N1LAF
01-07-2012, 11:22 AM
Just for fun, I thought I'd look into the PIC Hex file and create my own disassembler, as a first step of a larger project. When you develop a program for the PIC microcontroller, including C, the program file created to program the microcontroller is in a Hex format. Microchip (creator of PIC Microcontrollers), uses the Intel Hex format. The Hex format is a standard used by many other microprocessor/microcontroller devices.
The Hex file looks like this...
:020000040000FA
:06000000CDEF01F012003B
:0600080022EF00F01200DF
:06002A0002001B040000AF
:10003000EF00000004000000B60300008000000094
:040040006500000057
:0C004400DACFE4FFE2CFDAFFE9CFE4FFFF
:10005000EACFE4FFE652AE50E66E0AD8E55200D091
:10006000E552E5CFEAFFE5CFE9FFE5CFDAFF110082
:10007000D9CFE6FFE1CFD9FFE4C0E9FFEA6AE9BEE4
:10008000EA68800EE926000EEA22FE0EDBCFEFFFC3
more...
:020000040030CA
:0C000200FCFFFAFFFFFFFFFFFFFF000004
:00000001FF
Every line starts with a colon.
The format of the file is as follows:
:nn aaaa tt dddddddddddddddd cc
nn is the data byte count - number of data bytes in that line (Record lenth)
aaaa is the address where the data is placed. This is really the offset address.
tt is the data type (Record Type)
dd is the byte data
cc is the checksum for the line
Checksum
Checksum = Twos complement(LSB(nn + aa + aa + tt + (all databytes)))
Record Type
tt - Definition
0 - Data Record
1 - End of File Record
2 - Extended Segment Address Record
3 - Start Segment Address Record
4 - Extended Linear Address Record
5 - Start Linear Address Record
Data
Data segment: d0 d1 d2 d3 d4 ... dn
The 16 bit data will be: 0xd0d1, 0xd2d3, 0xd4d5 ...
================
In the example:
:020000040030CA
:0C000200FCFFFAFFFFFFFFFFFFFF000004
:00000001FF
it contains an extended segment address
:020000040030CA
The upper address is 0x0030
for the total address segment: 0x0030aaaa
The next line contains configuration bits:
:0C000200FCFFFAFFFFFFFFFFFFFF000004
Configuration data starting at address 0x00300002 = FCFFFAFFFFFFFFFFFFFF0000
Looking at the linker file for the PIC 18F452: (18f452.lkr)
CODEPAGE NAME=config START=0x300000 END=0x30000D PROTECTED
The start of address is in fact 0x300000, and it is configuration data
0x30002 uses 4 of 8 bits, unused bits are usually set high. So the data byte FC "11111100"(LSb) in binary
bit 0: PWRTEN - Power up Timer Enable bit, is set to 0, which means it is enabled
bit 1: BOREN - Brown-out Reset Enable bit, is 0, so it is disabled
bit 3-2 BORV1:BORV0 - Brown out reset voltage, set to 11, which is set to 2.0 VDC
End of record:
:00000001FF
End of file.
The Hex file looks like this...
:020000040000FA
:06000000CDEF01F012003B
:0600080022EF00F01200DF
:06002A0002001B040000AF
:10003000EF00000004000000B60300008000000094
:040040006500000057
:0C004400DACFE4FFE2CFDAFFE9CFE4FFFF
:10005000EACFE4FFE652AE50E66E0AD8E55200D091
:10006000E552E5CFEAFFE5CFE9FFE5CFDAFF110082
:10007000D9CFE6FFE1CFD9FFE4C0E9FFEA6AE9BEE4
:10008000EA68800EE926000EEA22FE0EDBCFEFFFC3
more...
:020000040030CA
:0C000200FCFFFAFFFFFFFFFFFFFF000004
:00000001FF
Every line starts with a colon.
The format of the file is as follows:
:nn aaaa tt dddddddddddddddd cc
nn is the data byte count - number of data bytes in that line (Record lenth)
aaaa is the address where the data is placed. This is really the offset address.
tt is the data type (Record Type)
dd is the byte data
cc is the checksum for the line
Checksum
Checksum = Twos complement(LSB(nn + aa + aa + tt + (all databytes)))
Record Type
tt - Definition
0 - Data Record
1 - End of File Record
2 - Extended Segment Address Record
3 - Start Segment Address Record
4 - Extended Linear Address Record
5 - Start Linear Address Record
Data
Data segment: d0 d1 d2 d3 d4 ... dn
The 16 bit data will be: 0xd0d1, 0xd2d3, 0xd4d5 ...
================
In the example:
:020000040030CA
:0C000200FCFFFAFFFFFFFFFFFFFF000004
:00000001FF
it contains an extended segment address
:020000040030CA
The upper address is 0x0030
for the total address segment: 0x0030aaaa
The next line contains configuration bits:
:0C000200FCFFFAFFFFFFFFFFFFFF000004
Configuration data starting at address 0x00300002 = FCFFFAFFFFFFFFFFFFFF0000
Looking at the linker file for the PIC 18F452: (18f452.lkr)
CODEPAGE NAME=config START=0x300000 END=0x30000D PROTECTED
The start of address is in fact 0x300000, and it is configuration data
0x30002 uses 4 of 8 bits, unused bits are usually set high. So the data byte FC "11111100"(LSb) in binary
bit 0: PWRTEN - Power up Timer Enable bit, is set to 0, which means it is enabled
bit 1: BOREN - Brown-out Reset Enable bit, is 0, so it is disabled
bit 3-2 BORV1:BORV0 - Brown out reset voltage, set to 11, which is set to 2.0 VDC
End of record:
:00000001FF
End of file.