arm汇编与C语言混合编程与传参

joe · 发表于 2022-10-11 14:12:06

本实验：ts.s是模拟上电启动文件，并且调用main函数，同时在main中调用子程序sum，可以看到ARM调用函数时是如何传参的。
main.c文件:
int g = 100; // un-initialized global
extern int sum(int a,int b,int c,int d,int e,int f);
int main()
{
int a,b,c,d,e,f; //local variables
a = b = c = d = e = f = 1;
g = sum(a,b,c,d,e,f); //arm中r0中是a,r1中是b
}

链接脚本t.ld文件：
ENTRY(start) /* define start as the entry address  file from: https://www.5axxw.com/questions/content/h1m1i2 */
SECTIONS
{
. = 0x10000; /* loading address, required by QEMU */
.text : { *(.text) }
.data : { *(.data) }
.bss : { *(.bss) }
. =ALIGN(8);
      . =. + 0x1000;
stack_top =.;
}

ts.s汇编文件：
// Assembly file to define sum(...)
.global start ,sum
start:
//stack_top标号其实是在链接脚本t.ld中.bss节之后align(8)对齐之后的偏址为
//0x1000处的地址，也就是说sp其实是最高地址处
ldr sp,=stack_top //为什么会有"=",如果不用"="直接用 ldr sp,stack_top呢？？？
//在startup2.s中可以看到确实有ldr r2,str1，两种写法有什么不同？？？
//在qemu中查看实际效果
//arm汇编中LDR伪指令和LDR指令
//https://blog.csdn.net/new_eggs/article/details/8468008
//https://blog.csdn.net/ce123_zhouwei/article/details/7182756

bl main
stop: b stop

sum:
stmfd sp!,{fp,lr} //push lr and fp，参考 https://www.cnblogs.com/w-smile/p/14019942.html
//stmfd 多次保存将寄存器保存到存储器，源在右边（源的方向与单次保存的源方向相反)
//fd其实是满递减堆栈类型，这是ARM常用的类型
//sp!表示保存之后sp的值也要回写
add fp,sp,#4 //ARM的ATPCS（ARM程序调用标准）,将最新的sp值+4,然后再传给fp，因为堆栈指针sp初始值在最高地址位
//而且关于堆栈用的是满递减指令stmfd，所以sp总是指向最后一次保存的数据的最低有效位
//也就是上句stmfd sp!,{fp,lr}中，在堆栈上的fp值的最低有效位地址处
//fp和lr在堆栈中的实际图示及例子见https://blog.csdn.net/qq_34430371/article/details/121795096
//在这个网页中也说了：fp的主要作用就是用来栈回溯，找到子程序的调用关系，也成为backtrace.
//另外，根据http://blog.itpub.net/70005277/viewspace-2870926/ 和 https://blog.csdn.net/qq_38131812/article/details/124572650 中图所说，FP
//每个栈由两个地址构成单链表，位于栈的底部，低地址存放指向上一个栈帧的栈基地址FP，类似链表的prev
//高地址存放函数的返回地址，即进入该函数时的lr值
//所以上面add fp,sp,#4就是将上一个caller的栈帧的栈基地址fp（其实在执行本句时sp值为fp,而sp+4之后其实就是lr
add r0,r0,r1 //sum(a,b,c,d,e,f)，ARM平台实参是如何用寄存器或堆栈传参的

add r0, r0, r2 // r0 = a + b + c
add r0, r0, r3 // r0 = a + b + c + d
ldr r3, [fp, #4] // r1 = e
add r0, r0, r3 // r0 = a + b + c + d + e
ldr r3, [fp, #8] // r1 = f
add r0, r0, r3 // r0 = a + b + c + d + e + f
// return
sub sp, fp, #4 // point stack pointer to saved fp
ldmfd sp!, {fp, pc} // return to caller

