Description
I am currently stuck using an older commit of Keystone (commit 2e6f7c3) because the more recent versions fail to assemble the "adrp" instruction.
An example that I pulled out of a binary:
cstool arm64 "00 00 00 b0" 0x417454
417454 00 00 00 b0 adrp x0, #0x418000
In order to assemble this with commit 2e6f7c3, I do the following:
kstool arm64 "adrp x0, 0x1000" 0x417454
adrp x0, 0x1000 = [ 00 00 00 b0 ]
This is because the label is an offset from the page address of the instruction. The page address of the instruction 0x417454 is 0x417000, so the calculated offset is 0x1000 (0x418000 - 0x417000).
With the latest versions of Keystone, however, this fails:
kstool arm64 "adrp x0, 0x1000" 0x417454
ERROR: failed on ks_asm() with count = 0, error = 'Unknow error' (code = 539
If I try to assemble the instruction as cstool produces it, this fails too:
kstool arm64 "adrp x0, 0x418000" 0x417454
ERROR: failed on ks_asm() with count = 0, error = 'Unknow error' (code = 539)
It appears that Issue #290 tried to address PC-Relative instructions like ADRP, to make them a bit easier to use for the user. This fix, unfortunately, appears to be incomplete.
Here is how other PC-relative mnemonics are assembled with the latest keystone (all but adr appear to be assembled correctly):
adr -- FAILS
cstool arm64 "61 00 00 10" 0x404008
404008 61 00 00 10 adr x1, #0x404014
kstool arm64 "adr x1, 0x404014" 0x404008
ERROR: failed on ks_asm() with count = 0, error = 'Unknow error' (code = 539)
Or if using the offset, the assembly is incorrect.
kstool arm64 "adr x1, 0xc" 0x404008
adr x1, 0xc = [ 21 e0 ff 70 ]
b.cond
cstool arm64 "ab 3a 00 54" 0x4150a8
4150a8 ab 3a 00 54 b.lt #0x4157fc
kstool arm64 "b.lt 0x4157fc" 0x4150a8
b.lt 0x4157fc = [ ab 3a 00 54 ]
b
cstool arm64 "02 00 00 14" 0x4150bc
4150bc 02 00 00 14 b #0x4150c4
kstool arm64 "b 0x4150c4" 0x4150bc
b 0x4150c4 = [ 02 00 00 14 ]
bl
cstool arm64 "53 b0 ff 97" 0x415094
415094 53 b0 ff 97 bl #0x4011e0
kstool arm64 "bl 0x4011e0" 0x415094
bl 0x4011e0 = [ 53 b0 ff 97 ]
cbz
cstool arm64 "40 14 00 34" 0x4154c4
4154c4 40 14 00 34 cbz w0, #0x41574c
kstool arm64 "cbz w0, 0x41574c" 0x4154c4
cbz w0, 0x41574c = [ 40 14 00 34 ]
cbnz
cstool arm64 "c1 00 00 35" 0x415638
415638 c1 00 00 35 cbnz w1, #0x415650
kstool arm64 "cbnz w1, 0x415650" 0x415638
cbnz w1, 0x415650 = [ c1 00 00 35 ]
tbz
cstool arm64 "14 0c 00 36" 0x415180
415180 14 0c 00 36 tbz w20, #0, #0x415300
kstool arm64 "tbz x20, #0, 0x415300" 0x415180
tbz x20, #0, 0x415300 = [ 14 0c 00 36 ]
tbnz
cstool arm64 "db 00 00 37" 0x4150c0
4150c0 db 00 00 37 tbnz w27, #0, #0x4150d8
kstool arm64 "tbnz w27, #0, 0x4150d8" 0x4150c0
tbnz w27, #0, 0x4150d8 = [ db 00 00 37 ]