|
Robert D'Attilio(deleted)
|
Deciphering Function prologue and epilogue for PPC-based code
|
|
Robert D'Attilio(deleted)
03/26/2009 3:49 PM
post25397
|
Deciphering Function prologue and epilogue for PPC-based code
Hi:
I am trying to decipher the function prologue and epilogue code for setting up and unwinding the stack. The code is c++
and compiled under qcc (3.3.5) for our PPC405 processor. My understanding from reading the PPC EABI docs is that R1 is
treated as the stack pointer. The steps for setting up a new stack frame are to decrement the current SP to account for
the new frame, save the old SP in this frame (the back chain pointer) and also save the return address (Link Register)
in the slot in the previous stack frame. All makes sense.
However, the prologue/epilogue code for my function also includes saving/restoring register R31 which appears to be
operating as a frame pointer. However I don't see why when R1 and R31 always seem to be pointing to the same thing. So
my questions:
1) Why bother with preserving R31 when one can access all fields in the current frame by just using R1?
2) Why are 48 bytes reserved for the frame when less than that is actually used for storing frame header + parameters +
local vars?
Here is the code. Note it is a C++ function.
void Test::send(unsigned int value)
{
480405f4: 94 21 ff d0 stwu r1,-48(r1)
480405f8: 7c 08 02 a6 mflr r0
480405fc: 93 e1 00 2c stw r31,44(r1)
48040600: 90 01 00 34 stw r0,52(r1)
48040604: 7c 3f 0b 78 mr r31,r1
48040608: 90 7f 00 08 stw r3,8(r31)
4804060c: 90 9f 00 0c stw r4,12(r31)
unsigned int x = m_id;
48040610: 81 3f 00 08 lwz r9,8(r31)
48040614: 80 09 00 00 lwz r0,0(r9)
48040618: 90 1f 00 10 stw r0,16(r31)
m_dir = value;
4804061c: 81 3f 00 08 lwz r9,8(r31)
48040620: 80 1f 00 0c lwz r0,12(r31)
48040624: 90 09 00 04 stw r0,4(r9)
Test* p = this;
48040628: 80 1f 00 08 lwz r0,8(r31)
4804062c: 90 1f 00 14 stw r0,20(r31)
printf("This is me %u at 0x%p\n", x, p);
48040630: 3d 20 48 04 lis r9,18436
48040634: 38 69 07 c4 addi r3,r9,1988
48040638: 80 9f 00 10 lwz r4,16(r31)
4804063c: 80 bf 00 14 lwz r5,20(r31)
48040640: 4c c6 31 82 crclr 4*cr1+eq
48040644: 48 00 12 f9 bl 4804193c <_edata+0x4c>
}
48040648: 81 61 00 00 lwz r11,0(r1)
4804064c: 80 0b 00 04 lwz r0,4(r11)
48040650: 7c 08 03 a6 mtlr r0
48040654: 83 eb ff fc lwz r31,-4(r11)
48040658: 7d 61 5b 78 mr r1,r11
4804065c: 4e 80 00 20 blr
Thanks
robert
|
|
|
|
|
|
Aleksandar Ristovski(deleted)
|
Re: Deciphering Function prologue and epilogue for PPC-based code
|
|
Aleksandar Ristovski(deleted)
03/26/2009 5:12 PM
post25405
|
Re: Deciphering Function prologue and epilogue for PPC-based code
Robert D'Attilio wrote:
> Hi:
>
> I am trying to decipher the function prologue and epilogue code for setting up and unwinding the stack. The code is c+
+ and compiled under qcc (3.3.5) for our PPC405 processor. My understanding from reading the PPC EABI docs is that R1 is
treated as the stack pointer. The steps for setting up a new stack frame are to decrement the current SP to account for
the new frame, save the old SP in this frame (the back chain pointer) and also save the return address (Link Register)
in the slot in the previous stack frame. All makes sense.
> However, the prologue/epilogue code for my function also includes saving/restoring register R31 which appears to be
operating as a frame pointer. However I don't see why when R1 and R31 always seem to be pointing to the same thing. So
my questions:
>
> 1) Why bother with preserving R31 when one can access all fields in the current frame by just using R1?
I am no expert on the topic; but are you sure it is always
pointing to the same thing? I did a quick test with a simple
virtual function and in it I see r31 being saved and then
"this" pointer loaded into it (Note: compiled with gcc 4.3.3).
4804613c: 94 21 ff b0 stwu r1,-80(r1)
48046140: 7c 08 02 a6 mflr r0
48046144: 90 01 00 54 stw r0,84(r1)
48046148: 93 21 00 34 stw r25,52(r1)
4804614c: 93 41 00 38 stw r26,56(r1)
48046150: 93 61 00 3c stw r27,60(r1)
48046154: 93 81 00 40 stw r28,64(r1)
48046158: 93 a1 00 44 stw r29,68(r1)
4804615c: 93 c1 00 48 stw r30,72(r1)
48046160: 93 e1 00 4c stw r31,76(r1)
48046164: 7c 79 1b 78 mr r25,r3
48046168: 7c 9f 23 78 mr r31,r4
---
Aleksandar
> 2) Why are 48 bytes reserved for the frame when less than that is actually used for storing frame header + parameters
+ local vars?
>
> Here is the code. Note it is a C++ function.
