I'm trying to solve the last bigger outstanding problem for MorphOS to run with OpenBIOS. This is that it modifies exception vectors without first turning the MMU off (probably expecting it to be off as happens on real hardware). OpenBIOS on the other hand turns the MMU on and needs this for client interface calls to work so calling the client boot code with MMU off results in a hang. There is disabled code in the quiesce method to clear the MMU bits but this is not sufficient/correct because MorphOS continues to call client interface callbacks after calling quiesce. Thus I was trying to save MSR, turn MMU on then restore MSR on client callbacks with the patch below but it does not work and leads to writes to wrong addresses and a crash on restore. (Probably the stack location is wrong after the patch?) Can anyone tell why it's not working and what could be done instead?
Regards, BALATON Zoltan
diff --git a/openbios-devel/arch/ppc/qemu/start.S b/openbios-devel/arch/ppc/qemu index ae2fd53..384a8a6 100644 --- a/openbios-devel/arch/ppc/qemu/start.S +++ b/openbios-devel/arch/ppc/qemu/start.S @@ -515,13 +515,13 @@ _GLOBAL(call_elf): LOAD_REG_IMMEDIATE(r5, of_client_callback) // r5 = callback li r6,0 // r6 = address of client program argume li r7,0 // r7 = length of client program argumen - li r0,MSR_FP | MSR_ME | MSR_DR | MSR_IR + li r0,MSR_FP | MSR_ME MTMSRD(r0) blrl
#ifdef CONFIG_PPC64 /* Restore SF bit */ - LOAD_REG_IMMEDIATE(r0, MSR_SF | MSR_FP | MSR_ME | MSR_DR | MSR_IR) + LOAD_REG_IMMEDIATE(r0, MSR_SF | MSR_FP | MSR_ME) MTMSRD(r0) #endif LOAD_REG_IMMEDIATE(r8, saved_stack) // restore stack pointer @@ -535,10 +535,10 @@ _GLOBAL(call_elf):
#ifdef __powerpc64__ #define STKOFF STACKFRAME_MINSIZE -#define SAVE_SPACE 320 +#define SAVE_SPACE 328 #else #define STKOFF 8 -#define SAVE_SPACE 144 +#define SAVE_SPACE 148 #endif GLOBL(of_client_callback):
@@ -607,6 +607,10 @@ GLOBL(of_client_callback): PPC_STL r29, (STKOFF + 30 * ULONG_SIZE)(r1) PPC_STL r30, (STKOFF + 31 * ULONG_SIZE)(r1) PPC_STL r31, (STKOFF + 32 * ULONG_SIZE)(r1) + mfmsr r2 + PPC_STL r2, (STKOFF + 33 * ULONG_SIZE)(r1) + ori r2, r2, (MSR_DR | MSR_IR) + mtmsr r2
#ifdef CONFIG_PPC64 LOAD_REG_IMMEDIATE(r2, of_client_interface) @@ -643,6 +647,8 @@ GLOBL(of_client_callback): PPC_LL r29, (STKOFF + 30 * ULONG_SIZE)(r1) PPC_LL r30, (STKOFF + 31 * ULONG_SIZE)(r1) PPC_LL r31, (STKOFF + 32 * ULONG_SIZE)(r1) + PPC_LL r2, (STKOFF + 33 * ULONG_SIZE)(r1) + mtmsr r2
/* restore ctr, cr and xer */
This results in:
Unassigned mem write 00000000100fff6c = 0x0 Unassigned mem write 00000000100fff74 = 0xfde7e90 Unassigned mem write 00000000100fff78 = 0x0 Unassigned mem write 00000000100fff7c = 0x4311d0 Unassigned mem write 00000000100fff80 = 0x0 Unassigned mem write 00000000100fff84 = 0x22000042 Unassigned mem write 00000000100fff88 = 0x20000000 Unassigned mem write 00000000100fff8c = 0x0 Unassigned mem write 00000000100fff90 = 0x8 Unassigned mem write 00000000100fff94 = 0x2 Unassigned mem write 00000000100fff98 = 0x0 Unassigned mem write 00000000100fff9c = 0x680000 Unassigned mem write 00000000100fffa0 = 0xfde7f98 Unassigned mem write 00000000100fffa4 = 0xfdf7e70 Unassigned mem write 00000000100fffa8 = 