Disassembling Instructions

25
Disassembling Instructions

TAGS:

description

Disassembling Instructions. Instruction Disassembly. How to Disassemble MSP430 Code. Begin with a “PC” pointing to the first word in program memory. Retrieve instruction word and increment PC by 2. - PowerPoint PPT Presentation

Transcript of Disassembling Instructions

Page 1: Disassembling Instructions

Disassembling Instructions

Page 2: Disassembling Instructions

MSP430 Disassembly 2

How to Disassemble MSP430 Code

1. Begin with a “PC” pointing to the first word in program memory.

2. Retrieve instruction word and increment PC by 2.3. Find and list the corresponding instruction mnemonic

using the opcode (most significant 4-9 bits).4. When appropriate, append “.b” or “.w” using the b/w bit

(0=word, 1=byte).5. If double operand instruction (Table 5), decode and list

source operand.6. If single or double operand instruction (Tables 3 and 5),

decode and list destination operand.7. If jump instruction, sign extend the 10-bit PC offset,

multiply by 2, and add to the current PC. List that address.

Instruction Disassembly

BYU CS 124

Page 3: Disassembling Instructions

MSP430 Disassembly 3

R0

How to Disassemble MSP430 Code

1. Begin with a “PC” pointing to the first word in program memory.2. Retrieve instruction word and increment PC by 2.

Instruction Disassembly

0xc000: 40310xc002: 04000xc004: 40b20xc006: 5a800xc008: 01200xc00a: 427f0xc00c: 12b00xc00e: c0120xc010: 3ffc0xc012: 831f0xc014: 23fe0xc016: 4130

0100 0000 0011 0001

BYU CS 124

R0

Page 4: Disassembling Instructions

MSP430 Disassembly 4

0100 0000 0011 00010100 0000 0011 00010100 0000 0 0 11 0001R0

How to Disassemble MSP430 Code

3. List the instruction mnemonic using the opcode (bits 12-15).4. Append “.b” or “.w” using the b/w bit when appropriate (0=w, 1=b).

Instruction Disassembly

0xc000: 40310xc002: 04000xc004: 40b20xc006: 5a800xc008: 01200xc00a: 427f0xc00c: 12b00xc00e: c0120xc010: 3ffc0xc012: 831f0xc014: 23fe0xc016: 4130

BYU CS 124

.wmov

Page 5: Disassembling Instructions

MSP430 Disassembly 5

R0R0

How to Disassemble MSP430 Code

5. If double operand instruction, decode and list source operand. (If necessary, fetch operand from memory and increment PC by 2.)

Instruction Disassembly

0xc000: 40310xc002: 04000xc004: 40b20xc006: 5a800xc008: 01200xc00a: 427f0xc00c: 12b00xc00e: c0120xc010: 3ffc0xc012: 831f0xc014: 23fe0xc016: 4130

0100 0000 0 0 11 0001

BYU CS 124

.wmov 0x0400#

Page 6: Disassembling Instructions

MSP430 Disassembly 6

R0

How to Disassemble MSP430 Code

6. If single or double operand instruction, decode and list destination operand.

Instruction Disassembly

0xc000: 40310xc002: 04000xc004: 40b20xc006: 5a800xc008: 01200xc00a: 427f0xc00c: 12b00xc00e: c0120xc010: 3ffc0xc012: 831f0xc014: 23fe0xc016: 4130

0100 0000 0 0 11 0001

BYU CS 124

.wmov 0x0400# ,r1

Page 7: Disassembling Instructions

MSP430 Disassembly 7

0100 0000 1011 0010R0

How to Disassemble MSP430 CodeInstruction Disassembly

0xc000: 40310xc002: 04000xc004: 40b20xc006: 5a800xc008: 01200xc00a: 427f0xc00c: 12b00xc00e: c0120xc010: 3ffc0xc012: 831f0xc014: 23fe0xc016: 4130

0100 0000 0011 0001

BYU CS 124

R0

…Retrieve instruction word, increment PC by 2, list mnemonic, and operand size.

