mirror of
https://github.com/mytechnotalent/Embedded-Hacking.git
synced 2026-07-05 12:07:51 +02:00
Initial commit with strict idiomatic rust enforcement
This commit is contained in:
Binary file not shown.
@@ -0,0 +1,727 @@
|
||||
# Week 1: Introduction and Overview of Embedded Reverse Engineering: Ethics, Scoping, and Basic Concepts
|
||||
|
||||
## What You'll Learn This Week
|
||||
|
||||
By the end of this week, you will be able to:
|
||||
- Understand what a microcontroller is and how it works
|
||||
- Know the basic registers of the ARM Cortex-M33 processor
|
||||
- Understand memory layout (Flash vs RAM) and why it matters
|
||||
- Understand how the stack works in embedded systems
|
||||
- Set up and connect GDB to your Pico 2 for debugging
|
||||
- Use Ghidra for static analysis of your binary
|
||||
- Read basic ARM assembly instructions and understand what they do
|
||||
|
||||
---
|
||||
|
||||
## Part 1: Understanding the Basics
|
||||
|
||||
### What is a Microcontroller?
|
||||
|
||||
Think of a microcontroller as a tiny computer on a single chip. Just like your laptop has a processor, memory, and storage, a microcontroller has all of these packed into one small chip. The **RP2350** is the microcontroller chip that powers the **Raspberry Pi Pico 2**.
|
||||
|
||||
### What is the ARM Cortex-M33?
|
||||
|
||||
The RP2350 has two "brains" inside it - we call these **cores**. One brain uses ARM Cortex-M33 instructions, and the other can use RISC-V instructions. In this course, we'll focus on the **ARM Cortex-M33** core because it's more commonly used in the industry.
|
||||
|
||||
### What is Reverse Engineering?
|
||||
|
||||
Reverse engineering is like being a detective for code. Instead of writing code and compiling it, we take compiled code (the 1s and 0s that the computer actually runs) and figure out what it does. This is useful for:
|
||||
- Understanding how things work
|
||||
- Finding bugs or security issues
|
||||
- Learning how software interacts with hardware
|
||||
|
||||
---
|
||||
|
||||
## Part 2: Understanding Processor Registers
|
||||
|
||||
### What is a Register?
|
||||
|
||||
A **register** is like a tiny, super-fast storage box inside the processor. The processor uses registers to hold numbers while it's doing calculations. Think of them like the short-term memory your brain uses when doing math in your head.
|
||||
|
||||
### The ARM Cortex-M33 Registers
|
||||
|
||||
The ARM Cortex-M33 has several important registers:
|
||||
|
||||
| Register | Also Called | Purpose |
|
||||
| ------------ | -------------------- | ------------------------------------------- |
|
||||
| `r0` - `r12` | General Purpose | Store numbers, pass data between functions |
|
||||
| `r13` | SP (Stack Pointer) | Keeps track of where we are in the stack |
|
||||
| `r14` | LR (Link Register) | Remembers where to go back after a function |
|
||||
| `r15` | PC (Program Counter) | Points to the next instruction to run |
|
||||
|
||||
##### General Purpose Registers (`r0` - `r12`)
|
||||
|
||||
These 13 registers are your "scratch paper." When the processor needs to add two numbers, subtract, or do any calculation, it uses these registers to hold the values.
|
||||
|
||||
**Example:** If you want to add 5 + 3:
|
||||
1. Put 5 in `r0`
|
||||
2. Put 3 in `r1`
|
||||
3. Add them and store the result (8) in `r2`
|
||||
|
||||
##### The Stack Pointer (`r13` / SP)
|
||||
|
||||
The **stack** is a special area of memory that works like a stack of plates:
|
||||
- When you add something, you put it on top (called a **PUSH**)
|
||||
- When you remove something, you take it from the top (called a **POP**)
|
||||
|
||||
The Stack Pointer always points to the top of this stack. On ARM systems, the stack **grows downward** in memory. This means when you push something onto the stack, the address number gets smaller!
|
||||
|
||||
The two Arm ABI documents we verified give the formal proof for these rules. In AAPCS32, page 17 defines the core register roles used by the base procedure call standard: `r13` is `SP`, `r14` is `LR`, `r15` is `PC`, `r0`-`r3` are argument and scratch registers, and `r4`-`r11` are the longer-lived variable registers. In Advisory Note 132, page 7 states that `SP` must be aligned to a multiple of 8 at every conforming call site and must already be 8-byte aligned when control first enters conforming code. That is why compiler-generated prologues often push an even number of registers, such as `push {r3, lr}`, to preserve both saved state and the required ABI stack alignment.
|
||||
|
||||
```
|
||||
Higher Memory Address (0x20082000)
|
||||
+------------------+
|
||||
| | ↠Stack starts here (empty)
|
||||
+------------------+
|
||||
| Pushed Item 1 | ↠SP points here after 1 push
|
||||
+------------------+
|
||||
| Pushed Item 2 | ↠SP points here after 2 pushes
|
||||
+------------------+
|
||||
Lower Memory Address (0x20081FF8)
|
||||
```
|
||||
|
||||
##### The Link Register (`r14` / LR)
|
||||
|
||||
When you call a function, the processor needs to remember where to come back to. The Link Register stores this "return address."
|
||||
|
||||
**Example:**
|
||||
```
|
||||
main() calls print_hello()
|
||||
↓
|
||||
LR = address right after the call in main()
|
||||
↓
|
||||
print_hello() runs
|
||||
↓
|
||||
print_hello() finishes, looks at LR
|
||||
↓
|
||||
Jumps back to main() at the address stored in LR
|
||||
```
|
||||
|
||||
##### The Program Counter (`r15` / PC)
|
||||
|
||||
The Program Counter always points to the **next instruction** the processor will execute. It's like your finger following along as you read a book - it always points to where you are.
|
||||
|
||||
---
|
||||
|
||||
## Part 3: Understanding Memory Layout
|
||||
|
||||
### XIP - Execute In Place
|
||||
|
||||
The RP2350 uses something called **XIP (Execute In Place)**. This means the processor can run code directly from the flash memory (where your program is stored) without copying it to RAM first.
|
||||
|
||||
**Key Memory Address:** `0x10000000`
|
||||
|
||||
This is where your program code starts in flash memory. Remember this address - we'll use it a lot!
|
||||
|
||||
### Memory Map Overview
|
||||
|
||||
```
|
||||
+-------------------------------------+
|
||||
| Flash Memory (XIP) |
|
||||
| Starts at: 0x10000000 |
|
||||
| Contains: Your program code |
|
||||
+-------------------------------------+
|
||||
| RAM |
|
||||
| Starts at: 0x20000000 |
|
||||
| Contains: Stack, Heap, Variables |
|
||||
+-------------------------------------+
|
||||
```
|
||||
|
||||
### Stack vs Heap
|
||||
|
||||
| Stack | Heap |
|
||||
| ---------------------------------------- | ---------------------------------- |
|
||||
| Automatic memory management | Manual memory management |
|
||||
| Fast | Slower |
|
||||
| Limited size | More flexible size |
|
||||
| Used for function calls, local variables | Used for dynamic memory allocation |
|
||||
| Grows downward | Grows upward |
|
||||
|
||||
---
|
||||
|
||||
## Part 3.5: Reviewing Our Hello World Code
|
||||
|
||||
Before we start debugging, let's understand the code we'll be working with. Here's our `0x0001_hello-world.c` program:
|
||||
|
||||
```c
|
||||
#include <stdio.h>
|
||||
#include "pico/stdlib.h"
|
||||
|
||||
int main(void) {
|
||||
stdio_init_all();
|
||||
|
||||
while (true)
|
||||
printf("hello, world\r\n");
|
||||
}
|
||||
```
|
||||
|
||||
### Breaking Down the Code
|
||||
|
||||
##### The Includes
|
||||
|
||||
```c
|
||||
#include <stdio.h>
|
||||
#include "pico/stdlib.h"
|
||||
```
|
||||
|
||||
- **`<stdio.h>`** - This is the standard input/output library. It gives us access to the `printf()` function that lets us print text.
|
||||
- **`"pico/stdlib.h"`** - This is the Pico SDK's standard library. It provides essential functions for working with the Raspberry Pi Pico hardware.
|
||||
|
||||
##### The Main Function
|
||||
|
||||
```c
|
||||
int main(void) {
|
||||
```
|
||||
|
||||
Every C program starts running from the `main()` function. The `void` means it takes no arguments, and `int` means it returns an integer (though our program never actually returns).
|
||||
|
||||
##### Initializing Standard I/O
|
||||
|
||||
```c
|
||||
stdio_init_all();
|
||||
```
|
||||
|
||||
This function initializes all the standard I/O (input/output) for the Pico. It sets up:
|
||||
- **USB CDC** (so you can see output when connected to a computer via USB)
|
||||
- **UART** (serial communication pins)
|
||||
|
||||
Without this line, `printf()` wouldn't have anywhere to send its output!
|
||||
|
||||
##### The Infinite Loop
|
||||
|
||||
```c
|
||||
while (true)
|
||||
printf("hello, world\r\n");
|
||||
```
|
||||
|
||||
- **`while (true)`** - This creates an infinite loop. The program will keep running forever (or until you reset/power off the Pico).
|
||||
- **`printf("hello, world\r\n")`** - This prints the text "hello, world" followed by a carriage return (`\r`) and newline (`\n`).
|
||||
|
||||
> Tip: **Why `\r\n` instead of just `\n`?**
|
||||
>
|
||||
> In embedded systems, we often use both carriage return (`\r`) and newline (`\n`) together. The `\r` moves the cursor back to the beginning of the line, and `\n` moves to the next line. This ensures proper display across different terminal programs.
|
||||
|
||||
### What Happens When This Runs?
|
||||
|
||||
1. **Power on** - The Pico boots up and starts executing code from flash memory
|
||||
2. **`stdio_init_all()`** - Sets up USB and/or UART for communication
|
||||
3. **Infinite loop begins** - The program enters the `while(true)` loop
|
||||
4. **Print forever** - "hello, world" is sent over and over as fast as possible
|
||||
|
||||
### Why This Code is Perfect for Learning
|
||||
|
||||
This simple program is ideal for reverse engineering practice because:
|
||||
- It has a clear, recognizable function call (`printf`)
|
||||
- It has an infinite loop we can observe
|
||||
- It's small enough to understand completely
|
||||
- It demonstrates real hardware interaction (USB/UART output)
|
||||
|
||||
When we debug this code, we'll be able to see how the C code translates to ARM assembly instructions!
|
||||
|
||||
### Compiling and Flashing to the Pico 2
|
||||
|
||||
Now that we understand the code, let's get it running on our hardware:
|
||||
|
||||
##### Step 1: Compile the Code
|
||||
|
||||
In VS Code, look for the **Compile** button in the status bar at the bottom of the window. This is provided by the Raspberry Pi Pico extension. Click it to compile your project.
|
||||
|
||||
The extension will run CMake and build your code, creating a `.uf2` file that can be loaded onto the Pico 2.
|
||||
|
||||
##### Step 2: Put the Pico 2 in Flash Loading Mode
|
||||
|
||||
To flash new code to your Pico 2, you need to put it into **BOOTSEL mode**:
|
||||
|
||||
1. **Press and hold** the right-most button on your breadboard (the BOOTSEL button)
|
||||
2. **While holding BOOTSEL**, press the white **Reset** button
|
||||
3. **Release the Reset button** first
|
||||
4. **Then release the BOOTSEL button**
|
||||
|
||||
When done correctly, your Pico 2 will appear as a USB mass storage device (like a flash drive) on your computer. This means it's ready to receive new firmware!
|
||||
|
||||
> Tip: **Tip:** You'll see a drive called "RP2350" appear in your file explorer when the Pico 2 is in flash loading mode.
|
||||
|
||||
##### Step 3: Flash and Run
|
||||
|
||||
Back in VS Code, click the **Run** button in the status bar. The extension will:
|
||||
1. Copy the compiled `.uf2` file to the Pico 2
|
||||
2. The Pico 2 will automatically reboot and start running your code
|
||||
|
||||
Once flashed, your Pico 2 will immediately start executing the hello-world program, printing "hello, world" continuously when we open PuTTY!
|
||||
|
||||
---
|
||||
|
||||
## Part 4: Dynamic Analysis with GDB
|
||||
|
||||
### Prerequisites
|
||||
|
||||
Before we start, make sure you have:
|
||||
1. A Raspberry Pi Pico 2 board
|
||||
2. GDB (GNU Debugger) installed
|
||||
3. OpenOCD or another debug probe connection
|
||||
4. The sample "hello-world" binary loaded on your Pico 2
|
||||
|
||||
### Connecting to Your Pico 2 with OpenOCD
|
||||
|
||||
Open a terminal and start OpenOCD:
|
||||
|
||||
```powershell
|
||||
openocd -s "$env:USERPROFILE\.pico-sdk\openocd\0.12.0+dev\scripts" -f interface/cmsis-dap.cfg -f target/rp2350.cfg -c "adapter speed 5000"
|
||||
```
|
||||
|
||||
### Connecting to Your Pico 2 with GDB
|
||||
|
||||
Open another terminal and start GDB with your binary:
|
||||
|
||||
```cmd
|
||||
arm-none-eabi-gdb build\0x0001_hello-world.elf
|
||||
```
|
||||
|
||||
Connect to your target:
|
||||
|
||||
```cmd
|
||||
(gdb) target extended-remote :3333
|
||||
(gdb) monitor reset halt
|
||||
```
|
||||
|
||||
### Basic GDB Commands: Your First Steps
|
||||
|
||||
Now that we're connected, let's learn three essential GDB commands that you'll use constantly in embedded reverse engineering.
|
||||
|
||||
##### Setting a Breakpoint with `b main`
|
||||
|
||||
A **breakpoint** tells the debugger to pause execution when it reaches a specific point. Let's set one at our `main` function:
|
||||
|
||||
```gdb
|
||||
(gdb) b main
|
||||
Breakpoint 1 at 0x10000234: file ../0x0001_hello-world.c, line 5.
|
||||
```
|
||||
|
||||
**What this tells us:**
|
||||
- GDB found our `main` function
|
||||
- It's located at address `0x10000234` in flash memory
|
||||
- The source file and line number are shown (because we have debug symbols)
|
||||
|
||||
Now let's run to that breakpoint:
|
||||
|
||||
```gdb
|
||||
(gdb) c
|
||||
Continuing.
