ARM

The ARM architecture is a 32-bit RISC architecture with 16 general purpose registers available to regular programs and a status register (actually there are more general purpose registers and status registers but those are only used in exception modes and not important for our discussion). Every instruction is 4 bytes long, this is very different from the x86 architecture which has variable length instructions.

Registers R0 to R12 are real general purpose registers that do not have a dedicated purpose. Register R13 is used as a stack pointer and can also be referred to as register SP. Register R14 is used as the link register and is also referred to as LR. It contains the return address for functions and exceptions. Register R15 contains the current program counter and is also referred to as PC. Unlike x86 architectures, we can directly read and write this register. Reading from this register will return the currently executing instruction + 8 bytes in ARM mode or the current instruction + 4 bytes in Thumb mode (see section 1.5). Writing to this register causes execution to continue at this address.

Coprocessors

ARM processors can be extended with a number of coprocessors to perform non-standard calculations and to avoid having to do these calculations in software. ARM supports up to 16 coprocessors, each of which has a unique identification number. Some processors might need more than one identification number, in order to accommodate large instruction sets. Coprocessors are available for memory management, floating point operations, debugging, media, cryptography, ...

When an ARM processor encounters an instruction it cannot process, it sends the instruction out on the coprocessor bus. If a coprocessor recognizes the instruction, it can execute it and respond to the main processor. If none of the coprocessors respond, an 'illegal instruction' exception is raised.

However coprocessor in ARM is a misleading notion. It's shorthand for an optional piece of functionality that is not exposed via the core instruction set. ARM CPUs are modular. There are bits and pieces of CPU hardware that implementers of the architecture may or may not place on the chip. The memory management unit (MMU) is one example; there are others, such is the hardware debugging facility. Those are, indeed, identified by coprocessor number (pXX), so that more than one coprocessor can be present at the same time. The coprocessor number for MMU is traditionally p15. Coprocessors p0..p14 have nothing to do with memory management and may not be present. The debugging subsystem, for example, is p14.

• Processor setup via co-processor 15 and about co-processors

Instruction set

Links

• A few documents about it
• Cheat sheet
• specification
• The Instruction Set
• ARM instruction set
• The ARM Instruction Set Architecture
• ARM immediate value encoding

• Instruction set

• Why does the ARM PC register point to the instruction after the next one to be executed? : original ARM has 3-stage pipeline (fetch-decode-execute) so you have to add 2 words to calculate offset from pc: it's more useful in reversing probably

  In ARM state, the value of the PC is the address of the current instruction plus 8 bytes.

  In Thumb state:

  For B, BL, CBNZ, and CBZ instructions, the value of the PC is the address of the current instruction plus 4 bytes. For all other instructions that use labels, the value of the PC is the address of the current instruction plus 4 bytes, with bit[1] of the result cleared to 0 to make it word-aligned.

Links

• A Brief History of Arm: Part 1
• A Brief History of Arm: Part 2
• List of ARM microarchitectures
• ARM architecture overview
• ARM1176JZFS specification
• Status register
• Cortex-M for beginners
• open source baremetal coding resources for ARM Cortex-M
• Alphanumeric RISC ARM Shellcode
• ARM assembly tutorial
• ARM Cortex-M0 assembly programming tips and tricks
• Intro to Cortex M0 and LPCxpresso 1114 PDF
• [Difference between arm-eabi arm-gnueabi and gnueabi-hf compilers]
• ARM calling convention
• Generica page about ARM
• Reverse engineering the ARM1
• More ARM1 processor reverse engineering: the priority encoder
• What is the difference between arm-eabi and gnueabi-hf
• What is the difference between arm-linux-gcc and arm-none-linux-gnueabi
• VPF: technology is an FPU (Floating-Point Unit) coprocessor extension to the ARM architecture
• Whirlwind Tour of ARM Assembly
• Online ARM To Hex Converter
• White Paper: DSP capabilities of Cortex-M4 and Cortex-M7
• posborne/cmsis-svd This repository seeks to provide value to developers targetting ARM platforms in two main ways:
  • Provide a convenient place to access and aggregate CMSIS-SVD hardware descriptions from multiple sources.
  • Provide parsers that make code generation and tooling based on SVD easier to build. Most parsers simply parse a provided SVD file and turn it into a data structure more easily used in that language.
• libopencm3/libopencm3 Open source ARM Cortex-M microcontroller library
• How stack trace on ARM works
• The AArch64 processor (aka arm64), part 1: Introduction
• The AArch64 processor (aka arm64), part 2: Extended register operations
• The AArch64 processor (aka arm64), part 3: Addressing modes
• ENCODING OF IMMEDIATE VALUES ON AARCH64