how much of the arm instruction space is valid code?

coverage.cpp

/* count valid disassemblies

compile:
	g++ -std=c++11 coverage.cpp -pthread -lcapstone -o coverage
*/

#include <stdio.h>
#include <inttypes.h>
#include <pthread.h>

/******************************/
/* capstone stuff */
/******************************/
#include <capstone/capstone.h>

bool disasm(uint8_t *data)
{
	/* init? */
	static thread_local csh handle = 0;
	static thread_local cs_insn *insn = NULL;
	if(insn == NULL) {
		cs_mode mode = (cs_mode)(CS_MODE_LITTLE_ENDIAN | CS_MODE_ARM);
		if(cs_open(CS_ARCH_ARM, mode, &handle) != CS_ERR_OK) {
			fprintf(stderr, "ERROR: cs_open()\n");
			exit(-1);
		}

		insn = cs_malloc(handle);
		if(!insn) {
			fprintf(stderr, "ERROR: cs_malloc()\n");
			exit(-1);
		}		
	}

	uint64_t addr = 0;
	size_t size = 4;
	const uint8_t *pinsword = data;

	size_t count = cs_disasm_iter(handle, &pinsword, &size, &addr, insn);
	return count==1;
}

/******************************/
/* worker */
/******************************/

struct worker_arg {
	uint64_t start;
	uint64_t stop;
	uint32_t count;
};

void *worker(void *arg_) {
	/* verbose */
	struct worker_arg *arg = (struct worker_arg *)arg_;
	fprintf(stderr, "worker thread [%" PRIx64 " ,%" PRIx64 ") STARTING!\n", arg->start, arg->stop);

	/* capstone */
	csh CS_handle = 0;
	cs_insn *CS_insn = NULL;
	cs_mode mode = (cs_mode)(CS_MODE_LITTLE_ENDIAN | CS_MODE_MIPS32R6);
	if(cs_open(CS_ARCH_MIPS, mode, &CS_handle) != CS_ERR_OK) {
		fprintf(stderr, "ERROR: cs_open()\n");
		exit(-1);
	}
	CS_insn = cs_malloc(CS_handle);

	/* work */
	arg->count = 0;
	for(uint64_t insword64=arg->start; insword64!=arg->stop; ++insword64) {
		uint32_t insword32 = insword64;
		if(disasm((uint8_t *)&insword32)) {
			arg->count += 1;
		}
	}

	fprintf(stderr, "worker thread [%" PRIx64 ", %" PRIx64 ") EXITING! count: %u\n", arg->start, arg->stop, arg->count);
	return 0;
}

/******************************/
/* main */
/******************************/
#define NTHREADS 32
#define MAXENCODING 0x100000000
int main(int ac, char **av)
{
	pthread_t threads[NTHREADS];
	struct worker_arg args[NTHREADS];

	/* initiate threads */
	uint32_t work_per_thread = (uint64_t)MAXENCODING / NTHREADS;
	for(int i=0; i<NTHREADS; ++i) {
		args[i].start = i*work_per_thread;
		args[i].stop = MAXENCODING;
		pthread_create(&(threads[i]), NULL, worker, &(args[i]));
	}

	/* join all threads */
	for(int i=0; i<NTHREADS; ++i)
		pthread_join(threads[i], NULL);

	/* sum results */
	uint32_t total = 0;
	for(int i=0; i<NTHREADS; ++i)
		total += args[i].count;
	printf("total: %u\n", total);
}

$ ./coverage
worker thread [0 ,100000000) STARTING!
worker thread [8000000 ,100000000) STARTING!
worker thread [10000000 ,100000000) STARTING!
worker thread [18000000 ,100000000) STARTING!
worker thread [20000000 ,100000000) STARTING!
worker thread [28000000 ,100000000) STARTING!
worker thread [30000000 ,100000000) STARTING!
worker thread [38000000 ,100000000) STARTING!
worker thread [40000000 ,100000000) STARTING!
worker thread [48000000 ,100000000) STARTING!
worker thread [50000000 ,100000000) STARTING!
worker thread [58000000 ,100000000) STARTING!
worker thread [60000000 ,100000000) STARTING!
worker thread [68000000 ,100000000) STARTING!
worker thread [70000000 ,100000000) STARTING!
worker thread [78000000 ,100000000) STARTING!
worker thread [f0000000 ,100000000) STARTING!
worker thread [e0000000 ,100000000) STARTING!
worker thread [d0000000 ,100000000) STARTING!
worker thread [c8000000 ,100000000) STARTING!
worker thread [c0000000 ,100000000) STARTING!
worker thread [b8000000 ,100000000) STARTING!
worker thread [a8000000 ,100000000) STARTING!
worker thread [a0000000 ,100000000) STARTING!
worker thread [b0000000 ,100000000) STARTING!
worker thread [98000000 ,100000000) STARTING!
worker thread [e8000000 ,100000000) STARTING!
worker thread [88000000 ,100000000) STARTING!
worker thread [80000000 ,100000000) STARTING!
worker thread [f8000000 ,100000000) STARTING!
worker thread [d8000000 ,100000000) STARTING!
worker thread [90000000 ,100000000) STARTING!
worker thread [f8000000, 100000000) EXITING! count: 84042048
worker thread [f0000000, 100000000) EXITING! count: 100568575
worker thread [e8000000, 100000000) EXITING! count: 230071295
worker thread [e0000000, 100000000) EXITING! count: 341015111
worker thread [d8000000, 100000000) EXITING! count: 470517831
worker thread [d0000000, 100000000) EXITING! count: 581330575
worker thread [c8000000, 100000000) EXITING! count: 710833295
worker thread [c0000000, 100000000) EXITING! count: 821646039
worker thread [b8000000, 100000000) EXITING! count: 951148759
worker thread [b0000000, 100000000) EXITING! count: 1061961503
worker thread [a8000000, 100000000) EXITING! count: 1191464223
worker thread [a0000000, 100000000) EXITING! count: 1302276967
worker thread [98000000, 100000000) EXITING! count: 1431779687
worker thread [90000000, 100000000) EXITING! count: 1542592431
worker thread [88000000, 100000000) EXITING! count: 1672095151
worker thread [80000000, 100000000) EXITING! count: 1782907895
worker thread [78000000, 100000000) EXITING! count: 1912410615
worker thread [70000000, 100000000) EXITING! count: 2023223359
worker thread [68000000, 100000000) EXITING! count: 2152726079
worker thread [60000000, 100000000) EXITING! count: 2263538823
worker thread [58000000, 100000000) EXITING! count: 2393041543
worker thread [50000000, 100000000) EXITING! count: 2503854287
worker thread [48000000, 100000000) EXITING! count: 2633357007
worker thread [40000000, 100000000) EXITING! count: 2744169751
worker thread [38000000, 100000000) EXITING! count: 2873672471
worker thread [30000000, 100000000) EXITING! count: 2984485215
worker thread [8000000, 100000000) EXITING! count: 3594618863
worker thread [28000000, 100000000) EXITING! count: 3113987935
worker thread [0, 100000000) EXITING! count: 3705431607
worker thread [20000000, 100000000) EXITING! count: 3224800679
worker thread [18000000, 100000000) EXITING! count: 3354303399
worker thread [10000000, 100000000) EXITING! count: 3465116143
total: 3384414313

And 3384414313 / 2**32 is 0.78799 (78.8%)