|
||||
|
||||
Breakpoint 1, main () at ../0x0001_hello-world.c:5
|
||||
5 stdio_init_all();
|
||||
```
|
||||
|
||||
The program has stopped right at the beginning of `main`!
|
||||
|
||||
##### Disassembling with `disas`
|
||||
|
||||
The `disas` (disassemble) command shows us the assembly instructions for the current function:
|
||||
|
||||
```gdb
|
||||
(gdb) disas
|
||||
Dump of assembler code for function main:
|
||||
=> 0x10000234 <+0>: push {r3, lr}
|
||||
0x10000236 <+2>: bl 0x1000156c <stdio_init_all>
|
||||
0x1000023a <+6>: ldr r0, [pc, #8] @ (0x10000244 <main+16>)
|
||||
0x1000023c <+8>: bl 0x100015fc <__wrap_puts>
|
||||
0x10000240 <+12>: b.n 0x1000023a <main+6>
|
||||
0x10000242 <+14>: nop
|
||||
0x10000244 <+16>: adds r4, r1, r7
|
||||
0x10000246 <+18>: asrs r0, r0, #32
|
||||
End of assembler dump.
|
||||
```
|
||||
|
||||
**Understanding the output:**
|
||||
- The `=>` arrow shows where we're currently stopped
|
||||
- Each line shows: `address <offset>: instruction operands`
|
||||
- We can see the calls to `stdio_init_all` and `__wrap_puts` (printf was optimized to puts)
|
||||
- The `b.n 0x1000023a` at the end is our infinite loop - it jumps back to reload the string!
|
||||
|
||||
##### Viewing ELF Sections with `info files` and `maintenance info sections`
|
||||
|
||||
To see how the ELF is laid out in memory, use:
|
||||
|
||||
```gdb
|
||||
(gdb) info files
|
||||
Symbols from "C:\Users\flare-vm\Desktop\Embedded-Hacking-main\0x0001_hello-world\build\0x0001_hello-world.elf".
|
||||
Extended remote target using gdb-specific protocol:
|
||||
`C:\Users\flare-vm\Desktop\Embedded-Hacking-main\0x0001_hello-world\build\0x0001_hello-world.elf', file type elf32-littlearm.
|
||||
Entry point: 0x1000014c
|
||||
0x10000000 - 0x100019cc is .text
|
||||
0x100019cc - 0x10001b18 is .rodata
|
||||
0x10001b18 - 0x10001b20 is .ARM.exidx
|
||||
0x10001b20 - 0x10001b4c is .binary_info
|
||||
0x20000000 - 0x20000110 is .ram_vector_table
|
||||
0x20000110 - 0x200002ac is .data
|
||||
0x200002ac - 0x200002ac is .tdata
|
||||
0x200002ac - 0x200002ac is .tbss
|
||||
0x200002b0 - 0x200004d8 is .bss
|
||||
0x200004d8 - 0x20000cd8 is .heap
|
||||
0x20081000 - 0x20081800 is .stack_dummy
|
||||
0x10001ce8 - 0x10001cfc is .flash_end
|
||||
While running this, GDB does not access memory from...
|
||||
Local exec file:
|
||||
`C:\Users\flare-vm\Desktop\Embedded-Hacking-main\0x0001_hello-world\build\0x0001_hello-world.elf', file type elf32-littlearm.
|
||||
Entry point: 0x1000014c
|
||||
0x10000000 - 0x100019cc is .text
|
||||
0x100019cc - 0x10001b18 is .rodata
|
||||
0x10001b18 - 0x10001b20 is .ARM.exidx
|
||||
0x10001b20 - 0x10001b4c is .binary_info
|
||||
0x20000000 - 0x20000110 is .ram_vector_table
|
||||
0x20000110 - 0x200002ac is .data
|
||||
0x200002ac - 0x200002ac is .tdata
|
||||
0x200002ac - 0x200002ac is .tbss
|
||||
0x200002b0 - 0x200004d8 is .bss
|
||||
0x200004d8 - 0x20000cd8 is .heap
|
||||
0x20081000 - 0x20081800 is .stack_dummy
|
||||
0x10001ce8 - 0x10001cfc is .flash_end
|
||||
(gdb) maintenance info sections
|
||||
Exec file: `C:\Users\flare-vm\Desktop\Embedded-Hacking-main\0x0001_hello-world\build\0x0001_hello-world.elf', file type elf32-littlearm.
|
||||
[0] 0x10000000->0x100019cc at 0x00001000: .text ALLOC LOAD READONLY CODE HAS_CONTENTS
|
||||
[1] 0x100019cc->0x10001b18 at 0x000029cc: .rodata ALLOC LOAD READONLY DATA HAS_CONTENTS
|
||||
[2] 0x10001b18->0x10001b20 at 0x00002b18: .ARM.exidx ALLOC LOAD READONLY DATA HAS_CONTENTS
|
||||
[3] 0x10001b20->0x10001b4c at 0x00002b20: .binary_info ALLOC LOAD READONLY DATA HAS_CONTENTS
|
||||
[4] 0x20000000->0x20000110 at 0x00004000: .ram_vector_table ALLOC
|
||||
[5] 0x20000110->0x20000110 at 0x00003cfc: .uninitialized_data HAS_CONTENTS
|
||||
[6] 0x20000110->0x200002ac at 0x00003110: .data ALLOC LOAD READONLY CODE HAS_CONTENTS
|
||||
[7] 0x200002ac->0x200002ac at 0x00003cfc: .tdata ALLOC LOAD DATA HAS_CONTENTS
|
||||
[8] 0x200002ac->0x200002ac at 0x00000000: .tbss ALLOC
|
||||
[9] 0x200002b0->0x200004d8 at 0x000042b0: .bss ALLOC
|
||||
[10] 0x200004d8->0x20000cd8 at 0x000044d8: .heap ALLOC READONLY
|
||||
[11] 0x20080000->0x20080000 at 0x00003cfc: .scratch_x HAS_CONTENTS
|
||||
[12] 0x20081000->0x20081000 at 0x00003cfc: .scratch_y HAS_CONTENTS
|
||||
[13] 0x20081000->0x20081800 at 0x00004000: .stack_dummy ALLOC READONLY
|
||||
[14] 0x10001ce8->0x10001cfc at 0x00003ce8: .flash_end ALLOC LOAD READONLY DATA HAS_CONTENTS
|
||||
[15] 0x0000->0x0034 at 0x00003cfc: .ARM.attributes READONLY HAS_CONTENTS
|
||||
[16] 0x0000->0x0045 at 0x00003d30: .comment READONLY HAS_CONTENTS
|
||||
[17] 0x0000->0x2069a at 0x00003d75: .debug_info READONLY HAS_CONTENTS
|
||||
[18] 0x0000->0x54ff at 0x0002440f: .debug_abbrev READONLY HAS_CONTENTS
|
||||
[19] 0x0000->0x0af0 at 0x00029910: .debug_aranges READONLY HAS_CONTENTS
|
||||
[20] 0x0000->0x2f86 at 0x0002a400: .debug_rnglists READONLY HAS_CONTENTS
|
||||
[21] 0x0000->0x15526 at 0x0002d386: .debug_line READONLY HAS_CONTENTS
|
||||
[22] 0x0000->0x56a7 at 0x000428ac: .debug_str READONLY HAS_CONTENTS
|
||||
[23] 0x0000->0x1ed4 at 0x00047f54: .debug_frame READONLY HAS_CONTENTS
|
||||
[24] 0x0000->0xffd1 at 0x00049e28: .debug_loclists READONLY HAS_CONTENTS
|
||||
[25] 0x0000->0x0178 at 0x00059df9: .debug_line_str READONLY HAS_CONTENTS
|
||||
```
|
||||
|
||||
**What each section means:**
|
||||
|
||||
| Section | Purpose |
|
||||
| ------- | ------- |
|
||||
| `.text` | Executable machine code (your functions/instructions). |
|
||||
| `.rodata` | Read-only constants (strings like `"hello, world"`, lookup tables, const data). |
|
||||
| `.ARM.exidx` | ARM exception unwind index used for stack unwinding/backtraces. |
|
||||
| `.binary_info` | Pico metadata used by tools (program identity/build information). |
|
||||
| `.ram_vector_table` | Interrupt vector table copied/placed in RAM for runtime use. |
|
||||
| `.uninitialized_data` | Deliberately non-zeroed RAM region that can survive certain reset paths. |
|
||||
| `.data` | Initialized global/static variables in RAM (initial values come from flash). |
|
||||
| `.tdata` | Initialized thread-local storage data (often empty in simple bare-metal apps). |
|
||||
| `.tbss` | Zero-initialized thread-local storage (often empty). |
|
||||
| `.bss` | Zero-initialized global/static variables in RAM. |
|
||||
| `.heap` | Heap allocation region (`malloc/new`) reserved in RAM. |
|
||||
| `.scratch_x` | RP2 scratch RAM bank X section (core-local/low-contention placement). |
|
||||
| `.scratch_y` | RP2 scratch RAM bank Y section (core-local/low-contention placement). |
|
||||
| `.stack_dummy` | Linker-reserved stack range marker used to size/place the stack. |
|
||||
| `.flash_end` | Marker/metadata near the logical end of flash image region. |
|
||||
| `.ARM.attributes` | ARM build attributes (ABI/architecture metadata for tools/linkers). |
|
||||
| `.comment` | Compiler/build comment strings (toolchain identification). |
|
||||
| `.debug_info` | Main DWARF debug database (types, variables, symbols, scopes). |
|
||||
| `.debug_abbrev` | Abbreviation table referenced by `.debug_info`. |
|
||||
| `.debug_aranges` | Address-to-compilation-unit lookup acceleration data. |
|
||||
| `.debug_rnglists` | DWARF range lists for non-contiguous code/data ranges. |
|
||||
| `.debug_line` | Address-to-source-line mapping used for stepping/breakpoints. |
|
||||
| `.debug_str` | Shared string pool used by DWARF debug sections. |
|
||||
| `.debug_frame` | Call frame information used for unwinding stack frames. |
|
||||
| `.debug_loclists` | Variable location lists (where variables live over PC ranges). |
|
||||
| `.debug_line_str` | Extra string pool used by `.debug_line` data. |
|
||||
|
||||
> Tip: **Practical rule:** For reverse engineering runtime behavior, focus first on `.text`, `.rodata`, `.data`, `.bss`, heap/stack regions, and the vector table. Debug sections are for source-level mapping and symbol intelligence.
|
||||
|
||||
**Fast interpretation checklist (use this every time):**
|
||||
|
||||
1. **Find where code executes**: Verify `.text` starts at `0x10000000` (XIP flash) and note its end.
|
||||
2. **Find immutable constants**: Use `.rodata` for strings/tables; cross-reference these addresses in disassembly.
|
||||
3. **Find initialized RAM state**: `.data` lives in RAM at runtime, but its initial bytes come from flash.
|
||||
4. **Find zeroed runtime state**: `.bss` is RAM that startup code clears to zero before `main`.
|
||||
5. **Find interrupt control point**: Confirm `.ram_vector_table` location for exception/IRQ handler mapping.
|
||||
6. **Bound dynamic memory**: Note `.heap` range so you can classify allocator activity vs static data.
|
||||
7. **Bound call-stack activity**: Use `.stack_dummy` as linker stack reservation, then track live stack with `$sp`.
|
||||
8. **Separate runtime vs debug-only sections**: `.debug_*`, `.comment`, and `.ARM.attributes` help tooling, not execution.
|
||||
9. **Correlate any suspicious address quickly**: Flash/XIP (`0x100...`) usually code/const; SRAM (`0x200...`) usually data/stack/heap.
|
||||
10. **Validate in memory**: After identifying a section, inspect it with `x` in GDB to confirm actual bytes/instructions.
|
||||
|
||||
##### Viewing Registers with `i r`
|
||||
|
||||
The `i r` (info registers) command shows the current state of all CPU registers:
|
||||
|
||||
```gdb
|
||||
(gdb) i r
|
||||
r0 0x0 0
|
||||
r1 0x10000235 268436021
|
||||
r2 0x80808080 -2139062144
|
||||
r3 0xe000ed08 -536810232
|
||||
r4 0x100001d0 268435920
|
||||
r5 0x88526891 -2007865199
|
||||
r6 0x4f54710 83183376
|
||||
r7 0x400e0014 1074659348
|
||||
r8 0x43280035 1126694965
|
||||
r9 0x0 0
|
||||
r10 0x10000000 268435456
|
||||
r11 0x62707361 1651536737
|
||||
r12 0xed07f600 -318245376
|
||||
sp 0x20082000 0x20082000
|
||||
lr 0x1000018f 268435855
|
||||
pc 0x10000234 0x10000234 <main>
|
||||
xpsr 0x69000000 1761607680
|
||||
```
|
||||
|
||||
**Key registers to watch:**
|
||||
| Register | Value | Meaning |
|
||||
| -------- | ------------ | ----------------------------------------------- |
|
||||
| `pc` | `0x10000234` | Program Counter - we're at the start of `main` |
|
||||
| `sp` | `0x20081fc8` | Stack Pointer - top of our stack in RAM |
|
||||
| `lr` | `0x100002d5` | Link Register - where we return after `main` |
|
||||
| `r0-r3` | Various | Will hold function arguments and return values |
|
||||
|
||||
> Tip: **Tip:** You can also use `i r pc sp lr` to show only specific registers you care about.
|
||||
|
||||
### Quick Reference: Essential GDB Commands
|
||||
|
||||
| Command | Short Form | What It Does |
|
||||
| --------------------- | ---------- | ------------------------------------ |
|
||||
| `break main` | `b main` | Set a breakpoint at main |
|
||||
| `continue` | `c` | Continue execution until breakpoint |
|
||||
| `disassemble` | `disas` | Show assembly for current function |
|
||||
| `info registers` | `i r` | Show all register values |
|
||||
| `stepi` | `si` | Execute one assembly instruction |
|
||||
| `nexti` | `ni` | Execute one instruction (skip calls) |
|
||||
| `x/10i $pc` | | Examine 10 instructions at PC |
|
||||
| `monitor reset halt` | | Reset the target and halt |
|
||||
|
||||
### Watching the Stack Change After `push {r3, lr}`
|
||||
|
||||
The first instruction in `main` is `push {r3, lr}`. Before we step it, `SP` is `0x20082000`. After a single `si`, `SP` becomes `0x20081ff8`, which tells us the processor reserved 8 bytes on the stack for two 32-bit values. The first word at the new top of stack is `0xe000ed08`, which is the old value of `r3`, and the second word is `0x1000018f`, which is the saved `lr` return address. This matches the ABI rule we discussed earlier: the compiler pushes an even number of registers so the stack stays 8-byte aligned at the next call site before `stdio_init_all()` runs.
