[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Lightning] JIT_R11 trashed by jit_callr on MIPS32
|
From: |
Paul Cercueil |
|
Subject: |
[Lightning] JIT_R11 trashed by jit_callr on MIPS32 |
|
Date: |
Mon, 27 Oct 2014 20:51:39 +0100 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Icedove/31.0 |
Hi,
I've been working for some time now on my spare time on a
MIPS-to-Lightning dynamic recompiler: https://github.com/pcercuei/lightrec/
It abuses Lightning a little bit, in the way that it doesn't use
functions - the generated code directly jumps to the next block of code,
recompiling it if needed. It works fine on MIPS32 for now, except for
one point: jit_callr trashes the JIT_R11 register...
Here's a minimal test case:
<paul:~/dev/gcw0/lightrec> $ cat minimal.c
#include <lightning.h>
static void get_new_function(void) { return &end_execution; }
int main(int argc, char **argv)
{
jit_state_t *_jit;
init_jit(argv[0]);
_jit = jit_new_state();
jit_movi(JIT_R11, 54);
jit_movi(JIT_R0, &get_new_function);
jit_callr(JIT_R0);
jit_retval(JIT_R0);
jit_addr(JIT_R0, JIT_R0, JIT_R11);
jit_jmpr(JIT_R0);
jit_emit();
jit_disassemble();
jit_clear_state();
jit_destroy_state();
finish_jit();
return 0;
}
The code basically sets the JIT_R11 register to 54, call
"get_new_function", adds JIT_R11 to the value returned and jumps to that
new address.
This is what I obtain:
opendingux:/media/data/local/home # ./minimal
0x77295000 li t9,54
0x77295004 lui v0,0x40
0x77295008 ori v0,v0,0x9d0
0x7729500c move t9,v0
0x77295010 jalr v0
0x77295014 nop
0x77295018 addu v0,v0,t9
0x7729501c jr v0
0x77295020 nop
The LUI/ORI correspond the load of the address of get_new_function. The
jalr is the jit_callr. But between those, the JIT_R11 (register $t9
here) is trashed for no good reason.
My current workaround is to completely avoid the use of JIT_R11, but it
would be great if it could be fixed :)
Thanks,
Paul
- [Lightning] JIT_R11 trashed by jit_callr on MIPS32,
Paul Cercueil <=