Author Topic: ARM Software Development Toolkit  (Read 1969 times)


  • Contributor
  • Hero Member
  • *****
  • Posts: 2307
ARM Software Development Toolkit
« on: May 02, 2018, 07:32:51 AM »
I found some very interesting information in the PDF about the structure of the string we see in the disassembly of the ROM's
I thinking it could help understand these strings better
Code: [Select]
Trace instructions (I lines)
The format of the trace instruction (I) lines is as follows:
[ IT | IS ] instr_addr opcode disassembly
For example:
IT 00008044 e04ec00f SUB r12,r14,pc
IT instruction taken.
Look familiar ?  ;)
Code: [Select]
IS instruction skipped (all ARM instructions are conditional).
instr_addr shows the address of the instruction. For example: 00008044.
opcode gives the opcode, for example: e04ec00f.
disassembly gives the disassembly (uppercase if the instruction is taken), for
example, SUB r12,r14,pc. This is optional and is controlled by
armul.cnf. Set Disassemble=True to enable this.
Events (E lines)
The format of the event (E) lines is as follows:
E addr1 addr2 event_number
For example:
E 00000048 00000000 10005
addr1 gives the first of a pair of words, such as, the pc value.
addr2 gives the second of a pair of words, such as, the aborting address.
event_number gives an event number, for example: 0x10005. This is MMU Event_ITLBWalk.
also talks about mixing ARM's &  Thumb code together etc. .... (over my head)
even has a chapter(12) on ARMulator and what needed to set it up  under even Windows (wishful thinking)
thou I'm not sure if it refers to anything that could run from canon rom's or ML
Interesting never the less , good read

Edit: another good example explain , I'm slow understand a little more
Code: [Select]
Example 5-5
ENTRY ; Mark first instruction to execute
start BL func1 ; Branch to first subroutine.
BL func2 ; Branch to second subroutine.
stop MOV r0, #0x18 ; angel_SWIreason_ReportException
LDR r1, =0x20026 ; ADP_Stopped_ApplicationExit
SWI 0x123456 ; Angel semihosting ARM SWI
LDR r0, =42 ; => MOV R0, #42
LDR r1, =0x55555555 ; => LDR R1, [PC, #offset to
; Literal Pool 1]
LDR r2, =0xFFFFFFFF ; => MVN R2, #0
MOV pc, lr
LTORG ; Literal Pool 1 contains
; literal Ox55555555.
LDR r3, =0x55555555 ; => LDR R3, [PC, #offset to
; Literal Pool 1]
; LDR r4, =0x66666666 ; If this is uncommented it
; fails, because Literal Pool 2
; is out of reach.
MOV pc, lr
% 4200 ; Starting at the current location,
; clears a 4200 byte area of memory
; to zero.
END ; Literal Pool 2 is empty.