|
||||
|
||||
Notice the difference between inspecting memory at `$sp` and inspecting `$lr`. `x/4x $sp` is enough here to show the relevant stack words in RAM, while `x/x $lr` shows the instruction word stored at the flash address held in the link register. In other words, `$sp` points to saved data on the stack, but `$lr` points to code that execution will return to later.
|
||||
|
||||
```gdb
|
||||
(gdb) x/x $sp
|
||||
0x20082000: 0x00000000
|
||||
(gdb) si
|
||||
0x10000236 5 stdio_init_all();
|
||||
|
||||
(gdb) x/x $sp
|
||||
0x20081ff8: 0xe000ed08
|
||||
(gdb) x/4x $sp
|
||||
0x20081ff8: 0xe000ed08 0x1000018f 0x00000000 0x00000000
|
||||
(gdb) x/x $lr
|
||||
0x1000018f <platform_entry+8>: 0x00478849
|
||||
```
|
||||
|
||||
> Tip: **What's Next?** In Week 2, we'll put these GDB commands to work with hands-on debugging exercises! We'll step through code, examine the stack, watch registers change, and ultimately use these skills to modify a running program. The commands you learned here are the foundation for everything that follows.
|
||||
|
||||
---
|
||||
|
||||
## Part 5: Static Analysis with Ghidra
|
||||
|
||||
### Setting Up Your First Ghidra Project
|
||||
|
||||
Before we dive into GDB debugging, let's set up Ghidra to analyze our hello-world binary. Ghidra is a powerful reverse engineering tool that will help us visualize the disassembly and decompiled code.
|
||||
|
||||
##### Step 1: Create a New Project
|
||||
|
||||
1. Launch Ghidra
|
||||
2. A window will appear - select **File -> New Project**
|
||||
3. Choose **Non-Shared Project** and click **Next**
|
||||
4. Enter the Project Name: `0x0001_hello-world`
|
||||
5. Click **Finish**
|
||||
|
||||
##### Step 2: Import the Binary
|
||||
|
||||
1. Open your file explorer and navigate to the `Embedded-Hacking` folder
|
||||
2. **Drag and drop** the `0x0001_hello-world.elf` file into the folder panel within the Ghidra application
|
||||
|
||||
##### Step 3: Understand the Import Dialog
|
||||
|
||||
In the small window that appears, you will see the file identified as an **ELF** (Executable and Linkable Format).
|
||||
|
||||
> Tip: **What is an ELF file?**
|
||||
>
|
||||
> ELF stands for **Executable and Linkable Format**. This format includes **symbols** - human-readable names for functions and variables. These symbols make reverse engineering much easier because you can see function names like `main` and `printf` instead of just memory addresses.
|
||||
>
|
||||
> In future weeks, we will work with **stripped binaries** (`.bin` files) that do not contain these symbols. This is more realistic for real-world reverse engineering scenarios where symbols have been removed to make analysis harder.
|
||||
|
||||
3. Click **Ok** to import the file
|
||||
4. **Double-click** on the file within the project window to open it in the CodeBrowser
|
||||
|
||||
##### Step 4: Auto-Analyze the Binary
|
||||
|
||||
When prompted, click **Yes** to auto-analyze the binary. Accept the default analysis options and click **Analyze**.
|
||||
|
||||
Ghidra will now process the binary, identifying functions, strings, and cross-references. This may take a moment.
|
||||
|
||||
### Reviewing the Main Function in Ghidra
|
||||
|
||||
Once analysis is complete, let's find our `main` function:
|
||||
|
||||
1. In the **Symbol Tree** panel on the left, expand **Functions**
|
||||
2. Look for `main` in the list (you can also use **Search -> For Address or Label** and type "main")
|
||||
3. Click on `main` to navigate to it
|
||||
|
||||
##### What You'll See
|
||||
|
||||
Ghidra shows you two views of the code:
|
||||
|
||||
**Listing View (Center Panel)** - The disassembled ARM assembly:
|
||||
```
|
||||
*************************************************************
|
||||
* FUNCTION
|
||||
*************************************************************
|
||||
int main (void )
|
||||
assume LRset = 0x0
|
||||
assume TMode = 0x1
|
||||
int r0:4 <RETURN>
|
||||
main XREF[3]: Entry Point (*) ,
|
||||
_reset_handler:1000018c (c) ,
|
||||
.debug_frame::00000018 (*)
|
||||
0x0001_hello-world.c:4 (2)
|
||||
0x0001_hello-world.c:5 (2)
|
||||
10000234 08 b5 push {r3,lr}
|
||||
0x0001_hello-world.c:5 (4)
|
||||
10000236 01 f0 99 f9 bl stdio_init_all _Bool stdio_init_all(void)
|
||||
LAB_1000023a XREF[1]: 10000240 (j)
|
||||
0x0001_hello-world.c:7 (6)
|
||||
0x0001_hello-world.c:8 (6)
|
||||
1000023a 02 48 ldr r0=>__EH_FRAME_BEGIN__ ,[DAT_10000244 ] = "hello, world\r"
|
||||
= 100019CCh
|
||||
1000023c 01 f0 de f9 bl __wrap_puts int __wrap_puts(char * s)
|
||||
0x0001_hello-world.c:7 (8)
|
||||
10000240 fb e7 b LAB_1000023a
|
||||
10000242 00 ?? 00h
|
||||
10000243 bf ?? BFh
|
||||
DAT_10000244 XREF[1]: main:1000023a (R)
|
||||
10000244 cc 19 00 10 undefine 100019CCh ? -> 100019cc
|
||||
|
||||
```
|
||||
|
||||
**Decompile View (Right Panel)** - The reconstructed C code:
|
||||
```c
|
||||
int main(void)
|
||||
|
||||
{
|
||||
stdio_init_all();
|
||||
do {
|
||||
__wrap_puts("hello, world\r");
|
||||
} while( true );
|
||||
}
|
||||
```
|
||||
|
||||
> **Notice how Ghidra reconstructed our original C code!** The decompiler recognized the infinite loop and the `puts` call (the compiler optimized `printf` to `puts` since we're just printing a simple string).
|
||||
|
||||
##### Why We Start with .elf Files
|
||||
|
||||
We're using the `.elf` file because it contains symbols that help us learn:
|
||||
- Function names are visible (`main`, `stdio_init_all`, `puts`)
|
||||
- Variable names may be preserved
|
||||
- The structure of the code is easier to understand
|
||||
|
||||
In future weeks, we'll work with `.bin` files that have been stripped of symbols. This will teach you how to identify functions and understand code when you don't have these helpful hints!
|
||||
|
||||
---
|
||||
|
||||
## Part 6: Summary and Review
|
||||
|
||||
### What We Learned
|
||||
|
||||
1. **Registers**: The ARM Cortex-M33 has 13 general-purpose registers (`r0`-`r12`), plus special registers for the stack pointer (`r13`/SP), link register (`r14`/LR), and program counter (`r15`/PC).
|
||||
|
||||
2. **The Stack**:
|
||||
- Grows downward in memory
|
||||
- PUSH adds items (SP decreases)
|
||||
- POP removes items (SP increases)
|
||||
- Used to save return addresses and register values
|
||||
|
||||
3. **Memory Layout**:
|
||||
- Code lives in flash memory starting at `0x10000000`
|
||||
- Stack lives in RAM around `0x20080000`
|
||||
|
||||
4. **GDB Basics**: We learned the essential commands for connecting to hardware and examining code:
|
||||
|
||||
| Command | What It Does |
|
||||
| --------------------- | -------------------------------------- |
|
||||
| `target extended-remote :3333` | Connect to OpenOCD debug server |
|
||||
| `monitor reset halt` | Reset and halt the processor |
|
||||
| `b main` | Set breakpoint at main function |
|
||||
| `c` | Continue running until breakpoint |
|
||||
| `disas` | Disassemble current function |
|
||||
| `i r` | Show all register values |
|
||||
|
||||
5. **Ghidra Static Analysis**: We set up a Ghidra project and analyzed our binary:
|
||||
- Imported the ELF file with symbols
|
||||
- Found the `main` function
|
||||
- Saw the decompiled C code
|
||||
- Understood how assembly maps to C
|
||||
|
||||
6. **Little-Endian**: The RP2350 stores multi-byte values with the least significant byte at the lowest address, making them appear "backwards" when viewed as a single value.
|
||||
|
||||
### The Program Flow
|
||||
|
||||
```
|
||||
+-----------------------------------------------------+
|
||||
| 1. push {r3, lr} |
|
||||
| Save registers to stack |
|
||||
+-----------------------------------------------------+
|
||||
| 2. bl stdio_init_all |
|
||||
| Initialize standard I/O |
|
||||
+-----------------------------------------------------+
|
||||
| 3. ldr r0, [pc, #8] ----------------+ |
|
||||
| Load address of "hello, world" into r0| |
|
||||
+-----------------------------------------------------+
|
||||
| 4. bl __wrap_puts | |
|
||||
| Print the string | |
|
||||
+-----------------------------------------------------+
|
||||
| 5. b.n (back to step 3) ----------------+ |
|
||||
| Infinite loop! |
|
||||
+-----------------------------------------------------+
|
||||
```
|
||||
|
||||
---
|
||||
|
||||
> **Note:** The detailed hands-on GDB debugging (stepping through code, watching the stack, examining memory) will be covered in Week 2!
|
||||
|
||||
---
|
||||
|
||||
## Key Takeaways
|
||||
|
||||
1. **Reverse engineering combines static and dynamic analysis** - we look at the code (static with Ghidra) and run it to see what happens (dynamic with GDB).
|
||||
|
||||
2. **The stack is fundamental** - understanding how push/pop work is essential for following function calls.
|
||||
|
||||
3. **GDB and Ghidra work together** - Ghidra helps you understand the big picture, GDB lets you watch it happen live.
|
||||
|
||||
4. **Assembly isn't scary** - each instruction does one simple thing. Put them together and you understand the whole program!
|
||||
|
||||
5. **Everything is just numbers** - whether it's code, data, or addresses, it's all stored as numbers in memory.