//参考：https://blog.csdn.net/weixin_52288941/article/details/120676938
//https://blog.csdn.net/fivedoumi/article/details/50446493 此帖有C和汇编代码例子
//可以看到实验的结论：参数值传递按顺序：参数个数<=4时，从左到右分别是R0,R1,R2,R3
//如果超过4个，其它参数将保存在栈上，且参数顺序按从右到左入栈（http://lionwq.spaces.eepw.com.cn/articles/article/item/17475/）

//https://blog.csdn.net/fivedoumi/article/details/50446493
//stmfd sp {r4,r5} //将r4,r5入栈，但sp不变
//ldr r4,[sp] //sp此时刻是主程序中对应压入的r5值  //注意原代码中的主程序入栈：stmfd sp!,{r4,r5}这个stmfd其实是通过堆栈传参，然后再 bl add_six

//stmfd指令中 st表示store存储，将一个值放入堆栈指针所指的栈中，m表示多次，
//fd表示满递减类型，即满递减类型堆栈
//!表示每次sp操作之后都要将新值写入sp，{fp,lr}是先压入lr，再压入fp，即从右到左
//伪动作：
//sp -= 4
//sp=lr
//sp -= 4
//sp=fp
//如果是stmed sp,{fp,lr} 入栈多次空递减类型不回写sp
//伪动作：
//sp = lr
//sp - 4 = fp
//如果是stmed sp!,{fp,lr}
//伪动作：
//sp = lr
//sp -= 4
//sp = fp
//sp -= 4
//如果用代码来检测ARM堆栈的类型可参考https://blog.csdn.net/GRT609/article/details/124206662
//add fp,sp,#4 //fp -> saved lr on stack
//add r0,r0,r1  //sum(a,b,c,d,e,f),所以r0=r0+r1即r0=a+b
//add r0,r0,r2 //r0=r0+r2 即r0=a+b+c
//add r0,r0,r3 //r0=a+b+c+d
//ldr r3,[fp,#4] //r1=e https://blog.csdn.net/ZXG0808/article/details/125330428
//ldr{条件} 目的寄存器 <存储器地址>
//将<存储器地址>所指地址处连续的4个字节（1个字）的数据传送到目的寄存器中
//ldr指令有多种形式：
//ldr Rn,label1 将label1标号所代码的存储器中数据传输到寄存器Rn中
//ldr R0,[R1] 将R1寄存器值所代表的存储器地址中的数据值加载到寄存器R0
//有一个问题：[R1]是什么类型的寻址方式，ARM有哪几种寻址方式？？？
//ldr R0,=0x00000040 将立即数装入寄存器R0中，如果立即数的有效位不超过8位，
//该指令（其实是ldr伪指令）最终被替换成mov R0,#0x40,如果立即数的有效位超过
//8位，比如：ldr R0,=0xf0000000,那么该伪指令被编译器拆分为ldr R0,[PC,#offset]
//和 .word 0xf0000000两条指令，即先用.word指令存储数据值到一个地址处（可能是
//在本指令所在的session节或其它节中，根据《ARM汇编语言官方手册.pdf》所说，一般放在本节的末尾），编译器计算数据所在的存储地址与当前
//正在执行指令PC指针的偏差offset。当然，如果.word指令最终将数据放的地址与本指令
//地址相差超过太多（4K），应该要采用ldr的寄存器间接寻址方式而不应该用ldr直接立即数寻址即我们常见的"标号寻址"
//比如：
//将存储器地址为R1值的字数据加载到寄存器R0中
//ldr R0,[R1]
//将存储器地址为R1+R2值的字数据加载到寄存器R0中
//ldr R0,[R1,R2]
//将存储器地址为R1+8的字数据加载到寄存器R0中
//ldr R0,[R1,#8] 注意立即数范围
//将存储器地址为R1的字数据加载到寄存器R0,并将R1+R2的值存入R1
//再次寄存器相加时的规律是相加之后值放入左边寄存器
//ldr R0,[R1],R2
//将存储器地址为R1的字数据加载到寄存器R0,并将R1+8的值存入R1
