* QEMU Disassembler
@ 2022-06-27 3:00 Kenneth Adam Miller
2022-06-27 6:40 ` Kenneth Adam Miller
0 siblings, 1 reply; 3+ messages in thread
From: Kenneth Adam Miller @ 2022-06-27 3:00 UTC (permalink / raw)
To: QEMU Developers
[-- Attachment #1: Type: text/plain, Size: 85 bytes --]
Hello all,
How can I call the QEMU disassembler to run on an argument set of bytes?
[-- Attachment #2: Type: text/html, Size: 112 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: QEMU Disassembler
2022-06-27 3:00 QEMU Disassembler Kenneth Adam Miller
@ 2022-06-27 6:40 ` Kenneth Adam Miller
2022-06-27 7:20 ` Richard Henderson
0 siblings, 1 reply; 3+ messages in thread
From: Kenneth Adam Miller @ 2022-06-27 6:40 UTC (permalink / raw)
To: QEMU Developers
[-- Attachment #1: Type: text/plain, Size: 425 bytes --]
Actually, I have gotten the QEMU disassembler to run with some short
customization. But I am having trouble understanding the output. I see lots
of lines like this:
|
OBJD-H: 06040102a83507000cd8027620272573004c000004c0000d20c100782244038c
On Sun, Jun 26, 2022 at 11:00 PM Kenneth Adam Miller <
kennethadammiller@gmail.com> wrote:
> Hello all,
>
> How can I call the QEMU disassembler to run on an argument set of bytes?
>
[-- Attachment #2: Type: text/html, Size: 744 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: QEMU Disassembler
2022-06-27 6:40 ` Kenneth Adam Miller
@ 2022-06-27 7:20 ` Richard Henderson
0 siblings, 0 replies; 3+ messages in thread
From: Richard Henderson @ 2022-06-27 7:20 UTC (permalink / raw)
To: Kenneth Adam Miller, QEMU Developers
On 6/27/22 12:10, Kenneth Adam Miller wrote:
> Actually, I have gotten the QEMU disassembler to run with some short customization. But I
> am having trouble understanding the output. I see lots of lines like this:
> |
> OBJD-H: 06040102a83507000cd8027620272573004c000004c0000d20c100782244038c
You want --enable-capstone, and to have libcapstone-dev installed.
But for the record, these lines can be decoded by e.g.
./scripts/disas-objdump.pl -h i386:x86-64 <dumpfile>
to turn
PROLOGUE: [size=45]
0x7f5010000000:
OBJD-H: 55534154415541564157488bef4881c478fbffffffe633c04881c488040000c5
OBJD-H: f877415f415e415d415c5b5dc3
into
PROLOGUE: [size=45]
0x7f5010000000:
7f5010000000: 55 push %rbp
7f5010000001: 53 push %rbx
7f5010000002: 41 54 push %r12
7f5010000004: 41 55 push %r13
7f5010000006: 41 56 push %r14
7f5010000008: 41 57 push %r15
7f501000000a: 48 8b ef mov %rdi,%rbp
7f501000000d: 48 81 c4 78 fb ff ff add $0xfffffffffffffb78,%rsp
7f5010000014: ff e6 jmp *%rsi
7f5010000016: 33 c0 xor %eax,%eax
7f5010000018: 48 81 c4 88 04 00 00 add $0x488,%rsp
7f501000001f: c5 f8 77 vzeroupper
7f5010000022: 41 5f pop %r15
7f5010000024: 41 5e pop %r14
7f5010000026: 41 5d pop %r13
7f5010000028: 41 5c pop %r12
7f501000002a: 5b pop %rbx
7f501000002b: 5d pop %rbp
7f501000002c: c3 ret
r~
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2022-06-27 7:28 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-06-27 3:00 QEMU Disassembler Kenneth Adam Miller
2022-06-27 6:40 ` Kenneth Adam Miller
2022-06-27 7:20 ` Richard Henderson
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.