|
||||
|
||||
---
|
||||
|
||||
## Glossary
|
||||
|
||||
| Term | Definition |
|
||||
| ------------------- | --------------------------------------------------------- |
|
||||
| **Assembly** | Human-readable representation of machine code |
|
||||
| **Breakpoint** | A marker that tells the debugger to pause execution |
|
||||
| **GDB** | GNU Debugger - a tool for examining running programs |
|
||||
| **Hex/Hexadecimal** | Base-16 number system (0-9, A-F) |
|
||||
| **Little-Endian** | Storing the least significant byte at the lowest address |
|
||||
| **Microcontroller** | A small computer on a single chip |
|
||||
| **Program Counter** | Register that points to the next instruction |
|
||||
| **Register** | Fast storage inside the processor |
|
||||
| **Stack** | Memory region for temporary storage during function calls |
|
||||
| **Stack Pointer** | Register that points to the top of the stack |
|
||||
| **XIP** | Execute In Place - running code directly from flash |
|
||||
|
||||
|
||||
|
||||
@@ -0,0 +1,79 @@
|
||||
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1200 800">
|
||||
<style>
|
||||
.bg{fill:#0a0a0f}.pnl{fill:#12121a;stroke:#1a1a2e}.hdr{fill:#12121a}
|
||||
.title{font:bold 42px 'Courier New',monospace;fill:#00ff41}
|
||||
.sub{font:bold 28px 'Courier New',monospace;fill:#00d4ff}
|
||||
.txt{font:24px 'Courier New',monospace;fill:#c0c0c0}
|
||||
.dim{font:20px 'Courier New',monospace;fill:#888}
|
||||
.grn{font:bold 24px 'Courier New',monospace;fill:#00ff41}
|
||||
.red{font:bold 24px 'Courier New',monospace;fill:#ff0040}
|
||||
.cyn{font:bold 24px 'Courier New',monospace;fill:#00d4ff}
|
||||
.amb{font:bold 24px 'Courier New',monospace;fill:#ffaa00}
|
||||
.badge{stroke:#00ff41;rx:14}
|
||||
</style>
|
||||
<rect class="bg" width="1200" height="800"/>
|
||||
|
||||
<!-- Background grid decoration -->
|
||||
<g opacity="0.06">
|
||||
<line x1="0" y1="100" x2="1200" y2="100" stroke="#00ff41" stroke-width="1"/>
|
||||
<line x1="0" y1="200" x2="1200" y2="200" stroke="#00ff41" stroke-width="1"/>
|
||||
<line x1="0" y1="300" x2="1200" y2="300" stroke="#00ff41" stroke-width="1"/>
|
||||
<line x1="0" y1="400" x2="1200" y2="400" stroke="#00ff41" stroke-width="1"/>
|
||||
<line x1="0" y1="500" x2="1200" y2="500" stroke="#00ff41" stroke-width="1"/>
|
||||
<line x1="0" y1="600" x2="1200" y2="600" stroke="#00ff41" stroke-width="1"/>
|
||||
<line x1="0" y1="700" x2="1200" y2="700" stroke="#00ff41" stroke-width="1"/>
|
||||
<line x1="200" y1="0" x2="200" y2="800" stroke="#00ff41" stroke-width="1"/>
|
||||
<line x1="400" y1="0" x2="400" y2="800" stroke="#00ff41" stroke-width="1"/>
|
||||
<line x1="600" y1="0" x2="600" y2="800" stroke="#00ff41" stroke-width="1"/>
|
||||
<line x1="800" y1="0" x2="800" y2="800" stroke="#00ff41" stroke-width="1"/>
|
||||
<line x1="1000" y1="0" x2="1000" y2="800" stroke="#00ff41" stroke-width="1"/>
|
||||
</g>
|
||||
|
||||
<!-- Hex rain decoration -->
|
||||
<g opacity="0.04" font-family="'Courier New',monospace" font-size="14" fill="#00ff41">
|
||||
<text x="50" y="80">4F 70 65 6E 4F 43 44</text>
|
||||
<text x="900" y="120">10 00 02 34 08 B5 01</text>
|
||||
<text x="150" y="180">47 44 42 20 52 45 56</text>
|
||||
<text x="800" y="240">20 08 20 00 FF AA 00</text>
|
||||
<text x="80" y="350">52 50 32 33 35 30 00</text>
|
||||
<text x="950" y="380">0A 0A 0F 12 12 1A 1A</text>
|
||||
<text x="100" y="520">41 52 4D 76 38 2D 4D</text>
|
||||
<text x="870" y="560">00 FF 41 00 D4 FF 88</text>
|
||||
<text x="60" y="680">47 48 49 44 52 41 00</text>
|
||||
<text x="920" y="720">FF 00 40 C0 C0 C0 00</text>
|
||||
</g>
|
||||
|
||||
<!-- Corner accents -->
|
||||
<polyline points="30,30 30,80 80,80" fill="none" stroke="#00ff41" stroke-width="2" opacity="0.3"/>
|
||||
<polyline points="1170,30 1170,80 1120,80" fill="none" stroke="#00ff41" stroke-width="2" opacity="0.3"/>
|
||||
<polyline points="30,770 30,720 80,720" fill="none" stroke="#00ff41" stroke-width="2" opacity="0.3"/>
|
||||
<polyline points="1170,770 1170,720 1120,720" fill="none" stroke="#00ff41" stroke-width="2" opacity="0.3"/>
|
||||
|
||||
<!-- Top accent line -->
|
||||
<rect x="100" y="140" width="1000" height="2" fill="#00ff41" opacity="0.4"/>
|
||||
|
||||
<!-- Course Title -->
|
||||
<text x="600" y="210" text-anchor="middle" font-family="'Courier New',monospace" font-size="56" font-weight="bold" fill="#00ff41">Embedded Systems</text>
|
||||
<text x="600" y="278" text-anchor="middle" font-family="'Courier New',monospace" font-size="56" font-weight="bold" fill="#00ff41">Reverse Engineering</text>
|
||||
|
||||
<!-- Divider -->
|
||||
<rect x="300" y="310" width="600" height="2" fill="#00d4ff" opacity="0.6"/>
|
||||
|
||||
<!-- Week Number -->
|
||||
<text x="600" y="380" text-anchor="middle" font-family="'Courier New',monospace" font-size="42" font-weight="bold" fill="#00d4ff">// WEEK 01</text>
|
||||
|
||||
<!-- Week Topic -->
|
||||
<text x="600" y="440" text-anchor="middle" font-family="'Courier New',monospace" font-size="28" fill="#c0c0c0">Introduction and Overview of</text>
|
||||
<text x="600" y="478" text-anchor="middle" font-family="'Courier New',monospace" font-size="28" fill="#c0c0c0">Embedded Reverse Engineering:</text>
|
||||
<text x="600" y="516" text-anchor="middle" font-family="'Courier New',monospace" font-size="28" fill="#c0c0c0">Ethics, Scoping, and Basic Concepts</text>
|
||||
|
||||
<!-- Bottom accent line -->
|
||||
<rect x="100" y="570" width="1000" height="2" fill="#00ff41" opacity="0.4"/>
|
||||
|
||||
<!-- University -->
|
||||
<text x="600" y="635" text-anchor="middle" font-family="'Courier New',monospace" font-size="36" font-weight="bold" fill="#ffaa00">George Mason University</text>
|
||||
|
||||
<!-- Bottom badge -->
|
||||
<rect x="400" y="670" width="400" height="40" rx="20" fill="none" stroke="#00ff41" stroke-width="1.5" opacity="0.5"/>
|
||||
<text x="600" y="697" text-anchor="middle" font-family="'Courier New',monospace" font-size="20" fill="#00ff41" opacity="0.7">RP2350 // ARM Cortex-M33</text>
|
||||
</svg>
|
||||
|
After Width: | Height: | Size: 4.4 KiB |
@@ -0,0 +1,112 @@
|
||||
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1200 800">
|
||||
<style>
|
||||
.bg{fill:#0a0a0f}.pnl{fill:#12121a;stroke:#1a1a2e}.hdr{fill:#12121a}
|
||||
.title{font:bold 42px 'Courier New',monospace;fill:#00ff41}
|
||||
.sub{font:bold 28px 'Courier New',monospace;fill:#00d4ff}
|
||||
.txt{font:24px 'Courier New',monospace;fill:#c0c0c0}
|
||||
.dim{font:20px 'Courier New',monospace;fill:#888}
|
||||
.grn{font:bold 24px 'Courier New',monospace;fill:#00ff41}
|
||||
.red{font:bold 24px 'Courier New',monospace;fill:#ff0040}
|
||||
.cyn{font:bold 24px 'Courier New',monospace;fill:#00d4ff}
|
||||
.amb{font:bold 24px 'Courier New',monospace;fill:#ffaa00}
|
||||
.badge{stroke:#00ff41;rx:14}
|
||||
</style>
|
||||
<rect class="bg" width="1200" height="800"/>
|
||||
|
||||
<!-- Title -->
|
||||
<text x="600" y="52" text-anchor="middle" class="title">ARM Cortex-M33 Regs</text>
|
||||
<text x="600" y="88" text-anchor="middle" class="dim">ARM Architecture & Registers</text>
|
||||
|
||||
<!-- Left Panel -->
|
||||
<rect x="30" y="105" width="520" height="675" class="pnl" rx="8"/>
|
||||
<text x="290" y="148" text-anchor="middle" class="sub">Key Registers</text>
|
||||
<line x1="50" y1="163" x2="530" y2="163" stroke="#1a1a2e"/>
|
||||
|
||||
<!-- r0 -->
|
||||
<rect x="55" y="182" width="190" height="50" rx="6" fill="#0f1a0f" stroke="#00ff41" stroke-width="2"/>
|
||||
<text x="150" y="215" text-anchor="middle" class="grn">r0</text>
|
||||
<text x="260" y="215" class="amb">Arg 1 / Return</text>
|
||||
|
||||
<!-- r1 -->
|
||||
<rect x="55" y="246" width="190" height="50" rx="6" fill="#0f1a0f" stroke="#00ff41" stroke-width="2"/>
|
||||
<text x="150" y="279" text-anchor="middle" class="grn">r1</text>
|
||||
<text x="260" y="279" class="amb">Arg 2</text>
|
||||
|
||||
<!-- r2 -->
|
||||
<rect x="55" y="310" width="190" height="50" rx="6" fill="#0f1a0f" stroke="#00ff41" stroke-width="2"/>
|
||||
<text x="150" y="343" text-anchor="middle" class="grn">r2</text>
|
||||
<text x="260" y="343" class="amb">Arg 3</text>
|
||||
|
||||
<!-- r3 -->
|
||||
<rect x="55" y="374" width="190" height="50" rx="6" fill="#0f1a0f" stroke="#00ff41" stroke-width="2"/>
|
||||
<text x="150" y="407" text-anchor="middle" class="grn">r3</text>
|
||||
<text x="260" y="407" class="amb">Arg 4</text>
|
||||
|
||||
<!-- Divider -->
|
||||
<line x1="55" y1="444" x2="530" y2="444" stroke="#ffaa00" stroke-width="2" stroke-dasharray="8"/>
|
||||
<text x="55" y="473" class="dim" style="fill:#ffaa00">r0-r3 Caller-saved</text>
|
||||
<text x="55" y="500" class="dim" style="fill:#00d4ff">r4-r11 Callee-saved</text>
|
||||
|
||||
<!-- SP -->
|
||||
<rect x="55" y="525" width="475" height="50" rx="6" fill="#1a0f0f" stroke="#ff0040" stroke-width="2"/>
|
||||
<text x="75" y="558" class="red">SP (r13)</text>
|
||||
<text x="310" y="558" class="txt">Stack Ptr</text>
|
||||
|
||||
<!-- LR -->
|
||||
<rect x="55" y="590" width="475" height="50" rx="6" fill="#0f1a1a" stroke="#00d4ff" stroke-width="2"/>
|
||||
<text x="75" y="623" class="cyn">LR (r14)</text>
|
||||
<text x="310" y="623" class="txt">Return Addr</text>
|
||||
|
||||
<!-- PC -->
|
||||
<rect x="55" y="655" width="475" height="50" rx="6" fill="#0f1a1a" stroke="#00d4ff" stroke-width="2"/>
|
||||
<text x="75" y="688" class="cyn">PC (r15)</text>
|
||||
<text x="310" y="688" class="txt">Next Instr</text>
|
||||
|
||||
<!-- xPSR -->
|
||||
<rect x="55" y="720" width="475" height="50" rx="6" fill="#1a1a0f" stroke="#ffaa00" stroke-width="2"/>
|
||||
<text x="75" y="753" class="amb">xPSR</text>
|
||||
<text x="310" y="753" class="txt">Status Flags</text>
|
||||
|
||||
<!-- Right Panel -->
|
||||
<rect x="580" y="105" width="590" height="675" class="pnl" rx="8"/>
|
||||
<text x="875" y="148" text-anchor="middle" class="sub">Function Call Flow</text>
|
||||
<line x1="600" y1="163" x2="1150" y2="163" stroke="#1a1a2e"/>
|
||||
|
||||
<!-- main box -->
|
||||
<rect x="640" y="205" width="190" height="70" rx="10" fill="#12121a" stroke="#00ff41" stroke-width="2"/>
|
||||
<text x="735" y="250" text-anchor="middle" class="grn">main()</text>
|
||||
|
||||
<!-- BL arrow -->
|
||||
<line x1="830" y1="240" x2="920" y2="240" stroke="#ffaa00" stroke-width="4"/>
|
||||
<polygon points="920,231 940,240 920,249" fill="#ffaa00"/>
|
||||
<text x="875" y="225" text-anchor="middle" class="dim" style="fill:#ffaa00">BL</text>
|
||||
|
||||
<!-- func box -->
|
||||
<rect x="945" y="205" width="190" height="70" rx="10" fill="#12121a" stroke="#00d4ff" stroke-width="2"/>
|
||||
<text x="1040" y="250" text-anchor="middle" class="cyn">func()</text>
|
||||
|
||||
<!-- Return arrow -->
|
||||
<line x1="945" y1="310" x2="830" y2="310" stroke="#ff0040" stroke-width="4"/>
|
||||
<polygon points="830,301 810,310 830,319" fill="#ff0040"/>
|
||||
<text x="888" y="345" text-anchor="middle" class="dim" style="fill:#ff0040">BX LR</text>
|
||||
|
||||
<!-- Separator -->
|
||||
<line x1="600" y1="380" x2="1150" y2="380" stroke="#1a1a2e"/>
|
||||
|
||||
<!-- Facts -->
|
||||
<text x="620" y="420" class="sub">How It Works</text>
|
||||
|
||||
<text x="620" y="455" class="amb">r0 = first argument</text>
|
||||
<text x="620" y="487" class="txt">puts(r0) passes the</text>
|
||||
<text x="620" y="519" class="txt">string address in r0</text>
|
||||
|
||||
<line x1="600" y1="562" x2="1150" y2="562" stroke="#1a1a2e"/>
|
||||
|
||||
<text x="620" y="600" class="cyn">LR saves return addr</text>
|
||||
