Reverse Engineering Asked by YuanLinTech on March 30, 2021
The Cortex™-M3 Devices Generic User Guide explains the instruction LDRD R8, R9, [R3, #0x20] as "Load R8 from a word 8 bytes above the address in R3, and load R9 from a word 9 bytes above the address in R3". I would like to ask why 0x20 equals to 8 bytes and not 32 bytes?
The guide explains the instruction LDRNE R2, [R5, #960]! as "Loads (conditionally) R2 from a word 960 bytes above the address in R5, and increments R5 by 960". Is the value or the address of R2 updated? Is the value or address of R5 incremented?
The guide explains the instruction STRH R3, [R4], #4 as "Store R3 as halfword data into address in R4, then increment R4 by 4". Is the value or address of R4 incremented?
LDRD R8, R9, [R3, #0x20] - I'm guessing they meant to write 8 words (where a word is 4 bytes long). The same goes for 9 words (instead of bytes)
LDRNE R2, [R5, #960]! -
960 is added to the address contained in R5, the value (4 bytes) contained at resulting address is then loaded into R2.
Following the load the address which was accessed previously is stored back into R5.
For example: let R5=0x10000000, *(unsigned int)(R5+960)=0x12345678 then after the instruction is executed R5=0x100003C0 (0x10000000+960), R2=0x12345678
STRH R3, [R4], #4 - the value of R4 is incremented.
For example: let R3=0x1234, R4=0x10000000
then after the instruction is executed
*(unsigned short)0x10000000=0x1234 (i.e the halfword value at 0x10000000 is 0x1234) and R4=0x10000004
Answered by Moshe Green on March 30, 2021
Get help from others!
Recent Questions
Recent Answers
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP