ARM States

advertisement
Architecture Revisions
version
ARMv7
ARM1156T2F-S™
ARM1136JF-S™
ARMv6
ARM102xE XScaleTM
ARM1176JZF-S™
ARM1026EJ-S™
ARMv5
ARM9x6E ARM926EJ-S™
SC200™
ARM92xT
®
ARM7TDMI-S™ StrongARM
V4
SC100™
1994
1996
ARM720T™
1998
2000
2002
2006
2004
time
XScale is a trademark of Intel Corporation
1
Data Sizes and Instruction Sets

The ARM is a 32-bit architecture.

When used in relation to the ARM:
 Byte means 8 bits
 Halfword means 16 bits (two bytes)
 Word means 32 bits (four bytes)

Most ARM’s implement two instruction sets
 32-bit ARM Instruction Set
 16-bit Thumb Instruction Set

Jazelle cores can also execute Java bytecode
2
ARM States



ARM architecture define a 16-bit instruction set called the
Thumb instruction set. The functionality of the Thumb
instruction set is a subset of the functionality of the 32-bit ARM
instruction set.
A processor that is executing Thumb instructions is said to be
operating in Thumb state. A Thumb-capable processor that is
executing ARM instructions is said to be operating in ARM
state.
ARM processors always start in ARM state. You must
explicitly change to Thumb state using a BX (Branch and
exchange instruction set) instruction.
3
Processor Modes

The ARM has seven basic operating modes:

User : unprivileged mode under which most tasks run

FIQ : entered when a high priority (fast) interrupt is raised

IRQ : entered when a low priority (normal) interrupt is raised


Supervisor : entered on reset and when a Software Interrupt
instruction is executed
Abort : used to handle memory access violations

Undef : used to handle undefined instructions

System : privileged mode using the same registers as user mode
4
The ARM Register Set
Current Visible Registers
Abort
Mode
Undef
SVC
Mode
IRQ
FIQ
User
Mode
Mode
Mode
r0
r1
r2
r3
r4
r5
r6
r7
r8
r9
r10
r11
r12
r13 (sp)
r14 (lr)
Banked out Registers
User
FIQ
IRQ
SVC
Undef
Abort
r8
r9
r10
r11
r12
r13 (sp)
r14 (lr)
r8
r9
r10
r11
r12
r13 (sp)
r14 (lr)
r13 (sp)
r14 (lr)
r13 (sp)
r14 (lr)
r13 (sp)
r14 (lr)
r13 (sp)
r14 (lr)
spsr
spsr
spsr
spsr
spsr
r15 (pc)
cpsr
spsr
5
Registers and ARM States


In ARM state, 16 general registers and one or two status registers are
accessible at any one time.
In Thumb state, eight general registers, the Program Counter (PC), Stack
Pointer (SP), Link Register (LR), and Current Program Status Register (CPSR)
are accessible.
6
Registers and ARM States


The limitations of Thumbs are alleviated with Thumb2 while
retaining very dense coding
Thumb-2 introduced variable length instructions to the
original Thumb

Now instructions can be a mixture of 16-bit and 32-bit. That
means you retain the size advantage of the original Thumb
in everyday code, but now have access to almost the full
ARM feature-set in more complex code,

Aside from the aforementioned access to the full register set
from all register operations,
7
Cortex-M4 Devices Processor mode and
privilege levels for software execution
The processor modes are:
 Thread mode

Used to execute application software. The processor enters Thread mode
when it comes out of reset.
 Handler mode

Used to handle exceptions. The processor returns to Thread mode when it
has finished all exception processing.
8
Cortex-M4 Devices Processor mode and
privilege levels for software execution
 The privilege levels for software execution are:

Unprivileged

The software:
 has limited access to the MSR and MRS instructions, and cannot use
the CPS instruction
 cannot access the system timer, NVIC, or system control block
 might have restricted access to memory or peripherals.

Unprivileged software executes at the unprivileged level.
 Privileged


The software can use all the instructions and has access to all resources.
Privileged software executes at the privileged level.
9
Exception Handling


When an exception occurs, the ARM:
 Copies CPSR into SPSR_<mode>
 Sets appropriate CPSR bits
0x1C
 Change to ARM state
0x18
Change
to
exception
mode

0x14
 Disable interrupts (if appropriate)
0x10
 Stores the return address in LR_<mode> 0x0C
0x08
 Sets PC to vector address
0x04
To return, exception handler needs to:0x00
 Restore CPSR from SPSR_<mode>
 Restore PC from LR_<mode>
This can only be done in ARM state.
FIQ
IRQ
(Reserved)
Data Abort
Prefetch Abort
Software Interrupt
Undefined Instruction
Reset
Vector Table
Vector table can be at
0xFFFF0000 on ARM720T
and on ARM9/10 family devices
10
Program Status Registers
31
28 27
N Z C V Q
24
J
23
16 15
U
f
n
d
e
f
s
 Condition code flags




N = Negative result from ALU
Z = Zero result from ALU
C = ALU operation Carried out
V = ALU operation oVerflowed
 Sticky Overflow flag - Q flag
 Architecture 5TE/J only
 Indicates if saturation has occurred
i
8
n
e
d
7
6
5
4
0
I F T
x
mode
c
 Interrupt Disable bits.
 I = 1: Disables the IRQ.
 F = 1: Disables the FIQ.
 T Bit
 Architecture xT only
 T = 0: Processor in ARM state
 T = 1: Processor in Thumb state
 Mode bits
 J bit
 Specify the processor mode
 Architecture 5TEJ only
 J = 1: Processor in Jazelle state
039v12
11
Cortex-M4 Registers Related Details
039v12
12
Basic Understanding of Environment

Run the Assemly_1 project:







Understand the overall structure of the code
Main debug operations
What is the special role of R15 and R14 ?
Understand how to call a function or subroutine
What is the relation between the back link address and R14 ? Why ?
Go to unprivileged mode
Run the Blink_NEW project:





Understand the overall structure of the code
Main debug operations
Compare counter++ and counter = counter + 2 assembly conversions
Where is counter variable stored ?
Create another function, call it from main

039v12
How call is translated in assembly?
13
Conditional Execution and Flags

ARM instructions can be made to execute conditionally by postfixing them with the
appropriate condition code field.
 This improves code density and performance by reducing the number of
forward branch instructions.
CMP
r3,#0
CMP
r3,#0
BEQ
skip
ADDNE r0,r1,r2
ADD
r0,r1,r2
skip

By default, data processing instructions do not affect the condition code flags but
the flags can be optionally set by using “S”. CMP does not need “S”.
loop
…
decrement r1 and set flags
SUBS r1,r1,#1
BNE loop
if Z flag clear then branch
14
Condition Codes

The possible condition codes are listed below
 Note AL is the default and does not need to be specified
Suffix
EQ
NE
CS/HS
CC/LO
MI
PL
VS
VC
HI
LS
GE
LT
GT
LE
AL
Description
Equal
Not equal
Unsigned higher or same
Unsigned lower
Minus
Positive or Zero
Overflow
No overflow
Unsigned higher
Unsigned lower or same
Greater or equal
Less than
Greater than
Less than or equal
Always
Flags tested
Z=1
Z=0
C=1
C=0
N=1
N=0
V=1
V=0
C=1 & Z=0
C=0 or Z=1
N=V
N!=V
Z=0 & N=V
Z=1 or N=!V
15
Conditional execution examples
C source code
if (r0 == 0)
{
r1 = r1 + 1;
}
else
{
r2 = r2 + 1;
}
ARM instructions
unconditional
conditional
CMP r0, #0
CMP r0, #0
BNE else
ADDEQ r1, r1, #1
ADD r1, r1, #1
ADDNE r2, r2, #1
B end
...
else
ADD r2, r2, #1
end
...
• Compile all three cases and measure
• Instruction count
• Byte count
• Cycle count
16
Data processing Instructions

Largest family of ARM instructions, all sharing the same
instruction format.
 Contains:




Arithmetic operations
Comparisons (no results ‐just set condition codes)
Logical operations
Data movement between registers
 Remember, this is a load / store architecture

 These instruction only work on registers, NOT memory.
They each perform a specific operation on one or two
operands.


First operand always a register ‐Rn
 Second operand sent to the ALU via barrel shifter.
We will examine the barrel shifter shortly.
17
Arithmetic Operations

Operations are:ADDoperand1 + operand2; Add
; Add with carry
 ADC operand1 + operand2 + carry
; Subtract
 SUB operand1 ‐operand2
; Subtract with carry
 SBC operand1 ‐operand2 + carry ‐1
; Reverse subtract
 RSB operand2 ‐operand1
; Reverse subtract with
 RSC operand2 ‐operand1 + carry ‐1
carry

Syntax:<Operation>{<cond>}{S} Rd, Rn, Operand2

Examples
 ADD r0, r1, r2
 SUBGT r3, r3, #1
 RSBLES r4, r5, #5
18
Comparisons


The only effect of the comparisons is to update the
condition flags. Thus no need to set S bit.
Operations are:
; Compare
 CMP operand1 ‐operand2
; Compare negative
 CMN operand1 + operand2
; Test
 TST operand1 AND operand2
; Test equivalence
 TEQ operand1 EOR operand2
 Syntax:

 <Operation>{<cond>} Rn, Operand2
Examples:
 CMPr0, r1
 TSTEQr2, #5
19
Logical Operations

Operations are:
 ANDoperand1 AND operand2
 EORoperand1 EOR operand2
 ORRoperand1 OR operand2
 ORN operand1 NOR operand2
 BIC operand1 AND NOT operand2 [ie bit clear]
 Syntax:
 <Operation>{<cond>}{S} Rd, Rn, Operand2




Examples:
AND r0, r1, r2
BICE Qr2, r3, #7
EORS r1,r3,r0
20
Data Movement


Operations are:
 MOV operand2
 MVN NOT operand2
Note that these make no use of operand1.
 Syntax:
 <Operation>{<cond>}{S} Rd, Operand2

Examples:
 MOV r0, r1
 MOVS r2, #10
 MVNEQ r1,#0
21
The Barrel Shifter

The ARM doesn’t have actual shift instructions.
 Instead it has a barrel shifter which provides a
mechanism to carry out shifts as part of other
instructions.

So what operations does the barrel shifter support?
22
The Barrel Shifter


Barrel Shifter ‐Left Shift
Shifts left by the specified amount (multiplies by powers
of two) e.g.
 LSL #5 => multiply by 32
23
The Barrel Shifter

Barrel Shifter ‐Rotations
24
Using a Barrel Shifter:The 2nd Operand
Operand
1
Operand
2
Barrel
Shifter
ALU
Result
Register, optionally with shift operation
 Shift value can be either be:
 5 bit unsigned integer
 Specified in bottom byte of
another register.
 Used for multiplication by constant
Immediate value
 8 bit number, with a range of 0255.
 Rotated right through even
number of positions
 Allows increased range of 32-bit
constants to be loaded directly into
registers
25
Second Operand : Shifted Register

The amount by which the register is to be shifted is
contained in either:

the immediate 5‐bit field in the instruction
 NO OVERHEAD
 Shift is done for free ‐executes in single cycle.
 the bottom byte of a register (not PC)
 Then takes extra cycle to execute
 ARM doesn’t have enough read ports to read 3 registers at

once.
 Then same as on other processors where shift is separate
instruction.
If no shift is specified then a default shift is applied: LSL #0
 i.e. barrel shifter has no effect on value in register.
26
Second Operand: Using a Shifted Register
 Using a multiplication instruction to multiply by a constant means
first loading the constant into a register and then waiting a number of
internal cycles for the instruction to complete.

A more optimum solution can often be found by using
some combination of MOVs, ADDs, SUBs and RSBs with
shifts.

Multiplications by a constant equal to a ((power of 2) ±1) can be done in one cycle.





MOV R2, R0, LSL #2; Shift R0 left by 2, write to R2, (R2=R0x4)
ADD R9, R5, R5, LSL #3 ; R9 = R5 + R5 x 8 or R9 = R5 x 9
RSB R9, R5, R5, LSL #3 ; R9 = R5 x 8 ‐R5 or R9 = R5 x 7
SUB R10, R9, R8, LSR #4 ; R10 = R9 ‐R8 / 16
MOV R12, R4, ROR R3 ; R12 = R4 rotated right by value of R3
27
Data Processing Exercise
1. How would you load the two’s complement
representation of -1 into Register 3 using one
instruction?
2. Implement an ABS (absolute value) function for a
registered value using only two instructions.
3. Multiply a number by 35, guaranteeing that it
executes in 2 core clock cycles.
28
Data Processing Solutions
1. MVN r3, #0
2. MOVS
RSBMI
3. ADD
RSB
r7,r7
; set the flags
r7,r7,#0
; if neg, r7=0-r7
r9,r8,r8,LSL #2
; r9=r8*5
r10,r9,r9,LSL #3
; r10=r9*7
29
Immediate constants


No ARM instruction can contain a 32 bit immediate constant
 All ARM instructions are fixed as 32 bits long
The data processing instruction format has 12 bits available
for operand2
11
8 7
rot
x2
0
immed_8
Shifter
ROR
Quick Quiz:
0xe3a004ff
MOV r0, #???

4 bit rotate value (0-15) is multiplied by two to give range 030 in steps of 2

Rule to remember is
“8-bits rotated right by an even number of bit positions”
30
Second Operand: Immediate Value (1)
 There is no single instruction which will load a 32 bit immediate
constant into a register without performing a data load from memory.
 All ARM instructions are 32 bits long
 The data processing instruction format has 12 bits available for
operand2
 If used directly this would only give a range of 4096.
 Instead it is used to store 8 bit constants, giving a range of 0 ‐255.
 These 8 bits can then be rotated right through an even number of
positions (ie RORs by 0, 2, 4,..30).
 This gives a much larger range of constants that can be directly loaded, though
some constants will still need to be loaded from memory.
31
Second Operand: Immediate Value (2)
 This gives us:




0 ‐255[0 ‐0xff]
256,260,264,..,1020[0x100‐0x3fc, step 4, 0x40‐0xff ror30]
1024,1040,1056,..,4080[0x400‐0xff0, step 16, 0x40‐0xff ror28]
4096,4160, 4224,..,16320[0x1000‐0x3fc0, step 64, 0x40‐0xff ror26]
 These can be loaded using, for example:

 MOV r0, #0x40, 26; => MOV r0, #0x1000 (ie 4096)
To make this easier, the assembler will convert to this form for us if
simply given the required constant:
 MOV r0, #4096; => MOV r0, #0x1000 (ie 0x40 ror 26)
 The bitwise complements can also be formed using MVN:

 MOV r0, #0xFFFFFFFF ; assembles to MVN r0, #0
If the required constant cannot be generated, an error will be
reported.
32
Loading 32 bit constants
 To allow larger constants to be loaded, the assembler offers a pseudo


instruction:
 LDR rd, =const
This will either:
 Produce a MOV or MVN instruction to generate the value (if possible).
or
 Generate a LDR instruction with a PC-relative address to read the
constant from a literal pool (Constant data area embedded in the
code).
For example
MOV r0,#0xFF
=>
 LDR r0,=0xFF
LDR r0,[PC,#Imm12]
 LDR r0,=0x55555555 =>
…
…
DCD 0x55555555
This is the recommended way of loading constants into a register
33
Single register data transfer
LDR
LDRB
LDRH
LDRSB
LDRSH
STR Word
STRB Byte
STRH Halfword
Signed byte load
Signed halfword load