<text x="620" y="635" class="txt">BL: PC+4 stored in LR</text>
|
||||
<text x="620" y="670" class="txt">BX LR: jump back</text>
|
||||
|
||||
<line x1="600" y1="707" x2="1150" y2="707" stroke="#1a1a2e"/>
|
||||
|
||||
<text x="620" y="745" class="dim">All registers: 32 bits wide</text>
|
||||
</svg>
|
||||
@@ -0,0 +1,101 @@
|
||||
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1200 800">
|
||||
<style>
|
||||
.bg{fill:#0a0a0f}.pnl{fill:#12121a;stroke:#1a1a2e}.hdr{fill:#12121a}
|
||||
.title{font:bold 42px 'Courier New',monospace;fill:#00ff41}
|
||||
.sub{font:bold 28px 'Courier New',monospace;fill:#00d4ff}
|
||||
.txt{font:24px 'Courier New',monospace;fill:#c0c0c0}
|
||||
.dim{font:20px 'Courier New',monospace;fill:#888}
|
||||
.grn{font:bold 24px 'Courier New',monospace;fill:#00ff41}
|
||||
.red{font:bold 24px 'Courier New',monospace;fill:#ff0040}
|
||||
.cyn{font:bold 24px 'Courier New',monospace;fill:#00d4ff}
|
||||
.amb{font:bold 24px 'Courier New',monospace;fill:#ffaa00}
|
||||
.badge{stroke:#00ff41;rx:14}
|
||||
</style>
|
||||
<rect class="bg" width="1200" height="800"/>
|
||||
|
||||
<!-- Title -->
|
||||
<text x="600" y="52" text-anchor="middle" class="title">Stack Growth Direction</text>
|
||||
<text x="600" y="88" text-anchor="middle" class="dim">ARM Stack Mechanics</text>
|
||||
|
||||
<!-- Left Panel: BEFORE PUSH -->
|
||||
<rect x="30" y="105" width="350" height="675" class="pnl" rx="8"/>
|
||||
<text x="205" y="148" text-anchor="middle" class="sub">Before PUSH</text>
|
||||
<line x1="50" y1="163" x2="360" y2="163" stroke="#1a1a2e"/>
|
||||
|
||||
<text x="55" y="205" class="amb">0x20082000</text>
|
||||
<text x="55" y="237" class="red">SP here</text>
|
||||
|
||||
<rect x="60" y="260" width="255" height="55" rx="5" fill="#0a0a0f" stroke="#1a1a2e" stroke-width="1" stroke-dasharray="6"/>
|
||||
<text x="187" y="295" text-anchor="middle" class="dim">(empty)</text>
|
||||
|
||||
<rect x="60" y="325" width="255" height="55" rx="5" fill="#0a0a0f" stroke="#1a1a2e" stroke-width="1" stroke-dasharray="6"/>
|
||||
<text x="187" y="360" text-anchor="middle" class="dim">(empty)</text>
|
||||
|
||||
<rect x="60" y="390" width="255" height="55" rx="5" fill="#0a0a0f" stroke="#1a1a2e" stroke-width="1" stroke-dasharray="6"/>
|
||||
<text x="187" y="425" text-anchor="middle" class="dim">(empty)</text>
|
||||
|
||||
<rect x="60" y="455" width="255" height="55" rx="5" fill="#0a0a0f" stroke="#1a1a2e" stroke-width="1" stroke-dasharray="6"/>
|
||||
<text x="187" y="490" text-anchor="middle" class="dim">(empty)</text>
|
||||
|
||||
<text x="55" y="555" class="amb">0x20080000</text>
|
||||
|
||||
<!-- Down arrow -->
|
||||
<text x="187" y="650" text-anchor="middle" class="red">Grows DOWN</text>
|
||||
<line x1="187" y1="665" x2="187" y2="725" stroke="#ff0040" stroke-width="4"/>
|
||||
<polygon points="175,725 187,750 199,725" fill="#ff0040"/>
|
||||
|
||||
<!-- Middle Panel: AFTER PUSH -->
|
||||
<rect x="410" y="105" width="370" height="675" class="pnl" rx="8"/>
|
||||
<text x="595" y="148" text-anchor="middle" class="sub">After PUSH</text>
|
||||
<line x1="430" y1="163" x2="760" y2="163" stroke="#1a1a2e"/>
|
||||
|
||||
<text x="435" y="205" class="amb">0x20082000</text>
|
||||
|
||||
<rect x="440" y="260" width="255" height="55" rx="5" fill="#1a0f0f" stroke="#ff0040" stroke-width="2"/>
|
||||
<text x="567" y="295" text-anchor="middle" class="cyn">LR value</text>
|
||||
|
||||
<rect x="440" y="325" width="255" height="55" rx="5" fill="#1a0f0f" stroke="#ff0040" stroke-width="2"/>
|
||||
<text x="567" y="360" text-anchor="middle" class="grn">r3 value</text>
|
||||
|
||||
<rect x="440" y="390" width="255" height="55" rx="5" fill="#0a0a0f" stroke="#1a1a2e" stroke-width="1" stroke-dasharray="6"/>
|
||||
<text x="567" y="425" text-anchor="middle" class="dim">(empty)</text>
|
||||
|
||||
<rect x="440" y="455" width="255" height="55" rx="5" fill="#0a0a0f" stroke="#1a1a2e" stroke-width="1" stroke-dasharray="6"/>
|
||||
<text x="567" y="490" text-anchor="middle" class="dim">(empty)</text>
|
||||
|
||||
<text x="435" y="545" class="red">SP here now = 0x20081FF8</text>
|
||||
|
||||
<text x="435" y="620" class="dim" style="fill:#ff0040">SP moved down</text>
|
||||
<text x="435" y="650" class="dim" style="fill:#ff0040">by 8 bytes</text>
|
||||
|
||||
<text x="435" y="720" class="amb">0x20080000</text>
|
||||
|
||||
<!-- Right Panel: Key Concepts -->
|
||||
<rect x="810" y="105" width="360" height="675" class="pnl" rx="8"/>
|
||||
<text x="990" y="148" text-anchor="middle" class="sub">Key Concepts</text>
|
||||
<line x1="830" y1="163" x2="1150" y2="163" stroke="#1a1a2e"/>
|
||||
|
||||
<text x="835" y="210" class="grn">Full Descending</text>
|
||||
<text x="835" y="248" class="txt">SP points to the</text>
|
||||
<text x="835" y="280" class="txt">last pushed item</text>
|
||||
|
||||
<line x1="830" y1="308" x2="1150" y2="308" stroke="#1a1a2e"/>
|
||||
|
||||
<text x="835" y="348" class="red">PUSH: SP -= 4</text>
|
||||
<text x="835" y="386" class="txt">Each 32-bit val</text>
|
||||
<text x="835" y="418" class="txt">drops SP by 4</text>
|
||||
<text x="835" y="450" class="txt">Two vals = -8</text>
|
||||
|
||||
<line x1="830" y1="478" x2="1150" y2="478" stroke="#1a1a2e"/>
|
||||
|
||||
<text x="835" y="518" class="cyn">POP: SP += 4</text>
|
||||
<text x="835" y="556" class="txt">Restores values</text>
|
||||
<text x="835" y="588" class="txt">SP moves back up</text>
|
||||
|
||||
<line x1="830" y1="616" x2="1150" y2="616" stroke="#1a1a2e"/>
|
||||
|
||||
<text x="835" y="656" class="amb">Initial SP</text>
|
||||
<text x="835" y="694" class="txt">Set by vector</text>
|
||||
<text x="835" y="726" class="txt">table at 0x00</text>
|
||||
<text x="835" y="758" class="dim">StackTop=0x20082000</text>
|
||||
</svg>
|
||||
@@ -0,0 +1,98 @@
|
||||
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1200 800">
|
||||
<style>
|
||||
.bg{fill:#0a0a0f}.pnl{fill:#12121a;stroke:#1a1a2e}.hdr{fill:#12121a}
|
||||
.title{font:bold 42px 'Courier New',monospace;fill:#00ff41}
|
||||
.sub{font:bold 28px 'Courier New',monospace;fill:#00d4ff}
|
||||
.txt{font:24px 'Courier New',monospace;fill:#c0c0c0}
|
||||
.dim{font:20px 'Courier New',monospace;fill:#888}
|
||||
.grn{font:bold 24px 'Courier New',monospace;fill:#00ff41}
|
||||
.red{font:bold 24px 'Courier New',monospace;fill:#ff0040}
|
||||
.cyn{font:bold 24px 'Courier New',monospace;fill:#00d4ff}
|
||||
.amb{font:bold 24px 'Courier New',monospace;fill:#ffaa00}
|
||||
.badge{stroke:#00ff41;rx:14}
|
||||
</style>
|
||||
<rect class="bg" width="1200" height="800"/>
|
||||
|
||||
<!-- Title -->
|
||||
<text x="600" y="52" text-anchor="middle" class="title">RP2350 Memory Map</text>
|
||||
<text x="600" y="88" text-anchor="middle" class="dim">RP2350 Address Space</text>
|
||||
|
||||
<!-- Left Panel: Memory Map -->
|
||||
<rect x="30" y="105" width="540" height="675" class="pnl" rx="8"/>
|
||||
<text x="300" y="148" text-anchor="middle" class="sub">Address Space</text>
|
||||
<line x1="50" y1="163" x2="550" y2="163" stroke="#1a1a2e"/>
|
||||
|
||||
<!-- ROM: block x=55 to x=540, address INSIDE block -->
|
||||
<rect x="55" y="178" width="485" height="50" rx="4" fill="#1a0f0f" stroke="#ff0040" stroke-width="2"/>
|
||||
<text x="70" y="210" class="red">ROM Boot</text>
|
||||
<text x="525" y="210" text-anchor="end" class="dim">0x0000_0000</text>
|
||||
|
||||
<!-- XIP Flash -->
|
||||
<rect x="55" y="243" width="485" height="70" rx="4" fill="#0f1a0f" stroke="#00ff41" stroke-width="2"/>
|
||||
<text x="70" y="276" class="grn">XIP Flash</text>
|
||||
<text x="70" y="303" class="dim">16MB max</text>
|
||||
<text x="525" y="276" text-anchor="end" class="dim">0x1000_0000</text>
|
||||
|
||||
<!-- SRAM -->
|
||||
<rect x="55" y="328" width="485" height="90" rx="4" fill="#0f0f1a" stroke="#00d4ff" stroke-width="2"/>
|
||||
<text x="70" y="361" class="cyn">SRAM</text>
|
||||
<text x="70" y="391" class="dim">520KB total</text>
|
||||
<text x="525" y="361" text-anchor="end" class="dim">0x2000_0000</text>
|
||||
|
||||
<!-- APB Peripherals -->
|
||||
<rect x="55" y="433" width="485" height="55" rx="4" fill="#1a1a0f" stroke="#ffaa00" stroke-width="2"/>
|
||||
<text x="70" y="468" class="amb">APB Periph</text>
|
||||
<text x="525" y="468" text-anchor="end" class="dim">0x4000_0000</text>
|
||||
|
||||
<!-- AHB Peripherals -->
|
||||
<rect x="55" y="503" width="485" height="55" rx="4" fill="#1a1a0f" stroke="#ffaa00" stroke-width="2"/>
|
||||
<text x="70" y="538" class="amb">AHB Periph</text>
|
||||
<text x="525" y="538" text-anchor="end" class="dim">0x5000_0000</text>
|
||||
|
||||
<!-- SIO -->
|
||||
<rect x="55" y="573" width="485" height="55" rx="4" fill="#1a0f1a" stroke="#ff0040" stroke-width="2"/>
|
||||
<text x="70" y="608" class="red">SIO</text>
|
||||
<text x="525" y="608" text-anchor="end" class="dim">0xD000_0000</text>
|
||||
|
||||
<!-- PPB -->
|
||||
<rect x="55" y="643" width="485" height="55" rx="4" fill="#1a0f1a" stroke="#ff0040" stroke-width="2"/>
|
||||
<text x="70" y="678" class="red">PPB Cortex</text>
|
||||
<text x="525" y="678" text-anchor="end" class="dim">0xE000_0000</text>
|
||||
|
||||
<!-- Grow arrow in panel margin -->
|
||||
<text x="548" y="730" text-anchor="end" class="dim">addr+</text>
|
||||
|
||||
<!-- Right Panel: Key Details -->
|
||||
<rect x="600" y="105" width="570" height="675" class="pnl" rx="8"/>
|
||||
<text x="885" y="148" text-anchor="middle" class="sub">Key Details</text>
|
||||
<line x1="620" y1="163" x2="1150" y2="163" stroke="#1a1a2e"/>
|
||||
|
||||
<!-- XIP Flash detail -->
|
||||
<text x="625" y="205" class="grn">XIP Flash</text>
|
||||
<text x="625" y="240" class="txt">Code runs directly</text>
|
||||
<text x="625" y="272" class="txt">from flash via cache</text>
|
||||
<text x="625" y="304" class="dim">Execute-In-Place</text>
|
||||
|
||||
<line x1="620" y1="328" x2="1150" y2="328" stroke="#1a1a2e"/>
|
||||
|
||||
<!-- SRAM detail -->
|
||||
<text x="625" y="368" class="cyn">SRAM Banks</text>
|
||||
<text x="625" y="403" class="txt">SRAM0-7: 8x64KB</text>
|
||||
<text x="625" y="435" class="txt">SRAM8-9: 2x4KB</text>
|
||||
<text x="625" y="467" class="txt">Stack + Heap here</text>
|
||||
|
||||
<line x1="620" y1="491" x2="1150" y2="491" stroke="#1a1a2e"/>
|
||||
|
||||
<!-- Peripheral detail -->
|
||||
<text x="625" y="531" class="amb">Peripherals</text>
|
||||
<text x="625" y="566" class="txt">GPIO, UART, SPI</text>
|
||||
<text x="625" y="598" class="txt">I2C, PWM, ADC</text>
|
||||
<text x="625" y="630" class="dim">Memory-mapped I/O</text>
|
||||
|
||||
<line x1="620" y1="654" x2="1150" y2="654" stroke="#1a1a2e"/>
|
||||
|
||||
<!-- SIO/PPB detail -->
|
||||
<text x="625" y="694" class="red">SIO + PPB</text>
|
||||
<text x="625" y="729" class="txt">Single-cycle I/O</text>
|
||||
<text x="625" y="761" class="txt">Debug + NVIC</text>
|
||||
</svg>
|
||||
@@ -0,0 +1,90 @@
|
||||
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1200 800">
|
||||
<style>
|
||||
.bg{fill:#0a0a0f}.pnl{fill:#12121a;stroke:#1a1a2e}.hdr{fill:#12121a}
|
||||
.title{font:bold 42px 'Courier New',monospace;fill:#00ff41}
|
||||
.sub{font:bold 28px 'Courier New',monospace;fill:#00d4ff}
|
||||
.txt{font:24px 'Courier New',monospace;fill:#c0c0c0}
|
||||
.dim{font:20px 'Courier New',monospace;fill:#888}
|
||||
.grn{font:bold 24px 'Courier New',monospace;fill:#00ff41}
|
||||
.red{font:bold 24px 'Courier New',monospace;fill:#ff0040}
|
||||
.cyn{font:bold 24px 'Courier New',monospace;fill:#00d4ff}
|
||||
.amb{font:bold 24px 'Courier New',monospace;fill:#ffaa00}
|
||||
.badge{stroke:#00ff41;rx:14}
