Debugger doesn't start

[Toni Wilen]

Fixed, brief extension word scale factor was lost when 68020+ disassembly was recently fixed..

[ross]

Quote:

Originally Posted by Toni Wilen

Fixed, brief extension word scale factor was lost when 68020+ disassembly was recently fixed..

Thanks Toni.

[ross]

Hi Toni, i'm using some memory indirect addressing mode and noticed something strange in disassembler (code is properly executed).
Seems that base register is sometime suppressed (and i'm not suppressing it) or different modes are disassembled in the same way.

So i've manually constructed the problematic encodings:

Code:

	dc.b	$20,$30,$09,%00010000
	dc.b	$20,$30,$09,%01010000
	dc.b	$20,$30,$09,%10010000
	dc.b	$20,$30,$09,%11010000

	dc.b	$20,$30,$09,%00010001
	dc.b	$20,$30,$09,%01010001
	dc.b	$20,$30,$09,%10010001
	dc.b	$20,$30,$09,%11010001

	dc.b	$20,$30,$09,%00010101
	dc.b	$20,$30,$09,%01010101
	dc.b	$20,$30,$09,%10010101
	dc.b	$20,$30,$09,%11010101

That are decoded as:

Code:

005082AE 2030 0910                MOVE.L (A0,D0.L) == $00000000 [00000000],D0
005082B2 2030 0950                MOVE.L (A0) == $00000000 [00000000],D0
005082B6 2030 0990                MOVE.L (D0.L) == $00000000 [00000000],D0
005082BA 2030 09d0                MOVE.L () == $00000000 [00000000],D0
005082BE 2030 0911                MOVE.L ([A0,D0.L]) == $00000000 [00000000],D0
005082C2 2030 0951                MOVE.L ([A0]) == $00000000 [00000000],D0
005082C6 2030 0991                MOVE.L ([D0.L]) == $00000000 [00000000],D0
005082CA 2030 09d1                MOVE.L ([]) == $00000000 [00000000],D0
005082CE 2030 0915                MOVE.L ([],D0.L) == $00000000 [00000000],D0
005082D2 2030 0955                MOVE.L ([]) == $00000000 [00000000],D0
005082D6 2030 0995                MOVE.L ([],D0.L) == $00000000 [00000000],D0
005082DA 2030 09d5                MOVE.L ([]) == $00000000 [00000000],D0

Something wrong here

EDIT: not that all the encodings I entered are wrong, I put only the interested various combinations of bits BS, IS, I/IS using Indirect with Null displacement, in the full format word

[Toni Wilen]

I'd say they are technically correct. I don't think those bit combinations are supposed to be used because instruction becomes plain move

[ross]

Quote:

Originally Posted by Toni Wilen

I'd say they are technically correct. I don't think those bit combinations are supposed to be used because instruction becomes plain move

Sure for most of them

But take this snippet:

Code:

	lea	$4.w,a0
	moveq	#0,d0
	move.l	a0,$0.w
	dc.b	$2c,$70,$09,%00010101
	dc.b	$2c,$70,$09,%10010101

That disassemble to:

Code:

00642376 41f8 0004                LEA.L $0004,A0
0064237A 7000                     MOVE.L #$00,D0
0064237C 21c8 0000                MOVE.L A0,$0000 [00000004]
00642380 2c70 0915                MOVEA.L ([],D0.L) == $00000004 [002008d4],A6
00642384 2c70 0995                MOVEA.L ([],D0.L) == $00000004 [002008d4],A6

Considering the bits encoding, first move to A6 rightly insert the indirect base content (what is at offset 0 of execbase).
You've execbase in A6 only in the later move, because base is suppressed.

[Toni Wilen]

I think the important question is: how does other disassemblers disassemble them?

[ross]

Quote:

Originally Posted by Toni Wilen

I think the important question is: how does other disassemblers disassemble them?

No idea, but surely I would disassemble them like this:

Code:

	dc.b	$2c,$70,$09,%00010101	;movea.l ([a0],d0.l),a6
	dc.b	$2c,$70,$09,%10010101	;movea.l ([],d0.l),a6

I'll try with monam and report.

