[Qemu-devel] qemu-mips strange jump !!!

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Alessandro Montano <alex@exit.it>
To: qemu-devel@nongnu.org.
Subject: [Qemu-devel] qemu-mips strange jump !!!
Date: Fri, 26 Dec 2008 19:36:25 +0100	[thread overview]
Message-ID: <49552429.5050808@exit.it> (raw)
In-Reply-To: <200812240123.mBO1N2NJ029937@fedora.exit.it>

This is my first post, so sorry for any error ...
I'm developing a DVB-S emulator based on qemu-mips.
I'm adding all the device, once a time, but I notice a strange problem 
that crashes my emulator.

It seems to do  bad jumps!

In brief ... I run this command
*./bin/-qemu-system-mips -L . mips_bios.bin -d int,exec,op,in_asm
*and it genereates this log

IN:
0x80071fc4:  lui    at,0x8007
0x80071fc8:  lw    a1,0xC094(at)
0x80071fcc:  lui    a0,0x8007
0x80071fd0:  addiu    a0,a0,0xD060
0x80071fd4:  jal    0x8006d76c  <-  this is the right address
0x80071fd8:  nop

OP:
0x0000: set_T0 0x80070000
0x0001: store_T0_gpr_gpr1
0x0002: load_gpr_T0_gpr1
0x0003: set_T1 0xffffc094
0x0004: addr_add
0x0005: lw_kernel
0x0006: store_T0_gpr_gpr5
0x0007: set_T0 0x80070000
0x0008: store_T0_gpr_gpr4
0x0009: set_T1 0xffffd060
0x000a: add
0x000b: store_T0_gpr_gpr4
0x000c: set_T0 0x80071fdc
0x000d: store_T0_gpr_gpr31
0x000e: save_pc 0x8006d76c  <-  this is the right address
0x000f: reset_T0
0x0010: exit_tb
0x0011: end

IN:
0x8006d968:  andi    t9,t9,0xdf  <-  but this is a wrong jump !!!
0x8006d96c:  j    0x8006d90c
0x8006d970:  ori    t9,t9,0x20

OP:
0x0000: load_gpr_T0_gpr25
0x0001: set_T1 0xdf
0x0002: and
0x0003: store_T0_gpr_gpr25
0x0004: set_T1 0x20
0x0005: or
0x0006: store_T0_gpr_gpr25
0x0007: goto_tb0 0x757878
0x0008: save_pc 0x8006d90c
0x0009: set_T0 0x757878
0x000a: exit_tb
0x000b

The mips instruction

0x80071fd4:  jal    0x8006D76C

is correctly translated to

0x0008: save_pc 0x8006d90c

but then the execution-flow jumps to

0x8006d968:  andi    t9,t9,0xdf

I don't think it is correct!

Thanks for any suggestion.
---
AlexIT

next      parent reply	other threads:[~2008-12-26 18:36 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <200812240123.mBO1N2NJ029937@fedora.exit.it>
2008-12-26 18:36 ` Alessandro Montano [this message]
2008-12-27  8:24   ` [Qemu-devel] qemu-mips strange jump !!! Laurent Desnogues
2008-12-27 11:24     ` andrzej zaborowski
2008-12-27 15:32       ` andrzej zaborowski

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=49552429.5050808@exit.it \
    --to=alex@exit.it \
    --cc=qemu-devel@nongnu.org \
    --cc=qemu-devel@nongnu.org. \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.