One standard feature is showing the current instruction de-assembly.
Such could be achieved in two ways:
- By parser the project code ELF file
- By decoding the instruction that is under execution during in the selected CPU
Definitely the second approach is more flexible since it could be performed even without the source codes and fitting to my purpose: reverse engineering.
Therefore, I decide to implement my own de-assembler for TriCore™ processor. Let me try to explain what has to be done. Let's take the ABS instruction (source TC1.6 - page 49):
{0x01C00B, 32, "ABS", "absolute Value", "ABS D[c], D[b] ", "Put the absolute value of data register D[b] in data register D[c]"}
where:
typedef struct deASM_n
{
uint32_t uiOpCode; // Opcode (e.g. 0xDC for 'ji')
uint8_t uiOpCodeLengh; // Lenght of the opcode (e.g. 16)
char sInStr[INSTSTRSIZE]; // Instruction Mnemonic
char sLongName[DESCSRSIZE]; // Instruction Longname
char sSyntax[DESCSRSIZE]; // Instruction Syntax
char sLDescr[DESCLRSIZE]; // Instruction long description
} deASM_t;
Easy, isn't it? (The only problem is to compile such structure for all opcodes that TriCore™ has!!!).
Having such structure (also if not for all opcodes) permit to write the function that decode and verbose the last executed instruction, as:
Commenti
Posta un commento