An interactive DIsassembly viewer (upd. 2021-01-31) - General Discussion and Assistance - CHDK Forum
supplierdeeply

An interactive DIsassembly viewer (upd. 2021-01-31)

  • 14 Replies
  • 10585 Views
*

Offline srsa_4c

  • ******
  • 4451
An interactive DIsassembly viewer (upd. 2021-01-31)
« on: 09 / July / 2017, 17:21:08 »
Advertisements
I've been working on a GUI utility that aims to allow browsing a disassembly with some added comfort.
It's still far from being finished, but I think it has reached a state where others might find it usable.

Please read the text file enclosed in the adi_yymmdd_win32.7z archive.

Quick start: adi.exe and objdump.exe should go in the same directory. My utility is adi.exe, which will use objdump.exe whenever disassembling is needed.
These Win32 executables should run on systems that support x86 Windows programs. That includes Windows (XP or newer) and Wine (2.0 or newer).

Features:
- Binary files (fw dump, RAM dump) can be added to a project.
- (Parts of the) binaries can be disassembled (ARM, Thumb and Xtensa instruction sets are supported at the moment).
- It allows nearly unlimited number of pages, showing parts of the disassembly.
- Pages have browsing history.
- Branches and other references can be followed by clicking on them.
- Stubs and other symbols can be imported, or can be added manually.
- Comments can be added to disassembly lines.
- Parts of the disassembly can be re-interpreted using a selected instruction set.
- The Xtensa disassembler ('Xtensa autodetect' on the project page) is able to recognize the start of most functions. For Xtensa, there's also a helper (accessible on 'assembly view' pages, in the popup menu) that lets the user quickly fix most badly disassembled parts.
- Unnecessary disasm lines can be erased.

It also has lots of bugs and requires a fair amount of RAM for larger projects.
Objdump is used to do the actual disassembly.

Development is done in Free Pascal plus Lazarus.
At the moment it's "freeware". If anyone is uncomfortable running the binary, PM me for a dev snapshot of the source.

adi_210117_win32.7z includes the Win32 executable and a text file, containing partial description, including usage.
Virustotal: All negative.

objdump_arm_xtensa_win32.7z includes an Objdump Win32 executable that supports ARM/Thumb and Xtensa.
Virustotal: There is one positive. I believe it's false. Most recent scan shows the file as clean.

I used this script to build the objdump executable, using MinGW environment:
Quick usage: extract the binutils source tarball to a directory. Copy script to a file in the root of the extracted binutils source, make it executable and run it.
I'm aware that it isn't the best looking script, but I'm not changing it (had to experiment on it to finally get proper executables that need no extra DLLs).
Code: [Select]
#!/bin/sh

ROOT=`pwd`
#TRGTS=all
TRGTS=arm-elf,xtensa-elf

for i in libiberty intl bfd opcodes
do
cd $ROOT/$i
make clean
rm -rf $i-conf.log $i-make.log
./configure --enable-targets=$TRGTS --disable-nls > $i-conf.log 2>&1
make -j2 LDFLAGS="-all-static" > $i-make.log 2>&1
done

for i in binutils
do
cd $ROOT/$i
make clean
rm -rf $i-conf.log $i-make.log
./configure --enable-targets=$TRGTS --disable-nls > $i-conf.log 2>&1
make -j2 LDFLAGS="-all-static" > $i-make.log 2>&1
done
adi_170709_win32.7z (665.55 kB - downloaded 21 times.)
adi_170714_win32.7z (661.4 kB - downloaded 1 times.)
adi_170723_win32.7z (667.41 kB - downloaded 2 times.)
adi_170725_win32.7z (668.03 kB - downloaded 4 times.)
adi_170803_win32.7z (685.06 kB - downloaded 4 times.)
adi_170826_win32.7z (692.37 kB - downloaded 25 times.)
adi_180224_win32.7z (754.8 kB - downloaded 4 times.)
adi_180520_win32.7z (754.82 kB - downloaded 18 times.)
adi_181020_win32.7z (755.82 kB - downloaded 2 times.)
adi_190216_win32.zip (1134.48 kB - downloaded 2 times.)
adi_190324_win32.7z (787.33 kB - downloaded 4 times.)
adi_191011_win32.7z (791.63 kB - downloaded 7 times.)
adi_191103_win32.7z (793.76 kB - downloaded 10 times.)
adi_200726_win32.7z (795.03 kB - downloaded 3 times.)
« Last Edit: 31 / January / 2021, 10:06:38 by srsa_4c »

