Thu Sep 25 16:44:24 CEST 2014

Assembly remarks

pc-relative addressing in arm is quite strange..

0xa (10) -> 40
0xb (11) -> 44

but why is this not 40,42,44,46 ?
looks like PC only increments every 2 instructions in thumb mode.

   10002:	4b0a      	ldr	r3, [pc, #40]	; (1002c <xpatch_init+0x2c>)
   10004:	4a0a      	ldr	r2, [pc, #40]	; (10030 <xpatch_init+0x30>)
   10006:	4e0b      	ldr	r6, [pc, #44]	; (10034 <xpatch_init+0x34>)
   10008:	4d0b      	ldr	r5, [pc, #44]	; (10038 <xpatch_init+0x38>)

what is the point of __memset_veneer trampoline?

what is the ip register?
-> r12, scratch register / new-sb in inter-link-unit calls

00010520 <__memset_veneer>:
   10520:	b401      	push	{r0}
   10522:	4802      	ldr	r0, [pc, #8]	; (1052c <__memset_veneer+0xc>)
   10524:	4684      	mov	ip, r0
   10526:	bc01      	pop	{r0}
   10528:	4760      	bx	ip
   1052a:	bf00      	nop
   1052c:	08014471 	.word	0x08014471

what's the difference between
  push {rx, ...}
  stmdb sp!, {rx, ...}

-> push/pop are aliases

what are the d registers?
   1007a:	ed2d 8b0c 	vpush	{d8-d13}

-> floating point extension registers.  i'm guessing this is just the
   s registers aliased as d (double) registers so the above is the
   same as:

   vpush {s16-s26}

apparently, 2-word instructions do not need to be 2-word aligned.

why is "ite ne" followed by movne?

   100ce:	2b00      	cmp	r3, #0
   100d0:	bf14      	ite	ne
   100d2:	4663      	movne	r3, ip
   100d4:	463b      	moveq	r3, r7

again for "it mi", "submi"

   10104:	bf48      	it	mi
   10106:	3a01      	submi	r2, #1

-> conditional instructions must be inside an it block
-> suffix condition or inverse
-> up to 4 following instr conditional

it seems gcc does insert vfma instructions (fused mul acc)