> Breakpoint 7, cpu_arm_exec (env=0x102033200) at ~/qemu-0.15.0/cpu-exec.c:557
> 557 next_tb = tcg_qemu_tb_exec(env, tc_ptr);
> (gdb) p/x env->regs
> $13 = {0x4002c00c, 0x20, 0x4, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0,
> 0x0, 0x30, 0x10007fa8, 0x560d, 0x560c}
> (gdb) s
> 558 if ((next_tb & 3) == 2) {
> (gdb) p/x env->regs
> $14 = {0x10048000, 0x20, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
> 0x30, 0x10007fb8, 0x560d, 0x0}
>
> How to check access to unallocated memory? It's not seg faulting.
290 0000042c <_init>:
291 42c: b5f8 push {r3, r4, r5, r6, r7, lr}
set breakpoint here and see with x/6wx $sp whether saved register values are
good.
292 42e: bf00 nop
293 430: bcf8 pop {r3, r4, r5, r6, r7}
294 432: bc08 pop {r3}
295 434: 469e mov lr, r3
296 436: 4770 bx lr
Or you can find physical address under $sp, and then via monitor command 'info
mtree' check whether there's physical memory by that address.
To find physical address you can either uncomment #define DEBUG_TLB in the
exec.c to make it print virtual-to-physical translations or
set breakpoint at cpu_arm_handle_mmu_fault and inspect address and phys_addr
values.
Thanks.
-- Max
