Jaa


A Case of ARM LDR Instruction

What does the following disassembly instruction do?

 E59D101C ldr r1, phid, #0x1C

(phid is a parameter name)

Apparently it loads the value of phid into r1. But what is the value "0x1c"?

  

instruction:

E59 D1 01C

---- --- ----

ldr r1 01c

Upon entering an ARM function call, you will see that some registers are saved to stack so their values can be preserved when the function returns. For example,

   

HRESULT PHGetStringToBuffer(PH_ID phid, TCHAR* psz, int *pcch):

02872808 E1A0C00D mov r12, sp

0287280C E92D0007 stmdb sp!, {r0 - r2} ; push(r2);push(r1);push(r0);

02872810 E92D5010 stmdb sp!, {r4, r12, lr} ;push(lr);push(r12);push(r4);

02872814 E24DD010 sub sp, sp, #0x10 ;get some space for local variables
......

Now sp has been moved. From the current sp, you can of course get those stuff you push onto stack.

phid was initially in r0. So, from current sp, if you add 0x10 (for local variables) and 0xc (for lr, r12, and r4), sp+0x1c is the address of phid.

Comments