Makoto> 0 > boot fd:netbsd.xcf loading XCOFF
Makoto> tsize=BFB0 dsize=9D4 bsize=16D0 entry=20000
Makoto> SECTIONS:
Makoto> .text     00020000 00020000 0000BFB0 00000124
Makoto> .data     0002C000 0002C000 000009D4 0000C0D4
Makoto> .bss      0002C9D8 0002C9D8 000016D0 00000000
Makoto> .note     0002E490 0002E490 00000028 0000CAA8
Makoto> netbsd    00000000 00000000 000FF250 0000CAD0
Makoto> loading .text, done..
Makoto> loading .data, done..
Makoto> clearing .bss, done..
Makoto> NetBSD/powerpc OpenFirmware Boot, Revision 1.3
Makoto> (drow@mindcryme, Sat Jan 10 00:38:29 EST 1998)
Makoto> Beginning image search.
Makoto> Found image at 0x40fc.
Makoto> Inline kernel at 0x10ad0, length 0xff250.
Makoto> Header loaded at 0x3ffc48.

Ummm. I think we may have some overlapping memory regions.

The image of the kernel begins at 0x10ad0, and has length 0xff250, so
it's going to overlap with the boot code (loading at 0x20000, up to
0x2e0a8 ish). Presumably the xcoff loader is dumb enough to overwrite
parts of the boot image, so we've corrupted the netbsd segment.

Problem #2: The end of the netbsd image is at 0x10bd20. Since the
kernel loads at 0x100000, that's also going to get overwritten as we
load the kernel.

Possible work-arounds: Move the boot loader to execute around
0x110000, make netbsd load at 0x120000 (I'm not sure if it'll execute
from there, though).

Alternatively, you may be able to fiddle around with "load-base"
config variable....

- S