Re: [Qemu-devel] MIPS little endian - Bug when decoding physaddr

[Philippe Mathieu-Daudé]

Hi Vinicius,

On 06/23/2017 04:22 PM, Aurelien Jarno wrote:
> On 2017-06-23 15:14, Vinicius Maciel wrote:
> > Hi everyone,
> >
> > I'm having a problem similar to the reported in this email, but now I'm
> > trying to emulate a MIPS 24KEc,
> > ralink RT5350F.
> >
> > Assembly Code:
> > 0x802006a0 <reset+672>: lui t5,0xb011
> > 0x802006a4 <reset+676>: ori t5,t5,0x168
> > 0x802006a8 <reset+680>: li t6,23
> > 0x802006ac <reset+684>: nop
> > 0x802006b0 <reset+688>: sw t6,0(t5) <---
> >
> > The instruction "sw t6,0(t5)" try to write to address 0xb0110168 (0x10110168),
> > but Qemu decodes
> > this address to 2952790112 (0xb0000060). Is this address right?
>
> sw is a write instruction...
[...]
> ... while helper_le_ldul_mmu and io_readl are read functions. The
> assembly code and the backtrace do not match. We can not conclude
> anything.
>
> Aurelien

Looking at the RT5350 datasheet:
http://www.mouser.com/ds/2/813/RT5350-1022839.pdf

pp.19>
3.2 Memory Map Summary
1000.0000 - 1000.00FF 256 Mbps    SYSCTL
1011.0000 - 1011.7FFF  32 Kbps    Ethernet switch

pp.22>
3.4 System Control
3.4.3 Register Description (base: 0x1000_0000)
GPIOMODE: GPIO Purpose Select (offset: 0x0060)

pp.122>
3.19 Ethernet Switch
3.19.4 Register Description (base: 0x1011_0000)
LEDC: LED Control Register  (offset: 0x0168)
LED Polarity Control for each port: 1’b1: High active

having 23=0b10111 my guess is your reset() function try to toggle on 4 
leds. everything seems fine on QEMU side, now it depends how you 
implemented the SYSCTL and EthernetSwitch devices.

eventually you are missing some EthernetSwitch mapped registers and an 
exception is generated, ending reading some SYSCTL register...

running qemu-system with '-d in_asm,int,unimp' helps to understand if 
them problem comes from your model, before from QEMU core code.

regards,

Phil.