1. April, 2004 Modified from notes by Saeid Nooshabadi saeid@unsw.edu.au
COMP Microprocessors and Embedded Systems Lecture 8: Instruction Representation; Assembly and Decoding
April, 2004
Modified from notes by Saeid Nooshabadi

2. What computers really do Assembly: action => to bits
Overview
What computers really do
fetch / decode / execute cycle
Assembly: action => to bits
Decoding: bits => actions
Disassembly
Conclusion

3. Review: What is Subject about?
Application (Netscape)
Operating
COMP3221
Compiler
System
(Windows XP)
Software
Assembler
Instruction Set
Architecture
Hardware
Processor
Memory
I/O system
Datapath & Control
Digital Design
Circuit Design
transistors
Coordination of many levels of abstraction

4. Review:Programming Levels of Representation
temp = v[k];
v[k] = v[k+1];
v[k+1] = temp;
High Level Language Program (e.g., C)
ldr r0 , [r2, #0]
ldr r1 , [r2, #4]
str r1 , [r2, #0]
str r0 , [r2, #4]
Compiler
Assembly Language Program (e.g. ARM)
COMP3221
Assembler
Machine Language Program (ARM)
Machine Interpretation
Control Signal Specification
ALUOP[0:3] <= InstReg[9:11] & MASK

5. Review: What Does a Computer Do?
Big Idea: Stored Program Concept
encode instructions as numbers, data as numbers, store them all in memory
Everything has an address
PC = address of current instruction to execute
Fetch instruction at PC
Decode it
Do what it tells you to do
updates registers and memory
updates PC

6. Review: What happens after ifetch/decode
Perform the operations that are specified in the instruction
operand fetch: read values from registers
execute
perform arithmetic/logic operation => reg
perform ldr (mem => reg)
perform str (reg => mem)
compute next
PC <= PC + 4 for all of the above
PC <= jump, branch (if taken)
then fetch/decode the next instruction

7. Fetch/Decode/Execute Cycle
inst
inst <= Fetch MEM[ PC ]
Decode( inst )
case ARITH/LOG
REGinst <= REGinst OPinst REGinst
PC <= PC + 4
case ARITH/LOG-immed
REGinst <= REGinst OPinst IMinst
case LOAD
REGinst <= MEM[ REGinst + IMinst ]
case STORE
MEM[ REGinst + IMinst ] <= REGinst
case CONTROL
PC <= OPinst(PC, REGinst, IMinst )
before
after op +4
MEM PC
regs
MEM PC
regs op +4 + +4 + +4 op

8. Review: Instruction Set (ARM 7TDMI)
Set of instruction that a processor can execute
Instruction Categories
Data Processing or Computational (Logical and Arithmetic
Load/Store (Memory Access)
Control Flow (Jump and Branch)
Floating Point
coprocessor
Memory Management
Special
Registers

9. ARM Data Processing Instructions
All instructions 32 bits wide
Immediate
add r4, r5, #25
r4  r5 + 25
Register
& Imm.
Shifted
add r4, r5, r6
r4  r5 + r6
add r4, r5, r6, lsl #2
r4  r5 + (r6 X 22)
Register Shifted
Register
add r4, r5, r6, lsl r7
r4  r5 + (r6 X 2r7)
3 types of addressing modes

10. ARM Load/Store Instructions (#1/3)
All instructions 32 bits wide
immediate
ldr r4, [r5, #25]
r4  mem[r5 + 25] 1
Imm.
Shifted
Register
str r4, [r5, r6, lsl #2]
r4  mem[r5 + (r6 X 22)]
3 types of addressing modes

11. ARM Load/Store Instructions (#2/3)
All instructions 32 bits wide 1
Immediate
preindexed
ldr r4, [r5, #25]!
r4  mem[r5 + 25]
r5  r5 + 25
Imm.
Shifted
Register
preindexed
str r4, [r5, r6, lsl #2]!
r4  mem[r5 + (r6 X 22)]
r5  r5 + r6 X 22
3 types of addressing modes

12. ARM Load/Store Instructions (#3/3)
All instructions 32 bits wide
Immediate
post indexed
ldr r4, [r5], #25
r4  mem[r5]
r5  r5 + 25
Imm.
Shifted
Register
post indexed
str r4, [r5], r6, lsl #2
r4  mem[r5]
r5  r5 + r6 X 22
3 types of addressing modes

