12.ARM Pseudo-instruction operation

12.ARM Pseudo-instruction operation

First arm pseudo-directives include:

1. Arm machine code
2. Defining class pseudo-directives
3. Operation class Pseudo-directives

?

Arm Machine code:

In fact, any kind of processor can be run called Machine code, machine code is from the assembler through the assembler conversion. Next look at the machine code information. Process: Figure 1-1.

Figure 1-1

In the previous section, a simple assembly project was established, at start. S has only three lines of code: Figure 1-2:

Figure 1-2

The resulting elf file is then disassembled and the command is:

Arm-linux-objdump-d-S Gboot.elf >dump, which saves the disassembly code to the dump file, the contents of the dump file are:

?

Gboot.elf:file format Elf32-littlearm

?

Disassembly of section. Text:

?

50008000 <_start>:

. text

. Global _start

_start:

???? MOV r1,r2

50008000:???? e1a01002???? MOV???? R1, R2

???? Moveq R2, #0xee

50008004:???? 03a020ee???? Moveq???? R2, #238????; 0xEE

???? MOV R3, #0x1

50008008:???? e3a03001???? MOV???? R3, #1????; 0x1

Disassembly of section. Debug_aranges:

?

00000000 <.debug_aranges>:

0:???? 0000001c???? ANDEQ???? R0, R0, IP, LSL r0

4:???? 00000002???? ANDEQ???? R0, R0, R2

8:???? 00040000???? ANDEQ???? R0, R4, R0

C:???? 00000000???? ANDEQ???? R0, R0, R0

Ten:???? 50008000???? ANDPL???? R8, R0, R0

:???? 0000000c???? ANDEQ???? R0, R0, IP

???? ...

Disassembly of section. Debug_info:

?

00000000 <.debug_info>:

0:???? 00000045???? ANDEQ???? R0, R0, R5, ASR #32

4:???? 00000002???? ANDEQ???? R0, R0, R2

8:???? 01040000???? Tsteq???? R4, R0

C:???? 00000000???? ANDEQ???? R0, R0, R0

Ten:???? 50008000???? ANDPL???? R8, R0, R0

:???? 5000800c???? ANDPL???? R8, R0, IP

:???? 72617473???? RSBVC???? R7, R1, #1929379840????; 0x73000000

1c:???? 00532e74???? SUBSEQ???? R2, R3, R4, Ror LR

:???? 6d6f682f???? Stclvs???? 8, CR6, [PC, #-188]!

:???? 61732F65???? Cmnvs???? R3, R5, Ror #30

:???? 2F61626D???? Svccs???? 0x0061626d

2c:???? 34364b4f???? LDRTCC???? R4, [R6], #-2895

:???? 625f3031???? Subsvs???? R3, PC, #49????; 0x31

:???? 00657261???? RSBEQ???? R7, R5, R1, Ror #4

:???? 20554e47???? Subscs???? R4, R5, R7, ASR #28

3c:???? 32205341???? EORCC???? R5, R0, #67108865????; 0x4000001

Max:???? 2e38312e???? RSFCSEP???? F3, F0, #0.5

:???? 01003035???? Tsteq???? R0, R5, LSR R0

:???? Address 0x00000048 is out of bounds.

?

Disassembly of section. Debug_abbrev:

?

00000000 <.debug_abbrev>:

0:???? 10001101???? Andne???? R1, R0, R1, LSL #2

4:???? 12011106???? Andne???? R1, R1, #-2147483647????; 0x80000001

8:???? 1b080301???? Blne???? 200c14 <_start-0x4fe073ec>

C:???? 13082508???? Movwne???? R2, #34056????; 0x8508

Ten:???? 00000005???? ANDEQ???? R0, R0, R5

Disassembly of section. Debug_line:

?

00000000 <.debug_line>:

0:???? 00000033???? ANDEQ???? R0, R0, R3, LSR R0

4:???? 001e0002???? ANDSEQ???? R0, LR, R2

8:???? 01020000???? Tsteq???? R2, R0

C:???? 000D0EFB???? STRDEQ???? R0, [sp],-FP

Ten:???? 01010101???? Tsteq???? R1, R1, LSL #2

:???? 01000000???? Tsteq???? R0, R0

:???? 00010000???? ANDEQ???? R0, R1, R0

1c:???? 72617473???? RSBVC???? R7, R1, #1929379840????; 0x73000000

:???? 00532e74???? SUBSEQ???? R2, R3, R4, Ror LR

:???? 00000000???? ANDEQ???? R0, R0, R0

:???? 00020500???? ANDEQ???? R0, R2, R0, LSL #10

2c:???? 15500080???? Ldrbne???? R0, [R0, #-128]

:???? 02022F2F???? ANDEQ???? R2, R2, #188????; 0xbc

:???? Address 0x00000034 is out of bounds.

