public inbox for gdb-prs@sourceware.org
help / color / mirror / Atom feed
* [Bug backtrace/18338] New: ARM: infinite stack trace with assembly function
@ 2015-04-27 12:18 carl at cogsystems dot com
2015-04-27 12:32 ` [Bug backtrace/18338] " carl at cogsystems dot com
0 siblings, 1 reply; 2+ messages in thread
From: carl at cogsystems dot com @ 2015-04-27 12:18 UTC (permalink / raw)
To: gdb-prs
https://sourceware.org/bugzilla/show_bug.cgi?id=18338
Bug ID: 18338
Summary: ARM: infinite stack trace with assembly function
Product: gdb
Version: unknown
Status: NEW
Severity: normal
Priority: P2
Component: backtrace
Assignee: unassigned at sourceware dot org
Reporter: carl at cogsystems dot com
Target Milestone: ---
We have encountered a bug where gdb enters an infinite loop doing a
-stack-list-frames under certain conditions.
Bug initially triggered in eclipse CDT - which proceeded to hang the UI (a
separate issue), but can be reproduced in GDB directly.
Symptoms:
breakpoint or step into isr handler from assembly irq handler causes backtrace
to become infinite. This issue only occurs when symbols are loaded. Without
symbols, gdb cannot attempt a backtrace.
Steps to reproduce:
We have an irq handler in assembly which calls a C ISR handler.
Note, setting a backtrace limit, stops the infinite behaviour, but eclipse does
not do this.
The ISR handler is annotated as a function, but does not look like a C
function. I looked through the function prologue interpretting code a bit but
didn't see anything obvious.
I show two versions of the irq handler, the first causes gdb to enter an
infinite loop stuck on the same stack frame, the second works and gdb shows the
stack frames, including pre-empted functions- which seems a bit odd since it
does not know about the push of 8 bytes in the srsdb instruction. The issue
seems to be the first three instructions somehow confusing gdb's backtrace
analysis.
irq handler exposing bug:
FUNC(__irq)
sub lr, lr, 4
srsdb sp!, 0x1f
cps 0x1f
push.w {r0-r5, ip, lr}
//r4 = get_irq()
/* Jump to C handler */
ldr ip, =_irq_handlers
add.w ip, ip, r4, lsl 3
ldr ip, [ip]
cmp ip, 0
it ne
blxne ip
pop.w {r0-r5, ip, lr}
rfeia sp!
END_FUNC()
modified version:
__irq_start:
sub lr, lr, 4
srsdb sp!, 0x1f
cps 0x1f
FUNC(__irq)
push.w {r0-r5, ip, lr}
//r4 = get_irq()
/* Jump to C handler */
ldr ip, =_irq_callbacks
add.w ip, ip, r4, lsl 3
ldr ip, r1, [ip]
cmp ip, 0
it ne
blxne ip
pop.w {r0-r5, ip, lr}
rfeia sp!
END_FUNC()
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 2+ messages in thread
* [Bug backtrace/18338] ARM: infinite stack trace with assembly function
2015-04-27 12:18 [Bug backtrace/18338] New: ARM: infinite stack trace with assembly function carl at cogsystems dot com
@ 2015-04-27 12:32 ` carl at cogsystems dot com
0 siblings, 0 replies; 2+ messages in thread
From: carl at cogsystems dot com @ 2015-04-27 12:32 UTC (permalink / raw)
To: gdb-prs
https://sourceware.org/bugzilla/show_bug.cgi?id=18338
Carl van Schaik <carl at cogsystems dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
See Also| |https://sourceware.org/bugz
| |illa/show_bug.cgi?id=8872
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2015-04-27 12:32 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-04-27 12:18 [Bug backtrace/18338] New: ARM: infinite stack trace with assembly function carl at cogsystems dot com
2015-04-27 12:32 ` [Bug backtrace/18338] " carl at cogsystems dot com
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).