0x0400mov.w # ,r1

0100 0000 1 0 11 0010mov.w

Page 8: Disassembling Instructions

MSP430 Disassembly 8

R0

How to Disassemble MSP430 CodeInstruction Disassembly

0xc000: 40310xc002: 04000xc004: 40b20xc006: 5a800xc008: 01200xc00a: 427f0xc00c: 12b00xc00e: c0120xc010: 3ffc0xc012: 831f0xc014: 23fe0xc016: 4130

0100 0000 0011 0001

BYU CS 124

R0

0100 0000 1 0 11 0010

…Retrieve immediate source operand and increment PC by 2.

mov.w 0x5a80

0x0400mov.w # ,r1

#

Page 9: Disassembling Instructions

MSP430 Disassembly 9

R0

How to Disassemble MSP430 CodeInstruction Disassembly

0xc000: 40310xc002: 04000xc004: 40b20xc006: 5a800xc008: 01200xc00a: 427f0xc00c: 12b00xc00e: c0120xc010: 3ffc0xc012: 831f0xc014: 23fe0xc016: 4130

0100 0000 0011 0001

BYU CS 124

R0

0100 0000 1 0 11 0010

…Retrieve absolute destination operand and increment PC by 2.

mov.w 0x1200x5a80#

0x0400mov.w # ,r1

,&

Page 10: Disassembling Instructions

MSP430 Disassembly 10

0100 0010 0111 1111R0

How to Disassemble MSP430 CodeInstruction Disassembly

0xc000: 40310xc002: 04000xc004: 40b20xc006: 5a800xc008: 01200xc00a: 427f0xc00c: 12b00xc00e: c0120xc010: 3ffc0xc012: 831f0xc014: 23fe0xc016: 4130

0100 0000 0011 0001

BYU CS 124

R0

0100 0000 1011 0010

…Retrieve instruction word, increment PC by 2, list mnemonic, and operand size.

mov.w 0x5a80# ,&0x120

0x0400mov.w # ,r1

0100 0010 0 1 11 1111mov.b

Page 11: Disassembling Instructions

MSP430 Disassembly 11

0100 0010 0 1 11 1111R0

How to Disassemble MSP430 CodeInstruction Disassembly

0xc000: 40310xc002: 04000xc004: 40b20xc006: 5a800xc008: 01200xc00a: 427f0xc00c: 12b00xc00e: c0120xc010: 3ffc0xc012: 831f0xc014: 23fe0xc016: 4130

0100 0000 0011 0001

BYU CS 124

0100 0000 1011 0010

…Use constant generator R2 for source operand.

#8

mov.w 0x5a80# ,&0x120

0x0400mov.w # ,r1

mov.b

Page 12: Disassembling Instructions

MSP430 Disassembly 12

0100 0010 0 1 11 1111mov.bR0

How to Disassemble MSP430 CodeInstruction Disassembly

0xc000: 40310xc002: 04000xc004: 40b20xc006: 5a800xc008: 01200xc00a: 427f0xc00c: 12b00xc00e: c0120xc010: 3ffc0xc012: 831f0xc014: 23fe0xc016: 4130

0100 0000 0011 0001

BYU CS 124

0100 0000 1011 0010

…Use register mode for destination operand.

mov.w 0x5a80# ,&0x120

0x0400mov.w # ,r1

#8,r15

Page 13: Disassembling Instructions

MSP430 Disassembly 13

0001 0010 1011 0000000100101 0 11 0000R0

How to Disassemble MSP430 CodeInstruction Disassembly

0xc000: 40310xc002: 04000xc004: 40b20xc006: 5a800xc008: 01200xc00a: 427f0xc00c: 12b00xc00e: c0120xc010: 3ffc0xc012: 831f0xc014: 23fe0xc016: 4130

0100 0000 0011 0001

BYU CS 124

R0

0100 0000 1011 0010

0100 0010 0111 1111

…Retrieve instruction word, increment PC by 2, list mnemonic, (but no operand size is used.)

