[Qemu-devel] [RFC] OSX/ppc64 TCG support

[Qemu-devel] [RFC] OSX/ppc64 TCG support

[Andreas Färber]

[-- Attachment #1: Type: text/plain, Size: 5721 bytes --]

Hello,

I've tried to add TCG backend support for Mac OS X ppc64 with limited  
success. It seems the linkage area and LR offset are the same as on  
Linux, so the main difference I could find was the register usage.

This brought up two questions:

i) In ppc/tcg-target.c TCG_REG_R2 is listed twice in  
tcg_target_reg_alloc_order for __APPLE__. I assume this is not  
intended? It does so far work with or without this patch eliminating  
the second use:

diff --git a/tcg/ppc/tcg-target.c b/tcg/ppc/tcg-target.c
index 23f94a8..7607d85 100644
--- a/tcg/ppc/tcg-target.c
+++ b/tcg/ppc/tcg-target.c
@@ -114,7 +114,9 @@ static const int tcg_target_reg_alloc_order[] = {
  #endif
      TCG_REG_R0,
      TCG_REG_R1,
+#ifndef __APPLE__
      TCG_REG_R2,
+#endif
      TCG_REG_R24,
      TCG_REG_R25,
      TCG_REG_R26,

Alternatively, if the order of r2 does not matter too much, we could  
remove the initial __APPLE__ section instead for simplicity.

ii) In ppc64/tcg-target.c tcg_target_call_oarg_regs is declared with a  
length of 2 but only contains one register. Intended?

diff --git a/tcg/ppc64/tcg-target.c b/tcg/ppc64/tcg-target.c
index a96314c..2a8eaec 100644
--- a/tcg/ppc64/tcg-target.c
+++ b/tcg/ppc64/tcg-target.c
@@ -125,11 +134,15 @@ static const int tcg_target_call_iarg_regs[] = {
      TCG_REG_R10
  };

-static const int tcg_target_call_oarg_regs[2] = {
+static const int tcg_target_call_oarg_regs[1] = {
      TCG_REG_R3
  };


Then for the real OSX/ppc64 changes, I have marked r11 and r13 callee- 
saved, like for OSX/ppc.
Reference: http://developer.apple.com/documentation/DeveloperTools/Conceptual/LowLevelABI/110-64-bit_PowerPC_Function_Calling_Conventions/64bitPowerPC.html

To my knowledge in ppc64 mode (at least on the G5) the lmw and stmw  
instructions are illegal. We should probably remove their definitions,  
they are not currently being used in the ppc64 backend.

Unfortunately qemu-system-ppc still crashes immediately, any hints  
welcome.

Program received signal EXC_BAD_INSTRUCTION, Illegal instruction/ 
operand.
0x00000000005a9680 in code_gen_prologue ()
(gdb) bt
#0  0x00000000005a9680 in code_gen_prologue ()
#1  0x00000000000c5ba0 in cpu_ppc_exec (env1=<value temporarily  
unavailable, due to optimizations>) at /Users/andreas/Q/qemu/cpu- 
exec.c:622
#2  0x000000000000a208 in qemu_main (argc=<value temporarily  
unavailable, due to optimizations>, argv=<value temporarily  
unavailable, due to optimizations>, envp=<value temporarily  
unavailable, due to optimizations>) at /Users/andreas/Q/qemu/vl.c:3828
#3  0x00000000000b2788 in -[QemuCocoaAppController  
startEmulationWithArgc:argv:] (self=<value temporarily unavailable,  
due to optimizations>, _cmd=<value temporarily unavailable, due to  
optimizations>, argc=<value temporarily unavailable, due to  
optimizations>, argv=<value temporarily unavailable, due to  
optimizations>) at /Users/andreas/Q/qemu/cocoa.m:780
#4  0x00007fff81b3ff08 in _nsnote_callback ()
#5  0x00007fff8104fd34 in _CFXNotificationPostNotification ()
#6  0x00007fff81b3c970 in -[NSNotificationCenter  
postNotificationName:object:userInfo:] ()
#7  0x00007fff81b476e0 in -[NSNotificationCenter  
postNotificationName:object:] ()
#8  0x00007fff81f58e24 in -[NSApplication _postDidFinishNotification] ()
#9  0x00007fff81f58ce4 in -[NSApplication  
_sendFinishLaunchingNotification] ()
#10 0x00007fff81eaf02c in -[NSApplication(NSAppleEventHandling)  
_handleAEOpen:] ()
#11 0x00007fff81eae51c in -[NSApplication(NSAppleEventHandling)  
_handleCoreEvent:withReplyEvent:] ()
#12 0x00007fff81b6bbe0 in -[NSAppleEventManager  
dispatchRawAppleEvent:withRawReply:handlerRefCon:] ()
#13 0x00007fff81b6b974 in _NSAppleEventManagerGenericHandler ()
#14 0x000000010067708c in aeDispatchAppleEvent ()
#15 0x000000010065f810 in dispatchEventAndSendReply ()
#16 0x000000010065f5cc in aeProcessAppleEvent ()
#17 0x00007fff843962dc in AEProcessAppleEvent ()
#18 0x00007fff81eaaf68 in _DPSNextEvent ()
#19 0x00007fff81eaa49c in -[NSApplication  
nextEventMatchingMask:untilDate:inMode:dequeue:] ()
#20 0x00007fff81ea185c in -[NSApplication run] ()
#21 0x00000000000b346c in main (argc=<value temporarily unavailable,  
due to optimizations>, argv=<value temporarily unavailable, due to  
optimizations>) at /Users/andreas/Q/qemu/cocoa.m:905
(gdb) q


