Wrong disasm result in ARMv7-M

[syheliel]

POC:

import capstone
function_bytes = b"\xDF\xF8\x34\xD0\x00\x21\x03\xE0"
md = capstone.Cs(capstone.CS_ARCH_ARM, capstone.CS_MODE_ARM)
count = 0
for insn in md.disasm(function_bytes,0):
	import binascii
	print(f"{insn.address:x}: {binascii.hexlify(insn.bytes).decode()} : {insn.mnemonic} {insn.op_str}")
	count += 1

In capstone, it is parsed as:

0: dff834d0 : ldrsbtle pc, [r4], -pc
4: 002103e0 : and r2, r3, r0, lsl #2

But it doesn't match with IDA's result, this is my IDA's setting:

And this is IDA's result, 002103e0 should be taken as two different insns:0021 and 03e0

How can I config my capstone to get the IDA's result?

[Rot127]

In this line in your example:

md = capstone.Cs(capstone.CS_ARCH_ARM, capstone.CS_MODE_ARM)

you have to use CS_MODE_THUMB instead of CS_MODE_ARM.
Please check it with this again.

If you still get the wrong disassembly it is going to be fixed with #1949
These are the results one gets with #1949

./cstool -d thumb "\xDF\xF8\x34\xD0\x00\x21\x03\xE0"
 0  df f8 34 d0  ldr.w	sp, [pc, #0x34]
	ID: 4 (ldrbt)
	op_count: 2
		operands[0].type: REG = r13
		operands[0].access: WRITE
		operands[1].type: MEM
			operands[1].mem.base: REG = r15
			operands[1].mem.disp: 0x34
		operands[1].access: READ
	Registers read: r15
	Registers modified: r13
	Groups: IsThumb2 

 4  00 21  movs	r1, #0
	ID: 28 (movs)
	op_count: 2
		operands[0].type: REG = r1
		operands[0].access: WRITE
		operands[1].type: IMM = 0x0
		operands[1].access: READ
	Update-flags: True
	Registers modified: r1
	Groups: IsThumb 

 6  03 e0  b	0x10
	ID: 52 (cx1)
	Groups: jump branch_relative IsARM jump 

Which matches with llvm-obdump:

     3fc: f8df d034     ldr.w   sp, [pc, #0x34]         @ 0x434 <_start+0x38>
     400: 2100          movs    r1, #0x0