If you ever used IDA to analyze embedded stuff, you would immediately notice its pc-centric nature. While any embedded SDK targets specific devices with real-world part numbers, IDA just provides you with a universal analysis framework. You are supposed to know how the device works, its idiosyncrasies, programming model, memory organization, and all other practical stuff. If there is an automatic way to determine the entry point or interrupt vectors, IDA will use it but in general you will have to find out the correct parameters yourself.
The following tutorial fills the gap for C166 (and explains many other things!):
http://andywhittaker.com/ECU/DisassemblingaBoschME755/tabid/96/Default.aspx
Thanks, Andy!
Team
- Ilfak Guilfanov
- Elias Bachaalany
- Igor Skochinsky
- Daniel Pistelli
The IDA Pro Book (2nd Ed)
-
Recent Posts
Recent Comments
- Joxean on The trace replayer
- Jonas on The trace replayer
- Darmawan on Recon 2012: Compiler Internals
- Joxean on The trace replayer
- Xing on The trace replayer
Categories
Archives
- May 2013
- April 2013
- June 2012
- April 2012
- January 2012
- October 2011
- September 2011
- August 2011
- July 2011
- May 2011
- April 2011
- February 2011
- January 2011
- December 2010
- October 2010
- August 2010
- July 2010
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- January 2010
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- February 2009
- January 2009
- November 2008
- October 2008
- September 2008
- August 2008
- July 2008
- June 2008
- April 2008
- March 2008
- February 2008
- January 2008
- November 2007
- October 2007
- September 2007
- August 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- October 2006
- September 2006
- August 2006
- June 2006
- May 2006
- April 2006
- March 2006
- February 2006
- January 2006
- December 2005
- November 2005
- October 2005
One thing I’ve missed when working with IDA on microcontroller code is the ability to specify address space aliases. In many micros the top bits of the address specify how the cache is to be handled, and the disassembly breaks if the code eg. jumps into uncached address space. The way I see it there are two ways to do this. The simple way is to just specify an address mask, but this can not account for eg. on-chip registers that live in a special address range. The other way would be to be able to specify exact address ranges and how they alias each other.
In the past I’ve abused the segment functionality to load the same code into the aliasing address ranges, but this is obviously far from ideal.
Unfortunately it is impossible to create a universal memory mapping mechanism, there are too many places in the source code where addresses must be mapped, including third-party plugins. Some processor modules define their own memory mapping options. If you know the processor well, please contact me with the details so we can work it out together. Thanks
Hi,
I am working on Infineon’s C167CS processor. I need to decompile binary file to c language. Can I use IDA PRO for C166 and decompile it to C>Does this toolw ork for this task. If not what is the other alternative to get intended output. Please suggest . Looking fwd eagerly for your valuable suggestion on this.