Memory system must support all access sizes

Syntax:
 LDR{<cond>}{<size>} Rd, <address>
 STR{<cond>}{<size>} Rd, <address>
e.g. LDREQB
34
Address accessed


Address accessed by LDR/STR is specified by a base register with an offset
For word and unsigned byte accesses, offset can be:

An unsigned 12-bit immediate value (i.e. 0 - 4095 bytes)
LDR r0, [r1, #8]

A register, optionally shifted by an immediate value
LDR r0, [r1, r2]
LDR r0, [r1, r2, LSL#2]

This can be either added or subtracted from the base register:
LDR r0, [r1, #-8]
LDR r0, [r1, -r2, LSL#2]

For halfword and signed halfword / byte, offset can be:




An unsigned 8 bit immediate value (i.e. 0 - 255 bytes)
A register (unshifted)
Choice of pre-indexed or post-indexed addressing
Choice of whether to update the base pointer (pre-indexed only)
LDR r0, [r1, #-8]!
35
Load/Store Exercise
Assume an array of 25 words. A compiler associates
y with r1. Assume that the base address for the
array is located in r2. Translate this C
statement/assignment using just three instructions:
array[10] = array[5] + y;
36
Load/Store Exercise Solution
array[10] = array[5] + y;
LDR
ADD
r3, [r2, #5]
r3, r3, r1
STR
r3, [r2, #10]
array[10]
; r3 = array[5]
; r3 = array[5] + y
; array[5] + y =
37
Load and Store Multiples


Syntax:
 <LDM|STM>{<cond>}<addressing_mode> Rb{!}, <register list>
4 addressing modes:
increment after
 LDMIA / STMIA
increment before
 LDMIB / STMIB
 LDMDA / STMDA decrement after
 LDMDB / STMDB decrement
IA before
IB
DA
DB
LDMxx r10, {r0,r1,r4}
STMxx r10, {r0,r1,r4}
Base Register (Rb) r10
r4
r4
r1
r1
r0
r0
Increasing
Address
r4
r1
r4
r0
r1
r0
38
Multiply and Divide


There are 2 classes of multiply - producing 32-bit and 64-bit results
32-bit versions on an ARM7TDMI will execute in 2 - 5 cycles



; r0 = r1 * r2
; r0 = (r1 * r2) + r3
64-bit multiply instructions offer both signed and unsigned versions
 For these instruction there are 2 destination registers



MUL r0, r1, r2
MLA r0, r1, r2, r3
[U|S]MULL r4, r5, r2, r3 ; r5:r4 = r2 * r3
[U|S]MLAL r4, r5, r2, r3 ; r5:r4 = (r2 * r3) + r5:r4
Most ARM cores do not offer integer divide instructions
 Division operations will be performed by C library routines or inline shifts
39
Branch instructions
B{<cond>} label
 Branch :
 Branch with Link : BL{<cond>} subroutine_label
31
28 27
Cond
25 24 23
0
1 0 1 L
Offset
Link bit
0 = Branch
1 = Branch with link
Condition field
 The processor core shifts the offset field left by 2 positions, sign-extends it
and adds it to the PC
 ± 32 Mbyte range
 How to perform longer branches?
40
Register Usage
Register
Arguments into function
Result(s) from function
otherwise corruptible
(Additional parameters
r0
r1
r2
r3
passed on stack)
Register variables
Must be preserved
Scratch register
(corruptible)
Stack Pointer
Link Register
Program Counter
r4
r5
r6
r7
r8
r9/sb
r10/sl
r11
The compiler has a set of rules known as a
Procedure Call Standard that determine how to
pass parameters to a function (see AAPCS)
CPSR flags may be corrupted by function call.
Assembler code which links with compiled code
must follow the AAPCS at external interfaces
The AAPCS is part of the new ABI for the ARM
Architecture
- Stack base
- Stack limit if software stack checking selected
r12
r13/sp
r14/lr
r15/pc
- SP should always be 8-byte (2 word) aligned
- R14 can be used as a temporary once value stacked
41
ARM Branches and Subroutines

B <label>
 PC relative. ±32 Mbyte range.

