经常碰到那些以“.”打头的一些令人头疼的伪指令,
至于.globl _start .balign .align .data .text等等就算了,最最bt的如下:
_undefined_instruction: .word undefined_instruction
这个.word令人费解。网上的技术人员都不屑回答,说请参考GNU ASM。我去看了,对于.word解释如下:
http://tigcc.ticalc.org/doc/gnuasm.html#SEC49
.word
Syntax: .word expressions
This directive expects zero or more expressions, of any section, separated by commas. For each expression, as emits a 16-bit number for this target.
以及as.info文档:
7.92 .word expressions
This directive expects zero or more expressions, of any section, separated by commas.
The size of the number emitted, and its byte order, depend on what target computer
the assembly is for.
Warning: Special Treatment to support Compilers
Machines with a 32-bit address space, but that do less than 32-bit addressing, require
the following special treatment. If the machine of interest to you does 32-bit addressing
(or doesn’t require it; see Chapter 8 [Machine Dependencies], page 61), you can ignore this
issue.
In order to assemble compiler output into something that works, as occasionally does
strange things to ‘.word’ directives. Directives of the form ‘.word sym1-sym2’ are often
emitted by compilers as part of jump tables. Therefore, when as assembles a directive of
the form ‘.word sym1-sym2’, and the difference between sym1 and sym2 does not fit in 16
bits, as creates a secondary jump table, immediately before the next label. This secondary
jump table is preceded by a short-jump to the first byte after the secondary table. This
short-jump prevents the flow of control from accidentally falling into the new table. Inside
the table is a long-jump to sym2. The original ‘.word’ contains sym1 minus the address of
the long-jump to sym2.
If there were several occurrences of ‘.word sym1-sym2’ before the secondary jump table,
all of them are adjusted. If there was a ‘.word sym3-sym4’, that also did not fit in sixteen
bits, a long-jump to sym4 is included in the secondary jump table, and the .word directives
are adjusted to contain sym3 minus the address of the long-jump to sym4; and so on, for as
many entries in the original jump table as necessary.
看了以后仍然一头雾水。
我把bin文件反汇编,想通过这种方法来找找这个.word究竟干什么。
原汇编程序:(start.S)
.globl _start
_start: b reset
ldr pc, _undefined_instruction
ldr pc, _software_interrupt
ldr pc, _prefetch_abort
ldr pc, _data_abort
ldr pc, _not_used
ldr pc, _irq
ldr pc, _fiq
_undefined_instruction: .word undefined_instruction
_software_interrupt: .word software_interrupt
_prefetch_abort: .word prefetch_abort
_data_abort: .word data_abort
_not_used: .word not_used
_irq: .word irq
_fiq: .word fiq
.balignl 16,0xdeadbeef
_TEXT_BASE:
.word TEXT_BASE
.globl _armboot_start
_armboot_start:
.word _start
.globl _bss_start
_bss_start:
.word __bss_start
.globl _bss_end