>
> void Test::send(unsigned int value)
> {
> 480405f4: 94 21 ff d0 stwu r1,-48(r1)
> 480405f8: 7c 08 02 a6 mflr r0
> 480405fc: 93 e1 00 2c stw r31,44(r1)
> 48040600: 90 01 00 34 stw r0,52(r1)
> 48040604: 7c 3f 0b 78 mr r31,r1
> 48040608: 90 7f 00 08 stw r3,8(r31)
> 4804060c: 90 9f 00 0c stw r4,12(r31)
> unsigned int x = m_id;
> 48040610: 81 3f 00 08 lwz r9,8(r31)
> 48040614: 80 09 00 00 lwz r0,0(r9)
> 48040618: 90 1f 00 10 stw r0,16(r31)
> m_dir = value;
> 4804061c: 81 3f 00 08 lwz r9,8(r31)
> 48040620: 80 1f 00 0c lwz r0,12(r31)
> 48040624: 90 09 00 04 stw r0,4(r9)
> Test* p = this;
> 48040628: 80 1f 00 08 lwz r0,8(r31)
> 4804062c: 90 1f 00 14 stw r0,20(r31)
> printf("This is me %u at 0x%p\n", x, p);
> 48040630: 3d 20 48 04 lis r9,18436
> 48040634: 38 69 07 c4 addi r3,r9,1988
> 48040638: 80 9f 00 10 lwz r4,16(r31)
> 4804063c: 80 bf 00 14 lwz r5,20(r31)
> 48040640: 4c c6 31 82 crclr 4*cr1+eq
> 48040644: 48 00 12 f9 bl 4804193c <_edata+0x4c>
> }
> 48040648: 81 61 00 00 lwz r11,0(r1)
> 4804064c: 80 0b 00 04 lwz r0,4(r11)
> 48040650: 7c 08 03 a6 mtlr r0
> 48040654: 83 eb ff fc lwz r31,-4(r11)
> 48040658: 7d 61 5b 78 mr r1,r11
> 4804065c: 4e 80 00 20 blr
>
> Thanks
> robert
>
>
> _______________________________________________
> General
> http://community.qnx.com/sf/go/post25397
>
|
|
|
|
|
|
Neil Schellenberger(deleted)
|
Re: Deciphering Function prologue and epilogue for PPC-based code
|
|
Neil Schellenberger(deleted)
03/26/2009 5:51 PM
post25408
|
Re: Deciphering Function prologue and epilogue for PPC-based code
Hi Robert,
I would guess by the look of it that the fragment is from an unoptimized
compile. In that case r31 is the environment pointer (which points to
the function's locals); and the stack frame is big enough to hold
everything, padded to a multiple of 16 bytes (per the ELF ABI).
An optimized build wouldn't have bothered with much of that - under
4.2.4 at O2, you'd get something more like:
00000000 <_ZN4Test4sendEj>:
0: 7c 08 02 a6 mflr r0
4: 94 21 ff f0 stwu r1,-16(r1)
8: 7c 65 1b 78 mr r5,r3
c: 90 01 00 14 stw r0,20(r1)
10: 90 83 00 04 stw r4,4(r3)
14: 80 03 00 00 lwz r0,0(r3)
18: 3c 60 00 00 lis r3,0
1c: 38 63 00 00 addi r3,r3,0
20: 7c 04 03 78 mr r4,r0
24: 4c c6 31 82 crclr 4*cr1+eq
28: 48 00 00 01 bl 28 <_ZN4Test4sendEj+0x28>
2c: 80 01 00 14 lwz r0,20(r1)
30: 38 21 00 10 addi r1,r1,16
34: 7c 08 03 a6 mtlr r0
38: 4e 80 00 20 blr
Regards,
Neil
On Thu, 2009-03-26 at 15:49 -0400, Robert D'Attilio wrote:
> Hi:
>
> I am trying to decipher the function prologue and epilogue code for setting up and unwinding the stack. The code is c+
+ and compiled under qcc (3.3.5) for our PPC405 processor. My understanding from reading the PPC EABI docs is that R1 is
treated as the stack pointer. The steps for setting up a new stack frame are to decrement the current SP to account for
the new frame, save the old SP in this frame (the back chain pointer) and also save the return address (Link Register)
in the slot in the previous stack frame. All makes sense.
> However, the prologue/epilogue code for my function also includes saving/restoring register R31 which appears to be
operating as a frame pointer. However I don't see why when R1 and R31 always seem to be pointing to the same thing. So
my questions:
>
> 1) Why bother with preserving R31 when one can access all fields in the current frame by just using R1?
> 2) Why are 48 bytes reserved for the frame when less than that is actually used for storing frame header + parameters
+ local vars?
>
> Here is the code. Note it is a C++ function.
