[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [Bug] qemu-system-ppc: "invalid/unsupported opcode" du
From: |
Blue Swirl |
Subject: |
Re: [Qemu-devel] [Bug] qemu-system-ppc: "invalid/unsupported opcode" during debug session |
Date: |
Tue, 29 Dec 2009 15:19:57 +0000 |
On Tue, Dec 29, 2009 at 3:09 PM, Stefan Weil <address@hidden> wrote:
> Test environment:
>
> * ppc-softmmu/qemu-system-ppc running on x86_64 host
> * emulated ppc is running debian lenny
>
>
>
> While debugging on the emulated ppc (each time when
> a shared library is loaded after "r" command?),
> qemu-system-ppc prints this error message:
>
> invalid/unsupported opcode: 00 - 00 - 00 (00000000) 4800fa44 1
>
>
>
> If logging is enabled, the error message goes to qemu.log:
>
> IN:
> 0xc0013488: nop
> 0xc001348c: rlwinm r3,r3,0,0,19
> 0xc0013490: li r4,128
> 0xc0013494: mtctr r4
> 0xc0013498: mr r6,r3
> 0xc001349c: dcbst r0,r3
>
> invalid/unsupported opcode: 00 - 00 - 00 (00000000) 4800fa44 1
> IN:
> 0x4800fa40: twge r2,r2
> 0x4800fa44: .long 0x0
>
>
>
> The debugger on the ppc system shows the "instruction"
> which triggers the error message:
>
> (gdb) disas
> Dump of assembler code for function _dl_debug_state:
> 0x4800fa40 <_dl_debug_state+0>: blr
> End of assembler dump.
> (gdb) x 0x4800fa40
> 0x4800fa40 <_dl_debug_state>: 0x4e800020
> (gdb) x/2x 0x4800fa40
> 0x4800fa40 <_dl_debug_state>: 0x4e800020 0x00000000
>
>
>
> The unsupported opcode is 0, and it follows function
> _dl_debug_state.
>
> Debugging in an emulated system should not trigger
> error messages on the host (denial-of-service).
>
> Why does qemu try to interpret the word at 0x4800fa44?
Wild guess: for PPC, translation is not stopped when we reach a branch
but until the end of the current page. Please try the attached patch.
> Why does qemu show "twge r2,r2", not "blr"?
Maybe read access has been disabled for the page?
0001-PPC-stop-code-generation-when-we-reach-a-branch.patch
Description: Source code patch