Tuesday, May 19, 2009

MSP430 Challenge of May 2009

Howdy neighbors,

The following image is a piece of disassembled code that was compiled for the MSP430F1611. The code is found in many programs, but in this one it is accidentally vestigial as a result of a compiler bug. Please comment as to (1) which compiler generated the code, (2) what the code was intended to do, and (3) why the code is vestigial in the example, but might not be in another program. Translations to C or psuedocode and commented write-ups are also nice. The MSP430F1xx Family Guide might be handy if you're unfamiliar with the architecture.

I'll send a GoodFET board to the most insightful commentator, but as I send those boards out to anyone who asks, you're really only commenting for the neighborliness of it all. If I get enough replies, I'll post one of these each month.

Also, I saw a lot of good work on last month's Masked ROM Challenge while I was a Cleveland, but next to nothing has been sent my way. If you made significant progress, such as semi-automated extraction of the bits, please email me.

--Travis Goodspeed
<travis at radiantmachines.com>

Disassembly Challenge


bandarra said...

Hi Travis

The first line just stops the Watchdog.

(cmp r14,r13) and (cmp R15,13) instructions set the zero flag, so (jz $+12) jump instrunctions produce two jumps. After that, the code execution branch to the adress 0x4056.

Best regards

Vaclav said...

I found the code directly in libgcc.S :

.func _reset_vector__

mov #23168, &288
mov #_etext, r15 ; load r15 with end of .text segment
mov #__data_start, r14 ; load ram start

mov #_edata, r13 ; end of data segment
cmp r14, r13

jeq .Lend_of_data_loop
;; inc r13

/* copy data from @r15 to @r14 */
mov.b @r15+, @r14 ; move one byte

inc r14
cmp r13, r14 ; check if end of data reached

jlo .Lcopy_data_loop

mov #__bss_start, r15

mov #__bss_end, r13
cmp r15, r13

jeq .Lend_of_bss_loop
;; inc r13

clr.b @r15
inc r15
cmp r13, r15 ; check if r15 < r13

jlo .Lzero_bss
br #main ; jump to main procedure


It means that:
- you don't use any global initialized variables
- the code is not necessary for your actual firmware
- if you will use some global vars, the code will be ok and working
- msp430 pipeline (if there is any) does not affect the code


Travis Goodspeed said...

Both of you are right, but Vaclav's got absolutely everything there is to say about the code. Good job; email me if you'd like a GoodFET, the next revision should be arriving on Thursday.


Cindy Dy said...

I must appreciate your post which is helping us in such a great manner.


andrea chiu said...

Things happened for a reason so be thankful for everything. Thank you for your wonderful article. I hope you could inspire more people. Please visit my site.



Cindy Dy said...

amazing and nice looking site please love it and make more effective… keep it up.


lee woo said...

Love it! Very interesting topics, I hope the incoming comments and suggestion are equally positive. Thank you for sharing this information that is actually helpful.


sarah lee said...

I really enjoyed reading your article. I found this as an informative and interesting post, so i think it is very useful and knowledgeable. I would like to thank you for the effort you have made in writing this article.


Blogger said...

Order a professional Sparkling White Smiles Custom Teeth Whitening System online and get BIG SAVINGS!
* Up to 10 shades whiter in days!
* Professional Results Are Guaranteed.
* Better than your dentist, for a fraction of the cost.
* Same Teeth Whitening Gel as dentists use.

Blogger said...

If you want your ex-girlfriend or ex-boyfriend to come crawling back to you on their knees (even if they're dating somebody else now) you have to watch this video
right away...

(VIDEO) Get your ex CRAWLING back to you...?

Taylor Bara said...

How much can you write at once? This https://eduessayhelper.org/blog/writers-block would tell you how to stay productive!