Could someone explain how this ARM instructions works compared to the actual Objective-C code?

Question

I'm trying to understands how it works by decompiling my own Objective-C code. Here's the decompiled instruction:

var_8= -8
var_4= -4

SUB             SP, SP, #8
MOVS            R2, #1
STR             R0, [SP,#8+var_4]
STR             R1, [SP,#8+var_8]
MOV             R0, R2
ADD             SP, SP, #8
BX              LR

From my understanding (correct me if I'm wrong), by line:

SP=SP-8
Move 1 to R2
Store R0 into SP+8+var_4
Store R1 into SP+8+var_8
Move R2 into R0
SP=SP+8
Next Function

And the actual code:

%hook SomeClass
- (int)somemethod {
return 1;
}
%end

Now I don't understand why it needs STR R0, [SP,#8+var_4] and STR R1, [SP,#8+var_8] for, as I can't see it purposes. And if I were to return 0, a simple change to of MOVS R2, #1 to MOVS R2, #0 would do, wouldn't it? But that didn't works.

Answer 1

Objective C methods are not called directly, but via a piece of trampoline code in the ObjC's runtime "objc_msgSend" function, which in turn calls a regular C function implementing the ObjC method.

In addition to the method parameters, the C function is passed two additional parameters in the first two parameter slows, which are R0 and R1 on ARM (see this description):

• R0: "self", a reference to the actual object that is executing the current method

Inside an instance method, self refers to the receiver (object) of the message that invoked the method, while in a class method self will indicate which class is calling.

• R1: "_cmd"

This points to the selector being sent, in your case this should point to a string "somemethod" (or a struct containing this string, not sure about the current ARM implementation).