{"id":3981,"date":"2020-05-17T17:01:12","date_gmt":"2020-05-17T22:01:12","guid":{"rendered":"https:\/\/dev.iachieved.it\/iachievedit\/?p=3981"},"modified":"2020-05-17T17:01:12","modified_gmt":"2020-05-17T22:01:12","slug":"working-with-arm-assembly","status":"publish","type":"post","link":"https:\/\/dev.iachieved.it\/iachievedit\/working-with-arm-assembly\/","title":{"rendered":"Working with ARM Assembly"},"content":{"rendered":"

Don’t ask me why I started looking at writing basic ARM assembly routines. Perhaps it’s for the thrill of it, or taking a walk down memory lane. My first assembly language program was for an IBM System\/360<\/a> using WYLBUR<\/a> in college<\/a>.<\/p>\n

This post is not a tutorial on assembly language<\/a> itself, or the ARM processor for that matter. If the phrases mnemonic<\/i>, register<\/i>, or branch on not equal<\/i> are foreign to you, have a look here<\/a>. I just wanted to write some easy routines and pick up some basics.<\/p>\n

Editor’s note:<\/b> All of the code below is available on GitHub<\/a>.<\/p>\n

We’ll be using a Raspberry Pi 4<\/a>. You will (obviously) need the GCC toolchain installed, which can be accomplished with sudo apt-get install build-essential<\/code>.<\/p>\n