//规律也是相加之后放入左边寄存器
//ldr R0,[R1],#8 注意立即数范围  注意：ldr Rd,[Rn],#8这种形式的指令，目的寄存器Rd不允许是R15 (r13是堆栈sp，r14是链接寄存器lr（存储子程序调用时的返回地址）,r15是PC）
//将存储器地址为R1+R2的字数据加载到寄存器R0,并将R1+R2的值存入R1
//ldr R0,[R1,R2]!
//单次加载源在右边，存储器地址为R1*8，然后将数据加载到寄存器R0
//ldr R0,[R1,LSL #3]  https://blog.csdn.net/ZXG0808/article/details/125330428
//ldr单次加载源在右边，存储器地址为R1+R2*4，然后将数据加载到寄存器R0
//ldr R0,[R1,R2,LSL #2]
//ldr单次加载源在右边，存储器地址为R1+R2*4,然后将数据加载到R0,最后还要将R1+R2*4保存到R1中
//ldr R0,[R1,R2,LSL #2]!
//ldr单次加载源在右边，存储器地址为R1，数据加载到R0,最后也是要将R1+R2*4保存到R1中
//ldr R0,[R1],R2,LSL #2
//ldr R0,label
//关于ARM汇编指令集及8种寻址方式等知识参考：https://blog.csdn.net/weixin_44705391/article/details/120994974
//8种寻址方式如下：
//1）寄存器寻址
// mov R1,R2 即R1=R2
//2）立即数寻址
// mov R1,#0x08 即R1=8
//3）寄存器移位寻址
// mov R0,R1,LSL #3 即R1左移3位，然后再将新值赋给R0即R0 = R1 << 3
//4）寄存器间接寻址
// ldr R1,[R2] 即寄存器R2值所对应的内存地址处的字数据赋值给R1,即[R2]是内存地址指针
//5）基址变址寻址
// ldr R1,[R2,#4] 基址是R2值，变址是立即数#4,将内存地址R2+4所对应的数据赋给R1
// 基址变址应该还有：ldr R1,[R2,R3]？？？
//6）多寄存器寻址 (下面LDMIA指令执行完之后R1值是多少？如果指令中R1没有！结果如何？)
// LDMIA R1!,{R2-R7,LR} LD表示加载，M多次，因为是普通数据传输不是堆栈传输，
// 所以不会有FA/FD/EA/ED（堆栈只有FA满递增，FD满递减，EA空递增，ED空递减），
// 只有IA（Increment After 传输之后地址增加）/IB（Increment Before 传输之前地址增加）
// /DA(Decrement After 传输之前地址减少)/DB（Descrement Before 传输之前地址减少）
// R1!表示地址回写，(另外，LDM指令与LDR指令或伪指令运行的方向不同，LDM是从左到右,LDR伪指令或LDR指令是从右到左,MOV等常用指令也是从右到左)
// LDMIA R1！，{R2-R7,LR}表示数据传输方向是从R1到{。。。}，可以理解为：
// LDMIA [R1]!,{R2-R7,LR}即将R1寄存器值所代表的存储器地址中的值加载到R2中，
// 然后从R1+4对应的存储器地址中的值加载到R3中，一直到R7,最后一次是加载到LR中,
// 也就是说R1值相当于是一个数组的首地址，也就是数组名
//7）堆栈寻址
// STMFD SP!,{R2-R7,LR} (感觉就象LDM与LDR的指令运行方向不同一样，STM与STR方向也不同吗？？)
// STMFD传输方向是从{R2-R7,LR}到R1，STR R0,[R1,#8]方向是R0到[R1,#8]
.end

joe · 发表于 2022-10-11 14:12:47

t:ts.o t.o
arm-none-eabi-ld -T t.ld -Map t.map -o t.elf $^
arm-none-eabi-objcopy -O binary t.elf t.bin
arm-none-eabi-objcopy -O ihex t.elf t.hex
arm-none-eabi-objdump -D t.elf > t.dis

joe · 发表于 2022-10-11 14:13:21

t.dis内容如下：

t.elf:    file format elf32-littlearm

Disassembly of section .text:

00010000 <start>:
10000:       e59fd030       ldr       sp, [pc, #48]       ; 10038 <sum+0x2c>
10004:       eb00000c       bl       1003c <main>

00010008 <stop>:
10008:       eafffffe       b       10008 <stop>

0001000c <sum>:
1000c:       e92d4800       push       {fp, lr}
10010:       e28db004       add       fp, sp, #4
10014:       e0800001       add       r0, r0, r1
10018:       e0800002       add       r0, r0, r2
1001c:       e0800003       add       r0, r0, r3
10020:       e59b3004       ldr       r3, [fp, #4]  //其实就是入栈之后参数值，也就是参数e的值
10024:       e0800003       add       r0, r0, r3
10028:       e59b3008       ldr       r3, [fp, #8] //也就是参数f的值
1002c:       e0800003       add       r0, r0, r3
10030:       e24bd004       sub       sp, fp, #4
10034:       e8bd8800       pop       {fp, pc}
10038:       000110c8       andeq       r1, r1, r8, asr #1

0001003c <main>:
1003c:       e92d4800       push       {fp, lr}
10040:       e28db004       add       fp, sp, #4
10044:       e24dd020       sub       sp, sp, #32
10048:       e3a03001       mov       r3, #1
1004c:       e50b3008       str       r3, [fp, #-8]
10050:       e51b3008       ldr       r3, [fp, #-8]
10054:       e50b300c       str       r3, [fp, #-12]
10058:       e51b300c       ldr       r3, [fp, #-12]
1005c:       e50b3010       str       r3, [fp, #-16]
10060:       e51b3010       ldr       r3, [fp, #-16]
10064:       e50b3014       str       r3, [fp, #-20]       ; 0xffffffec
10068:       e51b3014       ldr       r3, [fp, #-20]       ; 0xffffffec
1006c:       e50b3018       str       r3, [fp, #-24]       ; 0xffffffe8
10070:       e51b3018       ldr       r3, [fp, #-24]       ; 0xffffffe8
10074:       e50b301c       str       r3, [fp, #-28]       ; 0xffffffe4
10078:       e51b3008       ldr       r3, [fp, #-8]
1007c:       e58d3004       str       r3, [sp, #4]
10080:       e51b300c       ldr       r3, [fp, #-12]
10084:       e58d3000       str       r3, [sp]
10088:       e51b3010       ldr       r3, [fp, #-16]
1008c:       e51b2014       ldr       r2, [fp, #-20]       ; 0xffffffec
10090:       e51b1018       ldr       r1, [fp, #-24]       ; 0xffffffe8
10094:       e51b001c       ldr       r0, [fp, #-28]       ; 0xffffffe4
10098:       ebffffdb       bl       1000c <sum>
1009c:       e1a02000       mov       r2, r0
100a0:       e59f3014       ldr       r3, [pc, #20]       ; 100bc <main+0x80>
100a4:       e5832000       str       r2, [r3]
100a8:       e3a03000       mov       r3, #0
100ac:       e1a00003       mov       r0, r3
100b0:       e24bd004       sub       sp, fp, #4
100b4:       e8bd4800       pop       {fp, lr}
100b8:       e12fff1e       bx       lr
100bc:       000100c0       andeq       r0, r1, r0, asr #1

Disassembly of section .data:

000100c0 <g>:
100c0:       00000064       andeq       r0, r0, r4, rrx

Disassembly of section .ARM.attributes:

00000000 <.ARM.attributes>:
0:       00002b41       andeq       r2, r0, r1, asr #22
4:       61656100       cmnvs       r5, r0, lsl #2
8:       01006962       tsteq       r0, r2, ror #18
c:       00000021       andeq       r0, r0, r1, lsr #32
  10:       4d524105       ldfmie       f4, [r2, #-20]       ; 0xffffffec
  14:       4d445437       cfstrdmi       mvd5, [r4, #-220]       ; 0xffffff24
  18:       02060049       andeq       r0, r6, #73       ; 0x49
  1c:       01090108       tsteq       r9, r8, lsl #2
  20:       01140412       tsteq       r4, r2, lsl r4
  24:       03170115       tsteq       r7, #1073741829       ; 0x40000005
  28:       011a0118       tsteq       sl, r8, lsl r1

Disassembly of section .comment:

00000000 <.comment>:
0:       3a434347       bcc       10d0d24 <stack_top+0x10bfc5c>
4:       4e472820       cdpmi       8, 4, cr2, cr7, cr0, {1}
8:       6f542055       svcvs       0x00542055
c:       20736c6f       rsbscs       r6, r3, pc, ror #24
  10:       20726f66       rsbscs       r6, r2, r6, ror #30
  14:       204d5241       subcs       r5, sp, r1, asr #4
  18:       65626d45       strbvs       r6, [r2, #-3397]!       ; 0xfffff2bb
  1c:       64656464       strbtvs       r6, [r5], #-1124       ; 0xfffffb9c
  20:       6f725020       svcvs       0x00725020
  24:       73736563       cmnvc       r3, #415236096       ; 0x18c00000
  28:       2973726f       ldmdbcs       r3!, {r0, r1, r2, r3, r5, r6, r9, ip, sp, lr}^
  2c:       332e3520                      ; <UNDEFINED> instruction: 0x332e3520
  30:       3220312e       eorcc       r3, r0, #-2147483637       ; 0x8000000b
  34:       30363130       eorscc       r3, r6, r0, lsr r1
  38:       20373033       eorscs       r3, r7, r3, lsr r0
  3c:       6c657228       sfmvs       f7, 2, [r5], #-160       ; 0xffffff60
  40:       65736165       ldrbvs       r6, [r3, #-357]!       ; 0xfffffe9b
  44:       415b2029       cmpmi       fp, r9, lsr #32
  48:       652f4d52       strvs       r4, [pc, #-3410]!       ; fffff2fe <stack_top+0xfffee236>
  4c:       6465626d       strbtvs       r6, [r5], #-621       ; 0xfffffd93
  50:       2d646564       cfstr64cs       mvdx6, [r4, #-400]!       ; 0xfffffe70
  54:       72622d35       rsbvc       r2, r2, #3392       ; 0xd40
  58:       68636e61       stmdavs       r3!, {r0, r5, r6, r9, sl, fp, sp, lr}^
  5c:       76657220       strbtvc       r7, [r5], -r0, lsr #4
  60:       6f697369       svcvs       0x00697369
  64:       3332206e       teqcc       r2, #110       ; 0x6e
  68:       39383534       ldmdbcc       r8!, {r2, r4, r5, r8, sl, ip, sp}
  6c:       Address 0x0000006c is out of bounds.

Disassembly of section .debug_line:

