Ok, here is what I have so far:
Qemu-PPC
qqemu-system-ppc64 -s -S -M mac99 -m 1024 -cpu ppc64 -hda ~/os9/os9.img -prom-env "aapl,debug=13FFF" -prom-env "fcode-debug?=true" -prom-env "auto-boot?=false" --nographic
>> =============================================================
>> OpenBIOS 1.1 [Feb 22 2018 07:53]
>> Configuration device id QEMU version 1 machine id 3
>> CPUs: 1
>> Memory: 1024M
>> UUID: 00000000-0000-0000-0000-000000000000
>> CPU type PowerPC,970FX
milliseconds isn't unique.
Welcome to OpenBIOS v1.1 built on Feb 22 2018 07:53
0 > boot Trying hd:,\\:tbxi...
>> switching to new context:
AAPL,debug bit settings (-OR- bits together):
1 * = Print general informative messages.
2 * = Print formatted Mac OS tables (except config/universal info).
4 * = Print formatted config info table.
8 * = Dump Mac OS tables (except config/universal info).
10 * = Print node names while copying the device tree.
20 * = Print property info while copying the device tree.
40 * = Print interrupt-related info.
80 * = Print interrupt tree traversal info.
100 * = Print address resolution info.
200 * = Print NV-RAM info.
400 * = Print Mac OS "universal" info.
800 * = Print "special" node info.
1000 * = Load EtherPrintf utility via parcel for post FCode debugging.
2000 * = Print BOOTP/DHCP/BSDP information.
4000 = Allocate writable ROM aperture.
8000 = Mark Toolbox image as non-cacheable.
10000 * = Print parcel info while copying the device tree.
20000 = Print information on device tree data checksums.
1000000 = Enable the Nanokernel debugger.
2000000 = Display the Nanokernel log during boot.
10000000 = Dont attempt to unhibernate system.
40000000 = Halt after end of FCode (useful if outputting to screen).
MacOS: RTAS not found.
work area logical address = 0x3FAD8000, physical address = 0x3FAD8000.
IsKeyDown: no keys held down
gdb-multiarch
gdb-multiarch
GNU gdb (Debian 7.12-6) 7.12.0.20161007-git
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word".
warning: scripts/qemu-gdb.py: No such file or directory
(gdb) target remote localhost:1234
Remote debugging using localhost:1234
warning: No executable has been specified and target does not support
determining executable automatically. Try using the "file" command.
0x0001f0ff00000000 in ?? ()
(gdb) break *0x2025f4
Breakpoint 1 at 0x2025f4
(gdb) continue
Continuing.
Program received signal SIGTRAP, Trace/breakpoint trap.
0xf425200000000000 in ?? ()
(gdb)
Am I getting the proper breakpoint for our test?