?

Disassembly of section. Arm.attributes:

?

00000000 <. Arm.attributes>:

0:???? 00001741???? ANDEQ???? R1, R0, R1, ASR #14

4:???? 61656100???? Cmnvs???? R5, R0, LSL #2

8:???? 01006962???? Tsteq???? R0, R2, Ror #18

C:???? 0000000d???? ANDEQ???? R0, R0, SP

Ten:???? 00543405???? SUBSEQ???? R3, R4, R5, LSL #8

:???? 01080206???? Tsteq???? R8, R6, LSL #4

From the disassembly code above, we know that the entry of the program is: Figure 1-3:

Figure 1-3

Same as the starting address specified in makefile: Figure 1-4:

Figure 1-4

?

You can see in the assembly code, the rightmost is the assembly code in the program, figure 1-5.

Figure 1-5

In the disassembly code above, the right hand side can be seen as assembly code for the assembly file. The semicolon, which is the system plus, indicates that the comment is followed. The comment is a 16 binary number, which corresponds to the immediate number. On the far left, you can see the memory address, specifying that the program will run at 50008000, because the arm core defaults to four-byte alignment, so the next instruction starts at the 50008004 address. You can see a bunch of numbers in the middle. This is the machine code.

for knowledge of machine code, next open the arm Architecture Reference manual.pdf documentation. Find the ARM instruction Set after opening

This chapter. You can find knowledge about the machine code. such as 1-6:

Figure 1-6

You can see that the arm machine code is a 32-bit integer, and 32 of the arm machine code is divided into segments, each with the meaning of each segment. Next take a machine code as an example to analyze, take the MOV instruction as an example.

At start. There are two instructions in the S assembly file:

MOV r1,r2

Moveq R2, #0xee

The corresponding machine code:

e1a01002

03a020ee

such as 1-7:

Figure 1-7

?

The following is the format of the MOV machine code: Figure 1-8:

Figure 1-8

The next conversion is 2 binary:

Assembly Instructions:

MOV r1,r2

Machine code:

E1a01002= 11100001101000000001000000000010

?

Assembly Instructions:

Moveq R2, #0xee

Machine code

03a020ee= 00000011101000000010000011101110

Analyze machine code:

Assembly Instructions:

MOV r1,r2

Machine code:

e1a01002= 1110 01101 0 0000 0001 000000000010

By the following condition table know, MOV is no condition, no conditions to execute condition,[31:28]=1110, is right. [27:26] These two bits are reserved bits of 00 and are also true. [25] corresponds to the I bit, which corresponds to the number of [11:0], if the operand of this 12 is an immediate number, I bit 1, if this 12 bit is a register, then I bit is 0. you can see that I bit is 0, and the back [11:0] is a register R2, which is also correct. [24:21] corresponds to the opcode, indicating the type of instruction. Different instructions, here the values are different, this also the operating system to identify different instructions where. [20] bit is the S bit, is to indicate whether the operation of the instruction affects the CPSR register, the operation of the MOV instruction will not affect any bit of CPSR. So it's 0. In the MOV instruction, no rn[19:16] is used, so four bits are 0000. [15:12] Four bit is the destination register, here the purpose register I used R1, so [15:12]=0001. The following [11:0]12 bit is the source operand and the register used is r2=000000000010. Corresponds to the front s bit.

?

?

Assembly Instructions:

Moveq R2, #0xee

Machine code

03a020ee= 0000 11101 0 0000 0010 000011101110

The condition table below knows that MOVEQ is conditional, and the condition is EQ, corresponding to the [31:28]=0000, is right. [27:26] These two bits are reserved bits of 00 and are also true. [25] corresponds to the I bit, which corresponds to the number of [11:0], if the operand of this 12 is an immediate number, I bit 1, if this 12 bit is a register, then I bit is 0. you can see that the I bit is 1, and the back [11:0] is immediately 0xee and also correct. [24:21] corresponds to the opcode, indicating the type of instruction. Different instructions, here the values are different, this also the operating system to identify different instructions where. The use of all these are MOV instructions so the value is the same. The [20] bit is the S bit, which indicates whether the operation of the instruction affects the CPSR register, and the operation of the moveq instruction does not affect any bit of the CPSR. So it's 0. In the MOVEQ directive, no rn[19:16] is used, so four bits are 0000. [15:12] Four bit is the destination register, here the purpose register I used R2, so [15:12]=0010. The back [11:0]12 bit is the source operand, using the immediate number = 000011101110. Corresponds to the front s bit.

