1

I need to decode ARM(ARM926EJ) instructions in C. I have the 32 bit instruction in hex. I want to decode and get the opcode operands. Anyone know any good material for this.

N.B. I looked into QEMU translate.c file. But its so complex and doesn't even tell why is doing what.

sheikh
  • 117
  • 4
  • 13
  • 3
    Get the instruction set handbook for the ARM processor and use that? – RedX Jul 16 '12 at 06:36
  • 4
    Do you need to do this yourself, or would an existing tool (e.g., [IDAPro](http://www.hex-rays.com/products/ida/index.shtml) work for you? – Jerry Coffin Jul 16 '12 at 06:37
  • What do you mean by in hex? Can you post some examples so we can use that as a basis for discussion (show you how to disassemble). an arm9 supports thumb so unless you know there is no thumb code you need to treat this as a variable length instruction set. – old_timer Jul 16 '12 at 17:11
  • By instrumenting the instruction I'm getting the EIP & Instruction. The processor architecture has both ARM and THUMB support. For example at some point: eip: [c004f96c] insn: [e3530000] I know I've to mask the "insn" & check for certain value. I got the following code from QEMU translate.c if (insn & 0x0e5fffe0) == 0x084d0500 This is just part of some if else logic. But it's so vague. If anyone have done this please give some insight. – sheikh Jul 16 '12 at 19:29
  • @JerryCoffin Thanks for your reply. I actually didn't use IDA Pro that much (I just installed it right now and had a look). I saw it gives the machine code, hex dump. But I need the translation from the 32 bit instruction. And I also have to know the logic. – sheikh Jul 16 '12 at 19:31

2 Answers2

5

Assuming you don't want/can't use a program to do it for you, you can refer to the ARM Reference Manual.

There are sections in it that are dedicated to instruction encoding.

tangrs
  • 9,709
  • 1
  • 38
  • 53
  • Thanks for your reply. I actually looked into it. I was thinking is there any resource(API) which actually does that. – sheikh Jul 16 '12 at 19:34
4

I use a script which combines gas and objdump to do this for me. I'm sure there are better ways but this works well for me.

#!/bin/sh

cat > /tmp/foo.S <<EOF
 .text
 .arm
 .word $1
EOF

arm-linux-gnueabi-as  /tmp/foo.S -o /tmp/foo.o
echo "ARM:  " `arm-linux-gnueabi-objdump -d /tmp/foo.o | grep "   0:"`
echo "Thumb:" `arm-linux-gnueabi-objdump --disassembler-options=force-thumb -d     /tmp/foo.o | grep "   0:"`
rm -rf /tmp/foo.o /tmp/foo.S
Pete Fordham
  • 2,278
  • 16
  • 25
  • I have the 32 bit instruction i.e. insn: e3530000 I need to decode it preferably in C. The objdump is not sufficient for me. I really appreciate for your reply. – sheikh Jul 16 '12 at 19:45
  • Are you trying to write an emulator? – Pete Fordham Jul 16 '12 at 20:30
  • I'm actually using the QEMU for that. I just need to decode the instructions. N.B. QEMU already does the decoding. But it's not well documented and difficult to understand. – sheikh Jul 16 '12 at 20:57