00000000 <.debug_line>:
0:       00000040       andeq       r0, r0, r0, asr #32
4:       001b0002       andseq       r0, fp, r2
8:       01020000       mrseq       r0, (UNDEF: 2)
c:       000d0efb       strdeq       r0, [sp], -fp
  10:       01010101       tsteq       r1, r1, lsl #2
  14:       01000000       mrseq       r0, (UNDEF: 0)
  18:       00010000       andeq       r0, r1, r0
  1c:       732e7374                      ; <UNDEFINED> instruction: 0x732e7374
  20:       00000000       andeq       r0, r0, r0
  24:       02050000       andeq       r0, r5, #0
  28:       00010000       andeq       r0, r1, r0
  2c:       312f3517                      ; <UNDEFINED> instruction: 0x312f3517
  30:       2e090332       mcrcs       3, 0, r0, cr9, cr2, {1}
  34:       2f2f2f30       svccs       0x002f2f30
  38:       2f302f2f       svccs       0x00302f2f
  3c:       022e5e03       eoreq       r5, lr, #3, 28       ; 0x30
  40:       01010002       tsteq       r1, r2
  44:       00000032       andeq       r0, r0, r2, lsr r0
  48:       001a0002       andseq       r0, sl, r2
  4c:       01020000       mrseq       r0, (UNDEF: 2)
  50:       000d0efb       strdeq       r0, [sp], -fp
  54:       01010101       tsteq       r1, r1, lsl #2
  58:       01000000       mrseq       r0, (UNDEF: 0)
  5c:       00010000       andeq       r0, r1, r0
  60:       00632e74       rsbeq       r2, r3, r4, ror lr
  64:       00000000       andeq       r0, r0, r0
  68:       3c020500       cfstr32cc       mvfx0, [r2], {-0}
  6c:       15000100       strne       r0, [r0, #-256]       ; 0xffffff00
  70:       08750868       ldmdaeq       r5!, {r3, r5, r6, fp}^
  74:       000a0291       muleq       sl, r1, r2
  78:       Address 0x00000078 is out of bounds.

Disassembly of section .debug_info:

00000000 <.debug_info>:
0:       00000047       andeq       r0, r0, r7, asr #32
4:       00000002       andeq       r0, r0, r2
8:       01040000       mrseq       r0, (UNDEF: 4)
c:       00000000       andeq       r0, r0, r0
  10:       00010000       andeq       r0, r1, r0
  14:       0001003c       andeq       r0, r1, ip, lsr r0
  18:       732e7374                      ; <UNDEFINED> instruction: 0x732e7374
  1c:       5c3a4800       ldcpl       8, cr4, [sl], #-0
  20:       5c504d54       mrrcpl       13, 5, r4, r0, cr4
  24:       73707466       cmnvc       r0, #1711276032       ; 0x66000000
  28:       65767265       ldrbvs       r7, [r6, #-613]!       ; 0xfffffd9b
  2c:       6f6f7272       svcvs       0x006f7272
  30:       72615c74       rsbvc       r5, r1, #116, 24       ; 0x7400
  34:       6162396d       cmnvs       r2, sp, ror #18
  38:       47006572       smlsdxmi       r0, r2, r5, r6
  3c:       4120554e                      ; <UNDEFINED> instruction: 0x4120554e
  40:       2e322053       mrccs       0, 1, r2, cr2, cr3, {2}
  44:       302e3632       eorcc       r3, lr, r2, lsr r6
  48:       9a800100       bls       fe000450 <stack_top+0xfdfef388>
  4c:       04000000       streq       r0, [r0], #-0
  50:       00001400       andeq       r1, r0, r0, lsl #8
  54:       00010400       andeq       r0, r1, r0, lsl #8
  58:       0c000000       stceq       0, cr0, [r0], {-0}
  5c:       00632e74       rsbeq       r2, r3, r4, ror lr
  60:       00000051       andeq       r0, r0, r1, asr r0
  64:       0001003c       andeq       r0, r1, ip, lsr r0
  68:       00000084       andeq       r0, r0, r4, lsl #1
  6c:       00000044       andeq       r0, r0, r4, asr #32
  70:       00004c02       andeq       r4, r0, r2, lsl #24
  74:       87030100       strhi       r0, [r3, -r0, lsl #2]
  78:       3c000000       stccc       0, cr0, [r0], {-0}
  7c:       84000100       strhi       r0, [r0], #-256       ; 0xffffff00
  80:       01000000       mrseq       r0, (UNDEF: 0)
  84:       0000879c       muleq       r0, ip, r7
  88:       00610300       rsbeq       r0, r1, r0, lsl #6
  8c:       00870501       addeq       r0, r7, r1, lsl #10
  90:       91020000       mrsls       r0, (UNDEF: 2)
  94:       00620360       rsbeq       r0, r2, r0, ror #6
  98:       00870501       addeq       r0, r7, r1, lsl #10
  9c:       91020000       mrsls       r0, (UNDEF: 2)
  a0:       00630364       rsbeq       r0, r3, r4, ror #6
  a4:       00870501       addeq       r0, r7, r1, lsl #10
  a8:       91020000       mrsls       r0, (UNDEF: 2)
  ac:       00640368       rsbeq       r0, r4, r8, ror #6
  b0:       00870501       addeq       r0, r7, r1, lsl #10
  b4:       91020000       mrsls       r0, (UNDEF: 2)
  b8:       0065036c       rsbeq       r0, r5, ip, ror #6
  bc:       00870501       addeq       r0, r7, r1, lsl #10
  c0:       91020000       mrsls       r0, (UNDEF: 2)
  c4:       00660370       rsbeq       r0, r6, r0, ror r3
  c8:       00870501       addeq       r0, r7, r1, lsl #10
  cc:       91020000       mrsls       r0, (UNDEF: 2)
  d0:       04040074       streq       r0, [r4], #-116       ; 0xffffff8c
  d4:       746e6905       strbtvc       r6, [lr], #-2309       ; 0xfffff6fb
  d8:       00670500       rsbeq       r0, r7, r0, lsl #10
  dc:       00870101       addeq       r0, r7, r1, lsl #2
  e0:       03050000       movweq       r0, #20480       ; 0x5000
  e4:       000100c0       andeq       r0, r1, r0, asr #1
      ...