BL <subroutine>
 Stores return address in LR
 Returning implemented by restoring the PC from LR
 For non-leaf functions, LR will have to be stacked
039v12
func1
func2
:
STMFD
sp!,{regs,lr}
:
:
:
BL func1
BL func2
:
:
:
LDMFD
sp!,{regs,pc}
:
:
:
:
MOV pc, lr
42
PSR access
31
28 27
N Z C V Q de
24
23

9
8
7
6
5
4
0
s
x
mode
c
MRS and MSR allow contents of CPSR / SPSR to be transferred to / from a
general purpose register or take an immediate value
 MSR allows the whole status register, or just parts of it to be updated
Interrupts can be enable/disabled and modes changed, by writing to the CPSR

Typically a read/modify/write strategy should be used:
MRS r0,CPSR
BIC r0,r0,#0x80
MSR CPSR_c,r0

10
16 15
GE[3:0] IT cond_abc E A I F T
J
f

19
; read CPSR into r0
; clear bit 7 to enable IRQ
; write modified value to ‘c’ byte only
In User Mode, all bits can be read but only the condition flags (_f) can be modified
43
Agenda
Introduction to ARM Ltd

Fundamentals, Programmer’s Model, and Instructions
Core Family Pipelines
AMBA
44
Pipeline changes for ARM9TDMI
ARM7TDMI
Instruction
Fetch
ThumbARM
decompress
FETCH
ARM decode
Reg
Read
Shift
ALU
Reg
Write
Reg Select
DECODE
EXECUTE
ARM9TDMI
Instruction
Fetch
ARM or Thumb
Inst Decode
Reg
Reg
Decode
Read
FETCH
DECODE
Shift + ALU
EXECUTE
Memory
Access
Reg
Write
MEMORY
WRITE
45
ARM10 vs. ARM11 Pipelines
ARM10
Branch
Prediction
Instruction
Fetch
FETCH
ARM or
Thumb
Instruction
Decode
ISSUE
Reg Read
DECODE
Shift + ALU
Memory
Access
Multiply
Multiply
Add
EXECUTE
MEMORY
Reg
Write
WRITE
ARM11
Fetch
1
Fetch
2
Decode
Issue
Shift
ALU
Saturate
MAC
1
MAC
2
MAC
3
Address
Data
Cache
1
Data
Cache
2
Write
back
46
Agenda
Introduction to ARM Ltd

Fundamentals, Programmer’s Model, and Instructions
Core Family Pipelines
AMBA
47
Example ARM-based System
16 bit RAM
32 bit RAM
Interrupt
Controller
nIRQ
8 bit ROM
039v12
nFIQ
I/O
Peripherals
ARM
Core
48
An Example AMBA System
High Performance
ARM processor
High
Bandwidth
External
Memory
Interface
AHB
UART
Timer
APB
Bridge
Keypad
High-bandwidth
on-chip RAM
PIO
DMA
Bus Master
High Performance
Pipelined
Burst Support
Multiple Bus Masters
039v12
APB
Low Power
Non-pipelined
Simple Interface
49
AHB Structure
Arbiter
Master
#1
HADDR
HWDATA
HADDR
HWDATA
HRDATA
Slave
#1
HRDATA
Address/Control
Master
#2
Slave
#2
Write Data
Read Data
Slave
#3
Master
#3
Slave
#4
Decoder
039v12
50
Download