diff --git a/tcg/ppc64/tcg-target.c b/tcg/ppc64/tcg-target.c
index a96314c..2a8eaec 100644
--- a/tcg/ppc64/tcg-target.c
+++ b/tcg/ppc64/tcg-target.c
@@ -94,6 +94,9 @@ static const int tcg_target_reg_alloc_order[] = {
      TCG_REG_R29,
      TCG_REG_R30,
      TCG_REG_R31,
+#ifdef __APPLE__
+    TCG_REG_R2,
+#endif
      TCG_REG_R3,
      TCG_REG_R4,
      TCG_REG_R5,
@@ -102,12 +105,18 @@ static const int tcg_target_reg_alloc_order[] = {
      TCG_REG_R8,
      TCG_REG_R9,
      TCG_REG_R10,
+#ifndef __APPLE__
      TCG_REG_R11,
+#endif
      TCG_REG_R12,
+#ifndef __APPLE
      TCG_REG_R13,
+#endif
      TCG_REG_R0,
      TCG_REG_R1,
+#ifndef __APPLE__
      TCG_REG_R2,
+#endif
      TCG_REG_R24,
      TCG_REG_R25,
      TCG_REG_R26,
@@ -125,11 +134,15 @@ static const int tcg_target_call_iarg_regs[] = {
      TCG_REG_R10
  };

-static const int tcg_target_call_oarg_regs[2] = {
+static const int tcg_target_call_oarg_regs[1] = {
      TCG_REG_R3
  };

  static const int tcg_target_callee_save_regs[] = {
+#ifdef __APPLE__
+    TCG_REG_R11,
+    TCG_REG_R13,
+#endif
      TCG_REG_R14,
      TCG_REG_R15,
      TCG_REG_R16,
@@ -373,8 +386,10 @@ static int tcg_target_const_match  
(tcg_target_long val,
  #define SRAD   XO31(794)
  #define SRADI  XO31(413<<1)

+#if 0
  #define LMW    OPCD( 46)
  #define STMW   OPCD( 47)
+#endif

  #define TW     XO31( 4)
  #define TRAP   (TW | TO (31))



[-- Attachment #2: tcg-osx-ppc64_2009-04-10.diff --]
[-- Type: application/octet-stream, Size: 1723 bytes --]

