--- On Sun, 4/3/11, Kenneth Salerno <kennethsale...@yahoo.com> wrote:
> From: Kenneth Salerno <kennethsale...@yahoo.com> > Subject: Re: [Qemu-devel] Help Debugging AIX boot on qemu-system-ppc (it > reads bootfile.exe now) > To: "malc" <av1...@comtv.ru> > Cc: qemu-devel@nongnu.org > Date: Sunday, April 3, 2011, 6:52 PM > --- On Sun, 4/3/11, Kenneth Salerno > <kennethsale...@yahoo.com> > wrote: > > > From: Kenneth Salerno <kennethsale...@yahoo.com> > > Subject: Re: [Qemu-devel] Help Debugging AIX boot on > qemu-system-ppc (it reads bootfile.exe now) > > To: "malc" <av1...@comtv.ru> > > Cc: qemu-devel@nongnu.org > > Date: Sunday, April 3, 2011, 11:29 AM > > --- On Sun, 4/3/11, malc <av1...@comtv.ru> > > wrote: > > > > > From: malc <av1...@comtv.ru> > > > Subject: Re: [Qemu-devel] Help Debugging AIX boot > on > > qemu-system-ppc (it reads bootfile.exe now) > > > To: "Kenneth Salerno" <kennethsale...@yahoo.com> > > > Cc: qemu-devel@nongnu.org > > > Date: Sunday, April 3, 2011, 12:13 AM > > > On Sat, 2 Apr 2011, Kenneth Salerno > > > wrote: > > > > > > > Hi, > > > > > > > > I have been using QEMU for a few years and > > > periodically tested AIX V6.1 with qemu-system-ppc > and > > read > > > the various threads in the mailing list knowing > not > > to > > > expect it to work just yet. However, with > OpenBIOS > > v1.0 I > > > was surprised to find how far it gets now. Please > see > > below > > > and I would appreciate any advice on how to > debug > > further: > > > > > > > > >> > > > > > > ============================================================= > > > > >> OpenBIOS 1.0 [Jan 30 2011 08:46] > > > > >> Configuration device id QEMU > version 1 > > > machine id 2 > > > > >> CPUs: 1 > > > > >> Memory: 2047M > > > > >> UUID: > > 17202d0a-45f8-4159-a8e1-78b866f50aa7 > > > > >> CPU type PowerPC,750 > > > > Welcome to OpenBIOS v1.0 built on Jan 30 > 2011 > > 08:46 > > > > Trying cd:,\\:tbxi... > > > > Trying cd:,\ppc\bootinfo.txt... > > > > > > > > > > > > > > > > > > > > > > ------------------------------------------------------------------------------- > > > > > > > > Welcome to AIX. > > > > boot > image > > > timestamp: 00:39 35/2D > > > > The current time > and > > date: > > > 23:00:50 04/02/2011 > > > > processor count: 1; memory > size: > > > 2047MB; kernel size: 2293829 > > > > boot device: > > > cd:\ppc\chrp\bootfile.exe > > > > > > > > qemu> > > > > info cpus > > > > * CPU #0: nip=0xfff0fcdc thread_id=2527 > > > > > > > > info registers > > > > NIP fff0fcec LR fff0fcc4 CTR fff11558 > XER > > > 20000000 > > > > MSR 00003032 HID0 00000000 HF 00002000 idx > 1 > > > > TB 00000000 1542797983 DECR 2752169338 > > > > GPR00 