0x22000042 Unassigned mem write 00000000100fffac = 0x0 Unassigned mem write 00000000100fffb0 = 0xfff32687 Unassigned mem write 00000000100fffb4 = 0xfde7f60 Unassigned mem write 00000000100fffb8 = 0xfde7f20 Unassigned mem write 00000000100fffbc = 0x0 Unassigned mem write 00000000100fffc0 = 0xfffb0000 Unassigned mem write 00000000100fffc4 = 0x688000 Unassigned mem write 00000000100fffc8 = 0x3000 Unassigned mem write 00000000100fffcc = 0xfffb601c Unassigned mem write 00000000100fffd0 = 0x0 Unassigned mem write 00000000100fffd4 = 0xfffb601c Unassigned mem write 00000000100fffd8 = 0xfffb0000 Unassigned mem write 00000000100fffdc = 0x0 Unassigned mem write 00000000100fffe0 = 0xfff02620 Unassigned mem write 00000000100fffe4 = 0xfde7f60 Unassigned mem write 00000000100fffe8 = 0xfde7f20 Unassigned mem write 00000000100fffec = 0x688000 Unassigned mem write 00000000100ffff0 = 0xfffb0000 Unassigned mem write 00000000100ffff4 = 0x67bd80 Unassigned mem write 00000000100ffff8 = 0x3000 Unassigned mem read 0000000060000000 qemu: fatal: Trying to execute code outside RAM or ROM at 0x60000000
NIP 60000000 LR 60000000 CTR 00000000 XER 00000000 MSR 00000000 HID0 00000000 HF 00000000 idx 1 TB 00000000 836520711 DECR 3458446955 GPR00 0000000000000000 0000000060000000 0000000000000000 0000000000000000 GPR04 000000004bfffffc 0000000000000000 0000000000000000 0000000000000000 GPR08 0000000000000000 0000000000000000 0000000000000000 0000000000000000 GPR12 0000000000000000 0000000000000000 0000000000000000 0000000000000000 GPR16 0000000000000000 0000000000000000 0000000000000000 0000000000000000 GPR20 0000000000000000 0000000000000000 0000000000000000 0000000000000000 GPR24 0000000000000000 0000000000000000 0000000000000000 0000000000000000 GPR28 0000000000000000 0000000000000000 0000000000000000 0000000000000000 CR 00000000 [ - - - - - - - - ] RES ffffffff FPR00 0000000000000000 0000000000000000 0000000000000000 0000000000000000 FPR04 0000000000000000 0000000000000000 0000000000000000 0000000000000000 FPR08 0000000000000000 0000000000000000 0000000000000000 0000000000000000 FPR12 0000000000000000 0000000000000000 0000000000000000 0000000000000000 FPR16 0000000000000000 0000000000000000 0000000000000000 0000000000000000 FPR20 0000000000000000 0000000000000000 0000000000000000 0000000000000000 FPR24 0000000000000000 0000000000000000 0000000000000000 0000000000000000 FPR28 0000000000000000 0000000000000000 0000000000000000 0000000000000000 FPSCR 00000000 SRR0 fff0db1c SRR1 00003030 PVR 000c0209 VRSAVE 00000000 SPRG0 0fe00000 SPRG1 ffffff6c SPRG2 22000042 SPRG3 00000000 SPRG4 00000000 SPRG5 00000000 SPRG6 00000000 SPRG7 00000000 SDR1 0fe00000 DAR ffffff3c DSISR 42000000
end of dissassembly before the error:
0xfff02750: lwz r31,136(r1) 0xfff02754: lwz r2,140(r1) 0xfff02758: mtmsr r2
IN: 0xfff0275c: lwz r2,20(r1) 0xfff02760: mtctr r2 0xfff02764: lwz r2,24(r1) 0xfff02768: mtcr r2 0xfff0276c: lwz r2,28(r1) 0xfff02770: mtxer r2 0xfff02774: lwz r2,12(r1) 0xfff02778: lwz r0,16(r1) 0xfff0277c: lwz r1,8(r1) 0xfff02780: lwz r4,4(r1) 0xfff02784: mtlr r4 0xfff02788: lwz r4,8(r1) 0xfff0278c: lwz r1,0(r1) 0xfff02790: blr
qemu: fatal: Trying to execute code outside RAM or ROM at 0x60000000