Recent Posts

Pages: [1] 2 3 ... 10
1
G4:

Code: [Select]
Breakpoint 1, 0x000000000020fd08 in ?? ()
(gdb) display/i $pc
1: x/i $pc
=> 0x20fd08: rlwinm. r11,r5,27,5,31
(gdb) p/x $r11
$1 = 0xd
(gdb) stepi
0x000000000020fd0c in ?? ()
1: x/i $pc
=> 0x20fd0c: mtctr   r11
(gdb) p/x $r11
$2 = 0x5
(gdb)

970:

Code: [Select]
Breakpoint 1, 0x000000000020fd08 in ?? ()
2: x/i $pc
=> 0x20fd08: rlwinm. r11,r5,27,5,31
1: x/i $pc
=> 0x20fd08: rlwinm. r11,r5,27,5,31
(gdb) display/i $pc
3: x/i $pc
=> 0x20fd08: rlwinm. r11,r5,27,5,31
(gdb) p/x $r11
$3 = 0xd
(gdb) stepi
0x000000000020fd0c in ?? ()
3: x/i $pc
=> 0x20fd0c: mtctr   r11
2: x/i $pc
=> 0x20fd0c: mtctr   r11
1: x/i $pc
=> 0x20fd0c: mtctr   r11
(gdb) p/x $r11
$4 = 0x5
(gdb)
2
Code: [Select]
1: x/i $pc
=> 0x20fd08: rlwinm. r11,r5,27,5,31
(gdb) p/x $r5
$6 = 0xb8

Please pay attention to the fact that 1: x/i $pc always shows NEXT instruction. p/x $r5 will print out the value of r5 BEFORE 0x20fd08 in this case. You need to do stepi first to trace past 0x20fd08, then p/x $r11 to track the destination of rlwinm.

It's getting interesting here. I'd like to request the value of $r11 at 0x20fd10 on both G4 and G5.

Is it doable?
3
How do I check if cr7 was greater than?

Do I read the entire 32 bit cr or is there some other way of knowing if it jumped to 0x20fb70?

Don't bother with them at all! We don't need to decompile this function - that's already done. Just record which code instructions are executed and concentrate yourself on everything that changes general purpose registers (r0...r31).

Is this useful, or are you asking for something else?