000000007fb9f0d0 000000007fcf7790 > > > 0000000000000000 000000007fba29e4 > > > > GPR04 00000000fffb403c 0000000000044200 > > > 00000000fff02464 0000000000044200 > > > > GPR08 0000000000000000 000000007fba29e4 > > > 000000000000000c 0000000000000820 > > > > GPR12 00000000000088ac 0000000000000000 > > > 00000000fff305f5 00000000fff30dac > > > > GPR16 00000000fff2f14e 0000000004000000 > > > 00000000fffb36c4 00000000fffb3ec4 > > > > GPR20 00000000000030ec 00000000fff2ef4a > > > 00000000fff2ef38 00000000fff2eeb8 > > > > GPR24 00000000fff2ef40 00000000fffb3628 > > > 0000000000044204 00000000fffffff8 > > > > GPR28 0000000000000036 00000000fffb0000 > > > 00000000fffb0000 000000007fb9f0d8 > > > > CR 48000084 [ G L - - - - L > G > > ] > > > RES ffffffff > > > > FPR00 0000000000000000 0000000000000000 > > > 0000000000000000 0000000000000000 > > > > FPR04 0000000000000000 0000000000000000 > > > 0000000000000000 0000000000000000 > > > > FPR08 0000000000000000 0000000000000000 > > > 0000000000000000 0000000000000000 > > > > FPR12 0000000000000000 0000000000000000 > > > 0000000000000000 0000000000000000 > > > > FPR16 0000000000000000 0000000000000000 > > > 0000000000000000 0000000000000000 > > > > FPR20 0000000000000000 0000000000000000 > > > 0000000000000000 0000000000000000 > > > > FPR24 0000000000000000 0000000000000000 > > > 0000000000000000 0000000000000000 > > > > FPR28 0000000000000000 0000000000000000 > > > 0000000000000000 0000000000000000 > > > > FPSCR 00000000 > > > > SRR0 000042c0 SRR1 00003032 SDR1 7fd00000 > > > > > > > > x/20i $pc-10 > > > > > > Unless i'm missing something, what follows does > not > > make > > > any > > > sense (and for a good reason: 10 is not multiple > of 4 > > > (opcode size on > > > ppc)) > > > > (qemu) x/20i $pc-4 > > x/20i $pc-4 > > 0xfff0fcd8: b > > 0xfff0fce0 > > 0xfff0fcdc: mr r3,r9 > > 0xfff0fce0: lwz r9,0(r3) > > 0xfff0fce4: cmpwi cr7,r9,0 > > 0xfff0fce8: beq- cr7,0xfff0fcfc > > 0xfff0fcec: lwz r10,4(r9) > > 0xfff0fcf0: lwz r11,-4(r31) > > 0xfff0fcf4: cmplw cr7,r10,r11 > > 0xfff0fcf8: blt+ cr7,0xfff0fcdc > > 0xfff0fcfc: stw r9,-8(r31) > > 0xfff0fd00: stw r0,0(r3) > > 0xfff0fd04: addi r11,r1,16 > > 0xfff0fd08: b > > 0xfff25e80 > > 0xfff0fd0c: stwu r1,-32(r1) > > 0xfff0fd10: mflr r0 > > 0xfff0fd14: stmw r29,20(r1) > > 0xfff0fd18: mr. r30,r3 > > 0xfff0fd1c: stw r0,36(r1) > > 0xfff0fd20: mr r29,r4 > > 0xfff0fd24: bne+ 0xfff0fd38 > > > > (qemu) info registers > > info registers > > NIP fff0fcec LR fff0fcc4 CTR fff11558 XER > > 20000000 > > MSR 00003032 HID0 00000000 HF 00002000 idx 1 > > TB 00000000 2208586352 DECR 2086380980 > > GPR00 000000007fb9f0a0 000000007fcf7790 > 