13. ARM Branch Instructions
All instructions 32 bits wide
Unconditional and Conditional Branches (L=0)
here: b there
. . .
There: movs r4, r5
beq here
Branch & Link (L=1)
along with jump, the address
of the next instruction is
stored in r14.
go back to instruction after
bl instruction
bl there
add r5, r6, r7
. . .
There: mov r4, r5
mov, r15, r14
PC = PC + (SignExt(24 offset) <<00)
R14 is used as the subroutine link register (LR) and stores the return address when Branch with Link operations are performed, calculated from the PC.
Thus to return from a linked branch
MOV r15,r14 or
MOV pc,lr
PC Relative Addressing

14. Conditional Execution Field 31 23 20 16 12 8 4
COND
cmp r1, r2
Instr<cond> ---
1001 = LS - C clear or Z set (unsigned lower or same)
1010 = GE - N set and V set, or N clear and V clear (signed >or =)
1011 = LT - N set and V clear, or N clear and V set (signed <)
1100 = GT - Z clear, and either N set and V set, or N clear and V clear (signed >)
1101 = LE - Z set, or N set and V clear,or N clear and V set (signed <, or =)
1110 = AL - always
1111 = NV - reserved.
0000 = EQ - Z set (equal)
0001 = NE - Z clear (not equal)
0010 = HS / CS - C set (unsigned higher or same)
0011 = LO / CC - C clear (unsigned lower)
0100 = MI -N set (negative)
0101 = PL- N clear (positive or zero)
0110 = VS - V set (overflow)
0111 = VC - V clear (no overflow)
1000 = HI - C set and Z clear (unsigned higher)

15. ARM Instruction Set Format31 28 27 16 15 8 7
Instruction type
Data processing / PSR transfer
Multiply
Long Multiply (v3M / v4 only)
Swap
Load/Store Byte/Word
Load/Store Multiple
Halfword transfer:Immediate offset (v4 only)
Halfword transfer: Register offset (v4 only)
Branch
Branch Exchange (v4T only)
Coprocessor data transfer
Coprocessor data operation
Coprocessor register transfer
Software interrupt
Cond I Opcode S Rn Rd Operand2
Cond A S Rd Rn Rs Rm
Cond U A S RdHi RdLo Rs Rm
Cond B Rn Rd Rm
Cond I P U B W L Rn Rd Offset
Cond P U S W L Rn Register List
Cond P U 1 W L Rn Rd Offset1 1 S H 1 Offset2
Cond P U 0 W L Rn Rd S H 1 Rm
Cond L Offset
Cond P U N W L Rn CRd CPNum Offset
Cond Op1 CRn CRd CPNum Op CRm
Cond Op1 L CRn Rd CPNum Op CRm
Cond SWI Number
Cond Rn

16. Reading Material
Steve Furber: ARM System On-Chip; 2nd Ed, Addison-Wesley, 2000, ISBN: chapter 5
ARM Architecture Reference Manual 2nd Ed, Addison-Wesley, 2001, ISBN: ,, chapter A2: Programmer’s Model

17. Recall: Sample Assembly Program
C statement: k = k - 2
0x80
0x84
0x88
0x8C
0x90
E3A02094
mov r2, #0x94
Instruction
(Data proc.)
E3A05002
mov r5, #2 E
ldr r0, [r2] 0x
(Mem Access)
Data 20hex = 3210
Binary Contents E
sub r0, r0, r5 E
str r0, [r2]
(Data proc)
0x94
r x94
0x94 r 2 r2 r0
0x94
0x20
0x20 r0 r5
0x2
0x1E – r2 r0
0x94
0x1E
0x E
Location for variable k

18. Compilation & Assembly
How to turn notation programmers prefer into notation computer understands?
Program to translate C statements into Assembly Language instructions; called a compiler
Example: compile by hand this C code: a = b + c; d = a - e;
Ass: add r0, r1, r sub r3, r0, r4
Big Idea: compiler translates notation from 1 level of abstraction to lower level
Program to translate Assembly Language into machine instructions; called an assembler
Ass: add r0, r1, r sub r3, r0, r4
Mach: 0xe xe
Big Idea: assembler translates notation from 1 level of abstraction to lower level

19. Decoding Machine Language
How do we convert 1s and 0s to C code?
For each 32 bits:
Look at bits : 00x means data processing, 01x Load/Store, 101 Branch.
Use instruction type to determine which fields exist and convert each field into the decimal equivalent.
Once we have decimal values, write out ARM assembly code.
Logically convert this ARM code into valid C code.