>
> void Test::send(unsigned int value)
> {
> 480405f4: 94 21 ff d0 stwu r1,-48(r1)
> 480405f8: 7c 08 02 a6 mflr r0
> 480405fc: 93 e1 00 2c stw r31,44(r1)
> 48040600: 90 01 00 34 stw r0,52(r1)
> 48040604: 7c 3f 0b 78 mr r31,r1
> 48040608: 90 7f 00 08 stw r3,8(r31)
> 4804060c: 90 9f 00 0c stw r4,12(r31)
> unsigned int x = m_id;
> 48040610: 81 3f 00 08 lwz r9,8(r31)
> 48040614: 80 09 00 00 lwz r0,0(r9)
> 48040618: 90 1f 00 10 stw r0,16(r31)
> m_dir = value;
> 4804061c: 81 3f 00 08 lwz r9,8(r31)
> 48040620: 80 1f 00 0c lwz r0,12(r31)
> 48040624: 90 09 00 04 stw r0,4(r9)
> Test* p = this;
> 48040628: 80 1f 00 08 lwz r0,8(r31)
> 4804062c: 90 1f 00 14 stw r0,20(r31)
> printf("This is me %u at 0x%p\n", x, p);
> 48040630: 3d 20 48 04 lis r9,18436
> 48040634: 38 69 07 c4 addi r3,r9,1988
> 48040638: 80 9f 00 10 lwz r4,16(r31)
> 4804063c: 80 bf 00 14 lwz r5,20(r31)
> 48040640: 4c c6 31 82 crclr 4*cr1+eq
> 48040644: 48 00 12 f9 bl 4804193c <_edata+0x4c>
> }
> 48040648: 81 61 00 00 lwz r11,0(r1)
> 4804064c: 80 0b 00 04 lwz r0,4(r11)
> 48040650: 7c 08 03 a6 mtlr r0
> 48040654: 83 eb ff fc lwz r31,-4(r11)
> 48040658: 7d 61 5b 78 mr r1,r11
> 4804065c: 4e 80 00 20 blr
>
> Thanks
> robert
>
>
> _______________________________________________
> General
> http://community.qnx.com/sf/go/post25397
>
|
|
|
|
|
|
Robert D'Attilio(deleted)
|
RE: Deciphering Function prologue and epilogue for PPC-based code
|
|
Robert D'Attilio(deleted)
03/27/2009 5:09 PM
post25485
|
RE: Deciphering Function prologue and epilogue for PPC-based code
Neil & Aleksander:
Your right the code was compiled without optimization. Still I don't see
why the compiler bothers with using r31 as the environment pointer for
the functions locals when it could just use the SP (r1). I've
single-stepped through the assembly and see that r1 and r31 have the
same value. Also r31 is not the 'this' pointer, it is passed into the
function in r3 and then saved on the stack. Maybe my function example is
too trivial.
I can see that turning on optimization might get rid of a lot of the
stack manipulations with all the registers available on PPC.
BTW I have a copy of the IBM PPC EABI and it says the stack frame is
"...always doubleword aligned (on 8 byte boundaries) by using padding".
Just curious where you got the number or 16 bytes for your padding?
Could you forward me a reference to your ELF ABI
Thanks
robert
-----Original Message-----
From: Neil Schellenberger [mailto:community-noreply@qnx.com]
Sent: Thursday, March 26, 2009 5:51 PM
To: general-toolchain
Subject: Re: Deciphering Function prologue and epilogue for PPC-based
code
Hi Robert,
I would guess by the look of it that the fragment is from an unoptimized
compile. In that case r31 is the environment pointer (which points to
the function's locals); and the stack frame is big enough to hold
everything, padded to a multiple of 16 bytes (per the ELF ABI).
An optimized build wouldn't have bothered with much of that - under
4.2.4 at O2, you'd get something more like:
00000000 <_ZN4Test4sendEj>:
0: 7c 08 02 a6 mflr r0
4: 94 21 ff f0 stwu r1,-16(r1)
8: 7c 65 1b 78 mr r5,r3
c: 90 01 00 14 stw r0,20(r1)
10: 90 83 00 04 stw r4,4(r3)
14: 80 03 00 00 lwz r0,0(r3)
18: 3c 60 00 00 lis r3,0
1c: 38 63 00 00 addi r3,r3,0
20: 7c 04 03 78 mr r4,r0
24: 4c c6 31 82 crclr 4*cr1+eq
28: 48 00 00 01 bl 28 <_ZN4Test4sendEj+0x28>
2c: 80 01 00 14 lwz r0,20(r1)
30: 38 21 00 10 addi r1,r1,16
34: 7c 08 03 a6 mtlr r0
38: 4e 80 00 20 blr
Regards,
Neil
On Thu, 2009-03-26 at 15:49 -0400, Robert D'Attilio wrote:
> Hi:
>
> I am trying to decipher the function prologue and epilogue code for
setting up and unwinding the stack. The code is c++ and compiled under
qcc (3.3.5) for our PPC405 processor. My understanding from reading the
PPC EABI docs is that R1 is treated as the stack pointer. The steps for
setting up a new stack frame are to decrement the current SP to account
for the new frame, save the old SP in this frame (the back chain
pointer) and also save the return address (Link Register) in the slot in
the previous stack frame. All makes sense.
> However, the prologue/epilogue code for my function also includes
saving/restoring register R31 which appears to be operating as a frame
pointer. However I don't see why when R1 and R31 always seem to be
pointing to the same thing. So my questions:
>
> 1) Why bother with preserving R31 when one can access all fields in
the current frame by just using R1?
> 2) Why are 48 bytes reserved for the frame when less than that is
actually used for storing frame header + parameters + local vars?
>
> Here is the code. Note it is a C++ function.
>
> void Test::send(unsigned int value)
> {
> 480405f4: 94 21 ff d0 stwu r1,-48(r1)
> 480405f8: 7c 08 02 a6 mflr r0
> 480405fc: 93 e1 00 2c stw r31,44(r1)
> 48040600: 90 01 00 34 stw r0,52(r1)
> 48040604: 7c 3f 0b 78 mr r31,r1
> 48040608: 90 7f 00 08 stw r3,8(r31)
> 4804060c: 90 9f 00 0c stw r4,12(r31)
> unsigned int x = m_id;
> 48040610: 81 3f 00 08 lwz r9,8(r31)
> 48040614: 80 09 00 00 lwz r0,0(r9)
> 48040618: 90 1f 00 10 stw r0,16(r31)
> m_dir = value;
> 4804061c: 81...