0000000000000000 > > 000000007fba29b4 > > GPR04 00000000fffb403c 0000000000044200 > 00000000fff02464 > > 0000000000044200 > > GPR08 0000000000000000 000000007fba29b4 > 000000000000000c > > 0000000000000820 > > GPR12 00000000000088ac 0000000000000000 > 00000000fff305f5 > > 00000000fff30dac > > GPR16 00000000fff2f14e 0000000004000000 > 00000000fffb36c4 > > 00000000fffb3ec4 > > GPR20 00000000000030ec 00000000fff2ef4a > 00000000fff2ef38 > > 00000000fff2eeb8 > > GPR24 00000000fff2ef40 00000000fffb3628 > 0000000000044204 > > 00000000fffffff8 > > GPR28 0000000000000036 00000000fffb0000 > 00000000fffb0000 > > 000000007fb9f0a8 > > CR 48000084 [ G L - - - > > - L G ] > > RES ffffffff > > FPR00 0000000000000000 0000000000000000 > 0000000000000000 > > 0000000000000000 > > FPR04 0000000000000000 0000000000000000 > 0000000000000000 > > 0000000000000000 > > FPR08 0000000000000000 0000000000000000 > 0000000000000000 > > 0000000000000000 > > FPR12 0000000000000000 0000000000000000 > 0000000000000000 > > 0000000000000000 > > FPR16 0000000000000000 0000000000000000 > 0000000000000000 > > 0000000000000000 > > FPR20 0000000000000000 0000000000000000 > 0000000000000000 > > 0000000000000000 > > FPR24 0000000000000000 0000000000000000 > 0000000000000000 > > 0000000000000000 > > FPR28 0000000000000000 0000000000000000 > 0000000000000000 > > 0000000000000000 > > FPSCR 00000000 > > SRR0 000042c0 SRR1 00003032 SDR1 7fd00000 > > > > OUT: [size=256] > > 0x40576b60: mov 0x100(%r14),%ebp > > 0x40576b67: mov 0x4(%r14),%ebx > > 0x40576b6b: lea -0x10(%rbx),%r12d > > 0x40576b6f: mov %ebp,(%r14) > > 0x40576b72: mov $0x20,%ebp > > 0x40576b77: mov %ebp,0x260(%r14) > > 0x40576b7e: mov %r12d,%esi > > 0x40576b81: mov %r12d,%edi > > 0x40576b84: shr $0x7,%esi > > 0x40576b87: and $0xfffff003,%edi > > 0x40576b8d: and $0x1fe0,%esi > > 0x40576b93: lea > > 0x228c(%r14,%rsi,1),%rsi > > 0x40576b9b: cmp (%rsi),%edi > > 0x40576b9d: mov %r12d,%edi > > 0x40576ba0: jne 0x40576bae > > 0x40576ba2: add 0xc(%rsi),%rdi > > 0x40576ba6: mov %ebx,%esi > > 0x40576ba8: bswap %esi > > 0x40576baa: mov %esi,(%rdi) > > 0x40576bac: jmp 0x40576bba > > 0x40576bae: mov %ebx,%esi > > 0x40576bb0: mov $0x1,%edx > > 0x40576bb5: callq 0x57f0f5 > > 0x40576bba: lea 0x14(%r12),%ebp > > 0x40576bbf: mov (%r14),%ebx > > 0x40576bc2: mov %r12d,0x4(%r14) > > 0x40576bc6: mov %ebp,%esi > > 0x40576bc8: mov %ebp,%edi > > 0x40576bca: shr $0x7,%esi > > 0x40576bcd: and $0xfffff003,%edi > > 0x40576bd3: and $0x1fe0,%esi > > 0x40576bd9: lea > > 0x228c(%r14,%rsi,1),%rsi > > 0x40576be1: cmp (%rsi),%edi > > 0x40576be3: mov %ebp,%edi > > 0x40576be5: jne 0x40576bf3 > > 0x40576be7: add 0xc(%rsi),%rdi > > 0x40576beb: mov %ebx,%esi > > 0x40576bed: bswap %esi > > 0x40576bef: mov %esi,(%rdi) > > 0x40576bf1: jmp 0x40576bff > > 0x40576bf3: mov %ebx,%esi > > 0x40576bf5: mov $0x1,%edx > > 0x40576bfa: callq 0x57f0f5 > > 0x40576bff: mov 0xc(%r14),%ebp > > 0x40576c03: lea 0x18(%rbp),%ebx > > 0x40576c06: mov %ebx,%esi > > 0x40576c08: mov %ebx,%edi > > 0x40576c0a: shr $0x7,%esi > > 0x40576c0d: and $0xfffff003,%edi > > 0x40576c13: and $0x1fe0,%esi > > 0x40576c19: lea > > 0x2288(%r14,%rsi,1),%rsi > > 0x40576c21: cmp (%rsi),%edi > > 0x40576c23: mov %ebx,%edi > > 0x40576c25: jne 0x40576c31 > > 0x40576c27: add 0x10(%rsi),%rdi > > 0x40576c2b: mov (%rdi),%ebp > > 0x40576c2d: bswap %ebp > > 0x40576c2f: jmp 0x40576c3d > > 0x40576c31: mov $0x1,%esi > > 0x40576c36: callq 0x57ecde > > 0x40576c3b: mov %eax,%ebp > > 0x40576c3d: mov %ebp,0xc(%r14) > > 0x40576c41: mov $0xfff084ac,%ebp > > 0x40576c46: mov %ebp,0x25c(%r14) > > 0x40576c4d: mov $0xfff1156c,%ebp > > 0x40576c52: mov %ebp,0x100(%r14) > > 0x40576c59: xor %eax,%eax > > 0x40576c5b: jmpq 0x11c0a4e > > > > > > > > > 0xfff0fcd2: fnmadd. f31,f24,f4,f18 > > > > 0xfff0fcd6: .long 0xfff84800 > > > > 0xfff0fcda: .long 0x87d23 > > > > 0xfff0fcde: bla 0xff788120 > > > > 0xfff0fce2: .long 0x2f89 > > > > 0xfff0fce6: .long 0x419e > > > > 0xfff0fcea: .long 0x148149 > > > > 0xfff0fcee: .long 0x4817f > > > > 0xfff0fcf2: .long 0xfffc7f8a > > > > 0xfff0fcf6: rlmi r0,r2,r8,6,14 > > > > 0xfff0fcfa: fnmadd. f31,f4,f4,f18 > > > > 0xfff0fcfe: .long 0xfff89003 > > > > 0xfff0fd02: .long 0x3961 > > > > 0xfff0fd06: .long 0x104801 > > > > 0xfff0fd0a: ori r24,r11,37921 > > > > 0xfff0fd0e: .long 0xffe07c08 > > > > 0xfff0fd12: .long 0x2a6bfa1 > > > > 0xfff0fd16: .long 0x147c7e > > > > 0xfff0fd1a: .long 0x1b799001 > > > > 0xfff0fd1e: .long 0x247c9d > > > > > > > > last entry from out_asm: > > > > OUT: [size=256] > > > > 0x4157ae90: mov 0x100(%r14),%ebp > > > > 0x4157ae97: mov 0x4(%r14),%ebx > > > > 0x4157ae9b: lea -0x10(%rbx),%r12d > > > > 0x4157ae9f: mov %ebp,(%r14) > > > > 0x4157aea2: mov $0x20,%ebp > > > > 0x4157aea7: mov %ebp,0x260(%r14) > > > > 0x4157aeae: mov %r12d,%esi > > > > 0x4157aeb1: mov %r12d,%edi > > > > 0x4157aeb4: shr $0x7,%esi > > > > 0x4157aeb7: and $0xfffff003,%edi > > > > 0x4157aebd: and $0x1fe0,%esi > > > > 0x4157aec3: lea > > > 0x228c(%r14,%rsi,1),%rsi > > > > 0x4157aecb: cmp (%rsi),%edi > > > > 0x4157aecd: mov %r12d,%edi > > > > 0x4157aed0: jne 0x4157aede > > > > 0x4157aed2: add 0xc(%rsi),%rdi > > > > 0x4157aed6: mov %ebx,%esi > > > > 0x4157aed8: bswap %esi > > > > 0x4157aeda: mov %esi,(%rdi) > > > > 0x4157aedc: jmp 0x4157aeea > > > > 0x4157aede: mov %ebx,%esi > > > > 0x4157aee0: mov $0x1,%edx > > > > 