20. Decoding Example (#1/7)
Here are seven machine language instructions in hex:
e e3a d1a0f00e e e d1a0f00e eafffffb
Let the first instruction be at address 4,194,30410 (0x ).
Next step: convert to binary

21. Binary  Decimal  Assembly  C?
Decoding Example (#2/7)
Binary  Decimal  Assembly  C?
Start at program at address 4,194, = 0x (222)
What are instruction formats of these 7 instructions?

22. Decoding Example (#3/7) Binary  Fields  Decimal  Assembly  C?
31 – – – 1615 – 1211 –
Cond.
DPI
Inst. Type
Immd.
Opcode
Flag setting
S bit Rn Rd
#rot
DPI
CDPR Rm
#Shift
Shift
type
Immd.
shift
DPI
DPR
CDPR BR
Branch
Offset
DPI/DPR = Data Proc. immd./reg 2nd opernd
CDPR = Cond. DPR BR = Branch

23. Decoding Example (#4/7)
Binary  Fields  Decimal  Assembly  C?
DPI
DPI
CDPR
DPI
DPR
CDPR BR Rm
Opcode Rn Rd
DPI/DPR = Data Proc. immd./reg 2nd opernd
CDPR = Cond. DPR BR = Branch
DPI
CDPR
DPR BR

24. Decoding Example (#5/7)
Binary  Fields  Decimal  Assembly  C?
DPI
CDPR
DPR BR Rm
Opcode Rn Rd
DPI/DPR = Data Proc. immd./reg 2nd opernd
CDPR = Cond. DPR BR = Branch
: cmp r2, # : mov r0, # : movle r15, r : subs r2, r2, # : add r0, r0, r : movle r15, r : b ;(pc–4*5)

25. Decoding Example (#6/7)
Binary  Fields  Decimal  Assembly  Symbolic Assembly  C?
recall: branch target computed by adding offset (<<2) to address of branch inst plus 8
: cmp r2, # : mov r0, # : movle r15, r : subs r2, r2, # : add r0, r0, r : movle r15, r : b : : ;pc=419336–20 =
cmp r2, # mov r0, # movle r15, r Loop: subs r2, r2, #1 add r0, r0, r movle r15, r b Loop

26. Decoding Example (#7/7)
Binary  Fields  Decimal  Assembly  Symbolic Assembly  C?
cmp a3, # mov a1, # movle pc, lr Loop: subs a3, a3, #1 add a1, a1, a2 movle pc, lr b Loop
Mapping product:a1, mcand:a2, mlier:a3;
product = 0; while (0 < mlier) { product = product + mcand; mlier = mlier - 1; } A R M C

27. Instruction Set Bridge
more than 1-1 encode/decode
many encoders & many decoders
ARM Assembly Language
Fortran
Java C
GCC CC
ARM-elf
ARM-elf/ARM-AXD
ARM Machine Language
PC GDB-Debug
interpreter
Many different implementations of ARM
Machine Language (Instruction Set)

28. September, 2003 Saeid Nooshabadi saeid@unsw.edu.au
COMP Microprocessors and Embedded Systems Lectures 24: Compiler, Assembler, Linker and Loader – I
September, 2003
Saeid Nooshabadi

29. Overview
Compiler
Assembler
Linker
Loader
Example

30. Review: What is Subject about?
Application (Netscape)
COMP 3221
Operating
Compiler
System
(Windows XP)
Software
Assembler
Instruction Set
Architecture
Hardware
Processor
Memory
I/O system
Datapath & Control
Digital Design
Circuit Design
transistors
Coordination of many levels of abstraction

31. Review:Programming Levels of Representation
temp = v[k];
v[k] = v[k+1];
v[k+1] = temp;
High Level Language Program (e.g., C)
ldr r0 , [r2, #0]
ldr r1 , [r2, #4]
str r1 , [r2, #0]
str r0 , [r2, #4]
Compiler
Assembly Language Program (e.g. ARM)
COMP3221
Assembler
Machine Language Program (ARM)
Machine Interpretation
Control Signal Specification
ALUOP[0:3] <= InstReg[9:11] & MASK

32. Review: Stored Program Concept
Stored Program Concept: Both data and actual code (instructions) are stored in the same memory.
Type is not associated with data, bits have no meaning unless given in context