View Full Message
|
|
|
|
|
|
Neil Schellenberger(deleted)
|
RE: Deciphering Function prologue and epilogue for PPC-based code
|
|
Neil Schellenberger(deleted)
03/27/2009 5:22 PM
post25487
|
RE: Deciphering Function prologue and epilogue for PPC-based code
Hi Robert,
I imagine that the use of r31 in the unoptimized code is simply a case
of "it's already inefficient, so let's make things easy on ourselves".
The Sun PPC ABI (which I believe is the relevant one here) requires that
"Languages that require "environment pointers" shall use r31 for that
purpose." (3-15) It also stipulates "The stack pointer shall maintain
16-byte alignment." (3-17). As you correctly point out, the C++ "this"
pointer is treated as a hidden first argument and, therefore, is always
passed in r3.
As QNX is not the copyright holder of the ABI document, I am not sure
that I can publish it for you here. The full title is "SYSTEM V
APPLICATION BINARY INTERFACE PowerPC Processor Supplement" and is easily
located online through Google.
Caveat lector! There are (at least) two documents which are known as
the PPC EABI. One is the Embedded ABI (which does stipulate doubleword
padding); the other is the ELF ABI, which is the one you want ;-)
Regards,
Neil
On Fri, 2009-03-27 at 17:09 -0400, Robert D'Attilio wrote:
> Neil & Aleksander:
>
> Your right the code was compiled without optimization. Still I don't see
> why the compiler bothers with using r31 as the environment pointer for
> the functions locals when it could just use the SP (r1). I've
> single-stepped through the assembly and see that r1 and r31 have the
> same value. Also r31 is not the 'this' pointer, it is passed into the
> function in r3 and then saved on the stack. Maybe my function example is
> too trivial.
>
> I can see that turning on optimization might get rid of a lot of the
> stack manipulations with all the registers available on PPC.
>
> BTW I have a copy of the IBM PPC EABI and it says the stack frame is
> "...always doubleword aligned (on 8 byte boundaries) by using padding".
> Just curious where you got the number or 16 bytes for your padding?
> Could you forward me a reference to your ELF ABI
>
> Thanks
> robert
>
> -----Original Message-----
> From: Neil Schellenberger [mailto:community-noreply@qnx.com]
> Sent: Thursday, March 26, 2009 5:51 PM
> To: general-toolchain
> Subject: Re: Deciphering Function prologue and epilogue for PPC-based
> code
>
> Hi Robert,
>
> I would guess by the look of it that the fragment is from an unoptimized
> compile. In that case r31 is the environment pointer (which points to
> the function's locals); and the stack frame is big enough to hold
> everything, padded to a multiple of 16 bytes (per the ELF ABI).
>
> An optimized build wouldn't have bothered with much of that - under
> 4.2.4 at O2, you'd get something more like:
>
> 00000000 <_ZN4Test4sendEj>:
> 0: 7c 08 02 a6 mflr r0
> 4: 94 21 ff f0 stwu r1,-16(r1)
> 8: 7c 65 1b 78 mr r5,r3
> c: 90 01 00 14 stw r0,20(r1)
> 10: 90 83 00 04 stw r4,4(r3)
> 14: 80 03 00 00 lwz r0,0(r3)
> 18: 3c 60 00 00 lis r3,0
> 1c: 38 63 00 00 addi r3,r3,0
> 20: 7c 04 03 78 mr r4,r0
> 24: 4c c6 31 82 crclr 4*cr1+eq
> 28: 48 00 00 01 bl 28 <_ZN4Test4sendEj+0x28>
> 2c: 80 01 00 14 lwz r0,20(r1)
> 30: 38 21 00 10 addi r1,r1,16
> 34: 7c 08 03 a6 mtlr r0
> 38: 4e 80 00 20 blr
>
> Regards,
> Neil
>
> On Thu, 2009-03-26 at 15:49 -0400, Robert D'Attilio wrote:
> > Hi:
> >
> > I am trying to decipher the function prologue and epilogue code for
> setting up and unwinding the stack. The code is c++ and compiled under
> qcc (3.3.5) for our PPC405 processor. My understanding from reading the
> PPC EABI docs is that R1 is treated as the stack...
View Full Message
|
|
|
|
|
|
Robert D'Attilio(deleted)
|
RE: Deciphering Function prologue and epilogue for PPC-based code
|
|
Robert D'Attilio(deleted)
03/30/2009 4:23 PM
post25607
|
RE: Deciphering Function prologue and epilogue for PPC-based code
Neil:
Thanks for the insight and reference. I have both docs but was focusing
on the Embedded ABI for my information.
Cheers
robert
-----Original Message-----
From: Neil Schellenberger [mailto:community-noreply@qnx.com]
Sent: Friday, March 27, 2009 5:23 PM
To: general-toolchain
Subject: RE: Deciphering Function prologue and epilogue for PPC-based
code
Hi Robert,
I imagine that the use of r31 in the unoptimized code is simply a case
of "it's already inefficient, so let's make things easy on ourselves".
The Sun PPC ABI (which I believe is the relevant one here) requires that
"Languages that require "environment pointers" shall use r31 for that
purpose." (3-15) It also stipulates "The stack pointer shall maintain
16-byte alignment." (3-17). As you correctly point out, the C++ "this"
pointer is treated as a hidden first argument and, therefore, is always
passed in r3.