call

mov.w 0x5a80# ,&0x120

0x0400mov.w # ,r1

mov.b #8,r15.w

Page 14: Disassembling Instructions

MSP430 Disassembly 14

How to Disassemble MSP430 CodeInstruction Disassembly

0xc000: 40310xc002: 04000xc004: 40b20xc006: 5a800xc008: 01200xc00a: 427f0xc00c: 12b00xc00e: c0120xc010: 3ffc0xc012: 831f0xc014: 23fe0xc016: 4130

0100 0000 0011 0001

BYU CS 124

0100 0000 1011 0010

0100 0010 0111 1111000100101 0 11 0000

…Retrieve immediate destination operand from memory and increment PC by 2.

call 0xc012R0R0

mov.w 0x5a80# ,&0x120

0x0400mov.w # ,r1

mov.b #8,r15#.w

Page 15: Disassembling Instructions

MSP430 Disassembly 15

.w

0011 1111 1111 1100

mov.w 0x5a80# ,&0x120

0x0400mov.w # ,r1

R0

How to Disassemble MSP430 CodeInstruction Disassembly

0xc000: 40310xc002: 04000xc004: 40b20xc006: 5a800xc008: 01200xc00a: 427f0xc00c: 12b00xc00e: c0120xc010: 3ffc0xc012: 831f0xc014: 23fe0xc016: 4130

0100 0000 0011 0001

BYU CS 124

R0

0100 0000 1011 0010

0100 0010 0111 1111

…Retrieve instruction word, increment PC by 2, and list mnemonic.

call #0xc012mov.b #8,r15

0001 0010 1011 0000

001111 1111111100 jmp

Page 16: Disassembling Instructions

MSP430 Disassembly 16

R0

How to Disassemble MSP430 CodeInstruction Disassembly

0xc000: 40310xc002: 04000xc004: 40b20xc006: 5a800xc008: 01200xc00a: 427f0xc00c: 12b00xc00e: c0120xc010: 3ffc0xc012: 831f0xc014: 23fe0xc016: 4130

0100 0000 0011 0001

BYU CS 124

0100 0000 1011 0010

0100 0010 0111 1111

001111 1111111100

…Calculate destination address by sign extending the least significant 10 bits, multiplying by 2, and adding the current PC.

jmp 0xc00a

mov.w 0x5a80# ,&0x120

0x0400mov.w # ,r1

call #0xc012mov.b #8,r15

0001 0010 1011 0000

(-4 2) + 0xc012 = 0xc00a

.w

Page 17: Disassembling Instructions

MSP430 Disassembly 17

How to Disassemble MSP430 CodeInstruction Disassembly

0xc000: 40310xc002: 04000xc004: 40b20xc006: 5a800xc008: 01200xc00a: 427f0xc00c: 12b00xc00e: c0120xc010: 3ffc0xc012: 831f0xc014: 23fe0xc016: 4130

0100 0000 0011 0001

BYU CS 124

0100 0000 1011 0010

0100 0010 0111 1111

1000 0011 0001 1111

…Retrieve instruction word, increment PC by 2, list mnemonic, and operand size.

0011 1111 1111 1100 jmp 0xc00aR0R0

mov.w 0x5a80# ,&0x120

0x0400mov.w # ,r1

call #0xc012mov.b #8,r15

0001 0010 1011 0000

1000 0011 0 0 01 1111sub.w

.w

Page 18: Disassembling Instructions

MSP430 Disassembly 18

R0

How to Disassemble MSP430 CodeInstruction Disassembly

0xc000: 40310xc002: 04000xc004: 40b20xc006: 5a800xc008: 01200xc00a: 427f0xc00c: 12b00xc00e: c0120xc010: 3ffc0xc012: 831f0xc014: 23fe0xc016: 4130

0100 0000 0011 0001

BYU CS 124

0100 0000 1011 0010

0100 0010 0111 1111

1000 0011 0001 1111

…Use constant generator R3 for immediate source operand.

