From: Peter Maydell <peter.maydell@linaro.org>
To: Mulyadi Santosa <mulyadi.santosa@gmail.com>
Cc: Jacques <Jacques@rambo-mes.net>, qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] qemu gdb issue
Date: Fri, 16 Mar 2012 19:23:43 +0000 [thread overview]
Message-ID: <CAFEAcA_HbcwWBGZcvOGsBVq_ax2FGVOxcw6=T3fTpv-UEfTBRA@mail.gmail.com> (raw)
In-Reply-To: <CAGdaadaD9d2T+6YGtKbrMSHSJ2QgVmpEypWyh0+tvxNe0TuwOA@mail.gmail.com>
On 16 March 2012 19:10, Mulyadi Santosa <mulyadi.santosa@gmail.com> wrote:
> On Fri, Mar 16, 2012 at 14:13, Jacques <Jacques@rambo-mes.net> wrote:
>> I see what you mean. How do I know if this is happening? When I do 'x/i
>> $eip' I get a completely sane result with exactly the instructions I want.
>
> Alright, that confuses me too.
>
> The best other explanation I can offer is that if you arbitrarily set
> EIP into any address, you might violate the Qemu translation block
> (TB) jump (between TB to TB). Maybe you think you correctly hit one,
> but by the time it is going to be executed, it is flushed by
> translated block cache, so it is read again and re-translated, thus
> getting another address in TB cache.
This ought not to cause a problem -- when the user sets PC via the
gdb stub the next thing that should happen is we try to execute that
instruction, which should cause us either (a) to pull the right TB
out of the cache or (b) to translate it from scratch.
My guess is that this is gdb being too clever for its own good:
(gdb) set $eip=0x08059924
Cannot access memory at address 0x35704638
That address is (according to the register dump) EBP+4. Perhaps
there is some debug info or similar that makes gdb think that at
this point in time EIP is really being held in memory at EBP+4.
So when you try to set EIP it's (trying to) write to memory...
You could confirm this hypothesis by turning on gdb's logging
of remote protocol packets (via "set debug remote 1") and then
looking at what it actually does when you try to set $eip in
this situation. (Warning: this will require you to decode the
protocol packets manually which is not for the faint of heart,
although they are all documented in the gdb manual.)
-- PMM
prev parent reply other threads:[~2012-03-16 19:23 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-03-15 16:03 [Qemu-devel] qemu gdb issue Jacques
2012-03-15 17:13 ` Mulyadi Santosa
2012-03-16 7:13 ` Jacques
2012-03-16 19:10 ` Mulyadi Santosa
2012-03-16 19:23 ` Peter Maydell [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAFEAcA_HbcwWBGZcvOGsBVq_ax2FGVOxcw6=T3fTpv-UEfTBRA@mail.gmail.com' \
--to=peter.maydell@linaro.org \
--cc=Jacques@rambo-mes.net \
--cc=mulyadi.santosa@gmail.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).