|
||||
</style>
|
||||
<rect class="bg" width="1200" height="800"/>
|
||||
|
||||
<!-- Title -->
|
||||
<text x="600" y="52" text-anchor="middle" class="title">Stack vs Heap in RAM</text>
|
||||
<text x="600" y="88" text-anchor="middle" class="dim">RP2350 SRAM: Data, BSS, Heap, Stack</text>
|
||||
|
||||
<!-- Left Panel: RAM Layout Diagram -->
|
||||
<rect x="30" y="105" width="400" height="675" class="pnl" rx="8"/>
|
||||
<text x="230" y="148" text-anchor="middle" class="sub">SRAM Layout</text>
|
||||
<line x1="50" y1="163" x2="410" y2="163" stroke="#1a1a2e"/>
|
||||
|
||||
<!-- High address label -->
|
||||
<text x="55" y="195" class="dim">0x2008_2000 (top)</text>
|
||||
|
||||
<!-- Stack region -->
|
||||
<rect x="55" y="210" width="345" height="150" rx="4" fill="#1a0f0f" stroke="#ff0040" stroke-width="2"/>
|
||||
<text x="227" y="255" text-anchor="middle" class="red">STACK</text>
|
||||
<text x="227" y="290" text-anchor="middle" class="txt">Grows DOWN</text>
|
||||
<text x="227" y="322" text-anchor="middle" class="dim">SP = top of stack</text>
|
||||
|
||||
<!-- Down arrow from stack -->
|
||||
<polygon points="215,370 227,395 239,370" fill="#ff0040"/>
|
||||
<line x1="227" y1="360" x2="227" y2="370" stroke="#ff0040" stroke-width="3"/>
|
||||
|
||||
<!-- Free space -->
|
||||
<rect x="55" y="400" width="345" height="80" rx="4" fill="#0a0a0f" stroke="#888888" stroke-width="1" stroke-dasharray="6"/>
|
||||
<text x="227" y="448" text-anchor="middle" class="dim">FREE SPACE</text>
|
||||
|
||||
<!-- Up arrow from heap -->
|
||||
<line x1="227" y1="510" x2="227" y2="495" stroke="#00ff41" stroke-width="3"/>
|
||||
<polygon points="215,510 227,485 239,510" fill="#00ff41"/>
|
||||
|
||||
<!-- Heap region -->
|
||||
<rect x="55" y="515" width="345" height="120" rx="4" fill="#0f1a0f" stroke="#00ff41" stroke-width="2"/>
|
||||
<text x="227" y="560" text-anchor="middle" class="grn">HEAP</text>
|
||||
<text x="227" y="592" text-anchor="middle" class="txt">Grows UP</text>
|
||||
<text x="227" y="620" text-anchor="middle" class="dim">heap_base = __end__</text>
|
||||
|
||||
<!-- Data + BSS -->
|
||||
<rect x="55" y="650" width="345" height="50" rx="4" fill="#0f0f1a" stroke="#00d4ff" stroke-width="2"/>
|
||||
<text x="227" y="683" text-anchor="middle" class="cyn">.data + .bss</text>
|
||||
|
||||
<!-- Low address label -->
|
||||
<text x="55" y="725" class="dim">0x2000_0000 (base)</text>
|
||||
|
||||
<!-- Right Panel: Details -->
|
||||
<rect x="460" y="105" width="710" height="675" class="pnl" rx="8"/>
|
||||
<text x="815" y="148" text-anchor="middle" class="sub">How To Read Sizes Quickly</text>
|
||||
<line x1="480" y1="163" x2="1150" y2="163" stroke="#1a1a2e"/>
|
||||
|
||||
<!-- Short formulas -->
|
||||
<text x="485" y="220" class="cyn">1) .data size</text>
|
||||
<text x="485" y="258" class="txt">__data_end__ - __data_start__</text>
|
||||
<text x="780" y="220" class="dim">init non-zero globals/statics</text>
|
||||
|
||||
<line x1="480" y1="288" x2="1150" y2="288" stroke="#1a1a2e"/>
|
||||
|
||||
<text x="485" y="338" class="cyn">2) .bss size</text>
|
||||
<text x="485" y="376" class="txt">__bss_end__ - __bss_start__</text>
|
||||
<text x="780" y="338" class="dim">zero/uninit globals/statics</text>
|
||||
|
||||
<line x1="480" y1="406" x2="1150" y2="406" stroke="#1a1a2e"/>
|
||||
|
||||
<text x="485" y="456" class="grn">3) Heap starts at</text>
|
||||
<text x="485" y="494" class="txt">__end__ (aka __HeapBase)</text>
|
||||
|
||||
<line x1="480" y1="524" x2="1150" y2="524" stroke="#1a1a2e"/>
|
||||
|
||||
<text x="485" y="574" class="red">4) Stack starts at</text>
|
||||
<text x="485" y="612" class="txt">vector_table[0] (initial SP)</text>
|
||||
<text x="485" y="644" class="dim">typical: 0x20082000 on RP2350</text>
|
||||
|
||||
<line x1="480" y1="674" x2="1150" y2="674" stroke="#1a1a2e"/>
|
||||
|
||||
<text x="485" y="724" class="amb">5) Safety rule</text>
|
||||
<text x="485" y="762" class="txt">Heap must never collide with stack</text>
|
||||
</svg>
|
||||
@@ -0,0 +1,86 @@
|
||||
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1200 800">
|
||||
<style>
|
||||
.bg{fill:#0a0a0f}.pnl{fill:#12121a;stroke:#1a1a2e}.hdr{fill:#12121a}
|
||||
.title{font:bold 42px 'Courier New',monospace;fill:#00ff41}
|
||||
.sub{font:bold 28px 'Courier New',monospace;fill:#00d4ff}
|
||||
.txt{font:24px 'Courier New',monospace;fill:#c0c0c0}
|
||||
.dim{font:20px 'Courier New',monospace;fill:#888}
|
||||
.grn{font:bold 24px 'Courier New',monospace;fill:#00ff41}
|
||||
.red{font:bold 24px 'Courier New',monospace;fill:#ff0040}
|
||||
.cyn{font:bold 24px 'Courier New',monospace;fill:#00d4ff}
|
||||
.amb{font:bold 24px 'Courier New',monospace;fill:#ffaa00}
|
||||
.badge{stroke:#00ff41;rx:14}
|
||||
</style>
|
||||
<rect class="bg" width="1200" height="800"/>
|
||||
|
||||
<!-- Title -->
|
||||
<text x="600" y="52" text-anchor="middle" class="title">Link Register & Return</text>
|
||||
<text x="600" y="88" text-anchor="middle" class="dim">ARM Function Calls</text>
|
||||
|
||||
<!-- Left Panel: Call Flow - full width boxes, no floating text -->
|
||||
<rect x="30" y="105" width="540" height="675" class="pnl" rx="8"/>
|
||||
<text x="300" y="148" text-anchor="middle" class="sub">BL Call Flow</text>
|
||||
<line x1="50" y1="163" x2="550" y2="163" stroke="#1a1a2e"/>
|
||||
|
||||
<!-- Step 1: main calls BL add -->
|
||||
<text x="55" y="200" class="dim">Step 1: caller</text>
|
||||
<rect x="55" y="215" width="490" height="55" rx="6" fill="#0f1a0f" stroke="#00ff41" stroke-width="2"/>
|
||||
<text x="300" y="250" text-anchor="middle" class="grn">main: BL add</text>
|
||||
|
||||
<!-- Arrow down -->
|
||||
<line x1="300" y1="270" x2="300" y2="310" stroke="#00d4ff" stroke-width="3"/>
|
||||
<polygon points="288,310 300,335 312,310" fill="#00d4ff"/>
|
||||
|
||||
<!-- Step 2: LR gets saved -->
|
||||
<text x="55" y="355" class="dim">Step 2: hardware saves LR</text>
|
||||
<rect x="55" y="370" width="490" height="55" rx="6" fill="#0f0f1a" stroke="#00d4ff" stroke-width="2"/>
|
||||
<text x="300" y="405" text-anchor="middle" class="cyn">LR = return addr</text>
|
||||
|
||||
<!-- Arrow down -->
|
||||
<line x1="300" y1="425" x2="300" y2="460" stroke="#ffaa00" stroke-width="3"/>
|
||||
<polygon points="288,460 300,485 312,460" fill="#ffaa00"/>
|
||||
|
||||
<!-- Step 3: execute function -->
|
||||
<text x="55" y="505" class="dim">Step 3: run function</text>
|
||||
<rect x="55" y="520" width="490" height="55" rx="6" fill="#1a1a0f" stroke="#ffaa00" stroke-width="2"/>
|
||||
<text x="300" y="555" text-anchor="middle" class="amb">add: ADD r0, r1</text>
|
||||
|
||||
<!-- Arrow down -->
|
||||
<line x1="300" y1="575" x2="300" y2="610" stroke="#ff0040" stroke-width="3"/>
|
||||
<polygon points="288,610 300,635 312,610" fill="#ff0040"/>
|
||||
|
||||
<!-- Step 4: return -->
|
||||
<text x="55" y="655" class="dim">Step 4: return to caller</text>
|
||||
<rect x="55" y="670" width="490" height="55" rx="6" fill="#1a0f0f" stroke="#ff0040" stroke-width="2"/>
|
||||
<text x="300" y="705" text-anchor="middle" class="red">BX LR (jump back)</text>
|
||||
|
||||
<!-- Right Panel: Key Concepts -->
|
||||
<rect x="600" y="105" width="570" height="675" class="pnl" rx="8"/>
|
||||
<text x="885" y="148" text-anchor="middle" class="sub">Key Concepts</text>
|
||||
<line x1="620" y1="163" x2="1150" y2="163" stroke="#1a1a2e"/>
|
||||
|
||||
<text x="625" y="205" class="cyn">BL instruction</text>
|
||||
<text x="625" y="240" class="txt">Branch with Link</text>
|
||||
<text x="625" y="272" class="txt">Saves return addr</text>
|
||||
<text x="625" y="304" class="txt">in LR (r14)</text>
|
||||
|
||||
<line x1="620" y1="332" x2="1150" y2="332" stroke="#1a1a2e"/>
|
||||
|
||||
<text x="625" y="372" class="red">BX LR</text>
|
||||
<text x="625" y="407" class="txt">Branch to addr</text>
|
||||
<text x="625" y="439" class="txt">stored in LR</text>
|
||||
<text x="625" y="471" class="txt">Returns to caller</text>
|
||||
|
||||
<line x1="620" y1="499" x2="1150" y2="499" stroke="#1a1a2e"/>
|
||||
|
||||
<text x="625" y="539" class="amb">Nested Calls</text>
|
||||
<text x="625" y="574" class="txt">Must PUSH LR first</text>
|
||||
<text x="625" y="606" class="txt">PUSH {r3, lr}</text>
|
||||
<text x="625" y="638" class="txt">POP {r3, pc}</text>
|
||||
<text x="625" y="670" class="dim">POP into PC = return</text>
|
||||
|
||||
<line x1="620" y1="698" x2="1150" y2="698" stroke="#1a1a2e"/>
|
||||
|
||||
<text x="625" y="738" class="grn">r14 = LR</text>
|
||||
<text x="625" y="773" class="dim">Always check LR in GDB</text>
|
||||
</svg>
|
||||
@@ -0,0 +1,101 @@
|
||||
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1200 800">
|
||||
<style>
|
||||
.bg{fill:#0a0a0f}.pnl{fill:#12121a;stroke:#1a1a2e}.hdr{fill:#12121a}
|
||||
.title{font:bold 42px 'Courier New',monospace;fill:#00ff41}
|
||||
.sub{font:bold 28px 'Courier New',monospace;fill:#00d4ff}
|
||||
.txt{font:24px 'Courier New',monospace;fill:#c0c0c0}
|
||||
.dim{font:20px 'Courier New',monospace;fill:#888}
|
||||
.grn{font:bold 24px 'Courier New',monospace;fill:#00ff41}
|
||||
.red{font:bold 24px 'Courier New',monospace;fill:#ff0040}
|
||||
.cyn{font:bold 24px 'Courier New',monospace;fill:#00d4ff}
|
||||
.amb{font:bold 24px 'Courier New',monospace;fill:#ffaa00}
|
||||
.badge{stroke:#00ff41;rx:14}
|
||||
</style>
|
||||
<rect class="bg" width="1200" height="800"/>
|
||||
|
||||
<!-- Title -->
|
||||
<text x="600" y="52" text-anchor="middle" class="title">Program Counter Flow</text>
|
||||
<text x="600" y="88" text-anchor="middle" class="dim">Instruction Execution</text>
|
||||
|
||||
<!-- Left Panel: PC stepping through instructions -->
|
||||
<rect x="30" y="105" width="540" height="675" class="pnl" rx="8"/>
|
||||
<text x="300" y="148" text-anchor="middle" class="sub">PC Execution</text>
|
||||
<line x1="50" y1="163" x2="550" y2="163" stroke="#1a1a2e"/>
|
||||
|
||||
<!-- Instruction list -->
|
||||
<text x="55" y="205" class="dim">ADDR</text>
|
||||
<text x="220" y="205" class="dim">INSTRUCTION</text>
|
||||
|
||||
<!-- Line 1 -->
|
||||
<rect x="55" y="220" width="490" height="45" rx="4" fill="#0f1a0f" stroke="#00ff41" stroke-width="2"/>
|
||||
<text x="70" y="250" class="amb">0x1000</text>
|
||||
<text x="230" y="250" class="grn">MOV r0, #5</text>
|
||||
<text x="490" y="250" text-anchor="end" class="red">PC</text>
|
||||
|
||||
<!-- Line 2 -->
|
||||
<rect x="55" y="275" width="490" height="45" rx="4" fill="#0a0a0f" stroke="#1a1a2e"/>
|
||||
<text x="70" y="305" class="amb">0x1002</text>
|
||||
<text x="230" y="305" class="txt">MOV r1, #3</text>
|
||||
|
||||
<!-- Line 3 -->
|
||||
<rect x="55" y="330" width="490" height="45" rx="4" fill="#0a0a0f" stroke="#1a1a2e"/>
|
||||
<text x="70" y="360" class="amb">0x1004</text>
|
||||
<text x="230" y="360" class="txt">ADD r0, r1</text>
|
||||
|
||||
<!-- Line 4 -->
|
||||
<rect x="55" y="385" width="490" height="45" rx="4" fill="#0a0a0f" stroke="#1a1a2e"/>
|
||||
<text x="70" y="415" class="amb">0x1006</text>
|
||||
<text x="230" y="415" class="txt">BL func</text>
|
||||
|
||||
<!-- Line 5: branch target -->
|
||||
<rect x="55" y="440" width="490" height="45" rx="4" fill="#0a0a0f" stroke="#1a1a2e"/>
|
||||
<text x="70" y="470" class="amb">0x1010</text>
|
||||
<text x="230" y="470" class="txt">func: PUSH {lr}</text>
|
||||
|
||||
<!-- Line 6 -->
|
||||
<rect x="55" y="495" width="490" height="45" rx="4" fill="#0a0a0f" stroke="#1a1a2e"/>
|
||||
<text x="70" y="525" class="amb">0x1012</text>
|
||||
<text x="230" y="525" class="txt">SUB r0, #1</text>