0x4157aee5: callq 0x57f0f5 > > > > 0x4157aeea: lea 0x14(%r12),%ebp > > > > 0x4157aeef: mov (%r14),%ebx > > > > 0x4157aef2: mov %r12d,0x4(%r14) > > > > 0x4157aef6: mov %ebp,%esi > > > > 0x4157aef8: mov %ebp,%edi > > > > 0x4157aefa: shr $0x7,%esi > > > > 0x4157aefd: and $0xfffff003,%edi > > > > 0x4157af03: and $0x1fe0,%esi > > > > 0x4157af09: lea > > > 0x228c(%r14,%rsi,1),%rsi > > > > 0x4157af11: cmp (%rsi),%edi > > > > 0x4157af13: mov %ebp,%edi > > > > 0x4157af15: jne 0x4157af23 > > > > 0x4157af17: add 0xc(%rsi),%rdi > > > > 0x4157af1b: mov %ebx,%esi > > > > 0x4157af1d: bswap %esi > > > > 0x4157af1f: mov %esi,(%rdi) > > > > 0x4157af21: jmp 0x4157af2f > > > > 0x4157af23: mov %ebx,%esi > > > > 0x4157af25: mov $0x1,%edx > > > > 0x4157af2a: callq 0x57f0f5 > > > > 0x4157af2f: mov 0xc(%r14),%ebp > > > > 0x4157af33: lea 0x18(%rbp),%ebx > > > > 0x4157af36: mov %ebx,%esi > > > > 0x4157af38: mov %ebx,%edi > > > > 0x4157af3a: shr $0x7,%esi > > > > 0x4157af3d: and $0xfffff003,%edi > > > > 0x4157af43: and $0x1fe0,%esi > > > > 0x4157af49: lea > > > 0x2288(%r14,%rsi,1),%rsi > > > > 0x4157af51: cmp (%rsi),%edi > > > > 0x4157af53: mov %ebx,%edi > > > > 0x4157af55: jne 0x4157af61 > > > > 0x4157af57: add 0x10(%rsi),%rdi > > > > 0x4157af5b: mov (%rdi),%ebp > > > > 0x4157af5d: bswap %ebp > > > > 0x4157af5f: jmp 0x4157af6d > > > > 0x4157af61: mov $0x1,%esi > > > > 0x4157af66: callq 0x57ecde > > > > 0x4157af6b: mov %eax,%ebp > > > > 0x4157af6d: mov %ebp,0xc(%r14) > > > > 0x4157af71: mov $0xfff084ac,%ebp > > > > 0x4157af76: mov %ebp,0x25c(%r14) > > > > 0x4157af7d: mov $0xfff1156c,%ebp > > > > 0x4157af82: mov %ebp,0x100(%r14) > > > > 0x4157af89: xor %eax,%eax > > > > 0x4157af8b: jmpq 0x11babee > > > > > > > > Thank you, > > > > Ken > > > > > > > > > > -- > > > mailto:av1...@comtv.ru > > > > I am posting new debug info here to give the complete > picture: > > =========================================== > gdb > =========================================== > cpu_ppc_exec (env1=0x11e4a10) at > /home/kens/iso/aix/qemu/cpu-exec.c:446 > 446 > if > (env->pending_interrupts == 0) > 448 > next_tb > = 0; > 557 > if > (env->interrupt_request & CPU_INTERRUPT_EXITTB) { > 564 > if (unlikely(env->exit_request)) > { > 565 > env->exit_request > = 0; > 566 > > env->exception_index = EXCP_INTERRUPT; > 567 > cpu_loop_exit(); > cpu_loop_exit () at /home/kens/iso/aix/qemu/cpu-exec.c:59 > 59 { > 60 env->current_tb = > NULL; > 61 > longjmp(env->jmp_env, 1); > longjmp (env=0x11f3ce8, val=1) at > ../nptl/sysdeps/pthread/pt-longjmp.c:26 > 26 { > 27 __libc_longjmp (env, val); > __libc_siglongjmp (env=0x11f3ce8, val=1) at longjmp.c:30 > 30 { > 32 _longjmp_unwind (env, val); > _longjmp_unwind (env=0x11f3ce8, val=1) > at > ../nptl/sysdeps/unix/sysv/linux/jmp-unwind.c:32 > 32 if > (__libc_pthread_functions_init) > 33 PTHFCT_CALL > (ptr___pthread_cleanup_upto, (env->__jmpbuf, > __pthread_cleanup_upto (target=0x11f3ce8, > targetframe=0x7fffffffda68 > "\030_o\366\377\177") at pt-cleanup.c:27 > 27 { > 28 struct pthread *self = > THREAD_SELF; > 27 { > 34 uintptr_t adj = (uintptr_t) > self->stackblock + self->stackblock_size; > 37 for (cbuf = THREAD_GETMEM > (self, cleanup); > 61 THREAD_SETMEM (self, cleanup, > cbuf); > 62 } > __libc_siglongjmp (env=0x11f3ce8, val=1) at longjmp.c:34 > 34 if (env[0].__mask_was_saved) > 40 __longjmp (env[0].__jmpbuf, > val ?: 1); > __longjmp () at ../sysdeps/x86_64/__longjmp.S:29 > 29 movq > (JB_RSP*8)(%rdi),%r8 > 30 movq > (JB_RBP*8)(%rdi),%r9 > 31 movq > (JB_PC*8)(%rdi),%rdx > 33 > PTR_DEMANGLE (%r8) > 34 > PTR_DEMANGLE (%r9) > 35 > PTR_DEMANGLE (%rdx) > __longjmp () at ../sysdeps/x86_64/__longjmp.S:47 > 47 movq > (JB_RBX*8)(%rdi),%rbx > 48 movq > (JB_R12*8)(%rdi),%r12 > 49 movq > (JB_R13*8)(%rdi),%r13 > 50 movq > (JB_R14*8)(%rdi),%r14 > 51 movq > (JB_R15*8)(%rdi),%r15 > 53 mov > %esi, %eax > 54 movq > %r8,%rsp > 55 movq > %r9,%rbp > 56 jmpq > *%rdx > cpu_ppc_exec (env1=0x11e4a10) at > /home/kens/iso/aix/qemu/cpu-exec.c:659 > 659 } /* for(;;) */ > 285 if > (setjmp(env->jmp_env) == 0) { > > =========================================== > (qemu) info cpus > =========================================== > info cpus > * CPU #0: nip=0xfff0fcec thread_id=3237 > > =========================================== > (qemu) info registers > =========================================== > info registers > NIP fff0fcec LR fff0fcc4 CTR fff11558 XER > 20000000 > MSR 00003032 HID0 00000000 HF 00002000 idx 1 > TB 00000000 2180099446 DECR 2114867875 > GPR00 000000007fb9f0a0 000000007fcf7790 0000000000000000 > 000000007fba29b4 > GPR04 00000000fffb403c 0000000000044200 00000000fff02464 > 0000000000044200 > GPR08 0000000000000000 000000007fba29b4 000000000000000c > 0000000000000820 > GPR12 00000000000088ac 0000000000000000 00000000fff305f5 > 00000000fff30dac > GPR16 00000000fff2f14e 0000000004000000 00000000fffb36c4 > 00000000fffb3ec4 > GPR20 00000000000030ec 00000000fff2ef4a 00000000fff2ef38 > 00000000fff2eeb8 > GPR24 00000000fff2ef40 00000000fffb3628 0000000000044204 > 00000000fffffff8 > GPR28 0000000000000036 00000000fffb0000 00000000fffb0000 > 000000007fb9f0a8 > CR 48000084 [ G L - - - > - L G ] > RES ffffffff > FPR00 0000000000000000 0000000000000000 0000000000000000 > 0000000000000000 > FPR04 0000000000000000 0000000000000000 0000000000000000 > 0000000000000000 > FPR08 