When setting the architecture in pwntools (for compiling shellcode or gdb.attach()), only basic MIPS architectures are supported (namely mips and mips64). Specific releases like mips32r5 or mips32r6 are not available. This means all MIPS code is treated as Release 1 and will give incorrect results for later releases.
This issue occurs both when compiling shellcode and when using GDB to debug my script. I ran into this problem because I discovered pwntools was setting the GDB architecture as mips even though it should be mips:isa32r6 for my binary (and that's also what's autodetected by GDB). I noticed this issue because MIPS32r6 is not backwards-compatible, so some assembly code was showing up incorrectly and confusing me haha.
My current workaround is to set the first line of my gdbscript in gdb.attach() to set architecture mips:isa32r6, not sure what a workaround in compiling shellcode would look like. It seems a similar issue has been reported for ARM (https://github.com/Gallopsled/pwntools/issues/1431) since ARM also has several sub-architectures, but nothing has been done with that since 2020. I think a configurable sub-architecture field for context would be fantastic.
When setting the architecture in pwntools (for compiling shellcode or
gdb.attach()), only basic MIPS architectures are supported (namelymipsandmips64). Specific releases likemips32r5ormips32r6are not available. This means all MIPS code is treated as Release 1 and will give incorrect results for later releases.This issue occurs both when compiling shellcode and when using GDB to debug my script. I ran into this problem because I discovered
pwntoolswas setting the GDB architecture asmipseven though it should bemips:isa32r6for my binary (and that's also what's autodetected by GDB). I noticed this issue because MIPS32r6 is not backwards-compatible, so some assembly code was showing up incorrectly and confusing me haha.My current workaround is to set the first line of my
gdbscriptingdb.attach()toset architecture mips:isa32r6, not sure what a workaround in compiling shellcode would look like. It seems a similar issue has been reported for ARM (https://github.com/Gallopsled/pwntools/issues/1431) since ARM also has several sub-architectures, but nothing has been done with that since 2020. I think a configurable sub-architecture field for context would be fantastic.