Let’s save the following in a file named helloworld.s<\/code>:<\/p>\n

helloworld.s<\/code>:<\/p>\n

\n.global main\n\nmain:\npush {ip, lr}\n\nldr r0,=hellostr\nbl  printf\n\nmov r0,#0\n\npop {ip, pc}\n\n.data\nhellostr:\n.asciz \"Hello, world!\\n\"\n<\/pre>\n
Assemble and link the application together with gcc helloworld.s -o helloworld<\/code> and run it.<\/p>\n
It doesn’t get much more straightforward than this, and you’ve learned three new ARM assembly instructions:  ldr<\/code>, mov<\/code>, and bl<\/code>.  The remaining text are directives to the GNU assembler which we’ll cover in a minute.<\/p>\n
The ldr<\/code> instruction loads<\/i> some value from memory<\/i> into a register.  This is key with ARM:  load instructions load from memory.  In the example above we’re loading the address<\/i> of the beginning of the string into register r0<\/code>.  A technical note:  ldr<\/code> is actually a psuedoinstruction, but let’s gloss over that.<\/p>\n
bl<\/code> branches<\/i> to the label indicated (and updates the link register<\/i>), and in our case, there is this magical printf<\/code> we’re branching to.  More on that later.<\/p>\n
Finally, mov r0,#0<\/code> is positioning our program’s return code (zero) into r0.  Check it:<\/p>\n
\npi@raspberrypi:~ $ .\/helloworld\nHello, world!\npi@raspberrypi:~ $ echo $?\n0\n<\/pre>\n
What if we change the mov r0,#0<\/code> to mov r0,#0xff<\/code>?  Try it:<\/p>\n
\npi@raspberrypi:~ $ gcc helloworld.s -o helloworld\npi@raspberrypi:~ $ .\/helloworld\nHello, world!\npi@raspberrypi:~ $ echo $?\n255\n<\/pre>\n
Okay, now for something interesting.  Let’s count down from 10 to 1 and then print Hello, world!<\/i>.<\/p>\n
countdown.s<\/code>:<\/p>\n
\n.global main\n\nmain:\npush {ip, lr}\n\nmov r5,#10\ndo:\nldr r0,=fmtstr\nmov r1,r5\nbl  printf\nsub r5,#1\ncmp r5,#0\nbne do\n\nldr r0,=hellostr\nbl  printf\n\nmov r0,#0xff\n\npop {ip, pc}\n\n.data\nfmtstr:\n.asciz \"%d\\n\"\nhellostr:\n.asciz \"Hello, world!\\n\"\n<\/pre>\n
Okay, that escalated quickly!  One of the reasons assembly language is so much fun.  Let’s take a look at what is going on here and add some comments to our code.<\/p>\n
\nmov r5,#10      \/* Count down from 10 *\/\ndo:\nldr r0,=fmtstr  \/* Load the fmtstr pointer for printf *\/\nmov r1,r5       \/* Copy over our count to r1 for printf *\/\nbl  printf      \/* Call printf *\/\nsub r5,#1       \/* Decrement the counter by one *\/\ncmp r5,#0       \/* Compare the counter to zero *\/\nbne do          \/* Branch back to the do label if not *\/\n<\/pre>\n
There’s a few things to note here.  First, let’s talk about the use of r5<\/code> and why that register was deliberately chosen.  It turns out that when calling routines in assembly you better not use registers that will get trashed by whatever subroutine your calling (r0-r3<\/code>).  printf<\/code> can use these registers, so we’ll use r5<\/code> in our routine.<\/p>\n
Now, I will confess, I am not an assembly language expert much less an ARM assembly language expert.  Someone may look at the above code and ask why I didn’t use the subtract-and-compare-to-zero instruction (if there is one) or some other technique.  If there is a better way to write the above, please let me know!<\/p>\n
Counting Up<\/h2>\n
In the above example we counted down, now let’s count up, and instead of counting from zero to some max, let’s count up from some minimum value to some maximum value.  In other words, we’ll step through a sequence of values using an increment of one.<\/p>\n
countup.s<\/code>:<\/p>\n
\n.global main\n\nmain:\npush {ip, lr}\n\nldr r5,=min\nldr r5,[r5]\nldr r6,=max\nldr r6,[r6]\ndo:\nldr r0,=fmtstr\nmov r1,r5\nbl  printf\nadd r5,#1\ncmp r5,r6\nbne do\n\nmov r0,r5\n\npop {ip, pc}\n\n.data\nmin:\n.int 14\nmax:\n.int 29\nfmtstr:\n.asciz \"%d\\n\"\n<\/pre>\n