diff --git a/tcg/ppc/tcg-target.c b/tcg/ppc/tcg-target.c
index 23f94a8..7607d85 100644
--- a/tcg/ppc/tcg-target.c
+++ b/tcg/ppc/tcg-target.c
@@ -114,7 +114,9 @@ static const int tcg_target_reg_alloc_order[] = {
 #endif
     TCG_REG_R0,
     TCG_REG_R1,
+#ifndef __APPLE__
     TCG_REG_R2,
+#endif
     TCG_REG_R24,
     TCG_REG_R25,
     TCG_REG_R26,
diff --git a/tcg/ppc64/tcg-target.c b/tcg/ppc64/tcg-target.c
index a96314c..2a8eaec 100644
--- a/tcg/ppc64/tcg-target.c
+++ b/tcg/ppc64/tcg-target.c
@@ -94,6 +94,9 @@ static const int tcg_target_reg_alloc_order[] = {
     TCG_REG_R29,
     TCG_REG_R30,
     TCG_REG_R31,
+#ifdef __APPLE__
+    TCG_REG_R2,
+#endif
     TCG_REG_R3,
     TCG_REG_R4,
     TCG_REG_R5,
@@ -102,12 +105,18 @@ static const int tcg_target_reg_alloc_order[] = {
     TCG_REG_R8,
     TCG_REG_R9,
     TCG_REG_R10,
+#ifndef __APPLE__
     TCG_REG_R11,
+#endif
     TCG_REG_R12,
+#ifndef __APPLE
     TCG_REG_R13,
+#endif
     TCG_REG_R0,
     TCG_REG_R1,
+#ifndef __APPLE__
     TCG_REG_R2,
+#endif
     TCG_REG_R24,
     TCG_REG_R25,
     TCG_REG_R26,
@@ -125,11 +134,15 @@ static const int tcg_target_call_iarg_regs[] = {
     TCG_REG_R10
 };
 
-static const int tcg_target_call_oarg_regs[2] = {
+static const int tcg_target_call_oarg_regs[1] = {
     TCG_REG_R3
 };
 
 static const int tcg_target_callee_save_regs[] = {
+#ifdef __APPLE__
+    TCG_REG_R11,
+    TCG_REG_R13,
+#endif
     TCG_REG_R14,
     TCG_REG_R15,
     TCG_REG_R16,
@@ -373,8 +386,10 @@ static int tcg_target_const_match (tcg_target_long val,
 #define SRAD   XO31(794)
 #define SRADI  XO31(413<<1)
 
+#if 0
 #define LMW    OPCD( 46)
 #define STMW   OPCD( 47)
+#endif
 
 #define TW     XO31( 4)
 #define TRAP   (TW | TO (31))

[-- Attachment #3: Type: text/plain, Size: 1 bytes --]

Re: [Qemu-devel] [RFC] OSX/ppc64 TCG support

[C.W. Betts]

[-- Attachment #1: Type: text/plain, Size: 4747 bytes --]


On Apr 10, 2009, at 4:34 PM, Andreas Färber wrote:

> Hello,
>
> I've tried to add TCG backend support for Mac OS X ppc64 with  
> limited success. It seems the linkage area and LR offset are the  
> same as on Linux, so the main difference I could find was the  
> register usage.
>
> This brought up two questions:
>
> i) In ppc/tcg-target.c TCG_REG_R2 is listed twice in  
> tcg_target_reg_alloc_order for __APPLE__. I assume this is not  
> intended? It does so far work with or without this patch eliminating  
> the second use:
>
> diff --git a/tcg/ppc/tcg-target.c b/tcg/ppc/tcg-target.c
> index 23f94a8..7607d85 100644
> --- a/tcg/ppc/tcg-target.c
> +++ b/tcg/ppc/tcg-target.c
> @@ -114,7 +114,9 @@ static const int tcg_target_reg_alloc_order[] = {
> #endif
>     TCG_REG_R0,
>     TCG_REG_R1,
> +#ifndef __APPLE__
>     TCG_REG_R2,
> +#endif
>     TCG_REG_R24,
>     TCG_REG_R25,
>     TCG_REG_R26,
>
> Alternatively, if the order of r2 does not matter too much, we could  
> remove the initial __APPLE__ section instead for simplicity.
>
> ii) In ppc64/tcg-target.c tcg_target_call_oarg_regs is declared with  
> a length of 2 but only contains one register. Intended?
>
> diff --git a/tcg/ppc64/tcg-target.c b/tcg/ppc64/tcg-target.c
> index a96314c..2a8eaec 100644
> --- a/tcg/ppc64/tcg-target.c
> +++ b/tcg/ppc64/tcg-target.c
> @@ -125,11 +134,15 @@ static const int tcg_target_call_iarg_regs[] = {
>     TCG_REG_R10
> };
>
> -static const int tcg_target_call_oarg_regs[2] = {
> +static const int tcg_target_call_oarg_regs[1] = {
>     TCG_REG_R3
> };
>
>
> Then for the real OSX/ppc64 changes, I have marked r11 and r13  
> callee-saved, like for OSX/ppc.
> Reference: http://developer.apple.com/documentation/DeveloperTools/Conceptual/LowLevelABI/110-64-bit_PowerPC_Function_Calling_Conventions/64bitPowerPC.html
>
> To my knowledge in ppc64 mode (at least on the G5) the lmw and stmw  
> instructions are illegal. We should probably remove their  
> definitions, they are not currently being used in the ppc64 backend.
>
> Unfortunately qemu-system-ppc still crashes immediately, any hints  
> welcome.
>
> Program received signal EXC_BAD_INSTRUCTION, Illegal instruction/ 
> operand.
> 0x00000000005a9680 in code_gen_prologue ()
> (gdb) bt
> #0  0x00000000005a9680 in code_gen_prologue ()
> #1  0x00000000000c5ba0 in cpu_ppc_exec (env1=<value temporarily  
> unavailable, due to optimizations>) at /Users/andreas/Q/qemu/cpu- 
> exec.c:622
> #2  0x000000000000a208 in qemu_main (argc=<value temporarily  
> unavailable, due to optimizations>, argv=<value temporarily  
> unavailable, due to optimizations>, envp=<value temporarily  
> unavailable, due to optimizations>) at /Users/andreas/Q/qemu/vl.c:3828
> #3  0x00000000000b2788 in -[QemuCocoaAppController  
> startEmulationWithArgc:argv:] (self=<value temporarily unavailable,  
> due to optimizations>, _cmd=<value temporarily unavailable, due to  
> optimizations>, argc=<value temporarily unavailable, due to  
> optimizations>, argv=<value temporarily unavailable, due to  
> optimizations>) at /Users/andreas/Q/qemu/cocoa.m:780
> #4  0x00007fff81b3ff08 in _nsnote_callback ()
> #5  0x00007fff8104fd34 in _CFXNotificationPostNotification ()
> #6  0x00007fff81b3c970 in -[NSNotificationCenter  
> postNotificationName:object:userInfo:] ()
> #7  0x00007fff81b476e0 in -[NSNotificationCenter  
> postNotificationName:object:] ()
> #8  0x00007fff81f58e24 in -[NSApplication  
> _postDidFinishNotification] ()
> #9  0x00007fff81f58ce4 in -[NSApplication  
> _sendFinishLaunchingNotification] ()
> #10 0x00007fff81eaf02c in -[NSApplication(NSAppleEventHandling)  
> _handleAEOpen:] ()
> #11 0x00007fff81eae51c in -[NSApplication(NSAppleEventHandling)  
> _handleCoreEvent:withReplyEvent:] ()
> #12 0x00007fff81b6bbe0 in -[NSAppleEventManager  
> dispatchRawAppleEvent:withRawReply:handlerRefCon:] ()
> #13 0x00007fff81b6b974 in _NSAppleEventManagerGenericHandler ()
> #14 0x000000010067708c in aeDispatchAppleEvent ()
> #15 0x000000010065f810 in dispatchEventAndSendReply ()
> #16 0x000000010065f5cc in aeProcessAppleEvent ()
> #17 0x00007fff843962dc in AEProcessAppleEvent ()
> #18 0x00007fff81eaaf68 in _DPSNextEvent ()
> #19 0x00007fff81eaa49c in -[NSApplication  
> nextEventMatchingMask:untilDate:inMode:dequeue:] ()
> #20 0x00007fff81ea185c in -[NSApplication run] ()
> #21 0x00000000000b346c in main (argc=<value temporarily unavailable,  
> due to optimizations>, argv=<value temporarily unavailable, due to  
> optimizations>) at /Users/andreas/Q/qemu/cocoa.m:905
> (gdb) q
Try using i386-softmmu as a test base.  It is more stable and better  
supported.


[-- Attachment #2: Type: text/html, Size: 5270 bytes --]

[Qemu-devel] Re: [RFC] OSX/ppc64 TCG support

[malc]

On Sat, 11 Apr 2009, Andreas F?rber wrote:

> Hello,
> 
> I've tried to add TCG backend support for Mac OS X ppc64 with limited success.
> It seems the linkage area and LR offset are the same as on Linux, so the main
> difference I could find was the register usage.
> 
> This brought up two questions:
> 
> i) In ppc/tcg-target.c TCG_REG_R2 is listed twice in
> tcg_target_reg_alloc_order for __APPLE__. I assume this is not intended? It
> does so far work with or without this patch eliminating the second use:

Not intended, thanks for noticing.

