public inbox for gdb-prs@sourceware.org help / color / mirror / Atom feed
From: "tomas.vanek at fbl dot cz" <sourceware-bugzilla@sourceware.org> To: gdb-prs@sourceware.org Subject: [Bug breakpoints/28683] New: advance/until commands do not handle SIGTRAMP_FRAME on ARM Cortex-M Date: Fri, 10 Dec 2021 20:28:27 +0000 [thread overview] Message-ID: <bug-28683-4717@http.sourceware.org/bugzilla/> (raw) https://sourceware.org/bugzilla/show_bug.cgi?id=28683 Bug ID: 28683 Summary: advance/until commands do not handle SIGTRAMP_FRAME on ARM Cortex-M Product: gdb Version: HEAD Status: UNCONFIRMED Severity: normal Priority: P2 Component: breakpoints Assignee: unassigned at sourceware dot org Reporter: tomas.vanek at fbl dot cz Target Milestone: --- === environment ==================================================== The bug can be replicated with any of listed GDB versions: $ arm-none-eabi-gdb -v GNU gdb (GDB) 12.0.50.20211210-git ... (gdb) show configuration This GDB was configured as follows: configure --host=i686-pc-linux-gnu --target=arm-none-eabi --with-auto-load-dir=$debugdir:$datadir/auto-load --with-auto-load-safe-path=$debugdir:$datadir/auto-load --with-expat --with-gdb-datadir=/usr/local/share/gdb (relocatable) --with-jit-reader-dir=/usr/local/lib/gdb (relocatable) --without-libunwind-ia64 --with-lzma --without-babeltrace --without-intel-pt --without-mpfr --without-xxhash --with-python=/usr --with-python-libdir=/usr/lib --without-debuginfod --without-guile --disable-source-highlight --with-separate-debug-dir=/usr/local/lib/debug (relocatable) $ gdb-multiarch -v GNU gdb (Ubuntu 9.2-0ubuntu1~20.04) 9.2 Windows> arm-none-eabi-gdb.exe GNU gdb (GNU Tools for Arm Embedded Processors 9-2019-q4-major) 8.3.0.20190709-git OpenOCD compiled from latest git master used as GDB server. STM32G474, a Cortex-M4 device. Any Cortex-M device can be used. A test application (an ordinary blink) with a standard startup is loaded to the device flash. === how to reproduce =============================================== start GDB server $ openocd -f interface/cmsis-dap.cfg -f target/stm32g4x.cfg start GDB in second terminal $ arm-none-eabi-gdb blink.elf (gdb) target extended-remote localhost:3333 Reset the device and halt it: (gdb) monitor reset halt target halted due to debug-request, current mode: Thread xPSR: 0x01000000 pc: 0x08000e14 msp: 0x20020000 Step by one instruction to re-read GDB register cache: (gdb) stepi Check registers, LR should be 0xffffffff after reset: (gdb) info registers ... sp 0x20020000 0x20020000 lr 0xffffffff -1 pc 0x8000e16 0x8000e16 xPSR 0x1000000 16777216 ... (gdb) set debug remote Issue 'advance' command: (gdb) advance main [remote] Sending packet: $mfffffffe,2#fa [remote] Packet received: 0000 [remote] Sending packet: $mfffffffe,2#fa [remote] Packet received: 0000 [remote] Sending packet: $m8000526,2#30 [remote] Packet received: 2046 [remote] Sending packet: $Z1,8000526,2#7a [remote] Packet received: OK [remote] packet_ok: Packet Z1 (hardware-breakpoint) is supported [remote] Sending packet: $Z0,fffffffe,2#43 [remote] Packet received: E0E [remote] packet_ok: Packet Z0 (software-breakpoint) is supported Warning: Cannot insert breakpoint 0. Cannot access memory at address 0xfffffffe Command aborted. (gdb) Relevant messages from OpenOCD: Error: Failed to read memory at 0xfffff000 Error: can't add breakpoint: unknown reason === expected behavior ============================================== GDB should not set breakpoint at 0xfffffffe. The LR reg does not contain an execution address but a magic value. === analysis ======================================================= The offending breakpoint should be set at return address to caller function. The magic value 0xffffffff in LR indicates there is no caller (return to this address would lock up the CPU). Similar behaviour of 'advance' and 'until' is observed in an exception handler routine. In this case LR contains e.g. 0xfffffff1 and GDB tries to se a breakpoint at 0xfffffff0. It should use a return value stacked by exception instead. See gdb/breakpoint.c:11162 void until_break_command (const char *arg, ...) ------------------------------------------ frame = get_selected_frame (NULL); frame_gdbarch = get_frame_arch (frame); ... caller_frame_id = frame_unwind_caller_id (frame); ... if (frame_id_p (caller_frame_id)) { ... sal2 = find_pc_line (frame_unwind_caller_pc (frame), 0); sal2.pc = frame_unwind_caller_pc (frame); caller_gdbarch = frame_unwind_caller_arch (frame); breakpoint_up caller_breakpoint = set_momentary_breakpoint (caller_gdbarch, sal2, caller_frame_id, bp_until); ----------------------------------------- The breakpoint address is directly derived from the current frame by frame_unwind_caller_pc () without any effort to find out the type of previous frame, to skip not suitable frames etc... Compare it to the code used for command 'finish' which honours SIGTRAMP_FRAME correctly. gdb/infcmd.c:1706 ----------------------------------------- /* Skip frames for "finish". */ static struct frame_info * skip_finish_frames (struct frame_info *frame) { struct frame_info *start; do { start = frame; frame = skip_tailcall_frames (frame); if (frame == NULL) break; frame = skip_unwritable_frames (frame); if (frame == NULL) break; } while (start != frame); return frame; } ----------------------------------------- And the relevant part of finish_command (): ----------------------------------------- frame = skip_finish_frames (frame); if (frame == NULL) error (_("Cannot find the caller frame.")); finish_forward (sm, frame); ----------------------------------------- where finish_forward () sets set_momentary_breakpoint() at address get_frame_pc (frame); It looks like 'finish' command was adapted to handle SIGTRAMP_FRAMEs but 'advance' and 'until' were missed. -- You are receiving this mail because: You are on the CC list for the bug.
next reply other threads:[~2021-12-10 20:28 UTC|newest] Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top 2021-12-10 20:28 tomas.vanek at fbl dot cz [this message] 2021-12-10 20:51 ` [Bug breakpoints/28683] " tomas.vanek at fbl dot cz 2021-12-14 17:27 ` tomas.vanek at fbl dot cz 2022-10-13 9:21 ` luis.machado at arm dot com 2022-10-14 11:26 ` tomas.vanek at fbl dot cz 2022-10-14 15:02 ` tomas.vanek at fbl dot cz 2022-10-16 15:28 ` tomas.vanek at fbl dot cz 2022-10-17 7:14 ` luis.machado at arm dot com 2022-10-21 10:02 ` luis.machado at arm dot com 2023-01-10 22:30 ` tomas.vanek at fbl dot cz 2023-01-10 22:32 ` tomas.vanek at fbl dot cz 2023-01-10 22:37 ` tomas.vanek at fbl dot cz
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=bug-28683-4717@http.sourceware.org/bugzilla/ \ --to=sourceware-bugzilla@sourceware.org \ --cc=gdb-prs@sourceware.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).