33. Review: ARM Instruction Set Format31 28 27 16 15 8 7
Instruction type
Data processing / PSR transfer
Multiply
Long Multiply (v3M / v4 only)
Swap
Load/Store Byte/Word
Load/Store Multiple
Halfword transfer:Immediate offset (v4 only)
Halfword transfer: Register offset (v4 only)
Branch
Branch Exchange (v4T only)
Coprocessor data transfer
Coprocessor data operation
Coprocessor register transfer
Software interrupt
Cond I Opcode S Rn Rd Operand2
Cond A S Rd Rn Rs Rm
Cond U A S RdHi RdLo Rs Rm
Cond B Rn Rd Rm
Cond I P U B W L Rn Rd Offset
Cond P U S W L Rn Register List
Cond P U 1 W L Rn Rd Offset1 1 S H 1 Offset2
Cond P U 0 W L Rn Rd S H 1 Rm
Cond L Offset
Cond P U N W L Rn CRd CPNum Offset
Cond Op1 CRn CRd CPNum Op CRm
Cond Op1 L CRn Rd CPNum Op CRm
Cond SWI Number
Cond Rn
All Instruction 32 bits

34. Review: Example Assembly
=> 0Xe
sub r2, r3, #1
sub r2, r3, r4
b foo
=> 0Xe
=> 0Xea &foo------ ?
? = ((pc +8) - &foo) >>2

35. Steps to Starting a Program
C program: foo.c
Compiler
Assembly program: foo.s
Assembler
Object(mach lang module): foo.o
Linker
lib.o
Executable(mach lang pgm): a.out
Loader
Memory

36. Compiler
Input: High-Level Language Code (e.g., C, Java)
Output: Assembly Language Code (e.g., ARM)
Most Compiler can generate Object code (Machine language) directly

37. Example: C  Asm  Obj  Exe  Run
extern int posmul(int mlier, int mcand);
int main (void) {
char *srcstr = “Multiplication";
static int a=20,b=18, c;
c = posmul(a, b);
return c; }

38. Where Are We Now?
C program: foo.c
Compiler
Assembly program: foo.s
Assembler
Object(mach lang module): foo.o
Linker
lib.o
Executable(mach lang pgm): a.out
Loader
Memory

39. Example: C  Asm  Obj  Exe  Run (#1/3)
.data
.align 2
a.0: .word 20
b.1: .word 18
c.2: .space 4
.section rodata
.LC0:
.ascii "Multiplication\000"
Data Segment

40. Example: C  Asm  Obj  Exe  Run (#2/3)
.text
.align 2
.global main
main:
stmfd sp!, {r4,lr}
ldr r4, .L2 ; MESG
ldr r3, .L2+4
ldr r2, .L2+8
ldr r0, [r3, #0] ; a
ldr r1, [r2, #0] ; b
bl posmul
mov r2, r0
ldr r3, .L2+12
str r2, [r3, #0] ; c
mov r0, r3
ldmfd sp!, {r4, pc}
Text Segment
Addresses of MESG, a, b & c are stored at label .L2
Indirect access to a, b & c

41. Example: C  Asm  Obj  Exe  Run (#3/3)
Text Segment
(continued)
.L3:
.align 2
.L2:
.word .LC0
.word a.0
.word b.1
.word c.2
Literal Pool for storing addresses of MESG, a, b & c

42. What is Assembler? ¥ SP SB
Program that translates symbolic machine instructions into binary representation
encodes code and data as blocks of bits from symbolic instruction, declarations, and directives
It builds the code words and the static data words
loaded into memory when program is run
what must it do
map opcodes, regs, literals into bit fields
map labels into addresses
Address
Code
Static
Heap
Stack SP SB

43. How does Assembler work?
Reads and Uses Directives
Replace Pseudoinstructions
Produce Machine Language
Creates Object File (*.o files)

44. Give directions to assembler, but do not produce machine instructions
Assembler Directives
Give directions to assembler, but do not produce machine instructions
.text: Subsequent items put in user text segment
.data: Subsequent items put in user data segment
.globl sym: declares sym global and can be referenced from other files
.asciz str: Store the string str in memory and null-terminate it
.word w1…wn: Store the n 32-bit quantities in successive memory words

