Home > Others

Rules for calculation of jump instruction BL/BLX offset value in arm

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

    1. 4-byte aligned arm instructions

???? Rules: offset = (Jump address-(instruction address +8))/4

Reason:

instruction address + 8: The actual value of the PC is a+8, because arm's pipeline makes the instruction execute to the current instruction.

Jump command-get address in previous step : Get the difference between the jump instruction and the current PC.

÷4: Because arm's instruction is 4 aligned, that is, the lowest two bit is 00, so the value is shifted to the right two bits.

?

when executing :

Remove the offset, left two-bit, add the PC, the value of the PC is exactly the address value at the target, that is, the target address instruction entered the value, the first two levels of the pipeline is emptied.

?

Example test:

. Text: 0000126C9F E5 LDR R0,=0x4d44

. Text : 0000127000708f< Span style= "Color:black" > E0 ADD R7 , Pc , R0

. Text : 00001274070086< Span style= "Color:black" > E0 ADD R0 , R6 ,

. Text : 00001278741080< Span style= "Color:black" > E2 ADD R1 , R0 , #0x74

. Text : 0000127c DC 2080 E2 ADD R2 , R0 , #0xdc /span>

. Text : 000012800400 A0 E3 MOV R0 , #4

. Text : 0000128492 FF FF EB BL __android_log_print

. Text: 00001288 E5 LDR R0,[R5 ]

?

?

. PLT:000010d4 __android_log_print

. PLT:000010d4 C6 8F E2 ADR R12,0x10dc

(0010d4-(001284 + 8))/4 = 00ffff92.

Corresponds to the machine code for the A-F FF FF

2. THUMB2 Instructions

???? (Turn from http://bbs.pediy.com/showthread.php?t=199429))

1. Jump backwards

0012 00f001f8 Bl. Lhelo

. Lhelo:

0018 05f0d1f7 PLD [R1, R5]

?

Calculation method:

Take the high f000, take the post 11-bit = 000

Take the low f801, take the post 11-bit = 001

Calculation: (<< 12) | (001 << 1) = 2

Since this maximum sign bit is 0. Represents a backward jump, just keep the value 2

?

Then the calculated target address is: 0x0012 + 4 + 2 = 0x0018

Jump forward

00001164 ff F7 be ff BL _Z4TESTV

_z4testv

000010E4 B5 PUSH {R0-R2,LR}

?

Calculation method:

Take the high f7ff, take the back 11 bit = 7ff

Take the low ffbe, take the back 11 bit = 7be

Calculation: (7ff << 12) | (7be << 1) = 7fff7c

Since this maximum sign bit for 1 represents a forward jump, 1 is then taken back to get the value ff800084. Take 84

?

Then the calculated target address is: 0x1164 + 4-0x84 = 0x10e4

?

Reverse process:

Bl?<label>
The machine code algorithm is obtained by the BL instruction:

Offset= dstaddr - srcaddr;

?

Offset=(offset-4)& 0x007fffff;

?

high< Span style= "Color:black" > = offset >> 12;

Low=(offset&0x00000fff ) >>1;

?

Machinecode= ( 0xff00 | low ) << 16 ) | ( 0xf000 | high )

BLX <label>

Similar to BL.

Offset= dstaddr - srcaddr;

?

Offset=(offset-4)& 0x007fffff;

?

high< Span style= "Color:black" > = offset >> 12;

Low=(offset&0x00000fff ) >>1;

?

If(low%2 ! ) = 0) {

Low+ +;

}

?

Machinecode = ( 0xef00 | low ) << 16 ) | ( 0xf000 | high )

Rules for calculation of jump instruction BL/BLX offset value in arm

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
what offset value rules for defining variables in c jump in de line double jump in checkers phrase to jump example of value of pie in maths value of digits in decimals

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More