Disassembly of section .debug_abbrev:

00000000 <.debug_abbrev>:
0:       10001101       andne       r1, r0, r1, lsl #2
4:       12011106       andne       r1, r1, #-2147483647       ; 0x80000001
8:       1b080301       blne       200c14 <stack_top+0x1efb4c>
c:       13082508       movwne       r2, #34056       ; 0x8508
  10:       00000005       andeq       r0, r0, r5
  14:       25011101       strcs       r1, [r1, #-257]       ; 0xfffffeff
  18:       030b130e       movweq       r1, #45838       ; 0xb30e
  1c:       110e1b08       tstne       lr, r8, lsl #22
  20:       10061201       andne       r1, r6, r1, lsl #4
  24:       02000017       andeq       r0, r0, #23
  28:       193f012e       ldmdbne       pc!, {r1, r2, r3, r5, r8}       ; <UNPREDICTABLE>
  2c:       0b3a0e03       bleq       e83840 <stack_top+0xe72778>
  30:       13490b3b       movtne       r0, #39739       ; 0x9b3b
  34:       06120111                      ; <UNDEFINED> instruction: 0x06120111
  38:       42961840       addsmi       r1, r6, #64, 16       ; 0x400000
  3c:       00130119       andseq       r0, r3, r9, lsl r1
  40:       00340300       eorseq       r0, r4, r0, lsl #6
  44:       0b3a0803       bleq       e82058 <stack_top+0xe70f90>
  48:       13490b3b       movtne       r0, #39739       ; 0x9b3b
  4c:       00001802       andeq       r1, r0, r2, lsl #16
  50:       0b002404       bleq       9068 <start-0x6f98>
  54:       030b3e0b       movweq       r3, #48651       ; 0xbe0b
  58:       05000008       streq       r0, [r0, #-8]
  5c:       08030034       stmdaeq       r3, {r2, r4, r5}
  60:       0b3b0b3a       bleq       ec2d50 <stack_top+0xeb1c88>
  64:       193f1349       ldmdbne       pc!, {r0, r3, r6, r8, r9, ip}       ; <UNPREDICTABLE>
  68:       00001802       andeq       r1, r0, r2, lsl #16
      ...

