Ref: https://gcc.gnu.org/wiki/DebugFissionDWP?action=recall&rev=3
Fuzzers have found a weakness in the code stashing pool section
entries. With random nonsensical values in the index entries (rather
than each index pointing to its own set distinct from other sets),
it's possible to overflow the space allocated, losing the NULL
terminator. Without a terminator, find_section_in_set can run off the
end of the shndx_pool buffer. Fix this by scanning the pool directly.
binutils/
* dwarf.c (add_shndx_to_cu_tu_entry): Delete range check.
(end_cu_tu_entry): Likewise.
(process_cu_tu_index): Fill shndx_pool by directly scanning
pool, rather than indirectly from index entries.
Clang generates a warning if there is a function declaration/definition
with zero arguments. Such declarations/definitions without a prototype (an
argument list) are deprecated forms of indefinite arguments
("-Wdeprecated-non-prototype"). On the default configuration, it causes a
build failure (unless "--disable-werror" is specified).
But there is another issue. This function declaration in sim/sh/interp.c
is completely redundant. This commit just removes that declaration.
The variable "list" is only initialized when arg1 > 0 and when arg1 == 0,
an uninitialized value is passed to translate_endian_h2t function.
Although this behavior is harmless, this commit adds initialization to avoid
a GCC warning ("-Wmaybe-uninitialized").
Clang generates a warning if an argument is passed to a function without
prototype (zero arguments, even without (void)). Such calls are deprecated
forms of indefinite arguments passing ("-Wdeprecated-non-prototype").
On the default configuration, it (somehow) doesn't cause a build failure but
a warning is generated.
But because the cause is the same as the issue the author fixed in
"sim/erc32: Use int32_t as event callback argument", it would be better to
fix it now to prevent problems in the future.
To fix the issue, this commit makes struct irqcall to use int32_t as a
callback (callback) argument of an IRQ.
Clang generates a warning if an argument is passed to a function without
prototype (zero arguments, even without (void)). Such calls are deprecated
forms of indefinite arguments passing ("-Wdeprecated-non-prototype").
On the default configuration, it causes a build failure (unless
"--disable-werror" is specified).
To fix that, this commit makes struct evcell to use int32_t as a callback
(cfunc) argument of an event. int32_t is chosen because "event" function
accepts "int32_t arg".
Clang generates a warning if there is a function declaration/definition
with zero arguments. Such declarations/definitions without a prototype (an
argument list) are deprecated forms of indefinite arguments
("-Wdeprecated-non-prototype"). On the default configuration, it causes a
build failure (unless "--disable-werror" is specified).
This commit replaces () with (void) to avoid this warning.
When running test-case gdb.server/multi-ui-errors.exp on target board
remote-gdbserver-on-localhost.exp, I run into:
...
(gdb) PASS: gdb.server/multi-ui-errors.exp: connect to gdbserver
continue^M
Continuing.^M
PASS: gdb.server/multi-ui-errors.exp: continue - extra UI
Remote debugging from host ::1, port 35466^M
FAIL: gdb.server/multi-ui-errors.exp: ensure inferior is running
...
The problem is that the target board uses ssh -T, which fails to guarantee
that output from the inferior will be available.
Fix this by copying proc ${board}_spawn from local-remote-host.exp, which
ensures using ssh -t. [ It would be nice to define an ssh base board to
get rid of the copies, but I'm not addressing that in this commit. ]
Likewise for target board remote-stdio-gdbserver.exp.
Tested on x86_64-linux.
With test-case gdb.server/multi-ui-errors.exp and host board
local-remote-host-notty, I run into:
...
(gdb) PASS: gdb.server/multi-ui-errors.exp: interact with GDB's main UI
Executing on target: kill -9 29666 (timeout = 300)
builtin_spawn -ignore SIGHUP kill -9 29666^M
echo^M
Remote connection closed^M
(gdb) (gdb) FAIL: gdb.server/multi-ui-errors.exp: \
main UI, prompt after gdbserver dies (timeout)
...
In contrast, with local-remote-host (so, everything the same but editing off):
...
