Hello,
On a ppc_440gx platform I wrote a small u-boot stand alone app for debugging. I tried to hook the ISR at 0x700 and use a trap instruction.
I replaced the isr routine w/my own. In the process I discovered the isr at 0x700 does nothing except store the address of the service routine and return handler at addresses 0x788 and 0x78c.
I stubbed the entire routine and it still works as long as the above addresses are there.
How does u-boot execute a trap instruction without executing at least a branch instruction from the trap location 0x700?
How does it get to the global transfer_to_handler routine???
IVPR=0 and IVOR6=0x700 appear to be set correctly.
Thanks Don Russell
in service routine
MSR=0x9000, srr0=0x7088 ivpr=0x0, ivor6=0x700 pc= 0x403C , ad=0x1FF4E498 msr 0x00029000 lr 0x00004034 cr 0x24022222 trap 0x00000700
addr=0x700, 0x4C00012C =>isync istruction addr=0x704, 0x4C00012C addr=0x708, 0x4C00012C addr=0x70C, 0x4C00012C addr=0x710, 0x4C00012C addr=0x714, 0x4C00012C addr=0x718, 0x4C00012C addr=0x71C, 0x4C00012C addr=0x720, 0x4C00012C addr=0x724, 0x4C00012C addr=0x728, 0x4C00012C addr=0x72C, 0x4C00012C addr=0x730, 0x4C00012C addr=0x734, 0x4C00012C addr=0x738, 0x4C00012C addr=0x73C, 0x4C00012C addr=0x740, 0x4C00012C addr=0x744, 0x4C00012C addr=0x748, 0x4C00012C addr=0x74C, 0x4C00012C addr=0x750, 0x4C00012C addr=0x754, 0x4C00012C addr=0x758, 0x4C00012C addr=0x75C, 0x4C00012C addr=0x760, 0x4C00012C addr=0x764, 0x4C00012C addr=0x768, 0x4C00012C addr=0x76C, 0x4C00012C addr=0x770, 0x4C00012C addr=0x774, 0x4C00012C addr=0x778, 0x4C00012C addr=0x77C, 0x4C00012C addr=0x780, 0x4C00012C addr=0x784, 0x4C00012C addr=0x788, 0x6B1C => trapservice location addr=0x78C, 0x7E60 => return handler location