526互联

gun cm4 启动指令梳理

发布时间 2023-04-30 22:54:01作者: lance9527

(gdb) disassemble
Dump of assembler code for function Reset_Handler:
0x08012090 <+0>: ldr.w sp, [pc, #52] ; 0x80120c8 <LoopFillZerobss+18>
0x08012094 <+4>: ldr r0, [pc, #52] ; (0x80120cc <LoopFillZerobss+22>)
0x08012096 <+6>: ldr r1, [pc, #56] ; (0x80120d0 <LoopFillZerobss+26>)
0x08012098 <+8>: ldr r2, [pc, #56] ; (0x80120d4 <LoopFillZerobss+30>)
0x0801209a <+10>: movs r3, #0
0x0801209c <+12>: b.n 0x80120a4 <Reset_Handler+20>
0x0801209e <+14>: ldr r4, [r2, r3]
0x080120a0 <+16>: str r4, [r0, r3]
0x080120a2 <+18>: adds r3, #4
0x080120a4 <+20>: adds r4, r0, r3
0x080120a6 <+22>: cmp r4, r1
0x080120a8 <+24>: bcc.n 0x801209e <Reset_Handler+14>
0x080120aa <+26>: ldr r2, [pc, #44] ; (0x80120d8 <LoopFillZerobss+34>)
0x080120ac <+28>: ldr r4, [pc, #44] ; (0x80120dc <LoopFillZerobss+38>)
0x080120ae <+30>: movs r3, #0
0x080120b0 <+32>: b.n 0x80120b6 <Reset_Handler+38>
0x080120b2 <+34>: str r3, [r2, #0]
0x080120b4 <+36>: adds r2, #4
0x080120b6 <+38>: cmp r2, r4
0x080120b8 <+40>: bcc.n 0x80120b2 <Reset_Handler+34>
=> 0x080120ba <+42>: bl 0x8000d04 <SystemInit> #带L的跳转指令需要保存返回值,不带的不需要;但这里不需要压栈
0x080120be <+46>: bl 0x800d750 <__libc_init_array>
0x080120c2 <+50>: bl 0x8001488 <main>
0x080120c6 <+54>: bx lr
End of assembler dump.

(gdb) si
SystemInit ()
at /home/lance/Disk2/code/stm32/stm32fx_boot/Project/f401kit/../../CMSIS/Device/ST/STM32F4xx/Source/Templates/system_stm32f4xx.c:371
371 {
(gdb) info registers
r0 0x20000000 536870912
r1 0x20000360 536871776
r2 0x20001764 536876900
r3 0x0 0
r4 0x20001764 536876900
r5 0x0 0
r6 0x0 0
r7 0x0 0
r8 0x0 0
r9 0x0 0
r10 0x0 0
r11 0x0 0
r12 0x0 0
sp 0x20010000 0x20010000
lr 0x80120bf 134291647 #这里的函数调用需要保存返回值
pc 0x8000d04 0x8000d04 <SystemInit>
xPSR 0x61000000 1627389952
fpscr 0x0 0
msp 0x20010000 0x20010000 #这里的函数调用不需要压栈,所以仍是满栈
psp 0x0 0x0
primask 0x0 0
basepri 0x0 0
faultmask 0x0 0
control 0x0 0

Dump of assembler code for function SystemInit:
=> 0x08000d04 <+0>: push {r7} ;将R7中的值压栈,即R7中的值在当前sp指向的地址空间
0x08000d06 <+2>: add r7, sp, #0
0x08000d08 <+4>: ldr r3, [pc, #24] ; (0x8000d24 <SystemInit+32>)
0x08000d0a <+6>: ldr.w r3, [r3, #136] ; 0x88
0x08000d0e <+10>: ldr r2, [pc, #20] ; (0x8000d24 <SystemInit+32>)
0x08000d10 <+12>: orr.w r3, r3, #15728640 ; 0xf00000
0x08000d14 <+16>: str.w r3, [r2, #136] ; 0x88
0x08000d18 <+20>: nop
0x08000d1a <+22>: mov sp, r7
0x08000d1c <+24>: ldr.w r7, [sp], #4 ;将当前sp指向的地址空间处的值取出传给R7,并且sp+=4;这样R7前后值未变,sp回到原始水位
0x08000d20 <+28>: bx lr
0x08000d22 <+30>: nop
0x08000d24 <+32>: ; <UNDEFINED> instruction: 0xed00e000
End of assembler dump.