[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] Help Debugging AIX boot on qemu-system-ppc (it reads bo
|
From: |
Kenneth Salerno |
|
Subject: |
Re: [Qemu-devel] Help Debugging AIX boot on qemu-system-ppc (it reads bootfile.exe now) |
|
Date: |
Sun, 3 Apr 2011 15:52:34 -0700 (PDT) |
--- On Sun, 4/3/11, Kenneth Salerno <address@hidden> wrote:
> From: Kenneth Salerno <address@hidden>
> Subject: Re: [Qemu-devel] Help Debugging AIX boot on qemu-system-ppc (it
> reads bootfile.exe now)
> To: "malc" <address@hidden>
> Cc: address@hidden
> Date: Sunday, April 3, 2011, 11:29 AM
> --- On Sun, 4/3/11, malc <address@hidden>
> wrote:
>
> > From: malc <address@hidden>
> > Subject: Re: [Qemu-devel] Help Debugging AIX boot on
> qemu-system-ppc (it reads bootfile.exe now)
> > To: "Kenneth Salerno" <address@hidden>
> > Cc: address@hidden
> > Date: Sunday, April 3, 2011, 12:13 AM
> > On Sat, 2 Apr 2011, Kenneth Salerno
> > wrote:
> >
> > > Hi,
> > >
> > > I have been using QEMU for a few years and
> > periodically tested AIX V6.1 with qemu-system-ppc and
> read
> > the various threads in the mailing list knowing not
> to
> > expect it to work just yet. However, with OpenBIOS
> v1.0 I
> > was surprised to find how far it gets now. Please see
> below
> > and I would appreciate any advice on how to debug
> further:
> > >
> > > >>
> >
> =============================================================
> > > >> OpenBIOS 1.0 [Jan 30 2011 08:46]
> > > >> Configuration device id QEMU version 1
> > machine id 2
> > > >> CPUs: 1
> > > >> Memory: 2047M
> > > >> UUID:
> 17202d0a-45f8-4159-a8e1-78b866f50aa7
> > > >> CPU type PowerPC,750
> > > Welcome to OpenBIOS v1.0 built on Jan 30 2011
> 08:46
> > > Trying cd:,\\:tbxi...
> > > Trying cd:,\ppc\bootinfo.txt...
> > >
> > >
> > >
> > >
> >
> -------------------------------------------------------------------------------
> > >
> > Welcome to AIX.
> > > boot image
> > timestamp: 00:39 35/2D
> > > The current time and
> date:
> > 23:00:50 04/02/2011
> > > processor count: 1; memory size:
> > 2047MB; kernel size: 2293829
> > > boot device:
> > cd:\ppc\chrp\bootfile.exe
> > >
> > > qemu>
> > > info cpus
> > > * CPU #0: nip=0xfff0fcdc thread_id=2527
> > >
> > > info registers
> > > NIP fff0fcec LR fff0fcc4 CTR fff11558 XER
> > 20000000
> > > MSR 00003032 HID0 00000000 HF 00002000 idx 1
> > > TB 00000000 1542797983 DECR 2752169338
> > > GPR00 000000007fb9f0d0 000000007fcf7790
> > 0000000000000000 000000007fba29e4
> > > GPR04 00000000fffb403c 0000000000044200
> > 00000000fff02464 0000000000044200
> > > GPR08 0000000000000000 000000007fba29e4
> > 000000000000000c 0000000000000820
> > > GPR12 00000000000088ac 0000000000000000
> > 00000000fff305f5 00000000fff30dac