> 
> diff --git a/tcg/ppc/tcg-target.c b/tcg/ppc/tcg-target.c
> index 23f94a8..7607d85 100644
> --- a/tcg/ppc/tcg-target.c
> +++ b/tcg/ppc/tcg-target.c
> @@ -114,7 +114,9 @@ static const int tcg_target_reg_alloc_order[] = {
> #endif
>     TCG_REG_R0,
>     TCG_REG_R1,
> +#ifndef __APPLE__
>     TCG_REG_R2,
> +#endif
>     TCG_REG_R24,
>     TCG_REG_R25,
>     TCG_REG_R26,
> 
> Alternatively, if the order of r2 does not matter too much, we could 
> remove the initial __APPLE__ section instead for simplicity.
> 
> ii) In ppc64/tcg-target.c tcg_target_call_oarg_regs is declared with a 
> length of 2 but only contains one register. Intended?

Probably not, then again i'd have to recheck PPC64 ABI for DI/struct
returns to be sure, then again QEMU doesn't sue those. Anyhow...
 
> diff --git a/tcg/ppc64/tcg-target.c b/tcg/ppc64/tcg-target.c
> index a96314c..2a8eaec 100644
> --- a/tcg/ppc64/tcg-target.c
> +++ b/tcg/ppc64/tcg-target.c
> @@ -125,11 +134,15 @@ static const int tcg_target_call_iarg_regs[] = {
>     TCG_REG_R10
> };
> 
> -static const int tcg_target_call_oarg_regs[2] = {
> +static const int tcg_target_call_oarg_regs[1] = {
>     TCG_REG_R3
> };

This is most certainly is just as in correct as having it at [2] and
not initializing element N1 since main tcg proper never invokes ARRAY_SIZE
on tcg_target_call_oarg_regs...

> 
> Then for the real OSX/ppc64 changes, I have marked r11 and r13 
> callee-saved, like for OSX/ppc. Reference: 
> http://developer.apple.com/documentation/DeveloperTools/Conceptual/LowLevelABI/110-64-bit_PowerPC_Function_Calling_Conventions/64bitPowerPC.html
> 
> To my knowledge in ppc64 mode (at least on the G5) the lmw and stmw
> instructions are illegal. We should probably remove their definitions, they
> are not currently being used in the ppc64 backend.

They aren't used in PPC32 case either, i'll whack them.

> Unfortunately qemu-system-ppc still crashes immediately, any hints welcome.
> 
> Program received signal EXC_BAD_INSTRUCTION, Illegal instruction/operand.
> 0x00000000005a9680 in code_gen_prologue ()
> (gdb) bt

I think TOCs are a lot different in ppc-elf64abi and Mach-O one, that
would explain why it fails so early

> #0  0x00000000005a9680 in code_gen_prologue ()

[..snip..]

Unfortunatelly i don't have access to MacOSX on a PPC64 so you are on your
own there.

-- 
mailto:av1474@comtv.ru

Re: [Qemu-devel] Re: [RFC] OSX/ppc64 TCG support

[Andreas Färber]

Am 11.04.2009 um 09:22 schrieb malc:

> On Sat, 11 Apr 2009, Andreas F?rber wrote:
>>
>> ii) In ppc64/tcg-target.c tcg_target_call_oarg_regs is declared  
>> with a
>> length of 2 but only contains one register. Intended?
>
> Probably not, then again i'd have to recheck PPC64 ABI for DI/struct
> returns to be sure, then again QEMU doesn't sue those. Anyhow...
>
>> diff --git a/tcg/ppc64/tcg-target.c b/tcg/ppc64/tcg-target.c
>> index a96314c..2a8eaec 100644
>> --- a/tcg/ppc64/tcg-target.c
>> +++ b/tcg/ppc64/tcg-target.c
>> @@ -125,11 +134,15 @@ static const int tcg_target_call_iarg_regs[]  
>> = {
>>    TCG_REG_R10
>> };
>>
>> -static const int tcg_target_call_oarg_regs[2] = {
>> +static const int tcg_target_call_oarg_regs[1] = {
>>    TCG_REG_R3
>> };
>
> This is most certainly is just as in correct as having it at [2] and
> not initializing element N1 since main tcg proper never invokes  
> ARRAY_SIZE
> on tcg_target_call_oarg_regs...

Oops, I must have confused this with iargs, there the ARRAY_SIZE is  
checked in tcg_target_get_call_iarg_regs_count.
Anyway, I had already tried adding TCG_REG_R4 like for ppc, without  
noticeable difference.

