"BL" or "B" when compiling ARM

Hi

I am recently doing research on binaries in ARM architecture.

I noticed that when I compile the source code using thumb instruction set, llvm will use BL to jump to some basic blocks rather than B, which means the jump target by BL could also be a basic block rather than function start. Some disassemblers would directly set the target of BL as a start of a function, which is not right.

I am really curious when the compiler would choose to use BL and when the compiler would choose to use B when the target is a basic block. I noticed sometimes there might be no differences between these two branch instructions. Many Thanks

Regards
Muhui

Hi Muhui,

I am really curious when the compiler would choose to use BL and when the compiler would choose to use B when the target is a basic block. I noticed sometimes there might be no differences between these two branch instructions.

BL is one of the very few instructions that's 32-bits wide on CPUs
that only support the Thumb1 instruction set (usually Cortex-M0 these
days). Because of that it's got a much larger range than any other
branch so LLVM uses it instead of a string of intermediate branches
when a target block would be out of range of the usual unconditional
branches.

Cheers.

Tim.