There’s some new syntax here, in particular the ldr rx,[rx]<\/code>.  This syntax is “load the value that is pointed to by the address in the register.”  It makes sense in that there is an instruction immediately before it ldr,=min<\/code> which is load the address identified by the label min<\/code>.  To be clear, the actual value<\/i> of that label is going to be dependent on the assembler, your application size, and where it gets loaded into memory.  Let’s look at an example of that:<\/p>\n
printmem.s<\/code>:<\/p>\n
\n.global main\n\nmain:\npush {ip, lr}\n\nldr r0,=fmtstr\nldr r1,=x\nbl  printf\n\nmov r0,#0xff\n\npop {ip, pc}\n\n.data\nx:\n.int 128\nfmtstr:\n.asciz \"Address of x is %p\\n\"\n<\/pre>\n
Compile and execute this code to see something like Address of x is 0x21028<\/code>.  Then move x<\/code> to after fmtstr<\/code> and you will see the address change.  What it will change to, again, is highly dependent on a number of factors.  Suffice it to say, using ldr<\/code> with memory addresses loads the address<\/i> into a register, not<\/i> the value at the address.  That is what we use ldr rx,[rx]<\/code> for.<\/p>\n
Running our countup<\/code> code indeed counts up from 14 to 28 and if we look at the return code (echo $?<\/code>) we get 29, the last value that was in r5.<\/p>\n
Writing a Procedure<\/h2>\n
Here is a basic ARM assembly procedure that computes and returns fib(n)<\/code>, the nth element of the Fibonacci sequence<\/a>.  We chose this specifically to demonstrate the use of the stack with push<\/code> and pop<\/code>.<\/p>\n
fib.s<\/code>:<\/p>\n
\n.global fib\nfib:\npush {r4-r5,lr}\nmov r4,r0      \/\/ r4 <- n\ncmp r4,#0\nbeq fib0       \/\/ n == 0? f(0) = 0\ncmp r4,#1\nbeq fib1       \/\/ n == 1? f(1) = 1\n\n\/\/ f(n-1)\nsub  r4,#1     \/\/ r4 <- n-1\nmov  r0,r4\nbl   fib       \/\/ r0 <- fib(n-1)\nmov  r5,r0     \/\/ r5 <- fib(n-1)\n\n\/\/ f(n-2)\nsub  r4,#1     \/\/ r4 <- n-2\nmov  r0,r4\nbl   fib       \/\/ r0 <- fib(n-2)\nadd  r0,r0,r5  \/\/ r0 <- r0 fib(n-2) + r5 fib(n-1)\nb    return\n\nfib1:\nmov r0,#1\nb   return\n\nfib0:\nmov r0,#0\nb   return\n\nreturn:\npop {r4-r5,lr}\nbx  lr\n<\/pre>\n
What should be noticed here is the use of push<\/code> and the list of register values we're going to save onto the stack.  In ARM assembly the Procedure Call Standard convention is to save registers r4-r8 if you're going to work with them in your subroutine.  In the above example we use r4 and r5 to compute fib(n)<\/code> so we first push r4 and r5 along with the link register<\/i>.  Before returning we pop<\/code> the previous values off the stack back into the registers.<\/p>\n
To use this routine in C we can write:<\/p>\n
fibmain.c<\/code>:<\/p>\n
\n#include \n\nint fib(int n);\n\nint main(void) {\n  for (int i = 10; i > 0; i--) {\n    int f = fib(i);\n    printf(\"fib(%d) = %d\\n\", i, f);\n  }\n  return 0;\n}\n<\/pre>\n
Then, compile, assemble, and link with gcc fibmain.c fib.s -o fibmain<\/code>.  Recall the procedure call standard convention that the arguments to the procedure will be in r0-r3<\/code>, hence why our first instruction mov r4,r0<\/code> to capture what n<\/code> we're calculating the Fibonacci number of.<\/p>\n
Taking the Average<\/h2>\n
Okay, one last routine.  We want to take the average of an array of integers.  In C that would look something like this:<\/p>\n
\nfloat average(int* a, unsigned l) {\n  float avg = 0.0;\n  for (int i = 0; i < l; i++) {\n    avg += a[i];\n  }\n  return avg\/l;\n}\n<\/pre>\n
Here's a go at it in ARM assembly.<\/p>\n
average.s<\/code>:<\/p>\n
\n.global average\naverage:\npush {r4-r5,lr}\nmov  r4,#0         \/\/ r4 <- 0\nvmov s1,r1         \/\/ s1 <- n\ndo:\nldr  r5,[r0],#4    \/\/ r5 <- a[n]\nadd  r4,r5         \/\/ r4 <- r4 + r5\nsub  r1,#1         \/\/ r1 <- r1 - 1\ncmp  r1,#0\nbne  do            \/\/ if (r1 != 0) do\nvmov s0,r4         \/\/ s0 <- sum\nvcvt.f32.s32 s0,s0 \/\/ Convert s0 to a fp value\nvcvt.f32.s32 s1,s1 \/\/ Convert s1 to a fp value\nvdiv.f32 s0,s0,s1  \/\/ s0 <- s0\/s1\npop  {r4-r5,lr}\nbx   lr\n<\/pre>\n
There are some new instructions, an interesting form of the ldr<\/code> instruction, and a new type of register.<\/p>\n
