range of BL instruction in arm state is + or - 32MB as per instruction set.how...........?
The ARM BL instruction has a 24-bit immediate for encoding the branch offset (see section A8.8.25 of the ARMv7-A/R Architecture Reference Manual).
This would give you a range of 2^24 bytes, or +/-8MB (given that the immediate has include whether it forwards or backwards). However, all ARM instructions are 4 bytes long, and must be size aligned. Because of this we don't have to worry about the two least significant bits of the address - taking our branch range from +/-8MB to +/-32MB.
i dont understand.............?
What the B/BL instructions do is branch (or jump) to a different address. At an instruction level the destination of the branch is encoded as an offset from the current address. So current destination = address + offset. The range of the instruction is therefore determined by the number of bits available to encode the offset.
ARM instructions are 32 bits long.Some of those bits are needed to encode that it's a branch instruction, and others to encode the condition. What that leaves you in 24 bits to encode the offset. That works out as a range of +/- 32MB from the current location (based on the explanation above).
but 2^24 bytes=16MB......Then how can tou say that 32MB.?
That comes back to the earlier post. 2^24 gives you 16MB, but as we can branch forwards or backwards this becomes +/- 8MB (total of 16MB).
This would be true if we needed to encode a BYTE offset, but we don't. ARM instructions are ALWAYS four bytes, and must always be 4-byte aligned. A 4-byte aligned address has bits [1:0]=b00. So we when look at encoding the offset, we don't have worry about these bottom two bits - they are always going to be b00. Effectively this gives two "free" bits of offset, taking the range from +/-8MB to +/-32MB.
thank u for ur reply.
Thanks for the answer. But i believe the range of jump should just have been mentioned in Words, as thats what is the alignment of instructions. So for a 24bit offset, the branch can have range of plus/minus 8Million Words.i.e. it can go ahead or behind by 8Million instructions , thats it. The reference to 32MByte is slightly confusing for beginners.
i.e. it can go ahead or behind by 8Million instructions , thats it.
Consider for a moment, however obtuse it may seem, that the 16MiB of memory before and after the current instruction may not actually be other instructions. Code and data may live in the same underlying address space. To say that you branch over a certain 'count' of 'instructions' isn't specific, and is in fact somewhat misleading.
In a true Harvard architecture all that can be in the memory either side of the branch is instructions/code space, so you will be branching a number of potential instructions away. But ARM architecture is not a true Harvard architecture.. and even in a Harvard architecture you can leave your instruction address space unpopulated, with no instructions at all. So, a branch range in (Mega)bytes is obviously more specific and less open to confusion, in terms of specification.
Aside from the mixture of instruction and data, Thumb instructions could also be existing in memory within the range of the branch offset. So, the alignment of instructions and instruction count are unsuitable bases in specifying the size and unit of the branch range.
The opcode for ARM's BL instruction accepts/requires a 24-bit immediate value, so the architecture knows how much to offset (i.e. add to) the PC (program counter) to allow it to jump to the specified label. These 24 bits allow us a jump range of 2^24 = 16,777,216 = 16 MB memory addresses. But since we want to be able to add to and subtract from the PC, we will need to have negative immediates available to us. In other words, we need the most significant bit (MSb) of the immediate to be the sign bit. In doing so, we lose jump range by one bit, i.e. a power of 2, yielding an actual jump range of ± 2^23 = ± 8,388,608 = ± 8 MB memory addresses. However, since each memory address is 4 byte-aligned, each memory address actually contains 4 bytes (since ARM instructions are always 4 bytes long). Thus, the actual number of bytes reachable by the BL instruction is ± 4 × 2^23 = ± 33,554,432 = ± 32 MB.