From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1HSDH1-0006V6-Bl
	for qemu-devel@nongnu.org; Fri, 16 Mar 2007 10:19:15 -0400
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1HSDGy-0006UG-JF
	for qemu-devel@nongnu.org; Fri, 16 Mar 2007 10:19:14 -0400
Received: from [199.232.76.173] (helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1HSDGy-0006UB-E7
	for qemu-devel@nongnu.org; Fri, 16 Mar 2007 09:19:12 -0500
Received: from mtaout02-winn.ispmail.ntl.com ([81.103.221.48])
	by monty-python.gnu.org with esmtp (Exim 4.60)
	(envelope-from <jseward@acm.org>) id 1HSDFq-0006BF-CL
	for qemu-devel@nongnu.org; Fri, 16 Mar 2007 10:18:02 -0400
Received: from aamtaout03-winn.ispmail.ntl.com ([81.103.221.35])
	by mtaout02-winn.ispmail.ntl.com with ESMTP id
	<20070316141757.YIDA3103.mtaout02-winn.ispmail.ntl.com@aamtaout03-winn.ispmail.ntl.com>
	for <qemu-devel@nongnu.org>; Fri, 16 Mar 2007 14:17:57 +0000
Received: from phoenix2.frop.org ([82.21.100.63])
	by aamtaout03-winn.ispmail.ntl.com with ESMTP id
	<20070316141757.OVUF26699.aamtaout03-winn.ispmail.ntl.com@phoenix2.frop.org>
	for <qemu-devel@nongnu.org>; Fri, 16 Mar 2007 14:17:57 +0000
From: Julian Seward <jseward@acm.org>
Date: Fri, 16 Mar 2007 14:15:21 +0000
MIME-Version: 1.0
Content-Type: text/plain;
  charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200703161415.21283.jseward@acm.org>
Subject: [Qemu-devel] Redundant repz prefixes in generated amd64 code
Reply-To: qemu-devel@nongnu.org
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org


I'm seeing redundant repz (0xF3) prefixes in generated code, typically
just before jumps:

<code_gen_buffer+415>:  repz mov $0xe07f,%eax
<code_gen_buffer+421>:  mov    %eax,0x20(%rbp)
<code_gen_buffer+424>:  lea    -25168302(%rip),%ebx  # 0xaf0420 <tbs+96>
<code_gen_buffer+430>:  retq
<code_gen_buffer+431>:  mov    -25168245(%rip),%eax  # 0xaf0460 <tbs+160>
<code_gen_buffer+437>:  jmpq   *%rax
<code_gen_buffer+439>:  repz mov $0xe092,%eax
<code_gen_buffer+445>:  mov    %eax,0x20(%rbp)
<code_gen_buffer+448>:  lea    -25168325(%rip),%ebx   # 0xaf0421 <tbs+97>
<code_gen_buffer+454>:  retq

I assume these are something to do with translation chaining/unchaining but
have been unable to figure out where they come from.  I know they get executed
are so are not data - valgrind barfs on them.

This is on a 64-bit host (Core 2) with qemu-0.9.0 compiled from source by
gcc-3.4.6, running an x86 (32-bit) guest.

At a guess I'd say the mov $imm,%eax is (created by? to do with?) 
gen_jmp_im in target-i386/translate.c, but I don't see how the F3 
got in on the act.  Grepping the source for 0xF3 turns up nothing 
plausible.  Any ideas where it comes from and how to get rid of it?

J