> > > GPR16 00000000fff2f14e 0000000004000000
> > 00000000fffb36c4 00000000fffb3ec4
> > > GPR20 00000000000030ec 00000000fff2ef4a
> > 00000000fff2ef38 00000000fff2eeb8
> > > GPR24 00000000fff2ef40 00000000fffb3628
> > 0000000000044204 00000000fffffff8
> > > GPR28 0000000000000036 00000000fffb0000
> > 00000000fffb0000 000000007fb9f0d8
> > > CR 48000084 [ G L - - - - L G
> ]
> > RES ffffffff
> > > FPR00 0000000000000000 0000000000000000
> > 0000000000000000 0000000000000000
> > > FPR04 0000000000000000 0000000000000000
> > 0000000000000000 0000000000000000
> > > FPR08 0000000000000000 0000000000000000
> > 0000000000000000 0000000000000000
> > > FPR12 0000000000000000 0000000000000000
> > 0000000000000000 0000000000000000
> > > FPR16 0000000000000000 0000000000000000
> > 0000000000000000 0000000000000000
> > > FPR20 0000000000000000 0000000000000000
> > 0000000000000000 0000000000000000
> > > FPR24 0000000000000000 0000000000000000
> > 0000000000000000 0000000000000000
> > > FPR28 0000000000000000 0000000000000000
> > 0000000000000000 0000000000000000
> > > FPSCR 00000000
> > > SRR0 000042c0 SRR1 00003032 SDR1 7fd00000
> > >
> > > x/20i $pc-10
> >
> > Unless i'm missing something, what follows does not
> make
> > any
> > sense (and for a good reason: 10 is not multiple of 4
> > (opcode size on
> > ppc))
>
> (qemu) x/20i $pc-4
> x/20i $pc-4
> 0xfff0fcd8: b
> 0xfff0fce0
> 0xfff0fcdc: mr r3,r9
> 0xfff0fce0: lwz r9,0(r3)
> 0xfff0fce4: cmpwi cr7,r9,0
> 0xfff0fce8: beq- cr7,0xfff0fcfc
> 0xfff0fcec: lwz r10,4(r9)
> 0xfff0fcf0: lwz r11,-4(r31)
> 0xfff0fcf4: cmplw cr7,r10,r11
> 0xfff0fcf8: blt+ cr7,0xfff0fcdc
> 0xfff0fcfc: stw r9,-8(r31)
> 0xfff0fd00: stw r0,0(r3)
> 0xfff0fd04: addi r11,r1,16
> 0xfff0fd08: b
> 0xfff25e80
> 0xfff0fd0c: stwu r1,-32(r1)
> 0xfff0fd10: mflr r0
> 0xfff0fd14: stmw r29,20(r1)
> 0xfff0fd18: mr. r30,r3
> 0xfff0fd1c: stw r0,36(r1)
> 0xfff0fd20: mr r29,r4
> 0xfff0fd24: bne+ 0xfff0fd38
>
> (qemu) info registers
> info registers
> NIP fff0fcec LR fff0fcc4 CTR fff11558 XER
> 20000000
> MSR 00003032 HID0 00000000 HF 00002000 idx 1
> TB 00000000 2208586352 DECR 2086380980
> GPR00 000000007fb9f0a0 000000007fcf7790 0000000000000000
> 000000007fba29b4
> GPR04 00000000fffb403c 0000000000044200 00000000fff02464
> 0000000000044200
> GPR08 0000000000000000 000000007fba29b4 000000000000000c
> 0000000000000820
> GPR12 00000000000088ac 0000000000000000 00000000fff305f5
> 00000000fff30dac
> GPR16 00000000fff2f14e 0000000004000000 00000000fffb36c4
> 00000000fffb3ec4
> GPR20 00000000000030ec 00000000fff2ef4a 00000000fff2ef38
> 00000000fff2eeb8
> GPR24 00000000fff2ef40 00000000fffb3628 0000000000044204
> 00000000fffffff8
> GPR28 0000000000000036 00000000fffb0000 00000000fffb0000
> 000000007fb9f0a8
