ARM register r9 in the Linux kernel

Question

The "ARM Architecture Procedure Calling Standard" (AAPCS/EABI) states (5.1.1) that

"The role of register r9 is platform specific."

but

"A virtual platform [...] may designate r9 as an additional callee-saved
 variable register, v6."

The question is: does the Linux kernel use r9 for some special purpose? Or is it used as a normal nonvolatile register?

Answer 1

A simple way of finding out how the kernel uses it is to simply build a kernel (CROSS_COMPILE=... ARCH=arm make vmlinux), and then disassemble the whole thing,

${CROSS_COMPILE}objdump -d vmlinux.o | grep 'sb|r9'

to check (Using both r9 and sb names as it depends on your objdump what exactly is output).

If you ever find it used in prologue / epilogue code (in instructions like push {..., r9, ...}, stmfd sp!, {..., r9, ...} or their corresponding pop/ldmfd) then it's callee-saved. Otherwise, just another scratch reg. The result may depend on your toolchain, kernel config options, or ARM target.

That said, if you compile a Thumb-2 kernel, it will not be callee-saved. That's because Thumb-2 push/pop only operate on the lower reg set (and lr/pc in a complementary fashion, push lr paired with pop pc).

Answer 2

I think the register definitions are stored in include/asm-arm/ptrace.h

Not sure 100% though...