From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 48) id 3AA4C3858031; Fri, 10 Dec 2021 20:28:27 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 3AA4C3858031 From: "tomas.vanek at fbl dot cz" To: gdb-prs@sourceware.org Subject: [Bug breakpoints/28683] New: advance/until commands do not handle SIGTRAMP_FRAME on ARM Cortex-M Date: Fri, 10 Dec 2021 20:28:27 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: gdb X-Bugzilla-Component: breakpoints X-Bugzilla-Version: HEAD X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: tomas.vanek at fbl dot cz X-Bugzilla-Status: UNCONFIRMED X-Bugzilla-Resolution: X-Bugzilla-Priority: P2 X-Bugzilla-Assigned-To: unassigned at sourceware dot org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version bug_status bug_severity priority component assigned_to reporter target_milestone Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: http://sourceware.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: gdb-prs@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gdb-prs mailing list List-Unsubscribe: , List-Archive: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Dec 2021 20:28:27 -0000 https://sourceware.org/bugzilla/show_bug.cgi?id=3D28683 Bug ID: 28683 Summary: advance/until commands do not handle SIGTRAMP_FRAME on ARM Cortex-M Product: gdb Version: HEAD Status: UNCONFIRMED Severity: normal Priority: P2 Component: breakpoints Assignee: unassigned at sourceware dot org Reporter: tomas.vanek at fbl dot cz Target Milestone: --- =3D=3D=3D environment =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D The bug can be replicated with any of listed GDB versions: $ arm-none-eabi-gdb -v GNU gdb (GDB) 12.0.50.20211210-git ... (gdb) show configuration This GDB was configured as follows: configure --host=3Di686-pc-linux-gnu --target=3Darm-none-eabi --with-auto-load-dir=3D$debugdir:$datadir/auto-load --with-auto-load-safe-path=3D$debugdir:$datadir/auto-load --with-expat --with-gdb-datadir=3D/usr/local/share/gdb (relocatable) --with-jit-reader-dir=3D/usr/local/lib/gdb (relocatable) --without-libunwind-ia64 --with-lzma --without-babeltrace --without-intel-pt --without-mpfr --without-xxhash --with-python=3D/usr --with-python-libdir=3D/usr/lib --without-debuginfod --without-guile --disable-source-highlight --with-separate-debug-dir=3D/usr/local/lib/debug (relocatable) $ gdb-multiarch -v GNU gdb (Ubuntu 9.2-0ubuntu1~20.04) 9.2 Windows> arm-none-eabi-gdb.exe GNU gdb (GNU Tools for Arm Embedded Processors 9-2019-q4-major) 8.3.0.20190709-git OpenOCD compiled from latest git master used as GDB server. STM32G474, a Cortex-M4 device. Any Cortex-M device can be used. A test application (an ordinary blink) with a standard startup is loaded to the device flash. =3D=3D=3D how to reproduce =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D start GDB server $ openocd -f interface/cmsis-dap.cfg -f target/stm32g4x.cfg start GDB in second terminal $ arm-none-eabi-gdb blink.elf (gdb) target extended-remote localhost:3333 Reset the device and halt it: (gdb) monitor reset halt target halted due to debug-request, current mode: Thread xPSR: 0x01000000 pc: 0x08000e14 msp: 0x20020000 Step by one instruction to re-read GDB register cache: (gdb) stepi Check registers, LR should be 0xffffffff after reset: (gdb) info registers ... sp 0x20020000 0x20020000 lr 0xffffffff -1 pc 0x8000e16 0x8000e16 xPSR 0x1000000 16777216 ... (gdb) set debug remote Issue 'advance' command: (gdb) advance main [remote] Sending packet: $mfffffffe,2#fa [remote] Packet received: 0000 [remote] Sending packet: $mfffffffe,2#fa [remote] Packet received: 0000 [remote] Sending packet: $m8000526,2#30 [remote] Packet received: 2046 [remote] Sending packet: $Z1,8000526,2#7a [remote] Packet received: OK [remote] packet_ok: Packet Z1 (hardware-breakpoint) is supported [remote] Sending packet: $Z0,fffffffe,2#43 [remote] Packet received: E0E [remote] packet_ok: Packet Z0 (software-breakpoint) is supported Warning: Cannot insert breakpoint 0. Cannot access memory at address 0xfffffffe Command aborted. (gdb) Relevant messages from OpenOCD: Error: Failed to read memory at 0xfffff000 Error: can't add breakpoint: unknown reason =3D=3D=3D expected behavior =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D GDB should not set breakpoint at 0xfffffffe. The LR reg does not contain an execution address but a magic value. =3D=3D=3D analysis =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D The offending breakpoint should be set at return address to caller function. The magic value 0xffffffff in LR indicates there is no caller (return to this address would lock up the CPU). Similar behaviour of 'advance' and 'until' is observed in an exception hand= ler routine. In this case LR contains e.g. 0xfffffff1 and GDB tries to se a breakpoint at 0xfffffff0. It should use a return value stacked by exception instead. See gdb/breakpoint.c:11162 void until_break_command (const char *arg, ...) ------------------------------------------ frame =3D get_selected_frame (NULL); frame_gdbarch =3D get_frame_arch (frame); ... caller_frame_id =3D frame_unwind_caller_id (frame); ... if (frame_id_p (caller_frame_id)) { ... sal2 =3D find_pc_line (frame_unwind_caller_pc (frame), 0); sal2.pc =3D frame_unwind_caller_pc (frame); caller_gdbarch =3D frame_unwind_caller_arch (frame); breakpoint_up caller_breakpoint =3D set_momentary_breakpoint (caller_gdbarch, sal2, caller_frame_id, bp_until); ----------------------------------------- The breakpoint address is directly derived from the current frame by frame_unwind_caller_pc () without any effort to find out the type of previous frame, to skip not suitable frames etc... Compare it to the code used for command 'finish' which honours SIGTRAMP_FRAME correctly. gdb/infcmd.c:1706 ----------------------------------------- /* Skip frames for "finish". */ static struct frame_info * skip_finish_frames (struct frame_info *frame) { struct frame_info *start; do { start =3D frame; frame =3D skip_tailcall_frames (frame); if (frame =3D=3D NULL) break; frame =3D skip_unwritable_frames (frame); if (frame =3D=3D NULL) break; } while (start !=3D frame); return frame; } ----------------------------------------- And the relevant part of finish_command (): ----------------------------------------- frame =3D skip_finish_frames (frame); if (frame =3D=3D NULL) error (_("Cannot find the caller frame.")); finish_forward (sm, frame); ----------------------------------------- where finish_forward () sets set_momentary_breakpoint() at address get_frame_pc (frame); It looks like 'finish' command was adapted to handle SIGTRAMP_FRAMEs but 'advance' and 'until' were missed. --=20 You are receiving this mail because: You are on the CC list for the bug.=