(gdb) PASS: gdb.server/multi-ui-errors.exp: interact with GDB's main UI
Executing on target: kill -9 31245 (timeout = 300)
builtin_spawn -ignore SIGHUP kill -9 31245^M
Remote connection closed^M
(gdb) echo^M
(gdb) PASS: gdb.server/multi-ui-errors.exp: main UI, prompt after gdbserver dies
...
The test-case issues a kill, which results in a "Remote connection closed"
message and a prompt.
The problem is that the prompt is not consumed, so the subsequent echo may be
issued before that prompt, which causes a mismatch when matching the result
of the echo.
Fix this by consuming the "Remote connection closed" message and prompt.
Tested on x86_64-linux.
With test-case gdb.server/multi-ui-errors.exp we see:
...
(gdb) PASS: multi-ui-errors.exp: main UI, prompt after gdbserver dies
continue^M
Continuing.^M
echo^M
(gdb) PASS: multi-ui-errors.exp: extra UI, prompt after gdbserver dies
...
The continue is issued earlier in the test-case, but the output has not been
consumed, which makes it show up much later.
Consume the continue output asap, to make it clear when the continue is issued:
...
(gdb) PASS: gdb.server/multi-ui-errors.exp: connect to gdbserver
continue^M
Continuing.^M
PASS: gdb.server/multi-ui-errors.exp: continue - extra UI
...
Tested on x86_64-linux.
The usage for board remote-stdio-gdbserver.exp is advertised as:
...
# bash$ make check RUNTESTFLAGS="--target_board=remote-stdio-gdbserver \
# REMOTE_USERNAME=... REMOTE_HOSTNAME=... REMOTE_PORTNUM=... \
# [REMOTE_TMPDIR=${remote_dir}] [GDBSERVER=${remote_gdbserver}]"
...
but when adding REMOTE_PORTNUM=22, I run into:
...
Running stop-reply-no-thread-multi.exp ...
ERROR: tcl error sourcing stop-reply-no-thread-multi.exp.
ERROR: couldn't execute "/usr/bin/ssh -p22": no such file or directory
while executing
"builtin_spawn {/usr/bin/ssh -p22} -l vries localhost {/usr/bin/gdbserver \
--once localhost:2346 \
/home/vries/gdb_versions/devel/build/gdb/testsuite/outp..."
...
Fix this by simply removing REMOTE_PORTNUM.
Tested on x86_64-linux.
Because of a Libiberty hack, getopt on GNU libc (2.25 or earlier) is
currently unusable on sim, causing a regression on CentOS 7.
This is caused as follows:
1. If HAVE_DECL_GETOPT is defined (getopt declaration with known prototype
is detected while configuration), a declaration of getopt in
"include/getopt.h" is suppressed.
The author started to define HAVE_DECL_GETOPT in sim with the commit
340aa4f687 ("sim: Check known getopt definition existence").
2. GNU libc (2.25 or earlier)'s <unistd.h> includes <getopt.h> with a
special purpose macro defined to declare only getopt function but due
to include path (not tested while configuration), it causes <unistd.h>
to include Libiberty's "include/getopt.h".
3. If both 1. and 2. are satisfied, despite that <unistd.h> tries to
declare getopt by including <getopt.h>, "include/getopt.h" does not do
so, causing getopt function undeclared.
Getting rid of "include/getopt.h" (e.g. renaming this header file) is the
best solution to avoid hacking but as a short-term solution, this commit
replaces getopt with getopt_long under sim/.
And do the sanity check in a way that can't overflow.
* pef.c (bfd_pef_parse_function_stubs): Sanity check header
imported_library_count and total_imported_symbol_count before
allocating memory.
objcopy copy_object may omit the call to bfd_copy_private_bfd_data for
various conditions deemed non-fatal, in which case obj_som_exec_data
will be NULL for the output file.
* som.c (som_finish_writing): Don't dereference NULL
obj_som_exec_data.
Before figuring out the suppress rule of mapping symbol with architecture
(changed back to $x), always generate them at the start of the sections.
gas/
* config/tc-riscv.c (need_arch_map_symbol): Removed.
(riscv_mapping_state): Updated.
(riscv_check_mapping_symbols): Updated.
* testsuite/gas/riscv/mapping-non-arch.d: Removed.
* testsuite/gas/riscv/mapping-non-arch.s: Likewise.