Disassembly of section .debug_aranges:

00000000 <.debug_aranges>:
0:       0000001c       andeq       r0, r0, ip, lsl r0
4:       00000002       andeq       r0, r0, r2
8:       00040000       andeq       r0, r4, r0
c:       00000000       andeq       r0, r0, r0
  10:       00010000       andeq       r0, r1, r0
  14:       0000003c       andeq       r0, r0, ip, lsr r0
      ...
  20:       0000001c       andeq       r0, r0, ip, lsl r0
  24:       004b0002       subeq       r0, fp, r2
  28:       00040000       andeq       r0, r4, r0
  2c:       00000000       andeq       r0, r0, r0
  30:       0001003c       andeq       r0, r1, ip, lsr r0
  34:       00000084       andeq       r0, r0, r4, lsl #1
      ...

Disassembly of section .debug_str:

00000000 <.debug_str>:
0:       20554e47       subscs       r4, r5, r7, asr #28
4:       20313143       eorscs       r3, r1, r3, asr #2
8:       2e332e35       mrccs       14, 1, r2, cr3, cr5, {1}
c:       30322031       eorscc       r2, r2, r1, lsr r0
  10:       33303631       teqcc       r0, #51380224       ; 0x3100000
  14:       28203730       stmdacs       r0!, {r4, r5, r8, r9, sl, ip, sp}
  18:       656c6572       strbvs       r6, [ip, #-1394]!       ; 0xfffffa8e
  1c:       29657361       stmdbcs       r5!, {r0, r5, r6, r8, r9, ip, sp, lr}^
  20:       52415b20       subpl       r5, r1, #32, 22       ; 0x8000
  24:       6d652f4d       stclvs       15, cr2, [r5, #-308]!       ; 0xfffffecc
  28:       64646562       strbtvs       r6, [r4], #-1378       ; 0xfffffa9e
  2c:       352d6465       strcc       r6, [sp, #-1125]!       ; 0xfffffb9b
  30:       6172622d       cmnvs       r2, sp, lsr #4
  34:       2068636e       rsbcs       r6, r8, lr, ror #6
  38:       69766572       ldmdbvs       r6!, {r1, r4, r5, r6, r8, sl, sp, lr}^
  3c:       6e6f6973       mcrvs       9, 3, r6, cr15, cr3, {3}
  40:       34333220       ldrtcc       r3, [r3], #-544       ; 0xfffffde0
  44:       5d393835       ldcpl       8, cr3, [r9, #-212]!       ; 0xffffff2c
  48:       00672d20       rsbeq       r2, r7, r0, lsr #26
  4c:       6e69616d       powvsez       f6, f1, #5.0
  50:       5c3a4800       ldcpl       8, cr4, [sl], #-0
  54:       5c504d54       mrrcpl       13, 5, r4, r0, cr4
  58:       73707466       cmnvc       r0, #1711276032       ; 0x66000000
  5c:       65767265       ldrbvs       r7, [r6, #-613]!       ; 0xfffffd9b
  60:       6f6f7272       svcvs       0x006f7272
  64:       72615c74       rsbvc       r5, r1, #116, 24       ; 0x7400
  68:       6162396d       cmnvs       r2, sp, ror #18
  6c:       Address 0x0000006c is out of bounds.

Disassembly of section .debug_frame:

00000000 <.debug_frame>:
0:       0000000c       andeq       r0, r0, ip
4:       ffffffff                      ; <UNDEFINED> instruction: 0xffffffff
8:       7c020001       stcvc       0, cr0, [r2], {1}
c:       000d0c0e       andeq       r0, sp, lr, lsl #24
  10:       00000020       andeq       r0, r0, r0, lsr #32
  14:       00000000       andeq       r0, r0, r0
  18:       0001003c       andeq       r0, r1, ip, lsr r0
  1c:       00000084       andeq       r0, r0, r4, lsl #1
  20:       8b080e42       blhi       203930 <stack_top+0x1f2868>
  24:       42018e02       andmi       r8, r1, #2, 28
  28:       78040b0c       stmdavc       r4, {r2, r3, r8, r9, fp}
  2c:       42080d0c       andmi       r0, r8, #12, 26       ; 0x300
  30:       000ecbce       andeq       ip, lr, lr, asr #23

		自动登录	找回密码
密码			立即注册