Encoding and decoding ARM instructions to/ from binary

2
votes

Task 1: Write the corresponding ARM assembly representation for the following instructions:

11101001_000111000001000000010000
11100100_110100111000000000011001
10010010_111110100100000011111101
11100001_000000010010000011111010 
00010001_101011101011011111001100

Task 2: Write the instruction code for the following instructions:

STMFA R13!, {R1, R3, R5-R11} 
LDR R11, [R3, R5, LSL #2]
MOVMI R6, #1536
LDR R1, [R0, #4]!
EORS R3, R5, R10, RRX

I have zero experience with this material and the professor has left us students out to dry. Basically I've found the various methods for decoding these instructions but I have three major doubts still.

  1. I don't have any idea on how to get started on decoding binary to ARM Instructions which is the first part of the homework.

  2. I can't find some of these suffixes for example on EORS what is the S? Is it the set condition bit? Is it set to 1 when there is an S in front of the instruction?

  3. I don't what to make of having multiple registers in one instruction line. Example:

     EORS R3,R5,R10,RRx

    I don't understand what's going on there with so many registers.

Any nudge in the right direction is greatly appreciated. Also I have searched the ARM manual, they're not very helpful for someone with no understanding of what they're looking for. They do have the majority of instructions for coding and decoding but have little explanation for the things I asked above.

2
armexecutable
1) match the input to the bit patterns of the instructions that you know 2) yes 3) that depends on the instruction, you have bits set aside for each register number. I assume you have been given a resource that lists the encodings, use it.Jester
1) But how do I distinguish between the different command encoding formats? 2)So if there's no S then the bit isn't set and that's it? 3)But there are four registers there how do i distinguish for example which is a destination register? Is there information on what those arguments are?Alfredo Pomales
google arm architectural reference manual. get that, the older one is better but they will all do except for the cortex-m ones you want the armv5 one or the armv7a and r one not the armv6m nor armv7m. these include the full instruction set plus machine code definitions.old_timer
There is only one possible match. Find it.Jester
get binutils or basically an arm toolchain, very quickly you can see by assembling and disassembling how the bits break down, put an add with one set of registers then changeone rgister then change it again, see how the bit patterns change.old_timer

2 Answers

3
votes

If you have the ARM v7 A+R architecture manual (DDI0406C) there is a good table-based decode/disassembly description in chapter A5. You start at table A5.1 and and depending on the value of different bits in the instruction word it refers to more and more specific tables leading to the instruction.

As an example, consider the following instruction:

0001 0101 1001 1111 0000 0000 0000 1000

According to the first table it is an unsigned load/store instruction since the condition is not 1111 and op1 is 010. The encoding of this is further expanded in A5.3

From this section we see that A=0, op1=11001, Rn=1111 (PC), and B=0. This implies that the instruction is LDR(literal). Checking the page describing this instruction and remembering that cond=0001 we see that the instruction isLDRNE R0, [PC, #4].

To do the reverse procedure you look up the instruction in the alphabetical list of instructions and follow the pattern.

1
votes

Looking at a different part of (one of) the ARM architectural reference manuals (not the cortex-m (armv6m armv7m) you want the ARMv5 one or the ARMv7-AR one) going to look at a thumb instruction, but the ARM instructions work the same way and are a couple chapters prior.

it says thumb instruction set as the section/chapter, then shortly into that is a table that shows thumb instruction set encoding or you can just search for that. one if them is called Add/subtract register, there are a lot of hardcoded ones and zeros up front then bit 9 is opc, then rm, rn and rd bits.

arm toolchains are easy to come by for windows mac and linux or can easily build from sources (just need binutils). assembling this

.thumb
add r1,r2,r3
add r1,r2,r4
add r1,r2,r5
add r1,r2,r6
add r1,r2,r7

then disassembling gives

00000000 <.text>:
   0:   18d1        adds    r1, r2, r3
   2:   1911        adds    r1, r2, r4
   4:   1951        adds    r1, r2, r5
   6:   1991        adds    r1, r2, r6
   8:   19d1        adds    r1, r2, r7

from that chart in the ARM ARM the add register starts with hardcoded bits 000110 the instructions above start with 0x18 or 0x19 which both start with the 6 bits 000110 (00011000 or 00011001). In the alphabetical list of thumb instructions we look for the add instructions. find the three register one and in this case it has 7 bits which happen to match the bits we are decoding 0001100 so we are on the right track. the the last 9 bits are three sets of three

0x1951 is 0001100101010001 or 0001100 101 010 001, the last nine represent r5, r2, and r1. Looking at the syntax part of the instruction it shows add rd, rn, rm but the machine code has rm, rn, rd so we take the machine code and rearrange per the syntax and get add r1,r2,r5. Not bad it matches, now unfortunately the s here is confusing, this thumb instruction doesnt have an s bit there wasnt room so this one always updates the flags, so the nature of this instruction and toolchain and how I used it requires the add without the s on the assembly end and disassembles with the s. confusing, sorry. when using arm instructions the letter s works as expected.

Just repeat this with the ARM instructions in either direction. The immediate values are going to be the most challenging part of this. Or not depends on the specific instruction and immediate encoding.