Blue Swirl schrieb: > On Tue, Dec 29, 2009 at 3:09 PM, Stefan Weil <w...@mail.berlios.de> wrote: > >> Test environment: >> >> * ppc-softmmu/qemu-system-ppc running on x86_64 host >> * emulated ppc is running debian lenny >> >> >> >> While debugging on the emulated ppc (each time when >> a shared library is loaded after "r" command?), >> qemu-system-ppc prints this error message: >> >> invalid/unsupported opcode: 00 - 00 - 00 (00000000) 4800fa44 1 >> >> >> >> If logging is enabled, the error message goes to qemu.log: >> >> IN: >> 0xc0013488: nop >> 0xc001348c: rlwinm r3,r3,0,0,19 >> 0xc0013490: li r4,128 >> 0xc0013494: mtctr r4 >> 0xc0013498: mr r6,r3 >> 0xc001349c: dcbst r0,r3 >> >> invalid/unsupported opcode: 00 - 00 - 00 (00000000) 4800fa44 1 >> IN: >> 0x4800fa40: twge r2,r2 >> 0x4800fa44: .long 0x0 >> >> >> >> The debugger on the ppc system shows the "instruction" >> which triggers the error message: >> >> (gdb) disas >> Dump of assembler code for function _dl_debug_state: >> 0x4800fa40 <_dl_debug_state+0>: blr >> End of assembler dump. >> (gdb) x 0x4800fa40 >> 0x4800fa40 <_dl_debug_state>: 0x4e800020 >> (gdb) x/2x 0x4800fa40 >> 0x4800fa40 <_dl_debug_state>: 0x4e800020 0x00000000 >> >> >> >> The unsupported opcode is 0, and it follows function >> _dl_debug_state. >> >> Debugging in an emulated system should not trigger >> error messages on the host (denial-of-service). >> >> Why does qemu try to interpret the word at 0x4800fa44? >> > > Wild guess: for PPC, translation is not stopped when we reach a branch > but until the end of the current page. Please try the attached patch. >
Applied to host side (qemu-system-ppc), no visible change (no malfunction, but still invalid opcode). Stefan > >> Why does qemu show "twge r2,r2", not "blr"? >> > > Maybe read access has been disabled for the page? >