?

Above is the MOV program assembly machine code bit explanation. Here, you will notice that the next 12 bits can be indicated by the S bit to indicate whether the 12 is an immediate number or a register. As you'll see later, in these 12, only the end 8 bits are used to represent the immediate number or register, and[11:8] is the set shift information . So the number represents the largest 0xff. When we change him to 0x1ff, we get an error: Figure 1-9:

Figure 1-9

?

?

Therefore, the scope of the immediate number of ARM compilations is very limited. so this is the problem of the knowledge of the pseudo-instructions to be written later.

?

Here is the diagram above: 1-10:

Figure 1-10

?

?

?

?

In the instruction, the first 4 bits, which is [31:28], represent the condition condition bit: Figure 1-11:

Figure 1-11

OpCode instruction type information: 21~14 bit: Figure 1-12:

Figure 1-12

?

?

?

?

?

?

?

?

?

?

?

?

?

?

?

?

?

?

?

?

?

?

?

?

?

?

?

?

?

?

?

?

?

?

?

Second, define the class pseudo-directive:

Figure 2-1

2-1 is the pseudo-instruction to learn.

Pseudo-directive: the so-called pseudo-instruction, can be opened from the pseudo-and instructions, the reason is called instruction, it is its execution seems to play a certain effect, seemingly with the real instructions. So call it an instruction, however, it has a pseudo-word modifier. What is this for? This is because its execution does not produce machine code , and we know that instructions are only converted to machine code to be executed by the machine. It acts in two ways:

1. Pseudo-directives only work in the use of compilation, just like the macro definition in the C language.
2. Pseudo-directives are executed at the time of execution to other instructions.

Each pseudo-directive:

Global: Defines a globally-defined symbol.

Data: Defines the segment. Data is stored in the data segment.

Ascii: Defining a String

BYTE: Defines the byte

Word: Word

Equ: equivalent to Macro definition

Align: Sets the alignment.

The first one is. Global, which indicates a global identity, in the following _start.

As for. Data,. ASCII,. Byte,. Word, do the following:

START.S: Figure 2-2:

:

Figure 2-2

View the elf file for the above project:

Arm-linux-readelf-a gboot.elf

-A is the full output meaning: The output information is as follows:

ELF Header:

magic:7f 4c 46 01 01 01 00 00 00 00 00 00 00 00 00

Class:elf32

Data:2 ' s complement, little endian

Version:1 (current)

Os/abi:unix-system V

ABI version:0

Type:exec (executable file)

Machine:arm

version:0x1

Entry Point address:0x50008000

Start of Program headers:52 (bytes to file)

Start of section headers:33116 (bytes to file)

FLAGS:0X5000002, had entry point, Version5 EABI

Size of this header:52 (bytes)

Size of Program headers:32 (bytes)

Number of program Headers:2

Size of section headers:40 (bytes)

Number of section Headers:11

Section header string Table Index:8

?

Section Headers:

[Nr] Name Type Addr Off Size ES Flg Lk Inf Al

[0] NULL 00000000 000000 000000 00 0 0 0

[1]. Text progbits 50008000 008000 00000c Microsoft AX 0 0 4

[2]. Data progbits 5001000c 00800c 00000f WA 0 0 1

[3]. debug_aranges Progbits 00000000 008020 000020 00 0 0 8

[4]. Debug_info Progbits 00000000 008040 000049 00 0 0 1

[5]. Debug_abbrev Progbits 00000000 008089 000014 00 0 0 1

[6]. debug_line Progbits 00000000 00809d 000039 00 0 0 1

[7]. Arm.attributes Arm_attributes 00000000 0080d6 000018 00 0 0 1

[8]. Shstrtab Strtab 00000000 0080ee 00006c 00 0 0 1

[9]. Symtab Symtab 00000000 008314 000180 10 10 13 4

[Ten]. Strtab Strtab 00000000 008494 000087 00 0 0 1

Key to Flags:

W (Write), A (Alloc), X (execute), M (merge), S (strings)

I (info), L (link order), G (group), X (unknown)

O (extra OS processing required) O (OS specific), p (processor specific)

?