*

Offline reyalp

  • ******
  • 14121
Re: An interactive DIsassembly viewer
« Reply #1 on: 09 / July / 2017, 18:27:26 »
Nice work  :D

One thing that would be nice is to have less manual steps to set up the project. It seems like it should be possible to set things up so you can point it at platform sub and have it pick up all the address ranges, stubs and so on. The CHDK tools could also be adjusted to output things like the memory ranges in a simpler format.

I got an access violation trying to use the "list of strings" page. I may not have clicked "find strings first"

Quote
    - End (very rough guess): right before start of ROM copy of "RAM data" or "ROM copied to RAM".
FWIW, I use the "ctypes" address for this when doing whole-dump disassembly with capdis.

I've toyed with the idea of building something on capstone and IUP, but time  >:(
Of course capstone wouldn't address xtensa either.
Don't forget what the H stands for.

Re: An interactive DIsassembly viewer
« Reply #2 on: 09 / July / 2017, 22:24:28 »
This was something I've always wanted to do - chdk-pt v2.   So glad someone else tackled it!  Very nice.

Do you think it will run under Wine on Linux?  I'll give it a shot if it's a possibility.
Ported :   A1200    SD940   G10    Powershot N    G16

*

Offline reyalp

  • ******
  • 14121
Re: An interactive DIsassembly viewer
« Reply #3 on: 09 / July / 2017, 22:49:09 »
Do you think it will run under Wine on Linux?  I'll give it a shot if it's a possibility.
From the adi_usage.txt

Quote
These are Win32 executables. They do work under Wine (2.0 or above).
Don't forget what the H stands for.


Re: An interactive DIsassembly viewer
« Reply #4 on: 09 / July / 2017, 23:40:16 »
- Branches and other references can be followed by clicking on them.
That reminds me of the #1 reason I've wanted to do this vs chdk-pt or capstone&vim. Clicking on addresses rather than c&p into an editor search function is very handy.  But a nested "back" function/option/button that takes you back to where you were when you clicked on the branch would so nice!  Not that hard to implement either I suspect once you have everything else?

Is that something you've done?  Or if not, is it on your "list"?
Ported :   A1200    SD940   G10    Powershot N    G16

Re: An interactive DIsassembly viewer
« Reply #5 on: 10 / July / 2017, 00:34:34 »
adi_170709_win32.7z includes the Win32 executable and a partial description, including usage.
There doesn't seem to be anything in the adi_170709_win32.7z file but an executable?   Regardless, I tried the obvious thing :
Code: [Select]
[user@home test]$ wine objdump.exe -d PRIMARY_IXUS300_SD4000.BIN
fixme:winediag:start_process Wine Staging 2.10 is a testing version containing experimental patches.
fixme:winediag:start_process Please mention your exact version when filing bug reports on winehq.org.
Z:\home\build\g16\objdump.exe: PRIMARY_IXUS300_SD4000.BIN: File format not recognized
Must be missing something here?

Quote
objdump_arm_xtensa_win32.7z includes an Objdump Win32 executable that supports ARM/Thumb and Xtensa.
I'm guessing that I need to do something with this as well?

Quote
I used this script to build the objdump executable, using MinGW environment:
Code: [Select]
#!/bin/sh
#ROOT=`pwd`
ROOT=`pwd`/../binutils-2.28/
#TRGTS=all
TRGTS=arm-elf,xtensa-elf
for i in libiberty intl bfd opcodes
do
cd $ROOT/$i
make clean
rm -rf $i-conf.log $i-make.log
./configure --enable-targets=$TRGTS --disable-nls > $i-conf.log 2>&1
make -j2 LDFLAGS="-all-static" > $i-make.log 2>&1
done
for i in binutils
do
cd $ROOT/$i
make clean
rm -rf $i-conf.log $i-make.log
./configure --enable-targets=$TRGTS --disable-nls > $i-conf.log 2>&1
make -j2 LDFLAGS="-all-static" > $i-make.log 2>&1
done
Sorry - maybe I need to understand this too.

