[Qemu-devel] [MIPS Malta] Wrong relative jump in the YAMON print subroutine

All of lore.kernel.org
 help / color / mirror / Atom feed

* [Qemu-devel] [MIPS Malta] Wrong relative jump in the YAMON print subroutine
@ 2012-12-13 23:35 Jakub Jermar
  0 siblings, 0 replies; only message in thread
From: Jakub Jermar @ 2012-12-13 23:35 UTC (permalink / raw)
  To: qemu-devel

[-- Attachment #1: Type: text/plain, Size: 1084 bytes --]

Hello,

there appears to be a bug in the hand-written machine code which causes
the YAMON print subroutine to jump to a wrong location after printing
the first character. In hw/mips_malta.c, line 619, there is:

stl_raw(p++, 0x08000205);                                    /* j 814 */

which results in the following wrong code being generated:

   0xbfc00814:	lbu	a0,0(t2)
   0xbfc00818:	addiu	t2,t2,1
   0xbfc0081c:	beqz	a0,0xbfc00834
   0xbfc00820:	nop
   0xbfc00824:	jal	0xbfc00870
   0xbfc00828:	nop
   0xbfc0082c:	j	0xb0000814     <==== HERE

While in fact we would like it to branch to 0xbfc00814 instead. To
achieve this effect, the line needs to be changed to read as:

stl_raw(p++, 0x1000fff9);                                   /* j 814 */

so that we get:

   0xbfc00814:	lbu	a0,0(t2)
   0xbfc00818:	addiu	t2,t2,1
   0xbfc0081c:	beqz	a0,0xbfc00834
   0xbfc00820:	nop
   0xbfc00824:	jal	0xbfc00870
   0xbfc00828:	nop
   0xbfc0082c:	b	0xbfc00814

I verified the print subroutine works as expected with the fix.

Please find the fix attached to this message.

Regards,
Jakub

[-- Attachment #2: yamon-print.patch --]
[-- Type: text/x-patch, Size: 838 bytes --]

diff --git a/hw/mips_malta.c b/hw/mips_malta.c
index dfd7b6b..77a8e88 100644
--- a/hw/mips_malta.c
+++ b/hw/mips_malta.c
@@ -616,7 +616,7 @@ static void write_bootloader (CPUMIPSState *env, uint8_t *base,
     stl_raw(p++, 0x00000000);                                     /* nop */
     stl_raw(p++, 0x0ff0021c);                                     /* jal 870 */
     stl_raw(p++, 0x00000000);                                     /* nop */
-    stl_raw(p++, 0x08000205);                                     /* j 814 */
+    stl_raw(p++, 0x1000fff9);                                     /* j 814 */
     stl_raw(p++, 0x00000000);                                     /* nop */
     stl_raw(p++, 0x01a00008);                                     /* jr t5 */
     stl_raw(p++, 0x01602021);                                     /* move a0,t3 */

^ permalink raw reply related	[flat|nested] only message in thread

only message in thread, other threads:[~2012-12-13 23:35 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-12-13 23:35 [Qemu-devel] [MIPS Malta] Wrong relative jump in the YAMON print subroutine Jakub Jermar

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.