45. Pseudo-instruction Replacement (#1/6)
Assembler provide many convenient shorthand special cases of real instructions
nop => mov, r0, r0
mov r0, 0xfffffff0 => movn r0, 0xf
ldr/str rdest, label => load/stores a value at label (address) in the same segment. Converts to
ldr rdest, [pc, #offset] instruction, where offset is computed by - [pc + 8]).
Offset range  212 (4 Kbytes)
adr rdest, address => load address of a label (in the same segment) computed as an offset from PC. Converts to
sub rdest, pc,#imm ; #imm: 8 bit number add rdest, pc,#imm ; or rotated version
#imm is computed as - [pc + 8])|

46. Pseudo-instruction Replacement (#2/6)
ladr rdest, address => same thing for when offset value cannot fit in 8 bit rotated format
Converts to sequence of two sub & add instructions
If second sub/add not needed is replaced by nop
Especially important Pseudo Instructions are for building literals
ldr rdest, =imm32 => load (move) ANY immediate to rdest

47. Pseudo-instruction Replacement (#3/6)
Limitation on mov rdest, #imm Instruction
Any 8-bit value in the range 0 – 255 (0x0 – 0xff)
Any 8 bit value in the range 0 – 255 (0x0 – 0xff) rotated to the right two bits at a time.
Max rotation = 30 bits
Example:
0x000000FE, 0x f (rot. 2 bits), 0xe000000f (rot. 4 bits), … all are valid values 1 2 3 4 5 6 7 8 9 31 1 2 3 4 5 6 7 8 9 31 1 2 3 4 5 6 7 8 9 31

48. Pseudo-instruction Replacement (#4/6)
Solution: Use Pseudo Instruction
Replace ldr rdest, #imm by ldr rdest, =imm => load (move) ANY immediate
Converts to mov or mvn instruction, if the constant can be generated by either of these instructions.
PC relative LDR instruction will be generated to load the imm from literal pool inserted at the end of the text segment.

49. Pseudo-instruction Replacement (#5/6)
Example: Use Pseudo Instruction
.text
.align 2
.global main
main: :
ldr r2, =
end:
Changes to
.text
.align 2
.global main
main: :
ldr r2, [pc, #offset]
end:
.word
Offset = end - (pc + 8)

50. Pseudo-instruction Replacement (#6/6)
Recall: ldr/str rdest, label => load/stores a value at label (address) in the same segment. Converts to
ldr rdest, [pc, #offset] instruction, where offset is computed by - [pc + 8]).
offset range  212 (4 Kbytes)
ldr rdest, =label => load address of ANY label
PC relative LDR instruction will be generated to load the address of the label from literal pool inserted at the end of the text segment.

51. Handling Addresses by Assembler (#1/2)
Branches: b, & bl (branch and link)
b/bl
label
Such branches are normally taken to a label (address) labels at fixed locations, in the same module (file) or other modules (eg. Call to functions in other modules)
The address of the label is absolute

52. Handling Addresses by Assembler (#2/2)
Loads and stores to variables in static area
ldr/str Rdest, [pc, offset]
Such addresses are stored in the literal pool by the compiler/Assembler
The reference to to the literal pool is via PC relative addressing
Sometimes they are referenced via Static Base Pointer (SB)
ldr/str Rdest, [sb, offset]
Loads and stores to local variables
Such variables are put direct on registers or on stack and are referenced via sp or fp.

53. Reading Material Reading assignment:
David Patterson and John Hennessy: Computer Organisation & Design: The HW/SW Interface," 2nd Ed Morgan Kaufmann, 1998, ISBN: X.  (A.8, )
Steve Furber: ARM System On-Chip; 2nd Ed, Addison-Wesley, 2000, ISBN: chapter 2, section 2.4

54. Things to Remember
Compiler converts a single HLL file into a single assembly language file.
Assembler removes pseudos, converts it can to machine language. This changes each .s file into a .o file.
Linker combines several .o files and resolves absolute addresses.
Loader loads executable into memory and begins execution.

55. Big Idea: fetch-decode-execute cycle Big Idea: encoding / decoding
“And in Conclusion…”
Big Idea: fetch-decode-execute cycle
Big Idea: encoding / decoding
compiler/assembler encodes instructions as numbers, computer decodes and executes them
keyboard encodes characters as numbers, decoded on display
Instruction format
certain fields determine how to decode the others
each field has specific “decoding table” giving meaning to values
highly structured and regular process