As QNX is not the copyright holder of the ABI document, I am not sure
that I can publish it for you here. The full title is "SYSTEM V
APPLICATION BINARY INTERFACE PowerPC Processor Supplement" and is easily
located online through Google.
Caveat lector! There are (at least) two documents which are known as
the PPC EABI. One is the Embedded ABI (which does stipulate doubleword
padding); the other is the ELF ABI, which is the one you want ;-)
Regards,
Neil
On Fri, 2009-03-27 at 17:09 -0400, Robert D'Attilio wrote:
> Neil & Aleksander:
>
> Your right the code was compiled without optimization. Still I don't
see
> why the compiler bothers with using r31 as the environment pointer for
> the functions locals when it could just use the SP (r1). I've
> single-stepped through the assembly and see that r1 and r31 have the
> same value. Also r31 is not the 'this' pointer, it is passed into the
> function in r3 and then saved on the stack. Maybe my function example
is
> too trivial.
>
> I can see that turning on optimization might get rid of a lot of the
> stack manipulations with all the registers available on PPC.
>
> BTW I have a copy of the IBM PPC EABI and it says the stack frame is
> "...always doubleword aligned (on 8 byte boundaries) by using
padding".
> Just curious where you got the number or 16 bytes for your padding?
> Could you forward me a reference to your ELF ABI
>
> Thanks
> robert
>
> -----Original Message-----
> From: Neil Schellenberger [mailto:community-noreply@qnx.com]
> Sent: Thursday, March 26, 2009 5:51 PM
> To: general-toolchain
> Subject: Re: Deciphering Function prologue and epilogue for PPC-based
> code
>
> Hi Robert,
>
> I would guess by the look of it that the fragment is from an
unoptimized
> compile. In that case r31 is the environment pointer (which points to
> the function's locals); and the stack frame is big enough to hold
> everything, padded to a multiple of 16 bytes (per the ELF ABI).
>
> An optimized build wouldn't have bothered with much of that - under
> 4.2.4 at O2, you'd get something more like:
>
> 00000000 <_ZN4Test4sendEj>:
> 0: 7c 08 02 a6 mflr r0
> 4: 94 21 ff f0 stwu r1,-16(r1)
> 8: 7c 65 1b 78 mr r5,r3
> c: 90 01 00 14 stw r0,20(r1)
> 10: 90 83 00 04 stw r4,4(r3)
> 14: 80 03 00 00 lwz r0,0(r3)
> 18: 3c 60 00 00 lis r3,0
> 1c: 38 63 00 00 addi r3,r3,0
> 20: 7c 04 03 78 mr r4,r0
> 24: 4c c6 31 82 crclr 4*cr1+eq
> 28: 48 00 00 01 bl 28 <_ZN4Test4sendEj+0x28>
> 2c: 80 01 00 14 lwz r0,20(r1)
> 30: 38 21 00 10 addi r1,r1,16
> 34: 7c 08 03 a6 mtlr r0
> 38: 4e 80 00 20 blr
>
> Regards,
> Neil
>
> On...
View Full Message
|
|
|
|
|
|
Neil Schellenberger(deleted)
|
RE: Deciphering Function prologue and epilogue for PPC-based code
|
|
Neil Schellenberger(deleted)
03/30/2009 4:46 PM
post25615
|
RE: Deciphering Function prologue and epilogue for PPC-based code
Hi Robert,
Glad that helped. There are a wide variety of -m flags to the compiler
to force the Embedded API and related magic (e.g. -meabi), but that road
almost certainly leads to madness ;-) It definitely leads to needing to
recompile virtually everything yourself, probably including the kernel.
And even then, I'm not too certain it would work out of the gate....
Regards,
Neil
On Mon, 2009-03-30 at 16:23 -0400, Robert D'Attilio wrote:
> Neil:
>
> Thanks for the insight and reference. I have both docs but was focusing
> on the Embedded ABI for my information.
>
> Cheers
> robert
>
> -----Original Message-----
> From: Neil Schellenberger [mailto:community-noreply@qnx.com]
> Sent: Friday, March 27, 2009 5:23 PM
> To: general-toolchain
> Subject: RE: Deciphering Function prologue and epilogue for PPC-based
> code
>
> Hi Robert,
>
> I imagine that the use of r31 in the unoptimized code is simply a case
> of "it's already inefficient, so let's make things easy on ourselves".
> The Sun PPC ABI (which I believe is the relevant one here) requires that
> "Languages that require "environment pointers" shall use r31 for that
> purpose." (3-15) It also stipulates "The stack pointer shall maintain
> 16-byte alignment." (3-17). As you correctly point out, the C++ "this"
> pointer is treated as a hidden first argument and, therefore, is always
> passed in r3.
>
> As QNX is not the copyright holder of the ABI document, I am not sure
> that I can publish it for you here. The full title is "SYSTEM V
> APPLICATION BINARY INTERFACE PowerPC Processor Supplement" and is easily
> located online through Google.
>
> Caveat lector! There are (at least) two documents which are known as
> the PPC EABI. One is the Embedded ABI (which does stipulate doubleword
> padding); the other is the ELF ABI, which is the one you want ;-)
>
> Regards,
> Neil
>
> On Fri, 2009-03-27 at 17:09 -0400, Robert D'Attilio wrote:
> > Neil & Aleksander:
> >
> > Your right the code was compiled without optimization. Still I don't
> see
> > why the compiler bothers with using r31 as the environment pointer for
> > the functions locals when it could just use the SP (r1). I've
> > single-stepped through the assembly and see that r1 and r31 have the
> > same value. Also r31 is not the 'this' pointer, it is passed into the
> > function in r3 and then saved on the stack. Maybe my function example
> is
> > too trivial.
