Jump to content
  • 0

ARM-v7 (32) Converter in Game Guardian is having some errors


MrKendom

Question

Hey @Enyby,

i come to ask about something in game guardian maybe you haven't noticed it, that some arm codes are actually correct and game guardian assume as it's wrong and even the suggestion is wrong, check the above screenshot, online website could actually successfully does this.

Screenshot_2022-09-09-21-20-51-654_com.android.chrome.jpg

Link to comment
Share on other sites

2 answers to this question

Recommended Posts

Disassembler and assembler in GG have various differences from regular ones, some things are implemented in a simple way that is not as convenient for the user. In this case it is modified immediate constants in which 8-bit constant and rotation fields are just exposed to the user.

General approach to handling those differences is to assemble the instruction using any other assembler that works and then to check how GG disassembles the instruction. The format of GG's disassembler output is the one that is accepted by GG's assembler.

For example, your case, instruction "ADD R12, R12, #0xFC0":
  1) assembling the instruction using armconverter results in "3FCD8CE2";
  2) editing a value to "3FCD8CE2r" in GG shows that GG disassembles the instruction as "ADD R12, R12, #63, 26";
  3) trying "~A ADD R12, R12, #63, 26" as input for GG assembler results in confirming that it works as expected, instruction gets assembled correctly.

"#63, 26" are parts of ARM 12-bit modified immediate constant. 63 is 8-bit constant, 26 is amount of bits for right rotation (ROR) of the 8-bit constant to get the result. And indeed, 63 ROR 26 = 4032 (0xFC0) for 32-bit values as can be checked with the following tool: 
https://onlinetoolz.net/bitshift#base=10&value=63&bits=32&steps=26&dir=r&type=circ&allsteps=0 

Link to comment
Share on other sites

Hi! this is not only happen on Game Guardian, every disassembler has each own approaches but should be correctly point to the same thing. This also happens on "ADR R12, 0X32FE58" where the GG converts into double instruction: "ADD IP PC, #300000" & "ADD IP, IP, #2F00000". Because of this, I rather to take instruction as an Array of Bytes / Hex to make it slice down into per instruction and using another tool to compare the result. You can check Arm Converter for Arm related.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.