On Mon, 15 Jun 2026, Christophe Leroy (CS GROUP) wrote:

quoted

NIP=0x700 is illegal instruction exception due to trying to execute 0 
opcode at 0x100 which is the reset vector but shouldn't it try to start at 
0xfff00100? Maybe there's some issue with setting up KVM correctly?

On powerpc32 it is 0x100 or 0xfff00100 based on whether bit IP (Interrupt 
Prefix) is 0 or 1 in MSR register.

On powerpc64 MSR[IP] doesn't exist.

But this is under QEMU which sets in qemu/hw/ppc/mac_newworld.c:

#define PROM_BASE 0xfff00000
[...]
static void ppc_core99_reset(void *opaque)
{
     PowerPCCPU *cpu = opaque;

     cpu_reset(CPU(cpu));
     /* 970 CPUs want to get their initial IP as part of their boot protocol */
     cpu->env.nip = PROM_BASE + 0x100;
}

So the execution should start from 0xfff00100 unconditionally where the 
OpenBIOS is loaded but I haven't seem the QEMU command so I'm only 
guessing this is with qemu-system-ppc -machine mac99,accel=kvm. I'm not 
sure how it got to 0x100 instead but there's no code there to execute on 
reset.

Regards,
BALATON Zoltan