0011 1111 1111 1100 jmp 0xc00a

mov.w 0x5a80# ,&0x120

0x0400mov.w # ,r1

call #0xc012mov.b #8,r15

0001 0010 1011 0000

1000 0011 0 0 01 1111sub.w #1

.w

Page 19: Disassembling Instructions

MSP430 Disassembly 19

How to Disassemble MSP430 CodeInstruction Disassembly

0xc000: 40310xc002: 04000xc004: 40b20xc006: 5a800xc008: 01200xc00a: 427f0xc00c: 12b00xc00e: c0120xc010: 3ffc0xc012: 831f0xc014: 23fe0xc016: 4130

0100 0000 0011 0001

BYU CS 124

0100 0000 1011 0010

0100 0010 0111 1111

1000 0011 0001 1111

…Use register mode for destination operand.

0011 1111 1111 1100 jmp 0xc00a

mov.w 0x5a80# ,&0x120

0x0400mov.w # ,r1

call #0xc012mov.b #8,r15

0001 0010 1011 0000

1000 0011 0 0 01 1111sub.w ,r15#1R0

.w

Page 20: Disassembling Instructions

MSP430 Disassembly 20

.w

R0

How to Disassemble MSP430 CodeInstruction Disassembly

0xc000: 40310xc002: 04000xc004: 40b20xc006: 5a800xc008: 01200xc00a: 427f0xc00c: 12b00xc00e: c0120xc010: 3ffc0xc012: 831f0xc014: 23fe0xc016: 4130

0100 0000 0011 0001

BYU CS 124

R0

0100 0000 1011 0010

0100 0010 0111 1111

1000 0011 0001 11110010 0011 1111 1110

…Retrieve instruction word, increment PC by 2, and list mnemonic.

jmp 0xc00a

mov.w 0x5a80# ,&0x120

0x0400mov.w # ,r1

call #0xc012mov.b #8,r15

0001 0010 1011 0000

0011 1111 1111 1100sub #1,r15.w

001000 1111111110 jne

Page 21: Disassembling Instructions

MSP430 Disassembly 21

001000 1111111110 R0

How to Disassemble MSP430 CodeInstruction Disassembly

0xc000: 40310xc002: 04000xc004: 40b20xc006: 5a800xc008: 01200xc00a: 427f0xc00c: 12b00xc00e: c0120xc010: 3ffc0xc012: 831f0xc014: 23fe0xc016: 4130

0100 0000 0011 0001

BYU CS 124

0100 0000 1011 0010

0100 0010 0111 1111

1000 0011 0001 1111

…Calculate destination address by sign extending the least significant 10 bits, multiplying by 2, and adding the current PC.

jmp 0xc00a

mov.w 0x5a80# ,&0x120

0x0400mov.w # ,r1

call #0xc012mov.b #8,r15

0001 0010 1011 0000

0011 1111 1111 1100sub #1,r15.wjne 0xc012

(-2 2) + 0xc016 = 0xc012

.w

Page 22: Disassembling Instructions

MSP430 Disassembly 22

0100 0001 0011 00000100 0001 0 0 11 0000

How to Disassemble MSP430 CodeInstruction Disassembly

0xc000: 40310xc002: 04000xc004: 40b20xc006: 5a800xc008: 01200xc00a: 427f0xc00c: 12b00xc00e: c0120xc010: 3ffc0xc012: 831f0xc014: 23fe0xc016: 4130

0100 0000 0011 0001

BYU CS 124

0100 0000 1011 0010

0100 0010 0111 1111

1000 0011 0001 11110010 0011 1111 1110

…Retrieve instruction word, increment PC by 2, and list mnemonic.