[ross]

Ok, monam disassemble it right.


---

Just for the record, found a bug in devpac for some 020+ 'unusual/unused' addressing mode:

Code:

	movea.l	([],d0.l),a6
	movea.l ([d0.l]),a6

These two wrongly assemble to same encoding.

But who care, i'm more interested in WinUAE perfection

[Toni Wilen]

Perhaps it works better now but I also didn't test if something else got broken..

[ross]

Quote:

Originally Posted by Toni Wilen

Perhaps it works better now but I also didn't test if something else got broken..

Thanks Toni.

If I find something wrong I'll let you know.

[ross]

Hi Toni, found a broken disassembly for CMP2 (recognized as CHK2).

[Toni Wilen]

It is usually very good idea to also include an example..

[ross]

Quote:

Originally Posted by Toni Wilen

It is usually very good idea to also include an example..

Code:

	cmp2.w	(a0),a1
	cmp2.b	2(a1),d0
	cmp2.w	($1234.w,a2,d0.l),d2
	cmp2.l	($1234568,a3,d6.w*8),d7

Code:

>d
006860A4 02d0 9000                CHK2.W #$9000,(A0)
006860A8 00e9 0000 0002           CHK2.B #$0000,(A1,$0002) == $0067dbe2
006860AE 02f2 2000 0920 1234      CHK2.W #$2000,($1234,D0.L) == $002127c8
006860B6 04f3 7000 6730 0123 4568 CHK2.L #$7000,($01234568,D6.W*8) == $018ba604

[Toni Wilen]

Better but not good enough, for comparison purposes both instructions should be included

Fixed. This was yet another 68020+ instruction that has "non-standard" encoding. CHK2 and CMP2 has exact same opcode word so they are technically same instruction. Second word has single bit that tells the difference.

[ross]

Quote:

Originally Posted by Toni Wilen

Better but not good enough, for comparison purposes both instructions should be included

Fixed. This was yet another 68020+ instruction that has "non-standard" encoding. CHK2 and CMP2 has exact same opcode word so they are technically same instruction. Second word has single bit that tells the difference.

Yes, guessed that the problem was due to the 020 'peculiar' encoding

[Tomislav]

Yes, it's 11th bit of 2nd word.

Code:

FEDCBA9876543210 FEDCBA9876543210
00000ss011<-ea-> Rnnn000000000000    CMP2.[BWL] <ea>,Rn
00000ss011<-ea-> Rnnn100000000000    CHK2.[BWL] <ea>,Rn

ss is size (B/W/L = 00/01/10)

[ross]

Hi Toni, just to not open a new thread..

Latest alpha version (15 set. 2019, 19:43:35).
First time ever getting stuck copying file to hard disk (as a host directory) from an IPF floppy file (standard DOS\0, but I've not checked if there some protection in it).
Amiga side my usual WB configuration used millions of times w/o copy problems.

Maybe you can recognize the access addresses in the WinUAE Board/ROM for this infinite loop:

Code:

00EB1EAE 4a2b 0002                TST.B (A3,$0002) == $00ebf002
00EB1EB2 6650                     BNE.B #$50 == $00eb1f04 (F)
00EB1EB4 0c2b 00fe 0007           CMP.B #$fe,(A3,$0007) == $00ebf007
00EB1EBA 6618                     BNE.B #$18 == $00eb1ed4 (T)
00EB1ED4 4aaa 004c                TST.L (A2,$004c) == $00eb404c
00EB1ED8 661e                     BNE.B #$1e == $00eb1ef8 (F)
00EB1EDA 0c85 8000 0000           CMP.L #$80000000,D5
00EB1EE0 66cc                     BNE.B #$cc == $00eb1eae (T)