0000000000000000 0000000000000000 0000000000000000 > 0000000000000000 > FPR12 0000000000000000 0000000000000000 0000000000000000 > 0000000000000000 > FPR16 0000000000000000 0000000000000000 0000000000000000 > 0000000000000000 > FPR20 0000000000000000 0000000000000000 0000000000000000 > 0000000000000000 > FPR24 0000000000000000 0000000000000000 0000000000000000 > 0000000000000000 > FPR28 0000000000000000 0000000000000000 0000000000000000 > 0000000000000000 > FPSCR 00000000 > SRR0 000042c0 SRR1 00003032 SDR1 7fd00000 > > =========================================== > (qemu) x/20i $pc-4 > =========================================== > x/20i $pc-4 > 0xfff0fce8: beq- cr7,0xfff0fcfc > 0xfff0fcec: lwz r10,4(r9) > 0xfff0fcf0: lwz r11,-4(r31) > 0xfff0fcf4: cmplw cr7,r10,r11 > 0xfff0fcf8: blt+ cr7,0xfff0fcdc > 0xfff0fcfc: stw r9,-8(r31) > 0xfff0fd00: stw r0,0(r3) > 0xfff0fd04: addi r11,r1,16 > 0xfff0fd08: b > 0xfff25e80 > 0xfff0fd0c: stwu r1,-32(r1) > 0xfff0fd10: mflr r0 > 0xfff0fd14: stmw r29,20(r1) > 0xfff0fd18: mr. r30,r3 > 0xfff0fd1c: stw r0,36(r1) > 0xfff0fd20: mr r29,r4 > 0xfff0fd24: bne+ 0xfff0fd38 > 0xfff0fd28: mr r3,r4 > 0xfff0fd2c: bl 0xfff0848c > 0xfff0fd30: mr r31,r3 > 0xfff0fd34: b > 0xfff0fd84 > > =========================================== > last entries from in_asm,op,op_opt,out_asm: > =========================================== > IN: > 0xfff11558: mflr r0 > 0xfff1155c: stwu r1,-16(r1) > 0xfff11560: stw r0,20(r1) > 0xfff11564: lwz r3,24(r3) > 0xfff11568: bl 0xfff084ac > > OP: > ---- 0xfff11558 > mov_i32 r0,lr > > ---- 0xfff1155c > movi_i32 access_type,$0x20 > movi_i32 tmp1,$0xfffffff0 > add_i32 tmp0,r1,tmp1 > qemu_st32 r1,tmp0,$0x1 > mov_i32 r1,tmp0 > > ---- 0xfff11560 > movi_i32 tmp1,$0x14 > add_i32 tmp0,r1,tmp1 > qemu_st32 r0,tmp0,$0x1 > > ---- 0xfff11564 > movi_i32 tmp1,$0x18 > add_i32 tmp0,r3,tmp1 > qemu_ld32 r3,tmp0,$0x1 > > ---- 0xfff11568 > movi_i32 lr,$0xfff1156c > movi_i32 nip,$0xfff084ac > exit_tb $0x0 > > OP after liveness analysis: > ---- 0xfff11558 > mov_i32 r0,lr > > ---- 0xfff1155c > movi_i32 access_type,$0x20 > movi_i32 tmp1,$0xfffffff0 > add_i32 tmp0,r1,tmp1 > qemu_st32 r1,tmp0,$0x1 > mov_i32 r1,tmp0 > > ---- 0xfff11560 > movi_i32 tmp1,$0x14 > add_i32 tmp0,r1,tmp1 > qemu_st32 r0,tmp0,$0x1 > > ---- 0xfff11564 > movi_i32 tmp1,$0x18 > add_i32 tmp0,r3,tmp1 > qemu_ld32 r3,tmp0,$0x1 > > ---- 0xfff11568 > movi_i32 lr,$0xfff1156c > movi_i32 nip,$0xfff084ac > exit_tb $0x0 > end > > OUT: [size=256] > 0x400e7b60: mov 0x100(%r14),%ebp > 0x400e7b67: mov 0x4(%r14),%ebx > 0x400e7b6b: lea -0x10(%rbx),%r12d > 0x400e7b6f: mov %ebp,(%r14) > 0x400e7b72: mov $0x20,%ebp > 0x400e7b77: mov %ebp,0x260(%r14) > 