As Albrecht Frenzel wrote:
The strange thing: sometimes pc gets loaded with the correct pc
0x7e00 and it is possible to step through the code using the same
.elf-file.
You can always set the current PC address in GDB before proceeding:
set $pc = 0x7e00
Regarding Illegal opcode 'ff ff': wouldn't it be better to simply
stop simulavr instead of terminating? That would give a chance to
investigate.
As the AVR (undocumentedly) treats opcode ffff as a NOP, I think
the simulator could even just continue. There are possible
scenarios where this feature could be used deliberately, e. g.
by including a patch area in the code that is simply run through
as long as it is ffff but which can be written later on to
include additional features.