IDA 8052 error ?

[Git]

Here's a snippet of disassembled 8051 code :

Code:

...
0000:7019 D0 00                      pop     RAM_0
0000:701B E8                          mov     A, R0
0000:701C C0 E0                      push    A
0000:701E 74 05                      mov     A, #5
0000:7020 28                          add     A, R0
0000:7021 F8                          mov     R0, A         <--
0000:7022 E7                          mov     A, @R1
0000:7023 F6                          mov     @R0, A
0000:7024 19                          dec     R1
0000:7025 18                          dec     R0
0000:7026 E7                          mov     A, @R1
0000:7027 F6                          mov     @R0, A
0000:7028 19                          dec     R1
0000:7029 18                          dec     R0
0000:702A E7                          mov     A, @R1
0000:702B F6                          mov     @R0, A
0000:702C D0 E0                      pop     A
0000:702E A8 E0                      mov     R0, A        <--
0000:7030 F9                          mov     R1, A
0000:7031 09                          inc     R1
0000:7032 09                          inc     R1
...

Look at offset 7021 and 702E. Same instruction, different op code. What gives?

Git

[chessgod101]

According to the 8051/8052 instruction set website, both are correct. Apparently, A8 E0 is a two byte equivalent to F8. Here is a page with more information about 8051/8052 MOV instructions:

Code:

http://www.8052.com/51mov

[Git]

I can't see that. MOV R0, A is an unambiguous single byte operation. I think the 2 byte 0xA8 0xNN form you refered to is moving from internal RAM to R0. The Philips data sheet also shows all MOV instrructions between A and Rx are single byte.

Git

[chessgod101]

Did you try this freeware utility to compare the disassembly results to that of IDA?

Code:

http://www.bipom.com/dis51.php

I know it seems a little crude, but it may help you determine whether or not this is a disassembly bug in IDA.

[arthur plank]

They are equivalent.

The F8 is an explicit single byte instruction to move A to R0.

The A8 E0 is actually MOV R0,ACC where ACC is the direct address for the A register. E0 is the direct address for ACC.

This A8 E0 is described in the 8051 bible as MOV Rn,direct.

[Git]

AP - Ah, I see. What a strange way of doing things. I wonder why the original author choose both methods within a vew lines of each other?

CG - I was going to try some other means of disassembly, but then I realised that the two different op codes in this example were nothing to do with IDA, they existed before and IDA correctly interpreted them, in that A is identical to ACC. The thing at fault is the daft architecture of the 8051.

Git

[arthur plank]

I think we can blame the original Intel developers for that one. It's an old architecture and in its day it was quite special with its efficient boolean operations. I worked with it professionally for about 20 years and just got to accept the quirks. I wouldn't want to go back to it though.

[Git]

Professionally, I used the 9900, bypassed the 8051 and went on to Z80. I played with 68000 family on an amateur basis. 8051 outnumbers the rest of them put together for old design CPU's still in use. A couple of normal 16 bit address registers would have been nice though.

Git