> CR 48000084 [ G L - - -
> - L G ]
> RES ffffffff
> FPR00 0000000000000000 0000000000000000 0000000000000000
> 0000000000000000
> FPR04 0000000000000000 0000000000000000 0000000000000000
> 0000000000000000
> FPR08 0000000000000000 0000000000000000 0000000000000000
> 0000000000000000
> FPR12 0000000000000000 0000000000000000 0000000000000000
> 0000000000000000
> FPR16 0000000000000000 0000000000000000 0000000000000000
> 0000000000000000
> FPR20 0000000000000000 0000000000000000 0000000000000000
> 0000000000000000
> FPR24 0000000000000000 0000000000000000 0000000000000000
> 0000000000000000
> FPR28 0000000000000000 0000000000000000 0000000000000000
> 0000000000000000
> FPSCR 00000000
> SRR0 000042c0 SRR1 00003032 SDR1 7fd00000
>
> OUT: [size=256]
> 0x40576b60: mov 0x100(%r14),%ebp
> 0x40576b67: mov 0x4(%r14),%ebx
> 0x40576b6b: lea -0x10(%rbx),%r12d
> 0x40576b6f: mov %ebp,(%r14)
> 0x40576b72: mov $0x20,%ebp
> 0x40576b77: mov %ebp,0x260(%r14)
> 0x40576b7e: mov %r12d,%esi
> 0x40576b81: mov %r12d,%edi
> 0x40576b84: shr $0x7,%esi
> 0x40576b87: and $0xfffff003,%edi
> 0x40576b8d: and $0x1fe0,%esi
> 0x40576b93: lea
> 0x228c(%r14,%rsi,1),%rsi
> 0x40576b9b: cmp (%rsi),%edi
> 0x40576b9d: mov %r12d,%edi
> 0x40576ba0: jne 0x40576bae
> 0x40576ba2: add 0xc(%rsi),%rdi
> 0x40576ba6: mov %ebx,%esi
> 0x40576ba8: bswap %esi
> 0x40576baa: mov %esi,(%rdi)
> 0x40576bac: jmp 0x40576bba
> 0x40576bae: mov %ebx,%esi
> 0x40576bb0: mov $0x1,%edx
> 0x40576bb5: callq 0x57f0f5
> 0x40576bba: lea 0x14(%r12),%ebp
> 0x40576bbf: mov (%r14),%ebx
> 0x40576bc2: mov %r12d,0x4(%r14)
> 0x40576bc6: mov %ebp,%esi
> 0x40576bc8: mov %ebp,%edi
> 0x40576bca: shr $0x7,%esi
> 0x40576bcd: and $0xfffff003,%edi
> 0x40576bd3: and $0x1fe0,%esi
> 0x40576bd9: lea
> 0x228c(%r14,%rsi,1),%rsi
> 0x40576be1: cmp (%rsi),%edi
> 0x40576be3: mov %ebp,%edi
> 0x40576be5: jne 0x40576bf3
> 0x40576be7: add 0xc(%rsi),%rdi
> 0x40576beb: mov %ebx,%esi
> 0x40576bed: bswap %esi
> 0x40576bef: mov %esi,(%rdi)
> 0x40576bf1: jmp 0x40576bff
> 0x40576bf3: mov %ebx,%esi
> 0x40576bf5: mov $0x1,%edx
> 0x40576bfa: callq 0x57f0f5
> 0x40576bff: mov 0xc(%r14),%ebp
> 0x40576c03: lea 0x18(%rbp),%ebx
> 0x40576c06: mov %ebx,%esi
> 0x40576c08: mov %ebx,%edi
> 0x40576c0a: shr $0x7,%esi
> 0x40576c0d: and $0xfffff003,%edi
> 0x40576c13: and $0x1fe0,%esi
> 0x40576c19: lea
> 0x2288(%r14,%rsi,1),%rsi
> 0x40576c21: cmp (%rsi),%edi
> 0x40576c23: mov %ebx,%edi
> 0x40576c25: jne 0x40576c31
> 0x40576c27: add 0x10(%rsi),%rdi
> 0x40576c2b: mov (%rdi),%ebp
> 0x40576c2d: bswap %ebp
> 0x40576c2f: jmp 0x40576c3d
> 0x40576c31: mov $0x1,%esi
> 0x40576c36: callq 0x57ecde
> 0x40576c3b: mov %eax,%ebp
> 0x40576c3d: mov %ebp,0xc(%r14)
> 0x40576c41: mov $0xfff084ac,%ebp
> 0x40576c46: mov %ebp,0x25c(%r14)