Not trying to be too much of a pain but some step by step for those of us up too late on a Sunday night would be helpful?  I know I'm missing the obvious here.
Ported :   A1200    SD940   G10    Powershot N    G16

*

Offline reyalp

  • ******
  • 14121
Re: An interactive DIsassembly viewer
« Reply #6 on: 10 / July / 2017, 00:49:52 »
adi_170709_win32.7z includes the Win32 executable and a partial description, including usage.
There doesn't seem to be anything in the adi_170709_win32.7z file but an executable?   Regardless, I tried the obvious thing :
Code: [Select]
[user@home test]$ wine objdump.exe -d PRIMARY_IXUS300_SD4000.BIN
fixme:winediag:start_process Wine Staging 2.10 is a testing version containing experimental patches.
fixme:winediag:start_process Please mention your exact version when filing bug reports on winehq.org.
Z:\home\build\g16\objdump.exe: PRIMARY_IXUS300_SD4000.BIN: File format not recognized
Must be missing something here?

Quote
objdump_arm_xtensa_win32.7z includes an Objdump Win32 executable that supports ARM/Thumb and Xtensa.
I'm guessing that I need to do something with this as well?
Putting it in the same directory as the executable worked for me.

adi_170709_win32.7z contains a .txt file adi_usage.txt or at least it did when I downloaded it.
Don't forget what the H stands for.

*

Offline srsa_4c

  • ******
  • 4451
Re: An interactive DIsassembly viewer
« Reply #7 on: 10 / July / 2017, 21:27:09 »
One thing that would be nice is to have less manual steps to set up the project. It seems like it should be possible to set things up so you can point it at platform sub and have it pick up all the address ranges, stubs and so on. The CHDK tools could also be adjusted to output things like the memory ranges in a simpler format.
(...)
FWIW, I use the "ctypes" address for this when doing whole-dump disassembly with capdis.
That's a good idea. I guess a modified version of the "Detected address ranges" section found in finsig_thumb2 stubs_entry.S files would do. Downside is that the binary would likely reside far from the project directory (and putting project files in the CHDK tree doesn't sound too great).

Quote
I got an access violation trying to use the "list of strings" page. I may not have clicked "find strings first"
Yeah, that was a bug I supposedly fixed earlier. Fixed it for real this time, also some others. Also fixed symbol handling in the updated release.

- Branches and other references can be followed by clicking on them.
That reminds me of the #1 reason I've wanted to do this vs chdk-pt or capstone&vim. Clicking on addresses rather than c&p into an editor search function is very handy.  But a nested "back" function/option/button that takes you back to where you were when you clicked on the branch would so nice!  Not that hard to implement either I suspect once you have everything else?

Is that something you've done?
Yes, already implemented (there's back/forward and a separate history).

I have made some updates in the first post. The usage howto is in the 7z archive containing adi.exe.

BTW, if anybody can build a static objdump.exe that doesn't produce false positives, please upload it here.

Attached is a screenshot, showing a disasm page.

edit:
Binary in first post updated - bug fixes only.
« Last Edit: 16 / July / 2017, 16:12:58 by srsa_4c »


*

Offline srsa_4c

  • ******
  • 4451
Re: An interactive DIsassembly viewer
« Reply #8 on: 23 / July / 2017, 11:15:31 »
Small update, disassembly view is now able to display non-code lines. Some fixes and possibly new bugs are also added.

*

Offline srsa_4c

  • ******
  • 4451
Re: An interactive DIsassembly viewer
« Reply #9 on: 25 / July / 2017, 17:00:58 »
Small, but important update. Full disassembly no longer takes ages (objdump's output is now read in a more efficient way). Also, an attempt to disassemble something without the presence of the objdump executable will now show an error message.

 

Related Topics


SimplePortal 2.3.6 © 2008-2014, SimplePortal