>
>> Unfortunately qemu-system-ppc still crashes immediately, any hints  
>> welcome.
>>
>> Program received signal EXC_BAD_INSTRUCTION, Illegal instruction/ 
>> operand.
>> 0x00000000005a9680 in code_gen_prologue ()
>> (gdb) bt
>
> I think TOCs are a lot different in ppc-elf64abi and Mach-O one, that
> would explain why it fails so early

Could you please elaborate on that? I am still not familiar with the  
topic. Do you mean I would have to initialize the TOC field of the  
function descriptor? Or in which other parts of the code would I need  
to make adjustments for those TOCs?
In the above ABI document neither function descriptors nor TOCs are  
mentioned at all.

>
>> #0  0x00000000005a9680 in code_gen_prologue ()
>
> [..snip..]
>
> Unfortunatelly i don't have access to MacOSX on a PPC64 so you are  
> on your
> own there.

I know, you said so. Still any hints where to dig or advice how to  
debug this with gdb would be helpful.

Andreas

Re: [Qemu-devel] Re: [RFC] OSX/ppc64 TCG support

[malc]

On Sat, 11 Apr 2009, Andreas F?rber wrote:

> 
> Am 11.04.2009 um 09:22 schrieb malc:
> 
> > On Sat, 11 Apr 2009, Andreas F?rber wrote:
> > > 
> > > ii) In ppc64/tcg-target.c tcg_target_call_oarg_regs is declared with a
> > > length of 2 but only contains one register. Intended?
> > 
> > Probably not, then again i'd have to recheck PPC64 ABI for DI/struct
> > returns to be sure, then again QEMU doesn't sue those. Anyhow...
> > 
> > > diff --git a/tcg/ppc64/tcg-target.c b/tcg/ppc64/tcg-target.c
> > > index a96314c..2a8eaec 100644
> > > --- a/tcg/ppc64/tcg-target.c
> > > +++ b/tcg/ppc64/tcg-target.c
> > > @@ -125,11 +134,15 @@ static const int tcg_target_call_iarg_regs[] = {
> > >   TCG_REG_R10
> > > };
> > > 
> > > -static const int tcg_target_call_oarg_regs[2] = {
> > > +static const int tcg_target_call_oarg_regs[1] = {
> > >   TCG_REG_R3
> > > };
> > 
> > This is most certainly is just as in correct as having it at [2] and
> > not initializing element N1 since main tcg proper never invokes ARRAY_SIZE
> > on tcg_target_call_oarg_regs...
> 
> Oops, I must have confused this with iargs, there the ARRAY_SIZE is
> checked in tcg_target_get_call_iarg_regs_count.  Anyway, I had
> already tried adding TCG_REG_R4 like for ppc, without noticeable
> difference.

I just checked the document you linked to and PPC-elf64abi and thing is:
 1. Mac OS X passes
    struct { long a; long b; };
    value in R3 and R4

 2. PPC-elf64abi adhered systems don't

 3. There is no 128bit integral type defined by either ABI (and QEMU
    doesn't use use anyway)

So adding R4 there makes little sense in the general scheme of things
(I'd have put trap representation there, but alas neither ABI defines
one)

> > 
> > > Unfortunately qemu-system-ppc still crashes immediately, any hints
> > > welcome.
> > > 
> > > Program received signal EXC_BAD_INSTRUCTION, Illegal instruction/operand.
> > > 0x00000000005a9680 in code_gen_prologue ()
> > > (gdb) bt
> > 
> > I think TOCs are a lot different in ppc-elf64abi and Mach-O one, that
> > would explain why it fails so early
> 
> Could you please elaborate on that? I am still not familiar with the topic. Do
> you mean I would have to initialize the TOC field of the function descriptor?
> Or in which other parts of the code would I need to make adjustments for those
> TOCs?
> In the above ABI document neither function descriptors nor TOCs are mentioned
> at all.

I recall reading a post by an Apple engineer on some Apple mailing
list detailing the differences between Mach-O and ELF64 ABIs, but i
can't find it now.

> > 
> > > #0  0x00000000005a9680 in code_gen_prologue ()
> > 
> > [..snip..]
> > 
> > Unfortunatelly i don't have access to MacOSX on a PPC64 so you are on your
> > own there.
> 
> I know, you said so. Still any hints where to dig or advice how to debug this
> with gdb would be helpful.

Well:

gdb --args qemu-... [qemu args...]

and once it crashes:

x/10i $pc and info registers

If you want you can send the output to me off-list.

-- 
mailto:av1474@comtv.ru