> 0x40576c4d: mov $0xfff1156c,%ebp
> 0x40576c52: mov %ebp,0x100(%r14)
> 0x40576c59: xor %eax,%eax
> 0x40576c5b: jmpq 0x11c0a4e
>
> >
> > > 0xfff0fcd2: fnmadd. f31,f24,f4,f18
> > > 0xfff0fcd6: .long 0xfff84800
> > > 0xfff0fcda: .long 0x87d23
> > > 0xfff0fcde: bla 0xff788120
> > > 0xfff0fce2: .long 0x2f89
> > > 0xfff0fce6: .long 0x419e
> > > 0xfff0fcea: .long 0x148149
> > > 0xfff0fcee: .long 0x4817f
> > > 0xfff0fcf2: .long 0xfffc7f8a
> > > 0xfff0fcf6: rlmi r0,r2,r8,6,14
> > > 0xfff0fcfa: fnmadd. f31,f4,f4,f18
> > > 0xfff0fcfe: .long 0xfff89003
> > > 0xfff0fd02: .long 0x3961
> > > 0xfff0fd06: .long 0x104801
> > > 0xfff0fd0a: ori r24,r11,37921
> > > 0xfff0fd0e: .long 0xffe07c08
> > > 0xfff0fd12: .long 0x2a6bfa1
> > > 0xfff0fd16: .long 0x147c7e
> > > 0xfff0fd1a: .long 0x1b799001
> > > 0xfff0fd1e: .long 0x247c9d
> > >
> > > last entry from out_asm:
> > > OUT: [size=256]
> > > 0x4157ae90: mov 0x100(%r14),%ebp
> > > 0x4157ae97: mov 0x4(%r14),%ebx
> > > 0x4157ae9b: lea -0x10(%rbx),%r12d
> > > 0x4157ae9f: mov %ebp,(%r14)
> > > 0x4157aea2: mov $0x20,%ebp
> > > 0x4157aea7: mov %ebp,0x260(%r14)
> > > 0x4157aeae: mov %r12d,%esi
> > > 0x4157aeb1: mov %r12d,%edi
> > > 0x4157aeb4: shr $0x7,%esi
> > > 0x4157aeb7: and $0xfffff003,%edi
> > > 0x4157aebd: and $0x1fe0,%esi
> > > 0x4157aec3: lea
> > 0x228c(%r14,%rsi,1),%rsi
> > > 0x4157aecb: cmp (%rsi),%edi
> > > 0x4157aecd: mov %r12d,%edi
> > > 0x4157aed0: jne 0x4157aede
> > > 0x4157aed2: add 0xc(%rsi),%rdi
> > > 0x4157aed6: mov %ebx,%esi
> > > 0x4157aed8: bswap %esi
> > > 0x4157aeda: mov %esi,(%rdi)
> > > 0x4157aedc: jmp 0x4157aeea
> > > 0x4157aede: mov %ebx,%esi
> > > 0x4157aee0: mov $0x1,%edx
> > > 0x4157aee5: callq 0x57f0f5
> > > 0x4157aeea: lea 0x14(%r12),%ebp
> > > 0x4157aeef: mov (%r14),%ebx
> > > 0x4157aef2: mov %r12d,0x4(%r14)
> > > 0x4157aef6: mov %ebp,%esi
> > > 0x4157aef8: mov %ebp,%edi
> > > 0x4157aefa: shr $0x7,%esi
> > > 0x4157aefd: and $0xfffff003,%edi
> > > 0x4157af03: and $0x1fe0,%esi
> > > 0x4157af09: lea
> > 0x228c(%r14,%rsi,1),%rsi
> > > 0x4157af11: cmp (%rsi),%edi
> > > 0x4157af13: mov %ebp,%edi
> > > 0x4157af15: jne 0x4157af23
> > > 0x4157af17: add 0xc(%rsi),%rdi
> > > 0x4157af1b: mov %ebx,%esi
> > > 0x4157af1d: bswap %esi
> > > 0x4157af1f: mov %esi,(%rdi)
> > > 0x4157af21: jmp 0x4157af2f
> > > 0x4157af23: mov %ebx,%esi
> > > 0x4157af25: mov $0x1,%edx
> > > 0x4157af2a: callq 0x57f0f5
> > > 0x4157af2f: mov 0xc(%r14),%ebp
> > > 0x4157af33: lea 0x18(%rbp),%ebx
> > > 0x4157af36: mov %ebx,%esi
> > > 0x4157af38: mov %ebx,%edi
> > > 0x4157af3a: shr $0x7,%esi
> > > 0x4157af3d: and $0xfffff003,%edi
> > > 0x4157af43: and $0x1fe0,%esi
> > > 0x4157af49: lea
> > 0x2288(%r14,%rsi,1),%rsi
> > > 0x4157af51: cmp (%rsi),%edi
> > > 0x4157af53: mov %ebx,%edi
