01 00 1c 24 st r2,[0x0001241c]
102e2: 22 20 c0 00 jl [r3]
102e6: 00 16 02 70 01 00 1c 24 ld r2,[0x0001241c]
102ee: 60 82 ld_s r3,[r2,0]
102f0: f4 eb brne_s r3,0,102d8 <__do_global_dtors_aux+0x18>
102f2: 01 d8 mov_s r0,1
102f4: 00 1e 02 70 01 00 dc 24 stb r0,[0x000124dc]
102fc: 04 14 1b 34 ld.ab fp,[sp,4]
10300: 00 14 1f 32 ld.a blink,[sp,0]
10304: e0 7f j_s.d [blink]
10306: 40 24 1c 31 add sp,sp,4
1030a: e0 78 nop_s
0001030c <frame_dummy>:
1030c: f8 1c c8 b6 st.a fp,[sp,-8]
10310: 0a 23 00 37 mov fp,sp
10314: 00 16 02 70 01 00 c8 24 ld r2,[0x000124c8]
1031c: 4b 7a tst_s r2,r2
1031e: 20 00 01 00 bz 1033c <frame_dummy+0x30>
10322: cf 72 00 00 00 00 mov_s r2,0
10328: 4b 7a tst_s r2,r2
1032a: 14 00 01 00 bz 1033c <frame_dummy+0x30>
1032e: cf 70 01 00 c8 24 mov_s r0,0x000124c8
10334: 04 14 1b 34 ld.ab fp,[sp,4]
10338: a1 c0 add_s sp,sp,4
1033a: 00 7a j_s [r2]
1033c: 04 14 1b 34 ld.ab fp,[sp,4]
10340: e0 7f j_s.d [blink]
10342: 40 24 1c 31 add sp,sp,4
10346: e0 78 nop_s
00010348 <f2>:
10348: f8 1c c8 b6 st.a fp,[sp,-8]
1034c: 0a 23 00 37 mov fp,sp
10350: a2 c1 sub_s sp,sp,8
10352: 0a d8 mov_s r0,10
10354: f8 1b 00 b0 st r0,[fp,-8]
10358: 14 d8 mov_s r0,20
1035a: fc 1b 00 b0 st r0,[fp,-4]
1035e: f8 13 03 b0 ld r3,[fp,-8]
10362: fc 13 02 b0 ld r2,[fp,-4]
10366: 5a 63 add_s r2,r3,r2
10368: 48 70 mov_s r0,r2
1036a: a2 c0 add_s sp,sp,8
1036c: 04 14 1b 34 ld.ab fp,[sp,4]
10370: e0 7f j_s.d [blink]
10372: 40 24 1c 31 add sp,sp,4
10376: e0 78 nop_s
00010378 <f1>:
10378: f1 c0 push_s blink
1037a: fc 1c c8 b6 st.a fp,[sp,-4]
1037e: 0a 23 00 37 mov fp,sp
10382: a2 c1 sub_s sp,sp,8
10384: 00 d8 mov_s r0,0
10386: fc 1b 00 b0 st r0,[fp,-4]
1038a: c2 0f cf ff bl 10348 <f2>
1038e: fc 1b 00 b0 st r0,[fp,-4]
10392: a2 c0 add_s sp,sp,8
10394: 04 14 1b 34 ld.ab fp,[sp,4]
10398: 00 14 1f 32 ld.a blink,[sp,0]
1039c: e0 7f j_s.d [blink]
1039e: 40 24 1c 31 add sp,sp,4
103a2: e0 78 nop_s
000103a4 <main>:
103a4: f1 c0 push_s blink
103a6: fc 1c c8 b6 st.a fp,[sp,-4]
103aa: 0a 23 00 37 mov fp,sp
103ae: ce 0f cf ff bl 10378 <f1>
103b2: 00 d8 mov_s r0,0
103b4: 04 14 1b 34 ld.ab fp,[sp,4]
103b8: 00 14 1f 32 ld.a blink,[sp,0]
103bc: e0 7f j_s.d [blink]
103be: 40 24 1c 31 add sp,sp,4
103c2: e0 78 nop_s
000103c4 <__do_global_ctors_aux>:
103c4: f1 c0 push_s blink
103c6: f8 1c 48 b3 st.a r13,[sp,-8]
103ca: fc 1c c8 b6 st.a fp,[sp,-4]
103ce: 0a 23 00 37 mov fp,sp
103d2: 00 16 02 70 01 00 b8 24 ld r2,[0x000124b8]
103da: cf 75 01 00 b8 24 mov_s r13,0x000124b8
103e0: 19 0a 80 0f ff ff ff ff breq r2,-1,103f8 <__do_global_ctors_aux+0x34>
103e8: 22 20 80 00 jl [r2]
103ec: fc 15 02 92 ld.a r2,[r13,-4]
103f0: f9 0a 81 8f ff ff ff ff brne r2,-1,103e8 <__do_global_ctors_aux+0x24>
103f8: 04 14 1b 34 ld.ab fp,[sp,4]
103fc: 02 14 1f 36 ld.as blink,[sp,2]
10400: 00 c5 ld_s r13,[sp,0]
10402: e0 7f j_s.d [blink]
10404: 40 24 1c 33 add sp,sp,12
Disassembly of section .fini:
00010408 <_fini-0x4>:
10408: 00 00 00 00
0001040c <_fini>:
1040c: f1 c0 push_s blink
1040e: e0 78 nop_s
10410: b2 0e cf ff bl 102c0 <__do_global_dtors_aux>
10414: d1 c0 pop_s blink
10416: e0 7e j_s [blink]
希望这可以帮助。