From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1Db35l-0001BT-IK for qemu-devel@nongnu.org; Wed, 25 May 2005 17:07:07 -0400 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1Db35h-00019g-Gm for qemu-devel@nongnu.org; Wed, 25 May 2005 17:07:01 -0400 Received: from [199.232.76.173] (helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1Db35h-00013K-AN for qemu-devel@nongnu.org; Wed, 25 May 2005 17:07:01 -0400 Received: from [62.210.190.9] (helo=brazzaville.magic.fr) by monty-python.gnu.org with esmtp (Exim 4.34) id 1Db2wh-0002Wb-Vi for qemu-devel@nongnu.org; Wed, 25 May 2005 16:57:44 -0400 Received: from private2 (ppp-181.net-555.magic.fr [62.210.255.181]) by brazzaville.magic.fr (8.11.6/8.11.6) with ESMTP id j4PKvAQ10774 for ; Wed, 25 May 2005 22:57:10 +0200 Subject: Re: [Qemu-devel] OS/2 Bootloader Some weird behaviour of branch instruction From: "J. Mayer" In-Reply-To: <4294CB13.9080002@co.inet.fi> References: <4294C037.2070509@co.inet.fi> <4294CB13.9080002@co.inet.fi> Content-Type: text/plain Date: Wed, 25 May 2005 22:57:11 +0200 Message-Id: <1117054631.15980.112.camel@rapid> Mime-Version: 1.0 Content-Transfer-Encoding: 7bit Reply-To: qemu-devel@nongnu.org List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org On Wed, 2005-05-25 at 21:59 +0300, Tero Kaarlela wrote: > I have just realized that when running in LE mode in_asm dump is not > useful because it shows code in BE-format. I'll try to make it print in > LE format. And those invalid opcodes is this because after OS/2 crashes > Qemu tries to start its own code but crashes because before this > Processor should be returned to BE-format? It should display insns in little-endian format, if you're up to date. Take a look at the code in disas.c and ppc-dis.c, you'll see the case is handled. But the 0x3c opcode is valid ... on POWER2 (namely stfq). Then I guess you choose a platform which is a RS/6000 with a POWER2, not a PowerPC. I'm afraid POWER1 & POWER2 won't be emuled soon, if they'll ever be... Please check this point. Another point: > I took a look at qemu in_asm & cpu debugging with OS/2 bootloader > under Qemu -prep. And there is something weird happening in my opinion: > > This happens after boot.cfg has been gone through and kernel bootstrap > task should start: > > IN: > 0xf0107068: .long 0x10009d81 > 0xf010706c: tdi 0,r0,27776 > 0xf0107070: bl F011EDF0 <<= Shouldnt this branch to F011EDF0 > instead of going on??? As this is a subroutine call, I guess this routine as already been called from somewhere else. As Qemu only displays blocks at translation time, you don't have any dump any more when calling a routine twice. -- J. Mayer Never organized