> > > 0x4157af55: jne 0x4157af61
> > > 0x4157af57: add 0x10(%rsi),%rdi
> > > 0x4157af5b: mov (%rdi),%ebp
> > > 0x4157af5d: bswap %ebp
> > > 0x4157af5f: jmp 0x4157af6d
> > > 0x4157af61: mov $0x1,%esi
> > > 0x4157af66: callq 0x57ecde
> > > 0x4157af6b: mov %eax,%ebp
> > > 0x4157af6d: mov %ebp,0xc(%r14)
> > > 0x4157af71: mov $0xfff084ac,%ebp
> > > 0x4157af76: mov %ebp,0x25c(%r14)
> > > 0x4157af7d: mov $0xfff1156c,%ebp
> > > 0x4157af82: mov %ebp,0x100(%r14)
> > > 0x4157af89: xor %eax,%eax
> > > 0x4157af8b: jmpq 0x11babee
> > >
> > > Thank you,
> > > Ken
> > >
> >
> > --
> > mailto:address@hidden
>
I am posting new debug info here to give the complete picture:
===========================================
gdb
===========================================
cpu_ppc_exec (env1=0x11e4a10) at /home/kens/iso/aix/qemu/cpu-exec.c:446
446 if (env->pending_interrupts == 0)
448 next_tb = 0;
557 if (env->interrupt_request & CPU_INTERRUPT_EXITTB) {
564 if (unlikely(env->exit_request)) {
565 env->exit_request = 0;
566 env->exception_index = EXCP_INTERRUPT;
567 cpu_loop_exit();
cpu_loop_exit () at /home/kens/iso/aix/qemu/cpu-exec.c:59
59 {
60 env->current_tb = NULL;
61 longjmp(env->jmp_env, 1);
longjmp (env=0x11f3ce8, val=1) at ../nptl/sysdeps/pthread/pt-longjmp.c:26
26 {
27 __libc_longjmp (env, val);
__libc_siglongjmp (env=0x11f3ce8, val=1) at longjmp.c:30
30 {
32 _longjmp_unwind (env, val);
_longjmp_unwind (env=0x11f3ce8, val=1)
at ../nptl/sysdeps/unix/sysv/linux/jmp-unwind.c:32
32 if (__libc_pthread_functions_init)
33 PTHFCT_CALL (ptr___pthread_cleanup_upto, (env->__jmpbuf,
__pthread_cleanup_upto (target=0x11f3ce8,
targetframe=0x7fffffffda68 "\030_o\366\377\177") at pt-cleanup.c:27
27 {
28 struct pthread *self = THREAD_SELF;
27 {
34 uintptr_t adj = (uintptr_t) self->stackblock + self->stackblock_size;
37 for (cbuf = THREAD_GETMEM (self, cleanup);
61 THREAD_SETMEM (self, cleanup, cbuf);
62 }
__libc_siglongjmp (env=0x11f3ce8, val=1) at longjmp.c:34
34 if (env[0].__mask_was_saved)
40 __longjmp (env[0].__jmpbuf, val ?: 1);
__longjmp () at ../sysdeps/x86_64/__longjmp.S:29
29 movq (JB_RSP*8)(%rdi),%r8
30 movq (JB_RBP*8)(%rdi),%r9
31 movq (JB_PC*8)(%rdi),%rdx
33 PTR_DEMANGLE (%r8)
34 PTR_DEMANGLE (%r9)
35 PTR_DEMANGLE (%rdx)
__longjmp () at ../sysdeps/x86_64/__longjmp.S:47
47 movq (JB_RBX*8)(%rdi),%rbx
48 movq (JB_R12*8)(%rdi),%r12
49 movq (JB_R13*8)(%rdi),%r13
50 movq (JB_R14*8)(%rdi),%r14
51 movq (JB_R15*8)(%rdi),%r15
53 mov %esi, %eax
54 movq %r8,%rsp
55 movq %r9,%rbp
56 jmpq *%rdx
cpu_ppc_exec (env1=0x11e4a10) at /home/kens/iso/aix/qemu/cpu-exec.c:659
659 } /* for(;;) */
285 if (setjmp(env->jmp_env) == 0) {
===========================================
(qemu) info cpus
===========================================