0001 0010 1011 0000

0011 1111 1111 1100 jmp 0xc00a

mov.w 0x5a80# ,&0x120

0x0400mov.w # ,r1

call #0xc012mov.b #8,r15

jnesub #1,r15.w

0xc012mov.wR0

R0

.w

Page 23: Disassembling Instructions

MSP430 Disassembly 23

0100 0001 0011 00000100 0001 0 0 11 0000R0

How to Disassemble MSP430 CodeInstruction Disassembly

0xc000: 40310xc002: 04000xc004: 40b20xc006: 5a800xc008: 01200xc00a: 427f0xc00c: 12b00xc00e: c0120xc010: 3ffc0xc012: 831f0xc014: 23fe0xc016: 4130

0100 0000 0011 0001

BYU CS 124

0100 0000 1011 0010

0100 0010 0111 1111

1000 0011 0001 11110010 0011 1111 1110

…Use indirect register auto-increment mode for source operand.

0001 0010 1011 0000

0011 1111 1111 1100 jmp 0xc00a

mov.w 0x5a80# ,&0x120

0x0400mov.w # ,r1

call #0xc012mov.b #8,r15

jnesub #1,r15.w

0xc012mov.w @r1+

.w

Page 24: Disassembling Instructions

MSP430 Disassembly 24

0100 0001 0011 00000100 0001 0 0 11 0000R0

How to Disassemble MSP430 CodeInstruction Disassembly

0xc000: 40310xc002: 04000xc004: 40b20xc006: 5a800xc008: 01200xc00a: 427f0xc00c: 12b00xc00e: c0120xc010: 3ffc0xc012: 831f0xc014: 23fe0xc016: 4130

0100 0000 0011 0001

BYU CS 124

0100 0000 1011 0010

0100 0010 0111 1111

1000 0011 0001 11110010 0011 1111 1110

…Use register mode for destination operand. (Pop the stack into the PC – ret instruction.)

0001 0010 1011 0000

0011 1111 1111 1100 jmp 0xc00a

mov.w 0x5a80# ,&0x120

0x0400mov.w # ,r1

call #0xc012mov.b #8,r15

jnesub #1,r15.w

0xc012mov.w @r1+,r0 (ret)

.w

Page 25: Disassembling Instructions

MSP430 Disassembly 25

0100 0001 0011 0000R0

How to Disassemble MSP430 CodeInstruction Disassembly

0xc000: 40310xc002: 04000xc004: 40b20xc006: 5a800xc008: 01200xc00a: 427f0xc00c: 12b00xc00e: c0120xc010: 3ffc0xc012: 831f0xc014: 23fe0xc016: 4130

0100 0000 0011 0001

BYU CS 124

0100 0000 1011 0010

0100 0010 0111 1111

1000 0011 0001 11110010 0011 1111 1110

…Continue the disassembly process.

0001 0010 1011 0000

0011 1111 1111 1100 jmp 0xc00a

mov.w 0x5a80# ,&0x120

0x0400mov.w # ,r1

call #0xc012mov.b #8,r15

jnesub #1,r15.w

0xc012mov.w @r1+,r0 (ret)

.w


Disassembling Itron Modules for Recycling or Disposal · Identification Disassembling Itron Modules for Recycling or Disposal 27 August 2014 PUB-0085-001 Rev F

Disassembling Itron Modules for Recycling or Disposal · Identification Disassembling Itron Modules for Recycling or Disposal 27 August 2014 PUB-0085-001 Rev F

ASSEMBLING AND DISASSEMBLING OF COMPUTER SYSTEM

ASSEMBLING AND DISASSEMBLING OF COMPUTER SYSTEM

APP pumps APP(W) 5.1-10.2 Disassembling and assembling€¦ · Service guide APP pumps APP(W) 5.1-10.2 Disassembling and assembling hpp.danfoss.com

APP pumps APP(W) 5.1-10.2 Disassembling and assembling€¦ · Service guide APP pumps APP(W) 5.1-10.2 Disassembling and assembling hpp.danfoss.com

Instruction Disassembling and assembling PAH 10-12.5, PAHT ...

Instruction Disassembling and assembling PAH 10-12.5, PAHT ...

