Currently I attempt to study the repartition of the instruction space or the ARMv7 processor, cf. documentation found here. There is a detail puzzling me currently, which is how the processor disambiguates between some pairs of instructions.
Let's for example consider the two following THUMB instructions :
A8.8.18 B : encoding T3
+-+-+-+-+-+-+-------+-----------+-+-+--+-+--+---------------------+
|1|1|1|1|0|S| cond | imm6 |1|0|J1|0|J2| imm11 |
+-+-+-+-+-+-+-------+-----------+-+-+--+-+--+---------------------+
A8.8.32 CLREX : encoding T1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+--+-+--+-+-+-+-+-+-+-+-+-+-+-+
|1|1|1|1|0|0|1|1|1|0|1|1|1|1|1|1|1|0|0 |0|1 |1|1|1|0|0|1|0|1|1|1|1|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+--+-+--+-+-+-+-+-+-+-+-+-+-+-+
The two things to notice is that both instructions have all their fixed bits equal, and secondly the second instruction has cond = 1110, which is a valid condition code (AL). According to instruction semantics S is the sign bit, and J2:J1:imm6:imm11 is the relative jump target, so they could have any value.
This decoding appears ambiguous, but I must surely be wrong. What am I missing here ? Any light on this would be well appreciated.
Under the T3 encoding of B instruction there's pseudocode which says:
if cond<3:1> == '111' then SEE "Related encodings";
And you can see that indeed CLREX has the "cond" field of 1110 (AL).
This makes sense, since for unconditional branches there is a shorter encoding, so the "branch always/never" bit patterns can be reused for other instructions. See table A6.3.4 Branches and miscellaneous control for the complete list.