|
||||
|
||||
<!-- Line 7 -->
|
||||
<rect x="55" y="550" width="490" height="45" rx="4" fill="#0a0a0f" stroke="#1a1a2e"/>
|
||||
<text x="70" y="580" class="amb">0x1014</text>
|
||||
<text x="230" y="580" class="txt">POP {pc}</text>
|
||||
|
||||
<!-- Arrow showing jump -->
|
||||
<line x1="520" y1="407" x2="520" y2="462" stroke="#ff0040" stroke-width="2" stroke-dasharray="6"/>
|
||||
<polygon points="510,462 520,480 530,462" fill="#ff0040"/>
|
||||
<text x="340" y="640" text-anchor="middle" class="dim">BL = jump to function target</text>
|
||||
<text x="340" y="670" text-anchor="middle" class="dim">POP {pc} = return to caller</text>
|
||||
|
||||
<!-- Right Panel: Key Concepts -->
|
||||
<rect x="600" y="105" width="570" height="675" class="pnl" rx="8"/>
|
||||
<text x="885" y="148" text-anchor="middle" class="sub">Key Concepts</text>
|
||||
<line x1="620" y1="163" x2="1150" y2="163" stroke="#1a1a2e"/>
|
||||
|
||||
<text x="625" y="205" class="cyn">r15 = PC</text>
|
||||
<text x="625" y="240" class="txt">Points to current</text>
|
||||
<text x="625" y="272" class="txt">instruction + 4</text>
|
||||
<text x="625" y="304" class="dim">Prefetch pipeline</text>
|
||||
|
||||
<line x1="620" y1="332" x2="1150" y2="332" stroke="#1a1a2e"/>
|
||||
|
||||
<text x="625" y="372" class="grn">Sequential</text>
|
||||
<text x="625" y="407" class="txt">Thumb next = +2 or +4</text>
|
||||
<text x="625" y="439" class="dim">depends on instruction encoding</text>
|
||||
<text x="625" y="471" class="dim">Cortex-M33 executes Thumb only</text>
|
||||
|
||||
<line x1="620" y1="499" x2="1150" y2="499" stroke="#1a1a2e"/>
|
||||
|
||||
<text x="625" y="539" class="red">Branch</text>
|
||||
<text x="625" y="574" class="txt">B = unconditional</text>
|
||||
<text x="625" y="606" class="txt">BL = save LR, jump</text>
|
||||
<text x="625" y="638" class="txt">BX = branch reg</text>
|
||||
<text x="625" y="670" class="txt">BEQ = branch if Z=1</text>
|
||||
<text x="900" y="606" class="dim">not linear +2 stepping</text>
|
||||
|
||||
<line x1="620" y1="698" x2="1150" y2="698" stroke="#1a1a2e"/>
|
||||
|
||||
<text x="625" y="738" class="amb">GDB tip</text>
|
||||
<text x="625" y="770" class="dim">stepi = step 1 instr</text>
|
||||
</svg>
|
||||
@@ -0,0 +1,110 @@
|
||||
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1200 800">
|
||||
<style>
|
||||
.bg{fill:#0a0a0f}.pnl{fill:#12121a;stroke:#1a1a2e}.hdr{fill:#12121a}
|
||||
.title{font:bold 42px 'Courier New',monospace;fill:#00ff41}
|
||||
.sub{font:bold 28px 'Courier New',monospace;fill:#00d4ff}
|
||||
.txt{font:24px 'Courier New',monospace;fill:#c0c0c0}
|
||||
.dim{font:20px 'Courier New',monospace;fill:#888}
|
||||
.grn{font:bold 24px 'Courier New',monospace;fill:#00ff41}
|
||||
.red{font:bold 24px 'Courier New',monospace;fill:#ff0040}
|
||||
.cyn{font:bold 24px 'Courier New',monospace;fill:#00d4ff}
|
||||
.amb{font:bold 24px 'Courier New',monospace;fill:#ffaa00}
|
||||
.badge{stroke:#00ff41;rx:14}
|
||||
</style>
|
||||
<rect class="bg" width="1200" height="800"/>
|
||||
|
||||
<!-- Title -->
|
||||
<text x="600" y="52" text-anchor="middle" class="title">Little-Endian Bytes</text>
|
||||
<text x="600" y="88" text-anchor="middle" class="dim">Byte Ordering</text>
|
||||
|
||||
<!-- Left Panel: Visual Example -->
|
||||
<rect x="30" y="105" width="540" height="675" class="pnl" rx="8"/>
|
||||
<text x="300" y="148" text-anchor="middle" class="sub">Byte Ordering</text>
|
||||
<line x1="50" y1="163" x2="550" y2="163" stroke="#1a1a2e"/>
|
||||
|
||||
<!-- The value -->
|
||||
<text x="300" y="210" text-anchor="middle" class="grn">0xDEADBEEF</text>
|
||||
|
||||
<!-- Big Endian section -->
|
||||
<text x="55" y="260" class="red">Big-Endian</text>
|
||||
<text x="300" y="260" class="dim">MSB first</text>
|
||||
|
||||
<rect x="55" y="280" width="110" height="55" rx="4" fill="#1a0f0f" stroke="#ff0040" stroke-width="2"/>
|
||||
<text x="110" y="315" text-anchor="middle" class="txt">DE</text>
|
||||
|
||||
<rect x="175" y="280" width="110" height="55" rx="4" fill="#1a0f0f" stroke="#ff0040" stroke-width="2"/>
|
||||
<text x="230" y="315" text-anchor="middle" class="txt">AD</text>
|
||||
|
||||
<rect x="295" y="280" width="110" height="55" rx="4" fill="#1a0f0f" stroke="#ff0040" stroke-width="2"/>
|
||||
<text x="350" y="315" text-anchor="middle" class="txt">BE</text>
|
||||
|
||||
<rect x="415" y="280" width="110" height="55" rx="4" fill="#1a0f0f" stroke="#ff0040" stroke-width="2"/>
|
||||
<text x="470" y="315" text-anchor="middle" class="txt">EF</text>
|
||||
|
||||
<!-- Address labels -->
|
||||
<text x="110" y="360" text-anchor="middle" class="dim">+0</text>
|
||||
<text x="230" y="360" text-anchor="middle" class="dim">+1</text>
|
||||
<text x="350" y="360" text-anchor="middle" class="dim">+2</text>
|
||||
<text x="470" y="360" text-anchor="middle" class="dim">+3</text>
|
||||
|
||||
<!-- Spacer -->
|
||||
<text x="300" y="420" text-anchor="middle" class="amb">vs</text>
|
||||
|
||||
<!-- Little Endian section -->
|
||||
<text x="55" y="470" class="grn">Little-Endian</text>
|
||||
<text x="300" y="470" class="dim">LSB first</text>
|
||||
|
||||
<rect x="55" y="490" width="110" height="55" rx="4" fill="#0f1a0f" stroke="#00ff41" stroke-width="2"/>
|
||||
<text x="110" y="525" text-anchor="middle" class="txt">EF</text>
|
||||
|
||||
<rect x="175" y="490" width="110" height="55" rx="4" fill="#0f1a0f" stroke="#00ff41" stroke-width="2"/>
|
||||
<text x="230" y="525" text-anchor="middle" class="txt">BE</text>
|
||||
|
||||
<rect x="295" y="490" width="110" height="55" rx="4" fill="#0f1a0f" stroke="#00ff41" stroke-width="2"/>
|
||||
<text x="350" y="525" text-anchor="middle" class="txt">AD</text>
|
||||
|
||||
<rect x="415" y="490" width="110" height="55" rx="4" fill="#0f1a0f" stroke="#00ff41" stroke-width="2"/>
|
||||
<text x="470" y="525" text-anchor="middle" class="txt">DE</text>
|
||||
|
||||
<!-- Address labels -->
|
||||
<text x="110" y="570" text-anchor="middle" class="dim">+0</text>
|
||||
<text x="230" y="570" text-anchor="middle" class="dim">+1</text>
|
||||
<text x="350" y="570" text-anchor="middle" class="dim">+2</text>
|
||||
<text x="470" y="570" text-anchor="middle" class="dim">+3</text>
|
||||
|
||||
<!-- Summary text below -->
|
||||
<text x="300" y="630" text-anchor="middle" class="amb">Bytes are reversed!</text>
|
||||
<text x="300" y="670" text-anchor="middle" class="txt">Lowest address holds</text>
|
||||
<text x="300" y="710" text-anchor="middle" class="txt">least significant byte</text>
|
||||
<text x="300" y="750" text-anchor="middle" class="dim">ARM uses little-endian</text>
|
||||
|
||||
<!-- Right Panel: Key Concepts -->
|
||||
<rect x="600" y="105" width="570" height="675" class="pnl" rx="8"/>
|
||||
<text x="885" y="148" text-anchor="middle" class="sub">Key Concepts</text>
|
||||
<line x1="620" y1="163" x2="1150" y2="163" stroke="#1a1a2e"/>
|
||||
|
||||
<text x="625" y="205" class="cyn">ARM = Little-Endian</text>
|
||||
<text x="625" y="240" class="txt">Cortex-M33 uses LE</text>
|
||||
<text x="625" y="272" class="txt">by default</text>
|
||||
<text x="625" y="304" class="dim">Also: x86, RISC-V</text>
|
||||
|
||||
<line x1="620" y1="332" x2="1150" y2="332" stroke="#1a1a2e"/>
|
||||
|
||||
<text x="625" y="372" class="red">Why It Matters</text>
|
||||
<text x="625" y="407" class="txt">Memory dumps show</text>
|
||||
<text x="625" y="439" class="txt">raw byte order</text>
|
||||
<text x="625" y="471" class="txt">Must mentally flip</text>
|
||||
<text x="625" y="503" class="txt">to get true value</text>
|
||||
|
||||
<line x1="620" y1="531" x2="1150" y2="531" stroke="#1a1a2e"/>
|
||||
|
||||
<text x="625" y="571" class="amb">GDB Example</text>
|
||||
<text x="625" y="606" class="txt">x/4xb 0x2000</text>
|
||||
<text x="625" y="638" class="grn">EF BE AD DE</text>
|
||||
<text x="625" y="670" class="dim">= 0xDEADBEEF</text>
|
||||
|
||||
<line x1="620" y1="708" x2="1150" y2="708" stroke="#1a1a2e"/>
|
||||
|
||||
<text x="625" y="748" class="cyn">x/xw = word view</text>
|
||||
<text x="625" y="773" class="dim">GDB auto-corrects</text>
|
||||
</svg>
|
||||
@@ -0,0 +1,90 @@
|
||||
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1200 800">
|
||||
<style>
|
||||
.bg{fill:#0a0a0f}.pnl{fill:#12121a;stroke:#1a1a2e}.hdr{fill:#12121a}
|
||||
.title{font:bold 42px 'Courier New',monospace;fill:#00ff41}
|
||||
.sub{font:bold 28px 'Courier New',monospace;fill:#00d4ff}
|
||||
.txt{font:24px 'Courier New',monospace;fill:#c0c0c0}
|
||||
.dim{font:20px 'Courier New',monospace;fill:#888}
|
||||
.grn{font:bold 24px 'Courier New',monospace;fill:#00ff41}
|
||||
.red{font:bold 24px 'Courier New',monospace;fill:#ff0040}
|
||||
.cyn{font:bold 24px 'Courier New',monospace;fill:#00d4ff}
|
||||
.amb{font:bold 24px 'Courier New',monospace;fill:#ffaa00}
|
||||
.badge{stroke:#00ff41;rx:14}
|
||||
</style>
|
||||
<rect class="bg" width="1200" height="800"/>
|
||||
|
||||
<!-- Title -->
|
||||
<text x="600" y="52" text-anchor="middle" class="title">XIP Flash Model</text>
|
||||
<text x="600" y="88" text-anchor="middle" class="dim">Execute-in-Place</text>
|
||||
|
||||
<!-- Left Panel: Flow Diagram -->
|
||||
<rect x="30" y="105" width="540" height="675" class="pnl" rx="8"/>
|
||||
<text x="300" y="148" text-anchor="middle" class="sub">Execute-In-Place</text>
|
||||
<line x1="50" y1="163" x2="550" y2="163" stroke="#1a1a2e"/>
|
||||
|
||||
<!-- External Flash chip -->
|
||||
<rect x="120" y="190" width="300" height="65" rx="6" fill="#1a1a0f" stroke="#ffaa00" stroke-width="2"/>
|
||||
<text x="270" y="223" text-anchor="middle" class="amb">QSPI Flash</text>
|
||||
<text x="270" y="245" text-anchor="middle" class="dim">External 16MB</text>
|
||||
|
||||
<!-- Arrow down -->
|
||||
<line x1="270" y1="255" x2="270" y2="300" stroke="#ffaa00" stroke-width="3"/>
|
||||
<polygon points="258,300 270,325 282,300" fill="#ffaa00"/>
|
||||
|
||||
<!-- QSPI Controller -->
|
||||
<rect x="120" y="330" width="300" height="55" rx="6" fill="#0f0f1a" stroke="#00d4ff" stroke-width="2"/>
|
||||
<text x="270" y="362" text-anchor="middle" class="cyn">QSPI Controller</text>
|
||||
|
||||
<!-- Arrow down -->
|
||||
<line x1="270" y1="385" x2="270" y2="420" stroke="#00d4ff" stroke-width="3"/>
|
||||
<polygon points="258,420 270,445 282,420" fill="#00d4ff"/>
|
||||
|
||||
<!-- XIP Cache -->
|
||||
<rect x="120" y="450" width="300" height="65" rx="6" fill="#0f1a0f" stroke="#00ff41" stroke-width="2"/>
|
||||
<text x="270" y="483" text-anchor="middle" class="grn">XIP Cache</text>
|
||||
<text x="270" y="505" text-anchor="middle" class="dim">16KB cache</text>
|
||||
|
||||
<!-- Arrow down -->
|
||||
<line x1="270" y1="515" x2="270" y2="555" stroke="#00ff41" stroke-width="3"/>
|
||||
<polygon points="258,555 270,580 282,555" fill="#00ff41"/>
|
||||
|
||||
<!-- CPU -->
|
||||
<rect x="120" y="585" width="300" height="65" rx="6" fill="#1a0f0f" stroke="#ff0040" stroke-width="2"/>
|
||||
<text x="270" y="618" text-anchor="middle" class="red">Cortex-M33 CPU</text>
|
||||
<text x="270" y="640" text-anchor="middle" class="dim">Fetches via PC</text>
|
||||
|
||||
<!-- Mapped address note -->
|
||||
<text x="300" y="710" text-anchor="middle" class="txt">Mapped at</text>
|
||||
<text x="300" y="745" text-anchor="middle" class="amb">0x1000_0000</text>
|
||||
|
||||
<!-- Right Panel: Details -->
|
||||
<rect x="600" y="105" width="570" height="675" class="pnl" rx="8"/>
|
||||
<text x="885" y="148" text-anchor="middle" class="sub">Key Details</text>
|
||||
<line x1="620" y1="163" x2="1150" y2="163" stroke="#1a1a2e"/>