> >
> > I can see that turning on optimization might get rid of a lot of the
> > stack manipulations with all the registers available on PPC.
> >
> > BTW I have a copy of the IBM PPC EABI and it says the stack frame is
> > "...always doubleword aligned (on 8 byte boundaries) by using
> padding".
> > Just curious where you got the number or 16 bytes for your padding?
> > Could you forward me a reference to your ELF ABI
> >
> > Thanks
> > robert
> >
> > -----Original Message-----
> > From: Neil Schellenberger [mailto:community-noreply@qnx.com]
> > Sent: Thursday, March 26, 2009 5:51 PM
> > To: general-toolchain
> > Subject: Re: Deciphering Function prologue and epilogue for PPC-based
> > code
> >
> > Hi Robert,
> >
> > I would guess by the look of it that the fragment is from an
> unoptimized
> > compile. In that case r31 is the environment pointer (which points to
> > the function's locals); and the stack frame is big enough to hold
> > everything, padded to a multiple of 16 bytes (per the ELF ABI).
> >
> > An optimized build wouldn't have bothered with much of that - under
> > 4.2.4 at O2, you'd get...
View Full Message
|
|
|
|
|
|
Aleksandar Ristovski(deleted)
|
Re: RE: Deciphering Function prologue and epilogue for PPC-based code
|
|
Aleksandar Ristovski(deleted)
03/29/2009 1:28 PM
post25502
|
Re: RE: Deciphering Function prologue and epilogue for PPC-based code
> Neil & Aleksander:
...
> Also r31 is not the 'this' pointer, it is passed into the
> function in r3 and then saved on the stack. Maybe my function example is
> too trivial.
I didn't say "this" was passed in r31, what I saw was "this" being loaded into r31 at some point in the method itself...
but I did not really go any deeper to understand why. (my sample function involved calling a method of a member object,
so I imagine it is a part of calculation of the member's address).
---
Aleksandar
|
|
|
|
|
|
Elena Laskavaia
|
Re: Deciphering Function prologue and epilogue for PPC-based code
|
|
Elena Laskavaia
03/31/2009 9:56 AM
post25646
|
Re: Deciphering Function prologue and epilogue for PPC-based code
Btw if you trying to get backtrace we have a library that does that.
Robert D'Attilio wrote:
> Hi:
>
> I am trying to decipher the function prologue and epilogue code for setting up and unwinding the stack. The code is c+
+ and compiled under qcc (3.3.5) for our PPC405 processor. My understanding from reading the PPC EABI docs is that R1 is
treated as the stack pointer. The steps for setting up a new stack frame are to decrement the current SP to account for
the new frame, save the old SP in this frame (the back chain pointer) and also save the return address (Link Register)
in the slot in the previous stack frame. All makes sense.
> However, the prologue/epilogue code for my function also includes saving/restoring register R31 which appears to be
operating as a frame pointer. However I don't see why when R1 and R31 always seem to be pointing to the same thing. So
my questions:
>
> 1) Why bother with preserving R31 when one can access all fields in the current frame by just using R1?
> 2) Why are 48 bytes reserved for the frame when less than that is actually used for storing frame header + parameters
+ local vars?
>
> Here is the code. Note it is a C++ function.
>
> void Test::send(unsigned int value)
> {
> 480405f4: 94 21 ff d0 stwu r1,-48(r1)
> 480405f8: 7c 08 02 a6 mflr r0
> 480405fc: 93 e1 00 2c stw r31,44(r1)
> 48040600: 90 01 00 34 stw r0,52(r1)
> 48040604: 7c 3f 0b 78 mr r31,r1
> 48040608: 90 7f 00 08 stw r3,8(r31)
> 4804060c: 90 9f 00 0c stw r4,12(r31)
> unsigned int x = m_id;
> 48040610: 81 3f 00 08 lwz r9,8(r31)
> 48040614: 80 09 00 00 lwz r0,0(r9)
> 48040618: 90 1f 00 10 stw r0,16(r31)
> m_dir = value;
> 4804061c: 81 3f 00 08 lwz r9,8(r31)
> 48040620: 80 1f 00 0c lwz r0,12(r31)
> 48040624: 90 09 00 04 stw r0,4(r9)
> Test* p = this;
> 48040628: 80 1f 00 08 lwz r0,8(r31)
> 4804062c: 90 1f 00 14 stw r0,20(r31)
> printf("This is me %u at 0x%p\n", x, p);
> 48040630: 3d 20 48 04 lis r9,18436
> 48040634: 38 69 07 c4 addi r3,r9,1988
> 48040638: 80 9f 00 10 lwz r4,16(r31)
> 4804063c: 80 bf 00 14 lwz r5,20(r31)
> 48040640: 4c c6 31 82 crclr 4*cr1+eq
> 48040644: 48 00 12 f9 bl 4804193c <_edata+0x4c>
> }
> 48040648: 81 61 00 00 lwz r11,0(r1)
> 4804064c: 80 0b 00 04 lwz r0,4(r11)
> 48040650: 7c 08 03 a6 mtlr r0
> 48040654: 83 eb ff fc lwz r31,-4(r11)
> 48040658: 7d 61 5b 78 mr r1,r11
> 4804065c: 4e 80 00 20 blr
>
> Thanks
> robert
>
>
> _______________________________________________
> General
> http://community.qnx.com/sf/go/post25397
>
|
|
|
|
|
|
Robert D'Attilio(deleted)
|
RE: Deciphering Function prologue and epilogue for PPC-based code
|
|
Robert D'Attilio(deleted)
03/31/2009 10:16 AM
post25652
|
RE: Deciphering Function prologue and epilogue for PPC-based code
Interesting, what is it called?
