Exetools - IDA 8052 error ?

Exetools (https://forum.exetools.com/index.php)

- General Discussion (https://forum.exetools.com/forumdisplay.php?f=2)

- - IDA 8052 error ? (https://forum.exetools.com/showthread.php?t=16336)

Git	11-24-2014 03:57

IDA 8052 error ?

Here's a snippet of disassembled 8051 code :

Code:

...

0000:7019 D0 00                      pop     RAM_0

0000:701B E8                          mov     A, R0

0000:701C C0 E0                      push    A

0000:701E 74 05                      mov     A, #5

0000:7020 28                          add     A, R0

0000:7021 F8                          mov     R0, A         <--

0000:7022 E7                          mov     A, @R1

0000:7023 F6                          mov     @R0, A

0000:7024 19                          dec     R1

0000:7025 18                          dec     R0

0000:7026 E7                          mov     A, @R1

0000:7027 F6                          mov     @R0, A

0000:7028 19                          dec     R1

0000:7029 18                          dec     R0

0000:702A E7                          mov     A, @R1

0000:702B F6                          mov     @R0, A

0000:702C D0 E0                      pop     A

0000:702E A8 E0                      mov     R0, A        <--

0000:7030 F9                          mov     R1, A

0000:7031 09                          inc     R1

0000:7032 09                          inc     R1

...

Look at offset 7021 and 702E. Same instruction, different op code. What gives?

Git

chessgod101

11-24-2014 05:49

According to the 8051/8052 instruction set website, both are correct. Apparently, A8 E0 is a two byte equivalent to F8. Here is a page with more information about 8051/8052 MOV instructions:

Code:

http://www.8052.com/51mov

Git	11-24-2014 06:23

I can't see that. MOV R0, A is an unambiguous single byte operation. I think the 2 byte 0xA8 0xNN form you refered to is moving from internal RAM to R0. The Philips data sheet also shows all MOV instrructions between A and Rx are single byte.

Git

chessgod101

11-24-2014 07:46

Did you try this freeware utility to compare the disassembly results to that of IDA?

Code:

http://www.bipom.com/dis51.php

I know it seems a little crude, but it may help you determine whether or not this is a disassembly bug in IDA.

arthur plank

11-24-2014 15:52

They are equivalent.

The F8 is an explicit single byte instruction to move A to R0.

The A8 E0 is actually MOV R0,ACC where ACC is the direct address for the A register. E0 is the direct address for ACC.

This A8 E0 is described in the 8051 bible as MOV Rn,direct.

Git	11-24-2014 18:41

AP - Ah, I see. What a strange way of doing things. I wonder why the original author choose both methods within a vew lines of each other?

CG - I was going to try some other means of disassembly, but then I realised that the two different op codes in this example were nothing to do with IDA, they existed before and IDA correctly interpreted them, in that A is identical to ACC. The thing at fault is the daft architecture of the 8051.

Git

arthur plank

11-24-2014 19:01

I think we can blame the original Intel developers for that one. It's an old architecture and in its day it was quite special with its efficient boolean operations. I worked with it professionally for about 20 years and just got to accept the quirks. I wouldn't want to go back to it though.

Git	11-25-2014 19:44

Professionally, I used the 9900, bypassed the 8051 and went on to Z80. I played with 68000 family on an amateur basis. 8051 outnumbers the rest of them put together for old design CPU's still in use. A couple of normal 16 bit address registers would have been nice though.

Git

All times are GMT +8. The time now is 21:48.