|
||||
|
||||
<text x="625" y="205" class="grn">What is XIP?</text>
|
||||
<text x="625" y="240" class="txt">Code stays in flash</text>
|
||||
<text x="625" y="272" class="txt">CPU reads it as if</text>
|
||||
<text x="625" y="304" class="txt">it were normal memory</text>
|
||||
<text x="625" y="336" class="dim">No copy to SRAM needed</text>
|
||||
|
||||
<line x1="620" y1="364" x2="1150" y2="364" stroke="#1a1a2e"/>
|
||||
|
||||
<text x="625" y="404" class="cyn">QSPI Interface</text>
|
||||
<text x="625" y="439" class="txt">4 data lines</text>
|
||||
<text x="625" y="471" class="txt">Fast serial flash</text>
|
||||
<text x="625" y="503" class="dim">CLK, CS, IO0-IO3</text>
|
||||
|
||||
<line x1="620" y1="531" x2="1150" y2="531" stroke="#1a1a2e"/>
|
||||
|
||||
<text x="625" y="571" class="amb">Cache Behavior</text>
|
||||
<text x="625" y="603" class="txt">Used for XIP flash reads</text>
|
||||
<text x="625" y="633" class="dim">(code + const data at 0x1000....)</text>
|
||||
<text x="625" y="663" class="txt">Not used for SRAM/peripherals</text>
|
||||
<text x="625" y="693" class="dim">or during flash program/erase</text>
|
||||
|
||||
<line x1="620" y1="698" x2="1150" y2="698" stroke="#1a1a2e"/>
|
||||
|
||||
<text x="625" y="738" class="red">RE Insight</text>
|
||||
<text x="625" y="773" class="dim">Dump flash via SWD</text>
|
||||
</svg>
|
||||
@@ -0,0 +1,92 @@
|
||||
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1200 800">
|
||||
<style>
|
||||
.bg{fill:#0a0a0f}.pnl{fill:#12121a;stroke:#1a1a2e}.hdr{fill:#12121a}
|
||||
.title{font:bold 42px 'Courier New',monospace;fill:#00ff41}
|
||||
.sub{font:bold 28px 'Courier New',monospace;fill:#00d4ff}
|
||||
.txt{font:24px 'Courier New',monospace;fill:#c0c0c0}
|
||||
.dim{font:20px 'Courier New',monospace;fill:#888}
|
||||
.mid{dominant-baseline:middle}
|
||||
.grn{font:bold 24px 'Courier New',monospace;fill:#00ff41}
|
||||
.red{font:bold 24px 'Courier New',monospace;fill:#ff0040}
|
||||
.cyn{font:bold 24px 'Courier New',monospace;fill:#00d4ff}
|
||||
.amb{font:bold 24px 'Courier New',monospace;fill:#ffaa00}
|
||||
.badge{stroke:#00ff41;rx:14}
|
||||
</style>
|
||||
<rect class="bg" width="1200" height="800"/>
|
||||
|
||||
<!-- Title -->
|
||||
<text x="600" y="52" text-anchor="middle" class="title">ELF File Structure</text>
|
||||
<text x="600" y="88" text-anchor="middle" class="dim">Binary Format</text>
|
||||
|
||||
<!-- Left Panel: ELF Layout -->
|
||||
<rect x="30" y="105" width="440" height="675" class="pnl" rx="8"/>
|
||||
<text x="250" y="148" text-anchor="middle" class="sub">ELF File Layout (Offsets)</text>
|
||||
<line x1="50" y1="163" x2="450" y2="163" stroke="#1a1a2e"/>
|
||||
<text x="55" y="173" class="dim">Higher file offsets</text>
|
||||
|
||||
<!-- Section Headers (higher offsets) -->
|
||||
<rect x="55" y="180" width="385" height="50" rx="4" fill="#1a0f0f" stroke="#ff0040" stroke-width="2"/>
|
||||
<text x="247" y="205" text-anchor="middle" class="red mid">Section Headers</text>
|
||||
|
||||
<!-- .symtab -->
|
||||
<rect x="55" y="245" width="385" height="55" rx="4" fill="#0f0f1a" stroke="#00d4ff" stroke-width="2"/>
|
||||
<text x="247" y="272.5" text-anchor="middle" class="cyn mid">.symtab</text>
|
||||
|
||||
<!-- .bss section -->
|
||||
<rect x="55" y="315" width="385" height="55" rx="4" fill="#0a0a0f" stroke="#888888" stroke-width="1" stroke-dasharray="6"/>
|
||||
<text x="247" y="342.5" text-anchor="middle" class="txt mid">.bss</text>
|
||||
|
||||
<!-- .data section -->
|
||||
<rect x="55" y="385" width="385" height="55" rx="4" fill="#1a1a0f" stroke="#ffaa00" stroke-width="2"/>
|
||||
<text x="247" y="412.5" text-anchor="middle" class="amb mid">.data</text>
|
||||
|
||||
<!-- .rodata section -->
|
||||
<rect x="55" y="455" width="385" height="55" rx="4" fill="#1a1a0f" stroke="#ffaa00" stroke-width="2"/>
|
||||
<text x="247" y="482.5" text-anchor="middle" class="amb mid">.rodata</text>
|
||||
|
||||
<!-- .text section -->
|
||||
<rect x="55" y="525" width="385" height="75" rx="4" fill="#0f1a0f" stroke="#00ff41" stroke-width="2"/>
|
||||
<text x="247" y="552" text-anchor="middle" class="grn mid">.text</text>
|
||||
<text x="247" y="576" text-anchor="middle" class="dim mid">Machine code</text>
|
||||
|
||||
<!-- Program Headers -->
|
||||
<rect x="55" y="615" width="385" height="55" rx="4" fill="#0f0f1a" stroke="#00d4ff" stroke-width="2"/>
|
||||
<text x="247" y="642.5" text-anchor="middle" class="cyn mid">Program Headers</text>
|
||||
|
||||
<!-- ELF Header (offset 0x0000) -->
|
||||
<rect x="55" y="685" width="385" height="60" rx="4" fill="#1a0f0f" stroke="#ff0040" stroke-width="2"/>
|
||||
<text x="247" y="710" text-anchor="middle" class="red mid">ELF Header</text>
|
||||
<text x="247" y="730" text-anchor="middle" class="dim mid">Magic: 7f 45 4c 46 (off 0x0000)</text>
|
||||
|
||||
<!-- Right Panel: Details -->
|
||||
<rect x="500" y="105" width="670" height="675" class="pnl" rx="8"/>
|
||||
<text x="835" y="148" text-anchor="middle" class="sub">Section Details + Mapping</text>
|
||||
<line x1="520" y1="163" x2="1150" y2="163" stroke="#1a1a2e"/>
|
||||
|
||||
<text x="525" y="205" class="red">ELF Header</text>
|
||||
<text x="525" y="240" class="txt">Arch: ARM 32-bit</text>
|
||||
<text x="525" y="272" class="txt">Entry point addr</text>
|
||||
<text x="525" y="304" class="dim">Type: executable</text>
|
||||
|
||||
<line x1="520" y1="332" x2="1150" y2="332" stroke="#1a1a2e"/>
|
||||
|
||||
<text x="525" y="372" class="grn">.text = code</text>
|
||||
<text x="525" y="407" class="txt">All instructions</text>
|
||||
<text x="525" y="439" class="txt">Maps to XIP flash</text>
|
||||
<text x="525" y="471" class="dim">Disassemble this!</text>
|
||||
|
||||
<line x1="520" y1="499" x2="1150" y2="499" stroke="#1a1a2e"/>
|
||||
|
||||
<text x="525" y="539" class="amb">.data / .rodata</text>
|
||||
<text x="525" y="574" class="txt">.data = initialized</text>
|
||||
<text x="525" y="606" class="txt">.rodata = constants</text>
|
||||
<text x="525" y="638" class="txt">.bss = zeroed vars</text>
|
||||
|
||||
<line x1="520" y1="666" x2="1150" y2="666" stroke="#1a1a2e"/>
|
||||
|
||||
<text x="525" y="706" class="cyn">.symtab = symbols</text>
|
||||
<text x="525" y="741" class="txt">Function names</text>
|
||||
<text x="780" y="706" class="dim">ELF header is file metadata</text>
|
||||
<text x="780" y="734" class="dim">not runtime address 0x1000....</text>
|
||||
<text x="780" y="762" class="dim">Use section VMA/LMA for memory map</text>
|
||||
</svg>
|
||||
@@ -0,0 +1,94 @@
|
||||
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1200 800">
|
||||
<style>
|
||||
.bg{fill:#0a0a0f}.pnl{fill:#12121a;stroke:#1a1a2e}.hdr{fill:#12121a}
|
||||
.title{font:bold 42px 'Courier New',monospace;fill:#00ff41}
|
||||
.sub{font:bold 28px 'Courier New',monospace;fill:#00d4ff}
|
||||
.txt{font:24px 'Courier New',monospace;fill:#c0c0c0}
|
||||
.dim{font:20px 'Courier New',monospace;fill:#888}
|
||||
.grn{font:bold 24px 'Courier New',monospace;fill:#00ff41}
|
||||
.red{font:bold 24px 'Courier New',monospace;fill:#ff0040}
|
||||
.cyn{font:bold 24px 'Courier New',monospace;fill:#00d4ff}
|
||||
.amb{font:bold 24px 'Courier New',monospace;fill:#ffaa00}
|
||||
.badge{stroke:#00ff41;rx:14}
|
||||
</style>
|
||||
<rect class="bg" width="1200" height="800"/>
|
||||
|
||||
<!-- Title -->
|
||||
<text x="600" y="52" text-anchor="middle" class="title">GDB-OpenOCD Chain</text>
|
||||
<text x="600" y="88" text-anchor="middle" class="dim">Debug Toolchain</text>
|
||||
|
||||
<!-- Top Panel: Debug Chain Flow -->
|
||||
<rect x="30" y="105" width="1140" height="280" class="pnl" rx="8"/>
|
||||
<text x="600" y="148" text-anchor="middle" class="sub">Debug Toolchain</text>
|
||||
<line x1="50" y1="163" x2="1150" y2="163" stroke="#1a1a2e"/>
|
||||
|
||||
<!-- GDB box -->
|
||||
<rect x="55" y="190" width="220" height="80" rx="6" fill="#0f1a0f" stroke="#00ff41" stroke-width="2"/>
|
||||
<text x="165" y="225" text-anchor="middle" class="grn">GDB</text>
|
||||
<text x="165" y="255" text-anchor="middle" class="dim">Client</text>
|
||||
|
||||
<!-- Arrow -->
|
||||
<line x1="275" y1="230" x2="340" y2="230" stroke="#888888" stroke-width="3"/>
|
||||
<polygon points="340,220 365,230 340,240" fill="#888888"/>
|
||||
<text x="310" y="290" text-anchor="middle" class="dim">TCP</text>
|
||||
<text x="310" y="315" text-anchor="middle" class="dim">:3333</text>
|
||||
|
||||
<!-- OpenOCD box -->
|
||||
<rect x="370" y="190" width="250" height="80" rx="6" fill="#0f0f1a" stroke="#00d4ff" stroke-width="2"/>
|
||||
<text x="495" y="225" text-anchor="middle" class="cyn">OpenOCD</text>
|
||||
<text x="495" y="255" text-anchor="middle" class="dim">Server</text>
|
||||
|
||||
<!-- Arrow -->
|
||||
<line x1="620" y1="230" x2="685" y2="230" stroke="#888888" stroke-width="3"/>
|
||||
<polygon points="685,220 710,230 685,240" fill="#888888"/>
|
||||
<text x="655" y="290" text-anchor="middle" class="dim">USB</text>
|
||||
|
||||
<!-- Debug Probe box -->
|
||||
<rect x="715" y="190" width="220" height="80" rx="6" fill="#1a1a0f" stroke="#ffaa00" stroke-width="2"/>
|
||||
<text x="825" y="225" text-anchor="middle" class="amb">CMSIS-DAP</text>
|
||||
<text x="825" y="255" text-anchor="middle" class="dim">Probe</text>
|
||||
|
||||
<!-- Arrow -->
|
||||
<line x1="935" y1="230" x2="1000" y2="230" stroke="#888888" stroke-width="3"/>
|
||||
<polygon points="1000,220 1025,230 1000,240" fill="#888888"/>
|
||||
<text x="975" y="290" text-anchor="middle" class="dim">SWD</text>
|
||||
|
||||
<!-- Target box -->
|
||||
<rect x="1030" y="190" width="130" height="80" rx="6" fill="#1a0f0f" stroke="#ff0040" stroke-width="2"/>
|
||||
<text x="1095" y="225" text-anchor="middle" class="red">RP2350</text>
|
||||
<text x="1095" y="255" text-anchor="middle" class="dim">Target</text>
|
||||
|
||||
<!-- Bottom Left: GDB Commands -->
|
||||
<rect x="30" y="405" width="560" height="375" class="pnl" rx="8"/>
|
||||
<text x="310" y="448" text-anchor="middle" class="sub">GDB Commands</text>
|
||||
<line x1="50" y1="463" x2="570" y2="463" stroke="#1a1a2e"/>
|
||||
|
||||
<text x="55" y="500" class="grn">target remote :3333</text>
|
||||
<text x="55" y="532" class="dim">Connect to OpenOCD</text>
|
||||
|
||||
<text x="55" y="572" class="grn">monitor reset halt</text>
|
||||
<text x="55" y="604" class="dim">Reset + stop at entry</text>
|
||||
|
||||
<text x="55" y="644" class="grn">break main</text>
|
||||
<text x="55" y="676" class="dim">Set breakpoint</text>
|
||||
|
||||
<text x="55" y="716" class="grn">info registers</text>
|
||||
<text x="55" y="748" class="dim">Dump all regs</text>
|
||||
|
||||
<!-- Bottom Right: SWD Details -->
|
||||
<rect x="620" y="405" width="550" height="375" class="pnl" rx="8"/>
|
||||
<text x="895" y="448" text-anchor="middle" class="sub">SWD Protocol</text>
|
||||
<line x1="640" y1="463" x2="1150" y2="463" stroke="#1a1a2e"/>
|
||||
|
||||
<text x="645" y="505" class="amb">2 wires only</text>
|
||||
<text x="645" y="540" class="txt">SWCLK = clock</text>
|
||||
<text x="645" y="572" class="txt">SWDIO = data</text>
|
||||
|
||||
<line x1="640" y1="600" x2="1150" y2="600" stroke="#1a1a2e"/>
|
||||
|
||||
<text x="645" y="640" class="red">Capabilities</text>
|
||||
<text x="645" y="675" class="txt">Read/write memory</text>
|
||||
<text x="645" y="707" class="txt">Read/write regs</text>
|
||||
<text x="645" y="739" class="txt">Set breakpoints</text>
|
||||
<text x="645" y="771" class="dim">Full chip control</text>
|
||||
</svg>
|
||||
Reference in New Issue
Block a user