info cpus
* CPU #0: nip=0xfff0fcec thread_id=3237
===========================================
(qemu) info registers
===========================================
info registers
NIP fff0fcec LR fff0fcc4 CTR fff11558 XER 20000000
MSR 00003032 HID0 00000000 HF 00002000 idx 1
TB 00000000 2180099446 DECR 2114867875
GPR00 000000007fb9f0a0 000000007fcf7790 0000000000000000 000000007fba29b4
GPR04 00000000fffb403c 0000000000044200 00000000fff02464 0000000000044200
GPR08 0000000000000000 000000007fba29b4 000000000000000c 0000000000000820
GPR12 00000000000088ac 0000000000000000 00000000fff305f5 00000000fff30dac
GPR16 00000000fff2f14e 0000000004000000 00000000fffb36c4 00000000fffb3ec4
GPR20 00000000000030ec 00000000fff2ef4a 00000000fff2ef38 00000000fff2eeb8
GPR24 00000000fff2ef40 00000000fffb3628 0000000000044204 00000000fffffff8
GPR28 0000000000000036 00000000fffb0000 00000000fffb0000 000000007fb9f0a8
CR 48000084 [ G L - - - - L G ] RES ffffffff
FPR00 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR04 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR08 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR12 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR16 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR20 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR24 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR28 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPSCR 00000000
SRR0 000042c0 SRR1 00003032 SDR1 7fd00000
===========================================
(qemu) x/20i $pc-4
===========================================
x/20i $pc-4
0xfff0fce8: beq- cr7,0xfff0fcfc
0xfff0fcec: lwz r10,4(r9)
0xfff0fcf0: lwz r11,-4(r31)
0xfff0fcf4: cmplw cr7,r10,r11
0xfff0fcf8: blt+ cr7,0xfff0fcdc
0xfff0fcfc: stw r9,-8(r31)
0xfff0fd00: stw r0,0(r3)
0xfff0fd04: addi r11,r1,16
0xfff0fd08: b 0xfff25e80
0xfff0fd0c: stwu r1,-32(r1)
0xfff0fd10: mflr r0
0xfff0fd14: stmw r29,20(r1)
0xfff0fd18: mr. r30,r3
0xfff0fd1c: stw r0,36(r1)
0xfff0fd20: mr r29,r4
0xfff0fd24: bne+ 0xfff0fd38
0xfff0fd28: mr r3,r4
0xfff0fd2c: bl 0xfff0848c
0xfff0fd30: mr r31,r3
0xfff0fd34: b 0xfff0fd84
===========================================
last entries from in_asm,op,op_opt,out_asm:
===========================================
IN:
0xfff11558: mflr r0
0xfff1155c: stwu r1,-16(r1)
0xfff11560: stw r0,20(r1)
0xfff11564: lwz r3,24(r3)
0xfff11568: bl 0xfff084ac
OP:
---- 0xfff11558
mov_i32 r0,lr
---- 0xfff1155c
movi_i32 access_type,$0x20
movi_i32 tmp1,$0xfffffff0
add_i32 tmp0,r1,tmp1
qemu_st32 r1,tmp0,$0x1
mov_i32 r1,tmp0
---- 0xfff11560
movi_i32 tmp1,$0x14
add_i32 tmp0,r1,tmp1
qemu_st32 r0,tmp0,$0x1
---- 0xfff11564
movi_i32 tmp1,$0x18
add_i32 tmp0,r3,tmp1
qemu_ld32 r3,tmp0,$0x1
---- 0xfff11568
movi_i32 lr,$0xfff1156c