0x400e7b7e: mov %r12d,%esi > 0x400e7b81: mov %r12d,%edi > 0x400e7b84: shr $0x7,%esi > 0x400e7b87: and $0xfffff003,%edi > 0x400e7b8d: and $0x1fe0,%esi > 0x400e7b93: lea > 0x228c(%r14,%rsi,1),%rsi > 0x400e7b9b: cmp (%rsi),%edi > 0x400e7b9d: mov %r12d,%edi > 0x400e7ba0: jne 0x400e7bae > 0x400e7ba2: add 0xc(%rsi),%rdi > 0x400e7ba6: mov %ebx,%esi > 0x400e7ba8: bswap %esi > 0x400e7baa: mov %esi,(%rdi) > 0x400e7bac: jmp 0x400e7bba > 0x400e7bae: mov %ebx,%esi > 0x400e7bb0: mov $0x1,%edx > 0x400e7bb5: callq 0x57f0f5 > 0x400e7bba: lea 0x14(%r12),%ebp > 0x400e7bbf: mov (%r14),%ebx > 0x400e7bc2: mov %r12d,0x4(%r14) > 0x400e7bc6: mov %ebp,%esi > 0x400e7bc8: mov %ebp,%edi > 0x400e7bca: shr $0x7,%esi > 0x400e7bcd: and $0xfffff003,%edi > 0x400e7bd3: and $0x1fe0,%esi > 0x400e7bd9: lea > 0x228c(%r14,%rsi,1),%rsi > 0x400e7be1: cmp (%rsi),%edi > 0x400e7be3: mov %ebp,%edi > 0x400e7be5: jne 0x400e7bf3 > 0x400e7be7: add 0xc(%rsi),%rdi > 0x400e7beb: mov %ebx,%esi > 0x400e7bed: bswap %esi > 0x400e7bef: mov %esi,(%rdi) > 0x400e7bf1: jmp 0x400e7bff > 0x400e7bf3: mov %ebx,%esi > 0x400e7bf5: mov $0x1,%edx > 0x400e7bfa: callq 0x57f0f5 > 0x400e7bff: mov 0xc(%r14),%ebp > 0x400e7c03: lea 0x18(%rbp),%ebx > 0x400e7c06: mov %ebx,%esi > 0x400e7c08: mov %ebx,%edi > 0x400e7c0a: shr $0x7,%esi > 0x400e7c0d: and $0xfffff003,%edi > 0x400e7c13: and $0x1fe0,%esi > 0x400e7c19: lea > 0x2288(%r14,%rsi,1),%rsi > 0x400e7c21: cmp (%rsi),%edi > 0x400e7c23: mov %ebx,%edi > 0x400e7c25: jne 0x400e7c31 > 0x400e7c27: add 0x10(%rsi),%rdi > 0x400e7c2b: mov (%rdi),%ebp > 0x400e7c2d: bswap %ebp > 0x400e7c2f: jmp 0x400e7c3d > 0x400e7c31: mov $0x1,%esi > 0x400e7c36: callq 0x57ecde > 0x400e7c3b: mov %eax,%ebp > 0x400e7c3d: mov %ebp,0xc(%r14) > 0x400e7c41: mov $0xfff084ac,%ebp > 0x400e7c46: mov %ebp,0x25c(%r14) > 0x400e7c4d: mov $0xfff1156c,%ebp > 0x400e7c52: mov %ebp,0x100(%r14) > 0x400e7c59: xor %eax,%eax > 0x400e7c5b: jmpq 0x11c0a4e > > Again, if there are any suggestions how I can continue to > debug this situatation where execution stops after starting > to read bootfile.exe, I would appreciate it. I am willing to > run any test or generate any output anyone suggests to get a > better idea of where and why it is hung up. > > Thank you, > Ken > --- On Mon, 04 Apr 2011 08:59:37 -0400, Brian Wheeler wrote: > Out of curiosity, what command line did you use for this? ./qemu/ppc-softmmu/qemu-system-ppc \ -net none \ -m 2047 \ -nographic \ -bios ./qemu/pc-bios/openbios-ppc \ -hda aix.img \ -cdrom ibmvios.iso \ -boot d \ -rtc base=localtime,clock=host \ -uuid xx... -monitor tcp:127.0.0.1:9979,server,nowait \ -serial tcp:127.0.0.1:9980,server,nowait \ -d in_asm,out_asm,op,op_opt