-----Original Message-----
From: Elena Laskavaia [mailto:community-noreply@qnx.com]
Sent: Tuesday, March 31, 2009 9:56 AM
To: general-toolchain
Subject: Re: Deciphering Function prologue and epilogue for PPC-based
code
Btw if you trying to get backtrace we have a library that does that.
Robert D'Attilio wrote:
> Hi:
>
> I am trying to decipher the function prologue and epilogue code for
setting up and unwinding the stack. The code is c++ and compiled under
qcc (3.3.5) for our PPC405 processor. My understanding from reading the
PPC EABI docs is that R1 is treated as the stack pointer. The steps for
setting up a new stack frame are to decrement the current SP to account
for the new frame, save the old SP in this frame (the back chain
pointer) and also save the return address (Link Register) in the slot in
the previous stack frame. All makes sense.
> However, the prologue/epilogue code for my function also includes
saving/restoring register R31 which appears to be operating as a frame
pointer. However I don't see why when R1 and R31 always seem to be
pointing to the same thing. So my questions:
>
> 1) Why bother with preserving R31 when one can access all fields in
the current frame by just using R1?
> 2) Why are 48 bytes reserved for the frame when less than that is
actually used for storing frame header + parameters + local vars?
>
> Here is the code. Note it is a C++ function.
>
> void Test::send(unsigned int value)
> {
> 480405f4: 94 21 ff d0 stwu r1,-48(r1)
> 480405f8: 7c 08 02 a6 mflr r0
> 480405fc: 93 e1 00 2c stw r31,44(r1)
> 48040600: 90 01 00 34 stw r0,52(r1)
> 48040604: 7c 3f 0b 78 mr r31,r1
> 48040608: 90 7f 00 08 stw r3,8(r31)
> 4804060c: 90 9f 00 0c stw r4,12(r31)
> unsigned int x = m_id;
> 48040610: 81 3f 00 08 lwz r9,8(r31)
> 48040614: 80 09 00 00 lwz r0,0(r9)
> 48040618: 90 1f 00 10 stw r0,16(r31)
> m_dir = value;
> 4804061c: 81 3f 00 08 lwz r9,8(r31)
> 48040620: 80 1f 00 0c lwz r0,12(r31)
> 48040624: 90 09 00 04 stw r0,4(r9)
> Test* p = this;
> 48040628: 80 1f 00 08 lwz r0,8(r31)
> 4804062c: 90 1f 00 14 stw r0,20(r31)
> printf("This is me %u at 0x%p\n", x, p);
> 48040630: 3d 20 48 04 lis r9,18436
> 48040634: 38 69 07 c4 addi r3,r9,1988
> 48040638: 80 9f 00 10 lwz r4,16(r31)
> 4804063c: 80 bf 00 14 lwz r5,20(r31)
> 48040640: 4c c6 31 82 crclr 4*cr1+eq
> 48040644: 48 00 12 f9 bl 4804193c <_edata+0x4c>
> }
> 48040648: 81 61 00 00 lwz r11,0(r1)
> 4804064c: 80 0b 00 04 lwz r0,4(r11)
> 48040650: 7c 08 03 a6 mtlr r0
> 48040654: 83 eb ff fc lwz r31,-4(r11)
> 48040658: 7d 61 5b 78 mr r1,r11
> 4804065c: 4e 80 00 20 blr
>
> Thanks
> robert
>
>
> _______________________________________________
> General
> http://community.qnx.com/sf/go/post25397
>
_______________________________________________
General
http://community.qnx.com/sf/go/post25646
|
|
|
|
|
|
Elena Laskavaia
|
Re: Deciphering Function prologue and epilogue for PPC-based code
|
|
Elena Laskavaia
03/31/2009 10:19 AM
post25653
|
Re: Deciphering Function prologue and epilogue for PPC-based code
/opt/qnx641/target/qnx6/ppcbe/usr/lib/libbacktrace.[a/so/so.1]
Let me find the docs...
Robert D'Attilio wrote:
> Interesting, what is it called?
>
|
|
|
|
|
|
Steve Reid
|
Re: Deciphering Function prologue and epilogue for PPC-based code
|
|
Steve Reid
03/31/2009 10:44 AM
post25662
|
Re: Deciphering Function prologue and epilogue for PPC-based code
Here's a zip file that includes a technote about libbacktrace, as well as reference pages for the functions. These will
be part of the documentation in QNX SDP 6.4.1.
A couple of things to note:
- The links from the technote to the reference pages won't work because they normally live in separate books.
- The library is unsupported because it's somewhat fragile.
I hope this helps; if you have any comments about these docs, please post them here.
Steve Reid (stever@qnx.com)
Technical Editor
QNX Software Systems
|
|
|
|
|
|
Robert D'Attilio(deleted)
|
RE: Deciphering Function prologue and epilogue for PPC-based code
|
|
Robert D'Attilio(deleted)
03/31/2009 10:57 AM
post25671
|
RE: Deciphering Function prologue and epilogue for PPC-based code
Steve/Elena:
Thanks a bunch for the tip and docs.