There is no section groups in this file.

?

Program Headers:

Type Offset virtaddr physaddr filesiz memsiz Flg Align

LOAD 0x008000 0x50008000 0x50008000 0x0000c 0x0000c R E 0x8000

LOAD 0x00800c 0x5001000c 0x5001000c 0x0000f 0x0000f RW 0x8000

?

Section to Segment Mapping:

Segment Sections ...

xx. Text

. Data

?

There is the no dynamic section in this file.

?

There is no relocations in the this file.

?

There is no unwind sections in this file.

?

Symbol table '. Symtab ' contains entries:

Num:value Size Type Bind Vis Ndx Name

0:00000000 0 notype LOCAL DEFAULT UND

1:50008000 0 Section LOCAL DEFAULT 1

2:5001000c 0 Section LOCAL DEFAULT 2

3:00000000 0 Section LOCAL DEFAULT 3

4:00000000 0 Section LOCAL DEFAULT 4

5:00000000 0 Section LOCAL DEFAULT 5

6:00000000 0 Section LOCAL DEFAULT 6

7:00000000 0 Section LOCAL DEFAULT 7

8:5001000c 0 notype LOCAL DEFAULT 2 Hello

9:50010016 0 notype LOCAL DEFAULT 2 bh

10:50010016 0 notype LOCAL DEFAULT 2 $d

11:50010017 0 Notype LOCAL DEFAULT 2 say

12:50008000 0 Notype LOCAL DEFAULT 1 $a

13:5000800c 0 notype GLOBAL DEFAULT ABS __exidx_end

14:5001001b 0 notype GLOBAL DEFAULT ABS _bss_end__

15:5001001b 0 notype GLOBAL DEFAULT ABS __bss_start__

16:5000800c 0 notype GLOBAL DEFAULT ABS __exidx_start

17:5001001b 0 notype GLOBAL DEFAULT ABS __bss_end__

18:50008000 0 notype GLOBAL DEFAULT 1 _start

19:5001001b 0 notype GLOBAL DEFAULT ABS __bss_start

20:5001001c 0 notype GLOBAL DEFAULT ABS __end__

21:5001001b 0 notype GLOBAL DEFAULT ABS _edata

22:5001001c 0 notype GLOBAL DEFAULT ABS _end

23:5001000c 0 notype GLOBAL DEFAULT 2 __data_start

?

No version information found in the this file.

Attribute Section:aeabi

File Attributes

Tag_cpu_name: "4T"

tag_cpu_arch:v4t

Tag_arm_isa_use:yes

?

Start address of data segment: Figure 2-3:

?

Figure 2-3

You can see that the starting address of the data segment is 5001000c, the defined ASCII: definition string, byte: definition byte, Word: Word, all within this data segment.

?

EQU pseudo-directive:

Define a macro directive, run as: 2-4:

Figure 2-4

As you can see above, R0 is 0x89 and the macro definition succeeds.

?

Finally, the operation of the align pseudo-instruction:

Execute at the command line:

Arm-linux-readelf-a gboot.elf

You can see that the physical address of the say is 50010017: Figure 2-5:

Figure 2-5

?

Now to say out the logo plus align alignment, four-byte alignment, the result of the compilation is: Figure 2-6:

Figure 2-6

You can see that the address at say becomes 50010020, which is 4-byte aligned.

?

?

?

?

?

?

?

?

?

?

?

?

?

?

?

?

?

?

?

?

?

?

?

Operation class Pseudo-directives:

???? 1.nop: is an empty operation. Meaning, delay, write drive, return to the hardware, due to the timing of the requirements, need to delay, the execution of the directive. Disassembly looks at the code it actually executes: in the See, NOP actually executes the code that is MOV r0,,r0. Is the operation of a dead loop. Play the role of delay. Disassembly code: Figure 3-1-0:

Figure 3-1-0

?