r
  D0 0000000A   D1 405690C0   D2 FFFFFFFE   D3 40529108 
  D4 0000FFFF   D5 0000000A   D6 00380042   D7 4055B2E0 
  A0 00EB4090   A1 4002F930   A2 00EB4000   A3 00EBF000 
  A4 405290F4   A5 4002F98C   A6 400008D4   A7 40031162 
USP  40031162 ISP  40002350 SFC  00000000 DFC  00000000 
CACR 80008000 TC   00008000 ITT0 00000000 ITT1 00000000 
DTT0 00000000 DTT1 00000000 VBR  40053BB0 MSP  00000000 
MMUS 00000000 URP  40055000 SRP  40055000 
T=00 S=0 M=0 X=1 N=1 Z=0 V=1 C=1 IMASK=0 STP=0
0: 7FFF-7FFFFFFF-FFFFF800 +nan 7FFF-7FFFFFFF-FFFFF800 +nan 
2: 7FFF-7FFFFFFF-FFFFF800 +nan 7FFF-7FFFFFFF-FFFFF800 +nan 
4: 7FFF-7FFFFFFF-FFFFF800 +nan 7FFF-7FFFFFFF-FFFFF800 +nan 
6: 7FFF-7FFFFFFF-FFFFF800 +nan 7FFF-7FFFFFFF-FFFFF800 +nan 
FPSR: 00000000 FPCR: 00000000 FPIAR: 00000000 N=0 Z=0 I=0 NAN=0
00EB1EE0 66cc                     BNE.B #$cc == $00eb1eae (T)
Next PC: 00eb1ee2

dm
00000000    2048K/1 =    2048K ID C32 Chip memory
00200000    8192K/1 =    8192K ID F32 Fast memory
00A00000     512K/0 =     512K -- F32 <none>
00A80000    1024K/2 =     512K ID F32 Kickstart ROM (1483A091)
=KS ROM v3.1 (A1200) rev 40.68 (512k) [391773-01/391774-01]
00B80000     448K/0 =     448K -- F32 <none>
00BF0000      64K/0 =      64K -- CIA CIA
00C00000    1536K/0 =    1536K -- C32 <none>
00D80000     256K/0 =     256K -- C16 Gayle (low)
00DC0000      64K/0 =      64K -- C16 Battery backed up clock (MSM6242B)
00DD0000      64K/0 =      64K -- C16 Gayle (low)
00DE0000      64K/0 =      64K -- C16 Gayle (high)
00DF0000      64K/0 =      64K -- C16 Custom chipset
00E00000     512K/1 =     512K ID F32 Kickstart ROM (1483A091)
=KS ROM v3.1 (A1200) rev 40.68 (512k) [391773-01/391774-01]
00E80000      64K/0 =      64K -- F32 Autoconfig Z2
00E90000      64K/0 =      64K -- F32 <none>
00EA0000      64K/1 =      64K -- F32 UAE Board
00EB0000      64K/1 =      64K -- F32 UAE Boot ROM
00EC0000     768K/0 =     768K -- F32 <none>
00F80000     512K/1 =     512K ID F32 Kickstart ROM (1483A091)
=KS ROM v3.1 (A1200) rev 40.68 (512k) [391773-01/391774-01]
01000000    1008M/0 =    1008M -- F32 <none>
40000000      64M/1 =      64M ID F32 Zorro III Fast RAM
44000000       4M/1 =       4M -- F32 RTG RAM
44400000    2988M/0 =    2988M -- F32 <none>
FF000000      64K/0 =      64K -- F32 Autoconfig Z3
FF010000   16320K/0 =   16320K -- F32 <none>

Fortunately I've not called [EDIT:Settings] GUI before Debugger because as soon as I did WinUAE crashed with the attached DMP.

I don't know if useful because an unofficial version ..

EDIT2: I tried to replicate the same conditions, but I can't reproduce the crash

Cheers.

[Toni Wilen]

Because of not much info: don't use indirect mode?
Dumps are always useless when non-official version.

[ross]

Quote:

Originally Posted by Toni Wilen

Because of not much info: don't use indirect mode?
Dumps are always useless when non-official version.

Yes sorry.
Same exact config as
http://eab.abime.net/showpost.php?p=...2&postcount=46

IPF is SPS 2153, a standard DOS\0 disk (checked and is not protected in any way).
But I suppose IPF is not the problem, infinite loop is in WinUAE ROM...

I normally use the ROM indirect mode, but if problematic I can revert to direct mode.

I'm here if I can give you other information/help.

[Toni Wilen]

Can you really duplicate it? Not happening when copying to RAM disk? And so on..