I am currently trying to understand the hex code of an atmega processor.
If I look into my main.lss file, I see
0c 94 d8 01 jmp 0x3b0
which is a simple jump to address 0x3b0.
What I'am puzzling over is how the '0x3b0' value is encoded within '0c 94 d8 01'. As an atmega is a little-endian machine, the real reading is likely "94 0c" to get the opcode, and then "01 d8" to get the jump-address.
I have absolutely no clue how the destination address is encoded in that fragment, I cannot find any logic pattern, and it's getting even worse if I see the next entry in the lss-file:
0c 94 ea 01 jmp 0x3d4
which is again a jump, but does not reveal any arithmetic rule to calculate the different offsets of both jumps. The story continues with other types of opcodes: The corresponding parameters do not seem to be self-evident.
I know that there is of course such a rule - otherwise these processors wouldn't work :?
But how is it done?
I am asking this because I am trying to build a disassembler. I've already been successfull in doing so for e.g. an 68HC11 or an 8051. But for the atmega I have simply no clue how values/addresses can be derived from the hexadecimal code.
Can someone point me to the right direction or a documentation?
PS: The atmega-manuals (instruction set) I've seen so far didn't really help me.