First, the vmov<\/code> instruction and register s1<\/code>.  vmov<\/code> moves values into registers of the Vector Floating-Point Coprocessor<\/b>, assuming<\/i> your processor has one (if it is a Pi it will).  s1<\/code> is one of the single-precision floating-point registers.  Note that this is a 32-bit wide register that can store a C float<\/code>.<\/p>\n
Next up is the ldr r5,[r0],#4<\/code> instruction.  Recall that ldr ra,[rb]<\/code> loads the value stored at the address in rb<\/code> into ra<\/code>.  The #4<\/code> at the end instructs the processor to then increment<\/i> the value in rb<\/code> by 4.  In effect we are walking the array of integers whose starting address is in r0<\/code>.<\/p>\n
Finally, once we add all of the values in the array we have the sum in the register r4<\/code>.  To divide that sum by the length of the array (which was saved off in the floating-point register s1<\/code>) we load r4<\/code> into s0<\/code> and perform one last thing:  vcvt<\/code>.  vcvt<\/code> converts between integers and floating-point numbers (which are, after all, an encoding).  So s0<\/code> gets converted to a floating-point value, as does s1<\/code>, and then we perform our division with vdiv<\/code>.<\/p>\n
As with r0<\/code> being the standard for returning an int<\/code> from a procedure call, s0<\/code> will hold our float value.<\/p>\n
We can use this function in our main routine.<\/p>\n
averagemain.c<\/code>:<\/p>\n
\n#include \n\nfloat average(int* a, unsigned l);\n\nint main(void) {\n  int a[] = {82,  98, 90, 88, 87, 75};\n\n  float avg = average(a, sizeof(a)\/sizeof(int));\n\n  printf(\"Average:  %2.2f\\n\", avg);\n}\n<\/pre>\n
Compile with gcc averagemain.c average.s -o averagemain<\/code> and run.<\/p>\n
\n.\/averagemain\nAverage:  86.67\n<\/pre>\n
Closing Thoughts<\/h2>\n
This post has been a lot of fun to write because assembly is actually fun to write and serves as a reminder that even the highest-level languages get compiled down to instructions that the underlying CPU can execute.  One instruction set we didn't touch on is the store<\/b> instructions.  These are used to save the contents (store) of registers to memory.  Perhaps next time.<\/p>\n
Once again, all of the code in this post can be found in the armassembly<\/a> repository on GitHub.<\/p>\n","protected":false},"excerpt":{"rendered":"
Don’t ask me why I started looking at writing basic ARM assembly routines. Perhaps it’s for the thrill of it, or taking a walk down memory lane. My first assembly language program was for an IBM System\/360 using WYLBUR in college. This post is not a tutorial on assembly language itself, or the ARM processor […]<\/p>\n","protected":false},"author":1,"featured_media":2960,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[99,100,13],"tags":[],"class_list":["post-3981","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-arm","category-assembly","category-raspberry-pi"],"_links":{"self":[{"href":"https:\/\/dev.iachieved.it\/iachievedit\/wp-json\/wp\/v2\/posts\/3981"}],"collection":[{"href":"https:\/\/dev.iachieved.it\/iachievedit\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dev.iachieved.it\/iachievedit\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dev.iachieved.it\/iachievedit\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dev.iachieved.it\/iachievedit\/wp-json\/wp\/v2\/comments?post=3981"}],"version-history":[{"count":18,"href":"https:\/\/dev.iachieved.it\/iachievedit\/wp-json\/wp\/v2\/posts\/3981\/revisions"}],"predecessor-version":[{"id":3999,"href":"https:\/\/dev.iachieved.it\/iachievedit\/wp-json\/wp\/v2\/posts\/3981\/revisions\/3999"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/dev.iachieved.it\/iachievedit\/wp-json\/wp\/v2\/media\/2960"}],"wp:attachment":[{"href":"https:\/\/dev.iachieved.it\/iachievedit\/wp-json\/wp\/v2\/media?parent=3981"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dev.iachieved.it\/iachievedit\/wp-json\/wp\/v2\/categories?post=3981"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dev.iachieved.it\/iachievedit\/wp-json\/wp\/v2\/tags?post=3981"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}