Code: [Select]
(gdb) stepi
0x000000000020fba4 in ?? ()
1: x/i $pc
=> 0x20fba4: add     r4,r4,r5
(gdb) p/x $r4
$4 = 0x3fee5048
(gdb) stepi
0x000000000020fba8 in ?? ()
1: x/i $pc
=> 0x20fba8: andi.   r0,r4,31
(gdb) p/x $r4
$5 = 0x3fee5100
(gdb) stepi
0x000000000020fbac in ?? ()
1: x/i $pc
=> 0x20fbac: bnel    0x20fc08
(gdb) stepi
0x000000000020fbb0 in ?? ()
1: x/i $pc
=> 0x20fbb0: bl      0x20fd08
(gdb) stepi
0x000000000020fd08 in ?? ()
1: x/i $pc
=> 0x20fd08: rlwinm. r11,r5,27,5,31
(gdb) p/x $r5
$6 = 0xb8
(gdb) stepi
0x000000000020fd0c in ?? ()
1: x/i $pc
=> 0x20fd0c: mtctr   r11
(gdb) stepi
0x000000000020fd10 in ?? ()
1: x/i $pc
=> 0x20fd10: beqlr   
(gdb) stepi
0x000000000020fd14 in ?? ()
1: x/i $pc
=> 0x20fd14: andi.   r0,r3,7
(gdb) p/x $r3
$7 = 0x3fee50f0
(gdb) stepi
0x000000000020fd18 in ?? ()
1: x/i $pc
=> 0x20fd18: beq     0x20fd78
(gdb) stepi
0x000000000020fd78 in ?? ()
1: x/i $pc
=> 0x20fd78: lfdu    f0,-32(r3)
(gdb) stepi
0x000000000020fd7c in ?? ()
1: x/i $pc
=> 0x20fd7c: addi    r4,r4,-32
(gdb) p/x $r4
$8 = 0x3fee5100
(gdb) stepi
0x000000000020fd80 in ?? ()
1: x/i $pc
=> 0x20fd80: lfd     f1,8(r3)
(gdb) stepi
0x000000000020fd84 in ?? ()
1: x/i $pc
=> 0x20fd84: lfd     f2,16(r3)
(gdb) stepi
0x000000000020fd88 in ?? ()
1: x/i $pc
=> 0x20fd88: lfd     f3,24(r3)
(gdb) stepi
0x000000000020fd8c in ?? ()
1: x/i $pc
=> 0x20fd8c: dcbz    0,r4
(gdb) stepi
0x000000000020fd90 in ?? ()
1: x/i $pc
=> 0x20fd90: stfd    f0,0(r4)
(gdb) stepi
0x000000000020fd94 in ?? ()
1: x/i $pc
=> 0x20fd94: stfd    f1,8(r4)
(gdb) stepi
0x000000000020fd98 in ?? ()
1: x/i $pc
=> 0x20fd98: stfd    f2,16(r4)
(gdb) stepi
0x000000000020fd9c in ?? ()
1: x/i $pc
=> 0x20fd9c: stfd    f3,24(r4)
(gdb) stepi
0x000000000020fda0 in ?? ()
1: x/i $pc
=> 0x20fda0: bdnz    0x20fd78
(gdb) stepi
0x000000000020fd78 in ?? ()
1: x/i $pc
=> 0x20fd78: lfdu    f0,-32(r3)
(gdb) stepi
0x000000000020fd7c in ?? ()
1: x/i $pc
=> 0x20fd7c: addi    r4,r4,-32
(gdb) p/x $r4
$9 = 0x3fee50e0
(gdb) stepi
0x000000000020fd80 in ?? ()
1: x/i $pc
=> 0x20fd80: lfd     f1,8(r3)
(gdb) stepi
0x000000000020fd84 in ?? ()
1: x/i $pc
=> 0x20fd84: lfd     f2,16(r3)
(gdb) stepi
0x000000000020fd88 in ?? ()
1: x/i $pc
=> 0x20fd88: lfd     f3,24(r3)
(gdb) stepi
0x000000000020fd8c in ?? ()
1: x/i $pc
=> 0x20fd8c: dcbz    0,r4
(gdb) stepi
0x000000000020fd90 in ?? ()
1: x/i $pc
=> 0x20fd90: stfd    f0,0(r4)
(gdb) stepi
0x000000000020fd94 in ?? ()
1: x/i $pc
=> 0x20fd94: stfd    f1,8(r4)
(gdb) stepi
0x000000000020fd98 in ?? ()
1: x/i $pc
=> 0x20fd98: stfd    f2,16(r4)
(gdb) stepi
0x000000000020fd9c in ?? ()
1: x/i $pc
=> 0x20fd9c: stfd    f3,24(r4)
(gdb) stepi
0x000000000020fda0 in ?? ()
1: x/i $pc
=> 0x20fda0: bdnz    0x20fd78
(gdb) stepi
0x000000000020fd78 in ?? ()
1: x/i $pc
=> 0x20fd78: lfdu    f0,-32(r3)
(gdb) stepi
0x000000000020fd7c in ?? ()
1: x/i $pc
=> 0x20fd7c: addi    r4,r4,-32
(gdb) p/x $r4
$10 = 0x3fee50c0
(gdb) stepi
0x000000000020fd80 in ?? ()
1: x/i $pc
=> 0x20fd80: lfd     f1,8(r3)
(gdb) stepi
0x000000000020fd84 in ?? ()
1: x/i $pc
=> 0x20fd84: lfd     f2,16(r3)
(gdb) stepi
0x000000000020fd88 in ?? ()
1: x/i $pc
=> 0x20fd88: lfd     f3,24(r3)
(gdb) stepi
0x000000000020fd8c in ?? ()
1: x/i $pc
=> 0x20fd8c: dcbz    0,r4
(gdb) stepi
0x000000000020fd90 in ?? ()
1: x/i $pc
=> 0x20fd90: stfd    f0,0(r4)
(gdb) stepi
0x000000000020fd94 in ?? ()
1: x/i $pc
=> 0x20fd94: stfd    f1,8(r4)
(gdb) stepi
0x000000000020fd98 in ?? ()
1: x/i $pc
=> 0x20fd98: stfd    f2,16(r4)
(gdb) stepi
0x000000000020fd9c in ?? ()
1: x/i $pc
=> 0x20fd9c: stfd    f3,24(r4)
(gdb) stepi
0x000000000020fda0 in ?? ()
1: x/i $pc
=> 0x20fda0: bdnz    0x20fd78
(gdb) stepi
0x000000000020fd78 in ?? ()
1: x/i $pc
=> 0x20fd78: lfdu    f0,-32(r3)
(gdb) stepi
0x000000000020fd7c in ?? ()
1: x/i $pc
=> 0x20fd7c: addi    r4,r4,-32
(gdb) p/x $r4
$11 = 0x3fee50a0
(gdb)
4
How do I check if cr7 was greater than?

Do I read the entire 32 bit cr or is there some other way of knowing if it jumped to 0x20fb70?

Don't bother with them at all! We don't need to decompile this function - that's already done. Just record which code instructions are executed and concentrate yourself on everything that changes general purpose registers (r0...r31).
5
Yes. Branch if r5 > 32.

The condition register is a 32-bit register split up into 8 sections (cr0-cr7) of 4 bits each (I really have no idea what the 'so' bits are used for, but 'lt', 'eq', and 'gt' are pretty clear). All the mnemonics like blt are essentially macros that expand into a more general branch instruction that takes a bit index into the cr as a whole. The compare instructions are still required to operate on cr0-cr7.