I gather this is only available in 6.4.1 and not 6.3.2?
Robert
-----Original Message-----
From: Steve Reid [mailto:community-noreply@qnx.com]
Sent: Tuesday, March 31, 2009 10:44 AM
To: general-toolchain
Subject: Re: Deciphering Function prologue and epilogue for PPC-based
code
Here's a zip file that includes a technote about libbacktrace, as well
as reference pages for the functions. These will be part of the
documentation in QNX SDP 6.4.1.
A couple of things to note:
- The links from the technote to the reference pages won't work because
they normally live in separate books.
- The library is unsupported because it's somewhat fragile.
I hope this helps; if you have any comments about these docs, please
post them here.
Steve Reid (stever@qnx.com)
Technical Editor
QNX Software Systems
_______________________________________________
General
http://community.qnx.com/sf/go/post25662
|
|
|
|
|
|
Elena Laskavaia
|
Re: Deciphering Function prologue and epilogue for PPC-based code
|
|
Elena Laskavaia
03/31/2009 11:00 AM
post25672
|
Re: Deciphering Function prologue and epilogue for PPC-based code
6.4.0 also, If you really need I can build it for 6.3.2 as unsupported
Robert D'Attilio wrote:
> Steve/Elena:
>
> Thanks a bunch for the tip and docs.
>
> I gather this is only available in 6.4.1 and not 6.3.2?
>
> Robert
>
> -----Original Message-----
> From: Steve Reid [mailto:community-noreply@qnx.com]
> Sent: Tuesday, March 31, 2009 10:44 AM
> To: general-toolchain
> Subject: Re: Deciphering Function prologue and epilogue for PPC-based
> code
>
> Here's a zip file that includes a technote about libbacktrace, as well
> as reference pages for the functions. These will be part of the
> documentation in QNX SDP 6.4.1.
>
> A couple of things to note:
>
> - The links from the technote to the reference pages won't work because
> they normally live in separate books.
>
> - The library is unsupported because it's somewhat fragile.
>
> I hope this helps; if you have any comments about these docs, please
> post them here.
>
> Steve Reid (stever@qnx.com)
> Technical Editor
> QNX Software Systems
>
>
> _______________________________________________
> General
> http://community.qnx.com/sf/go/post25662
>
> _______________________________________________
> General
> http://community.qnx.com/sf/go/post25671
>
|
|
|
|
|
|
Robert D'Attilio(deleted)
|
RE: Deciphering Function prologue and epilogue for PPC-based code
|
|
Robert D'Attilio(deleted)
03/31/2009 11:12 AM
post25676
|
RE: Deciphering Function prologue and epilogue for PPC-based code
Elena:
That would be great if you could as we won't be moving to 6.4 for
another while.
Thanks
robert
-----Original Message-----
From: Elena Laskavaia [mailto:community-noreply@qnx.com]
Sent: Tuesday, March 31, 2009 11:00 AM
To: general-toolchain
Subject: Re: Deciphering Function prologue and epilogue for PPC-based
code
6.4.0 also, If you really need I can build it for 6.3.2 as unsupported
Robert D'Attilio wrote:
> Steve/Elena:
>
> Thanks a bunch for the tip and docs.
>
> I gather this is only available in 6.4.1 and not 6.3.2?
>
> Robert
>
> -----Original Message-----
> From: Steve Reid [mailto:community-noreply@qnx.com]
> Sent: Tuesday, March 31, 2009 10:44 AM
> To: general-toolchain
> Subject: Re: Deciphering Function prologue and epilogue for PPC-based
> code
>
> Here's a zip file that includes a technote about libbacktrace, as well
> as reference pages for the functions. These will be part of the
> documentation in QNX SDP 6.4.1.
>
> A couple of things to note:
>
> - The links from the technote to the reference pages won't work
because
> they normally live in separate books.
>
> - The library is unsupported because it's somewhat fragile.
>
> I hope this helps; if you have any comments about these docs, please
> post them here.
>
> Steve Reid (stever@qnx.com)
> Technical Editor
> QNX Software Systems
>
>
> _______________________________________________
> General
> http://community.qnx.com/sf/go/post25662
>
> _______________________________________________
> General
> http://community.qnx.com/sf/go/post25671
>
_______________________________________________
General
http://community.qnx.com/sf/go/post25672
|
|
|
|
|
|
Elena Laskavaia
|
Re: RE: Deciphering Function prologue and epilogue for PPC-based code
|
|
Elena Laskavaia
03/31/2009 11:18 AM
post25679
|
Re: RE: Deciphering Function prologue and epilogue for PPC-based code
try attached (pick variant you need). Technically it is open source so you can compile it yourself next time
or use source for reference.
|
|
|
|
|
|
Robert D'Attilio(deleted)
|
RE: RE: Deciphering Function prologue and epilogue for PPC-based code
|
|
Robert D'Attilio(deleted)
04/02/2009 9:23 AM
post25838
|
RE: RE: Deciphering Function prologue and epilogue for PPC-based code
Thanks!
-----Original Message-----
From: Elena Laskavaia [mailto:community-noreply@qnx.com]
Sent: Tuesday, March 31, 2009 11:19 AM
To: general-toolchain
Subject: Re: RE: Deciphering Function prologue and epilogue for
PPC-based code
try attached (pick variant you need). Technically it is open source so
you can compile it yourself next time
or use source for reference.
_______________________________________________
General
http://community.qnx.com/sf/go/post25679
|
|
|
|
|
|
