[Qemu-devel] Re: [OpenBIOS] QEMU OpenBIOS booting?

[Steven Noonan]

On Sun, Apr 19, 2009 at 1:08 PM, Laurent Vivier <address@hidden> wrote:
> Le dimanche 19 avril 2009 à 13:00 -0700, Steven Noonan a écrit :
>> On Sun, Apr 19, 2009 at 12:23 PM, Blue Swirl <address@hidden> wrote:
>> > On 4/19/09, Steven Noonan <address@hidden> wrote:
>> >> On Sun, Apr 19, 2009 at 1:24 AM, Laurent Vivier <address@hidden> wrote:
>> >>  > Le dimanche 19 avril 2009 à 00:50 -0700, Steven Noonan a écrit :
>> >>  >> On Tue, Apr 14, 2009 at 10:46 PM, Steven Noonan <address@hidden> 
>> >> wrote:
>> >>  >> > On Sun, Apr 12, 2009 at 1:39 AM, Laurent Vivier <address@hidden> 
>> >> wrote:
>> >>  >> >> OpenBIOS is not able to boot MacOS X.
>> >>  >> >
>> [...]
>> $=:>> XCOFF - load_xcoff: Loading 'System\Library\CoreServices\BootX'
>> >> XCOFF - load_xcoff: XCOFF file with 3 sections entry:fff0a22c
>> >> XCOFF - load_xcoff: Read next header (5c)
>> >> XCOFF - load_xcoff: Load '.text' section from 5c d4 to 5600000 (28000)
>> >> XCOFF - load_xcoff: Read next header (84)
>> >> XCOFF - load_xcoff: Load '.data' section from 84 280d4 to 5628000 (2000)
>> >> XCOFF - load_xcoff: Read next header (ac)
>> >> XCOFF - load_xcoff: Erase '.bss' section at 562a000 size: 3a000
>> >> ELF - transfer_control_to_elf: Starting ELF boot loader
>> invalid/unsupported opcode: 02 - 0e - 0c (0b717b1c) 05616ed8 1
>> invalid/unsupported opcode: 00 - 14 - 13 (000064e8) 000094d0 0
>> Alcarin:qemu steven$
>>
>>
>> So at least with my patches, we're getting what people with QEMU 0.8.0
>> were getting: http://tinyurl.com/qemu080
>>
>> So now what's left is resolving -why- that 'invalid/unsupported
>> opcode' issue crops up.
>
> I think the booloader is loaded at addresses overwriting some parts of
> openbios.
>

That would make sense, but that tells me QEMU is loading OpenBIOS to
the wrong location. From the book "Mac OS X Internals: A Systems
Approach":

Table 45. BootX Logical Memory Map

Starting Address   Ending Address    Purpose
0x00000000    0x00003FFF    Exception vectors.
0x00004000    0x03FFFFFF    Kernel image, boot structures, and drivers.
0x04000000    0x04FFFFFF    File load area.
0x05000000    0x053FFFFF    Simple read-time cache for file system
metadata. Cache hits are serviced from memory, whereas cache misses
result in disk access.
0x05400000    0x055FFFFF    Malloc zone: a simple memory allocator is
implemented in BootX's libclite subproject. The starting and ending
addresses of this range define the block of memory used by the
allocator.
0x05600000    0x057FFFFF    BootX image.
0x05800000    0x05FFFFFF    Unused (occupied by the Open Firmware image).


So it should be loading OpenBIOS to address 0x05800000, and the BootX
image should load to 0x05600000 (the latter does as it should,
according to the debug output).