Instruction Disassembling and assembling iSave 40 · Instruction Disassembling and assembling iSave 40 2 180R9242 / 521B1213 / DKCFN.PI.003.R2.02 / 09.2013 Table of Contents This

Instruction Disassembling and assembling iSave 40 · Instruction Disassembling and assembling iSave 40 2 180R9242 / 521B1213 / DKCFN.PI.003.R2.02 / 09.2013 Table of Contents This

Competency based learning material assembling and disassembling

Competency based learning material assembling and disassembling

Disassembling Of the old working pc (part-1)

Disassembling Of the old working pc (part-1)

Instructions for objconv · 1 Introduction Objconv is a utility for facilitating cross-platform development of function libraries, for converting and disassembling object files, and

Instructions for objconv · 1 Introduction Objconv is a utility for facilitating cross-platform development of function libraries, for converting and disassembling object files, and

PACLEASE Hybrid Sacagawea VK-1222 Display Instructions / …€¦ · when disassembling aluminum extrusion, tighten all setscrews and locks to prevent loss during shipping 800-676-3976

PACLEASE Hybrid Sacagawea VK-1222 Display Instructions / …€¦ · when disassembling aluminum extrusion, tighten all setscrews and locks to prevent loss during shipping 800-676-3976

Windows Debugging, Disassembling, Reversing · Windows Debugging, Disassembling, Reversing Practical Foundations: Training Course Dmitry Vostokov Software Diagnostics Services

Windows Debugging, Disassembling, Reversing · Windows Debugging, Disassembling, Reversing Practical Foundations: Training Course Dmitry Vostokov Software Diagnostics Services

SSD 500(1B)Disassembling

SSD 500(1B)Disassembling

Transmission, disassembling and assembling Transmission, disassembling and assembling ATF cooler and ATF filler tube, removing and installing page 37-54 Planetary gearbox disassembly

Transmission, disassembling and assembling Transmission, disassembling and assembling ATF cooler and ATF filler tube, removing and installing page 37-54 Planetary gearbox disassembly

Spyware Detection by Extracting and Selecting Features in ...2016/12/24  · from hexadecimal dumps, instructions need to be disassembling from their original binary forms. Proceedings

Spyware Detection by Extracting and Selecting Features in ...2016/12/24  · from hexadecimal dumps, instructions need to be disassembling from their original binary forms. Proceedings

Disassembling Borderlands - Final - Harshal

Disassembling Borderlands - Final - Harshal

K340 Repair Instructions - rem-5.ru · PDF file3 PAGE Repair Instructions K340 Disassembling the spindle (removing the outer parts) 1 Remove the locking washer (A). 2 Reduce the rear

K340 Repair Instructions - rem-5.ru · PDF file3 PAGE Repair Instructions K340 Disassembling the spindle (removing the outer parts) 1 Remove the locking washer (A). 2 Reduce the rear

PAH 20-25-32 Disassembling and assembling

PAH 20-25-32 Disassembling and assembling

Disassembling and Patching iOS Applications 7/vol7issue1...Disassembling and Patching iOS Applications Arpita Jadhav Bhatt#1, Chetna Gupta*2 #*Department of Computer Science & IT,

Disassembling and Patching iOS Applications 7/vol7issue1...Disassembling and Patching iOS Applications Arpita Jadhav Bhatt#1, Chetna Gupta*2 #*Department of Computer Science & IT,

Installation Instructions - RoofnestInstallation Instructions Step 1 Step 4 Step 5 Step 2 Step 3 Carefully “unbox” the tent by disassembling the cardboard box it arrives in. Place

Installation Instructions - RoofnestInstallation Instructions Step 1 Step 4 Step 5 Step 2 Step 3 Carefully “unbox” the tent by disassembling the cardboard box it arrives in. Place

Disassembling Asus Transformer TF101 Charger - The Eye Guides/Disassembling Asus...Disassembling Asus Transformer TF101 Charger The charger and cable for the TF101 are notoriously

Disassembling Asus Transformer TF101 Charger - The Eye Guides/Disassembling Asus...Disassembling Asus Transformer TF101 Charger The charger and cable for the TF101 are notoriously

Toshiba Satelite 5200 Disassembling

Toshiba Satelite 5200 Disassembling