_bss_end:
.word _end
reset:
/*
* set the cpu to SVC32 mode
*/
mrs r0,cpsr
bic r0,r0,#0x1f
orr r0,r0,#0xd3
msr cpsr,r0
对应的反汇编:
00000000 [0xea000012] b 0x50
00000004 [0xe59ff014] ldr pc,0x00000020 ; = #0x33f80140
00000008 [0xe59ff014] ldr pc,0x00000024 ; = #0x33f801a0
0000000c [0xe59ff014] ldr pc,0x00000028 ; = #0x33f80200
00000010 [0xe59ff014] ldr pc,0x0000002c ; = #0x33f80260
00000014 [0xe59ff014] ldr pc,0x00000030 ; = #0x33f802c0
00000018 [0xe59ff014] ldr pc,0x00000034 ; = #0x33f80320
0000001c [0xe59ff014] ldr pc,0x00000038 ; = #0x33f80380
00000020 [0x33f80140] mvnccs r0,#0x10 ; ? rn = 0x8
00000024 [0x33f801a0] mvnccs r0,#0x28 ; ? rn = 0x8
00000028 [0x33f80200] mvnccs r0,#0, 4 ; ? rn = 0x8
0000002c [0x33f80260] mvnccs r0,#6 ; ? rn = 0x8
00000030 [0x33f802c0] mvnccs r0,#0xc ; ? rn = 0x8
00000034 [0x33f80320] mvnccs r0,#0x80000000 ; ? rn = 0x8
00000038 [0x33f80380] mvnccs r0,#2 ; ? rn = 0x8
0000003c [0xdeadbeef] cdple p14,0xa,c11,c13,c15,7
00000040 [0x33f80000] mvnccs r0,#0 ; ? rn = 0x8
00000044 [0x33f80000] mvnccs r0,#0 ; ? rn = 0x8
00000048 [0x33f96650] mvnccs r6,#0x5000000 ; ? rn = 0x9
0000004c [0x33f9ab80] mvnccs r10,#0x20000 ; ? rn = 0x9
00000050 [0xe10f0000] mrs r0,cpsr
00000054 [0xe3c0001f] bic r0,r0,#0x1f
00000058 [0xe38000d3] orr r0,r0,#0xd3
0000005c [0xe129f000] msr cpsr_cf,r0
这么看来,
_undefined_instruction: .word undefined_instruction
这句对应的反汇编是:
mvnccs r0,#0x10 ;
这么一来我又更糊涂了。
到ChinaUnix求助。幸好碰到一位热心的网友wheelz,详细地给我解答了。
帖子链接如下:
http://www.linuxforum.net/forum/showflat.php?Cat=&Board=linuxK&Number=563178
现在总结wheelz的回答,说说这个.word的作用。
word expression就是在当前位置放一个word型的值,这个值就是expression
举例来说,
_rWTCON:
.word 0x15300000
就是在当前地址,即_rWTCON处放一个值0x15300000
翻译成intel的汇编语句就是:
_rWTCON dw 0x15300000
就是在当前位置放个expression的值。 原来如此啊。
PS:
贴一个##的作用。
#define _syscall0(type,name)
type name(void)
{
long __res;
__asm__ volatile ("int $0x80"
: "=a" (__res)
: "0" (__NR_##name));
if (__res >= 0)
return (type) __res;
errno = -__res;
return -1;
}
__NR_##name是系统调用号,##指的是两次宏展开.即用实际的系统调用名字代替"name",然后再把__NR_...展开.如name == ioctl,则为__NR_ioctl。
上一篇:ARM映像文件的组成
下一篇:从PC总线到ARM的内部总线
设计资源 培训 开发板 精华推荐
- 用于手机的 5-LED 通用 LED 驱动器
- 使用 Microchip Technology 的 LM385BCOA-1.2 的参考设计
- 不限制功率的软启动
- ADA4841-1YRJZ 低功耗、低噪声运算放大器的典型应用电路,用于两极 500kHz 重构滤波器原理图
- 基于沁恒CH579智能手表
- MIC2549A-2YM 可编程限流高端开关的典型应用
- KIT10XS4200EVBE,具有 MC10XS4200、双高端开关的评估板
- 基本 LT1070 反激式稳压器测试电路
- 16 位、95KSPS、4 通道便携式 DAC
- 采用 4 引脚拓扑的 LT8500ITJ 菊花链驱动 LT3595A 的典型应用电路
- 科学家研发出锂金属电池保护薄层 可提高电池效率并允许冷充电
- 松下与日产合作研发电子后视镜 可增强夜间能见度/减少盲点
- 纬湃科技为东风乘用车提供集成式电动轴驱系统 轻便紧凑
- Dialog推出最新大电流DC-DC降压转换器系列,扩充汽车级PMIC产品组合
- 艾迈斯半导体与Ibeo携手将固态LiDAR技术推向汽车市场取得重大进展
- “你是我的眼”——激光雷达主动三维成像系统
- 是德科技互联测试解决方案助力中国一汽实现可靠和高性能的车载通信
- Allegro MicroSystems收购Voxtel,加速驱动用于高级汽车安全系统的LiDAR解决方案
- 室内定位技术新贵:超宽带UWB
- 5G R16新名词NR-U,让更多的频谱释放更大的空间