movi_i32 nip,$0xfff084ac
exit_tb $0x0
OP after liveness analysis:
---- 0xfff11558
mov_i32 r0,lr
---- 0xfff1155c
movi_i32 access_type,$0x20
movi_i32 tmp1,$0xfffffff0
add_i32 tmp0,r1,tmp1
qemu_st32 r1,tmp0,$0x1
mov_i32 r1,tmp0
---- 0xfff11560
movi_i32 tmp1,$0x14
add_i32 tmp0,r1,tmp1
qemu_st32 r0,tmp0,$0x1
---- 0xfff11564
movi_i32 tmp1,$0x18
add_i32 tmp0,r3,tmp1
qemu_ld32 r3,tmp0,$0x1
---- 0xfff11568
movi_i32 lr,$0xfff1156c
movi_i32 nip,$0xfff084ac
exit_tb $0x0
end
OUT: [size=256]
0x400e7b60: mov 0x100(%r14),%ebp
0x400e7b67: mov 0x4(%r14),%ebx
0x400e7b6b: lea -0x10(%rbx),%r12d
0x400e7b6f: mov %ebp,(%r14)
0x400e7b72: mov $0x20,%ebp
0x400e7b77: mov %ebp,0x260(%r14)
0x400e7b7e: mov %r12d,%esi
0x400e7b81: mov %r12d,%edi
0x400e7b84: shr $0x7,%esi
0x400e7b87: and $0xfffff003,%edi
0x400e7b8d: and $0x1fe0,%esi
0x400e7b93: lea 0x228c(%r14,%rsi,1),%rsi
0x400e7b9b: cmp (%rsi),%edi
0x400e7b9d: mov %r12d,%edi
0x400e7ba0: jne 0x400e7bae
0x400e7ba2: add 0xc(%rsi),%rdi
0x400e7ba6: mov %ebx,%esi
0x400e7ba8: bswap %esi
0x400e7baa: mov %esi,(%rdi)
0x400e7bac: jmp 0x400e7bba
0x400e7bae: mov %ebx,%esi
0x400e7bb0: mov $0x1,%edx
0x400e7bb5: callq 0x57f0f5
0x400e7bba: lea 0x14(%r12),%ebp
0x400e7bbf: mov (%r14),%ebx
0x400e7bc2: mov %r12d,0x4(%r14)
0x400e7bc6: mov %ebp,%esi
0x400e7bc8: mov %ebp,%edi
0x400e7bca: shr $0x7,%esi
0x400e7bcd: and $0xfffff003,%edi
0x400e7bd3: and $0x1fe0,%esi
0x400e7bd9: lea 0x228c(%r14,%rsi,1),%rsi
0x400e7be1: cmp (%rsi),%edi
0x400e7be3: mov %ebp,%edi
0x400e7be5: jne 0x400e7bf3
0x400e7be7: add 0xc(%rsi),%rdi
0x400e7beb: mov %ebx,%esi
0x400e7bed: bswap %esi
0x400e7bef: mov %esi,(%rdi)
0x400e7bf1: jmp 0x400e7bff
0x400e7bf3: mov %ebx,%esi
0x400e7bf5: mov $0x1,%edx
0x400e7bfa: callq 0x57f0f5
0x400e7bff: mov 0xc(%r14),%ebp
0x400e7c03: lea 0x18(%rbp),%ebx
0x400e7c06: mov %ebx,%esi
0x400e7c08: mov %ebx,%edi
0x400e7c0a: shr $0x7,%esi
0x400e7c0d: and $0xfffff003,%edi
0x400e7c13: and $0x1fe0,%esi
0x400e7c19: lea 0x2288(%r14,%rsi,1),%rsi
0x400e7c21: cmp (%rsi),%edi
0x400e7c23: mov %ebx,%edi
0x400e7c25: jne 0x400e7c31
0x400e7c27: add 0x10(%rsi),%rdi
0x400e7c2b: mov (%rdi),%ebp
0x400e7c2d: bswap %ebp
0x400e7c2f: jmp 0x400e7c3d
0x400e7c31: mov $0x1,%esi
0x400e7c36: callq 0x57ecde
0x400e7c3b: mov %eax,%ebp
0x400e7c3d: mov %ebp,0xc(%r14)
0x400e7c41: mov $0xfff084ac,%ebp
0x400e7c46: mov %ebp,0x25c(%r14)
0x400e7c4d: mov $0xfff1156c,%ebp
0x400e7c52: mov %ebp,0x100(%r14)
0x400e7c59: xor %eax,%eax
0x400e7c5b: jmpq 0x11c0a4e
Again, if there are any suggestions how I can continue to debug this
situatation where execution stops after starting to read bootfile.exe, I would
appreciate it. I am willing to run any test or generate any output anyone
suggests to get a better idea of where and why it is hung up.
Thank you,
Ken