Re: [Qemu-ppc] [PATCH] mac99: Bring memory layout closer to real hardware

[Programmingkid]

On Apr 12, 2014, at 5:59 AM, BALATON Zoltan wrote:

> On Fri, 11 Apr 2014, Programmingkid wrote:
>>> The "real" fix would be to create a new machine model that models
>>> *exactly* a real system from scratch.
>> 
>> So what happens to the mac99 target? Delete or abandon it? Emulating another 
>> real Macintosh does sound like a good idea, but that would take a lot of 
>> work. Wouldn't it be easier to just adjust the mac99 target instead of 
>> starting from scratch?
> 
> I agree with adjusting the mac99 model instead of starting from scratch not 
> only because it's less work but also because there's not much point in 
> keeping a machine called mac99 that does not match any real Mac. I'll send my 
> current patch with minimal changes to make the memory layout better match 
> what's seen on PowerMac3,1.

That sounds like a plan that can actually work. Starting from scratch is very 
unrealistic. It might work, but who wants to wait until 2017 before we can 
actually use it?

> 
> With this and some OpenBIOS changes (that I'll send to that list) MorphOS 
> seems to almost boot but it still crashes before starting up. There are two 
> problems I know about:
> 
> 1. OpenBIOS uses the DSI and ISI exceptions for memory management so it 
> enables the corresponding bits in the MSR but MorphOS changes the exception 
> vectors without disabling these bits and it gets a DSI when the exception 
> vector is still pointing to the wrong place.

I guess the question is who is allowed to do what. Is it ok for OpenBIOS to use 
the DSI and ISI exceptions, or is the operating system entitled to them? Is 
MorphOS wrong for touching these bits before the computer has been taken over 
by it? Since MorphOS runs on real hardware, I'm guessing OpenBIOS is needing 
the changing. 

> 
> 2. Eventually MorphOS runs into this invalid instruction and crashes:
> 
> IN:
> 0x0041cbcc:  lwzx    r7,r2,r9
> 0x0041cbd0:  lwz     r8,24(r5)
> 0x0041cbd4:  cmpw    r7,r8
> 0x0041cbd8:  beqlr
> 
> invalid bits: 00000001 for opcode: 1f - 17 - 04 (7d02492f) 0041cbdc
> IN:
> 0x0041cbdc:  .long 0x7d02492f
> 
> The whole subroutine seems to be:
> 
>  41cbcc:       7c e2 48 2e     lwzx    r7,r2,r9
>  41cbd0:       81 05 00 18     lwz     r8,24(r5)
>  41cbd4:       7c 07 40 00     cmpw    r7,r8
>  41cbd8:       4d 82 00 20     beqlr
>  41cbdc:       7d 02 49 2f     .long 0x7d02492f
>  41cbe0:       80 05 00 20     lwz     r0,32(r5)
>  41cbe4:       7c 00 04 ac     sync
>  41cbe8:       7c 00 01 a4     mtsr    0,r0
>  41cbec:       4c 00 01 2c     isync
>  41cbf0:       80 05 00 24     lwz     r0,36(r5)
>  41cbf4:       7c 00 04 ac     sync
>  41cbf8:       4c 00 01 2c     isync
>  41cbfc:       7c 01 01 a4     mtsr    1,r0
>  41cc00:       4c 00 01 2c     isync
>  41cc04:       80 05 00 28     lwz     r0,40(r5)
>  41cc08:       7c 00 04 ac     sync
>  41cc0c:       7c 02 01 a4     mtsr    2,r0
>  41cc10:       4c 00 01 2c     isync
>  41cc14:       80 05 00 2c     lwz     r0,44(r5)
>  41cc18:       7c 00 04 ac     sync
>  41cc1c:       7c 03 01 a4     mtsr    3,r0
>  41cc20:       4c 00 01 2c     isync
>  41cc24:       80 05 00 30     lwz     r0,48(r5)
>  41cc28:       7c 00 04 ac     sync
>  41cc2c:       7c 04 01 a4     mtsr    4,r0
>  41cc30:       4c 00 01 2c     isync
>  41cc34:       80 05 00 34     lwz     r0,52(r5)
>  41cc38:       7c 00 04 ac     sync
>  41cc3c:       7c 05 01 a4     mtsr    5,r0
>  41cc40:       4c 00 01 2c     isync
>  41cc44:       80 05 00 38     lwz     r0,56(r5)
>  41cc48:       7c 00 04 ac     sync
>  41cc4c:       7c 06 01 a4     mtsr    6,r0
>  41cc50:       4c 00 01 2c     isync
>  41cc54:       80 05 00 3c     lwz     r0,60(r5)
>  41cc58:       7c 00 04 ac     sync
>  41cc5c:       7c 07 01 a4     mtsr    7,r0
>  41cc60:       4c 00 01 2c     isync
>  41cc64:       80 05 00 40     lwz     r0,64(r5)
>  41cc68:       7c 00 04 ac     sync
>  41cc6c:       7c 08 01 a4     mtsr    8,r0
>  41cc70:       4c 00 01 2c     isync
>  41cc74:       80 05 00 44     lwz     r0,68(r5)
>  41cc78:       7c 00 04 ac     sync
>  41cc7c:       7c 09 01 a4     mtsr    9,r0
>  41cc80:       4c 00 01 2c     isync
>  41cc84:       80 05 00 48     lwz     r0,72(r5)
>  41cc88:       7c 00 04 ac     sync
>  41cc8c:       7c 0a 01 a4     mtsr    10,r0
>  41cc90:       4c 00 01 2c     isync
>  41cc94:       80 05 00 4c     lwz     r0,76(r5)
>  41cc98:       7c 00 04 ac     sync
>  41cc9c:       7c 0b 01 a4     mtsr    11,r0
>  41cca0:       4c 00 01 2c     isync
>  41cca4:       80 05 00 50     lwz     r0,80(r5)
>  41cca8:       7c 00 04 ac     sync
>  41ccac:       7c 0c 01 a4     mtsr    12,r0
>  41ccb0:       4c 00 01 2c     isync
>  41ccb4:       80 05 00 54     lwz     r0,84(r5)
>  41ccb8:       7c 00 04 ac     sync
>  41ccbc:       7c 0d 01 a4     mtsr    13,r0
>  41ccc0:       4c 00 01 2c     isync
>  41ccc4:       80 05 00 58     lwz     r0,88(r5)
>  41ccc8:       7c 00 04 ac     sync
>  41cccc:       7c 0e 01 a4     mtsr    14,r0
>  41ccd0:       4c 00 01 2c     isync
>  41ccd4:       80 05 00 5c     lwz     r0,92(r5)
>  41ccd8:       7c 00 04 ac     sync
>  41ccdc:       7c 0f 01 a4     mtsr    15,r0
>  41cce0:       4c 00 01 2c     isync
>  41cce4:       4e 80 00 20     blr
> 
> So either on real hardware it never takes the path with the invalid opcode or 
> it is not invalid on those processors it runs on. Does anyone know what is 
> this opcode supposed to be?
> 
>> If you are intent on making a new target, we should start with a name. It 
>> looks like we are targeting the PowerMac3,1. Since it was based on the 
>> Sawtooth architecture, I'm thinking sawtooth would be the name to call it.
> 
> Or it could be called PowerMac3,1 so it is clear what is it trying to emulate.


Yeah, I can see -M powermac3,1 working.