From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1O74hs-00057C-Jy
	for qemu-devel@nongnu.org; Wed, 28 Apr 2010 06:41:28 -0400
Received: from [140.186.70.92] (port=36062 helo=eggs.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1O74ho-00054m-1q
	for qemu-devel@nongnu.org; Wed, 28 Apr 2010 06:41:27 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.69)
	(envelope-from <jan.kiszka@siemens.com>) id 1O74hj-0004Xt-SY
	for qemu-devel@nongnu.org; Wed, 28 Apr 2010 06:41:23 -0400
Received: from david.siemens.de ([192.35.17.14]:17706)
	by eggs.gnu.org with esmtp (Exim 4.69)
	(envelope-from <jan.kiszka@siemens.com>) id 1O74hj-0004Wr-HZ
	for qemu-devel@nongnu.org; Wed, 28 Apr 2010 06:41:19 -0400
Message-ID: <4BD810CB.4060009@siemens.com>
Date: Wed, 28 Apr 2010 12:41:15 +0200
From: Jan Kiszka <jan.kiszka@siemens.com>
MIME-Version: 1.0
References: <t2pfdaac4d51004272151x36aae777wc4f95d1d9ec0de3a@mail.gmail.com>
	<4BD7EDFA.9010102@siemens.com>
	<m2xfdaac4d51004280129rb21ed6acn46c422510d19a4f3@mail.gmail.com>
In-Reply-To: <m2xfdaac4d51004280129rb21ed6acn46c422510d19a4f3@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: [Qemu-devel] Re: Question on implementatio of GETPC()
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Jun Koi <junkoi2004@gmail.com>
Cc: "qemu-devel@nongnu.org" <qemu-devel@nongnu.org>

Jun Koi wrote:
> On Wed, Apr 28, 2010 at 5:12 PM, Jan Kiszka <jan.kiszka@siemens.com> wrote:
>> Jun Koi wrote:
>>> Hi,
>>>
>>> In x86, GETPC() is implemented as below:
>>>
>>> # define GETPC() ((void *)((unsigned long)__builtin_return_address(0) - 1))
>>>
>>> As I understand, it gets the returned address on the stack, then
>>> subtract 1 to get back to the above address.
>>>
>>> Imagine we have code like this (pseudo asm code):
>>>
>>> ....
>>> CALL <relative address>
>>> <next-insn>
>>> ....
>>>
>>> When we call GETPC, we get the address of <next-insn>, and subtract 1.
>>> But the problem is that the CALL insn is more than 1 byte, so how can
>>> GETPC() gives us the address of the CALL insn above?
>>>
>>> I guess I must misunderstood something here ....
>> IIRC, the result of GETPC is used for a range check. So you just have to
>> ensure that it points somewhere into the translated code sequence of the
>> current target instruction.
>>
> 
> Hmm if I am not wrong, the GETPC address is really used as jump target
> of some code (such as when handling page fault), so that must be
> accurate.

That won't work. GETPC could - at best - point to a host instruction
that raised the fault. But for proper fault handling, we need the guest
instruction pointer. So QEMU does a reverse mapping of the host address,
often via re-translating the code block as it may contain more than one
guest instruction.

Jan

-- 
Siemens AG, Corporate Technology, CT T DE IT 1
Corporate Competence Center Embedded Linux