Ok, I'm starting to understand, let's see if I can apply it to what I need to do.

Code: [Select]
(gdb) stepi (execute bgt cr7, 0x20FB70 --> conditional branch, mark it with "+" if it jumps to 0x20fb70, otherwise mark it with "-")
(gdb) stepi (beq cr7, 0x20FBC4 --> another cond branch, proceed as above)
(gdb) stepi (blt cr6, 0x20FC74 --> yet another cond branch, proceed as above)

How do I check if cr7 was greater than?

Do I read the entire 32 bit cr or is there some other way of knowing if it jumped to 0x20fb70?
An easy way to check it is to see what address gdb reported the program counter to be at.
Code: [Select]
0x000000000020fb58 in ?? ()
1: x/i $pc
=> 0x20fb58: bgt     cr7,0x20fb70
(gdb) stepi
0x000000000020fb70 in ?? ()
1: x/i $pc
=> 0x20fb70: beqlr   cr6
It appears to have made the jump. The PC is 0x000000000020fb70 in the instruction immediately following the branch. Also, there might be some register dump command like '%cr' or something. I am not familiar with gdb, so I am not sure.
6
I really have no idea what the 'so' bits are used for

SO - summary overflow. Used for implementing really big numbers...
7
Yes. Branch if r5 > 32.

The condition register is a 32-bit register split up into 8 sections (cr0-cr7) of 4 bits each (I really have no idea what the 'so' bits are used for, but 'lt', 'eq', and 'gt' are pretty clear). All the mnemonics like blt are essentially macros that expand into a more general branch instruction that takes a bit index into the cr as a whole. The compare instructions are still required to operate on cr0-cr7.

Ok, I'm starting to understand, let's see if I can apply it to what I need to do.

Code: [Select]
(gdb) stepi (execute bgt cr7, 0x20FB70 --> conditional branch, mark it with "+" if it jumps to 0x20fb70, otherwise mark it with "-")
(gdb) stepi (beq cr7, 0x20FBC4 --> another cond branch, proceed as above)
(gdb) stepi (blt cr6, 0x20FC74 --> yet another cond branch, proceed as above)

How do I check if cr7 was greater than?

Do I read the entire 32 bit cr or is there some other way of knowing if it jumped to 0x20fb70?
8
Yes. Branch if r5 > 32.

The condition register is a 32-bit register split up into 8 sections (cr0-cr7) of 4 bits each (I really have no idea what the 'so' bits are used for, but 'lt', 'eq', and 'gt' are pretty clear). All the mnemonics like blt are essentially macros that expand into a more general branch instruction that takes a bit index into the cr as a whole. The compare instructions are still required to operate on cr0-cr7.

9
Sorry. I guess my explanation only makes sense if you already understand it.

Each condition field has 4 bit flags: lt, gt, eq, so. A compare instruction will assign values to all four of those flags for the condition field specified. This provides enough information to allow ==, !=, >, <, >=, <=...etc. The 'bgt' instruction only looks at the gt flag of the specified field and ignores the rest.

Here's an example:
Code: [Select]
cmplwi cr6,r1,4
blt cr6,some_address
beq cr6,another_address
bgt cr6, yet_another_address
cr6 will be set with the results of the comparison. The four bit flags will indicate the relationship between the 2 numbers compared. The code will end up at 'some_address', 'another_address', or 'yet_another_address' depending on whether r1 is <, ==, or > 4.

Yes, the 'mr. r0, r5' copies r5 to r0. r0 will likely not actually be used. The main purpose is to do a quick compare with zero. I call it a modifier because it is a controllable feature of most instructions. 'mr.' is a 'mr' instruction that also compares the destination with zero. 'add.', 'rlwinm.', and 'xor.' have have this same relation to 'add', 'rlwinm', and 'xor'.

Code: [Select]
1: x/i $pc
=> 0x20fb4c: cmplwi  cr7,r5,32
(gdb) stepi
0x000000000020fb50 in ?? ()
1: x/i $pc
=> 0x20fb50: cmplw   cr6,r4,r3
(gdb) stepi
0x000000000020fb54 in ?? ()
1: x/i $pc
=> 0x20fb54: mr.     r0,r5
(gdb) stepi
0x000000000020fb58 in ?? ()
1: x/i $pc
=> 0x20fb58: bgt     cr7,0x20fb70

If the value of r5 is greater than 32 cr7.gt = 1 then brach to the address 0x20fb70?

10
ok, I understand there are 8 condition registers cr0-cr7, but I don't understand cr6.??

If r1 = 4

cr6.eq =1 (true)
cr6.lt = 0? (false)
cr6.gt = 0? (false)





Yes.

The condition registers are a 3 bit register, or they have three one bit registers?
Pages: [1] 2 3 ... 10