???? 2.LDR: The previous MOV instruction format analysis knows that the 12-bit source operand, only 8 digits of the number uppercase, [11:8] is the shift information. Therefore, the source operand cannot be greater than 0x1ff, and if it is greater then an error occurs. Figure 3-1-1:

Figure 3-1-1

Therefore, to manipulate an operand greater than 8 bits, you must use the LDR pseudo-directive. Note that the immediate number of LDR pseudo-directives is the equals sign = start, plus the immediate number. The operation was successful. Figure 3-2:

Figure 3-2

?

?

Next, the LDR pseudo-directives are translated into which instructions are executed.

To disassemble the code:

Arm-linux-objdump-d-S Gboot.elf

Find the assembly code for LDR:

???? Ldr r0,=0xeff//Here The LDR is pseudo-directive

50008000:???? e59f0000???? LDR???? R0, [pc, #0]????; 50008008 <_start+0x8>//Here The LDR is the memory//access instruction. The LDR Memory directive puts the 0xeff at the memory address of 50008008.

MOV R3, #0x1

50008004:???? e3a03001???? MOV???? R3, #1????; 0x1

50008008:???? 00000eff????. Word???? 0x00000eff//Defines the data for a word at this address. Disassembly code: Figure 3-3:

Figure 3-3

?

?

Here are a few examples to analyze the work of LDR pseudo-directives.

?

When start. There is only the following line of S in the assembly code: Figure 3-4:

LDR R0,=0xeff

Compile and disassemble the project: arm-linux-objdump-d-S Gboot.elf

Figure 3-4

From the disassembly code of LDR R0,=0xeff, the LDR pseudo-instructions are converted to LDR memory access instructions at compile time. First, the LDR pseudo-directive put 0xeff, stored at 50008004 address, and also defined a word of the data 0x00000eff, the size of the data is the same size as I defined. Then pass the memory access instruction, LDR R0,[pc,#-4], and take this data out. we know that the PC pointer always points to the address of the second instruction after the instruction is being executed. here the Pseudo-command LDR is running the address is 50008000, at this time the address of the PC pointer is the address of the second instruction, is 50008000+2*4=50008008. See the address of the LDR Memory Access command access is:

[Pc,#-4]=pc-4=50008008-4=50008004, as you can see, this is where I define a word data, where I define where the data is stored. This allows the CPU to store more than 8 bits of data.

The following is an addition to the assembly code disassembly, can be analyzed to be consistent with this situation.

?

Add an assembly code: Figure 3-5:

The assembly code in START.S:

LDR R0,=0xeff

Mov R1, #0x22

Figure 3-5

Add an assembly code: Figure 3-6:

The assembly code in START.S:

LDR R0,=0xeff

Mov R1, #0x22

Mov R2, #0x32

Figure 3-6

Add a row before LDR: Figure 3-7:

The assembly code in START.S:

MOV R3, #0x12

LDR R0,=0xeff

Mov R1, #0x22

Mov R2, #0x32

?

Figure 3-7

?

Add a row of NOP empty operations on the first line, and finally add a line of MOV operations: Figure 3-8:

Nop

???? MOV R3, #0x12

???? LDR R0,=0xeff

???? mov r1, #0x22

???? mov R2, #0x32

???? MOV R3, #0x42

Figure 3-8

To review the previous knowledge, the disassembly code for this project is analyzed again to see how the assembly code executes. First is the NOP empty operation, disassembly code see he is doing MOV r0,r0 Infinite loop operation, will not have any effect, just delay effect. Then MOV r3, #0x12, the memory address of the operation is 50008004, it is to save 0x12 to that address. The converted machine code is e3a03012, can correspond on the face of this machine code analysis, see right.

From the disassembly code of LDR R0,=0xeff, the LDR pseudo-instructions are converted to LDR memory access instructions at compile time. First, the LDR pseudo-directive put 0xeff, stored at 50008018 address, and also defined a word of the data 0x00000eff, the size of the data is the same size as I defined. The data is then taken out using the memory access instruction, LDR r0,[pc, #8]. we know that the PC pointer always points to the address of the second instruction after the instruction is being executed. here the Pseudo-command LDR is running the address is 50008008, at this time the address of the PC pointer is the address of the second instruction, is 50008008+2*4=50008010. See the address of the LDR Memory Access command access is:

[PC, #8]=pc+8=500080010+8=50008018, as you can see, this is where I define a word data, where I define where the data is stored. This allows the CPU to store more than 8 bits of data.

The data is completely correct, stating that the previous operation and analysis are correct. The sound of the sound of ....

?

12.ARM Pseudo-instruction operation