We don't support instructions longer than 64-bits yet. Still, we can
modify validate_riscv_insn function to prevent unexpected behavior by
limiting the "length" of an instruction to 64-bit (or less).
gas/ChangeLog:
* config/tc-riscv.c (validate_riscv_insn): Fix function
description comment based on current spec. Limit instruction
length up to 64-bit for now. Make sure that required_bits does
not corrupt even if unsigned long long is longer than 64-bit.
Some versions of gcc warn by default about shadowed outer-scope
declarations. This affects frag_align_code, which is declared in
frags.h. Rename the offending function parameter. While there also
switch to using true/false at the function call sites.
Commit 40f1a1a456 ("RISC-V: Output mapping symbols with ISA string.")
caused a build failure on GCC 12 as follows:
make[3]: Entering directory '$(builddir)/gas'
CC config/tc-riscv.o
In file included from $(srcdir)/gas/config/tc-riscv.c:23:
$(srcdir)/gas/as.h: In function ‘make_mapping_symbol’:
$(srcdir)/gas/as.h:123:15: error: ‘buff’ may be used uninitialized [-Werror=maybe-uninitialized]
123 | #define xfree free
| ^~~~
$(srcdir)/gas/config/tc-riscv.c:487:9: note: ‘buff’ was declared here
487 | char *buff;
| ^~~~
cc1: all warnings being treated as errors
make[3]: *** [Makefile:1425: config/tc-riscv.o] Error 1
This is caused by a false positive of "maybe uninitialized" variable
detection (-Wmaybe-uninitialized). To avoid this error, this commit
initializes the local variable buff to NULL first in all cases.
gas/ChangeLog:
* config/tc-riscv.c (make_mapping_symbol): Initialize variable
buff with NULL to avoid build failure caused by a GCC's false
positive of maybe uninitialized variable detection.
In gdb/nat/linux-btrace.c:btrace_this_cpu() we initialize the cpu
structure given to the libipt btrace decoder.
We only consider the extended model field for family 0x6 and forget about
family 0xf and we don't consider the extended family field. Fix it.
"-Wdeprecated-declarations" warning option can be helpful to track
deprecated function delarations but sometimes we need to disable this
warning for a good reason.
DIAGNOSTIC_IGNORE_DEPRECATED_DECLARATIONS is an existing macro but only
defined on Clang. Since "-Wdeprecated-declarations" is also available on
GCC (>= 3.4.0), this commit adds equivalent definition as Clang.
__GNUC__ and __GNUC_MINOR__ are not checked because this header file seems
to assume GCC >= 4.6 (with "GCC diagnostic push/pop").
include/ChangeLog:
* diagnostics.h (DIAGNOSTIC_IGNORE_DEPRECATED_DECLARATIONS):
Define also on GCC.
RISC-V Psabi pr196,
https://github.com/riscv-non-isa/riscv-elf-psabi-doc/pull/196
bfd/
* elfxx-riscv.c (riscv_release_subset_list): Free arch_str if needed.
(riscv_copy_subset_list): Copy arch_str as well.
* elfxx-riscv.h (riscv_subset_list_t): Store arch_str for each subset list.
gas/
* config/tc-riscv.c (riscv_reset_subsets_list_arch_str): Update the
architecture string in the subset_list.
(riscv_set_arch): Call riscv_reset_subsets_list_arch_str after parsing new
architecture string.
(s_riscv_option): Likewise.
(need_arch_map_symbol): New boolean, used to indicate if .option
directives do affect instructions.
(make_mapping_symbol): New boolean parameter reset_seg_arch_str. Need to
generate $x+arch for MAP_INSN, and then store it into tc_segment_info_data
if reset_seg_arch_str is true.
(riscv_mapping_state): Decide if we need to add $x+arch for MAP_INSN. For
now, only add $x+arch if the architecture strings in subset list and segment
are different. Besides, always add $x+arch at the start of section, and do
not add $x+arch for code alignment, since rvc for alignment can be judged
from addend of R_RISCV_ALIGN.
(riscv_remove_mapping_symbol): If current and previous mapping symbol have
same value, then remove the current $x only if the previous is $x+arch;
Otherwise, always remove previous.
(riscv_add_odd_padding_symbol): Updated.
(riscv_check_mapping_symbols): Don't need to add any $x+arch if
need_arch_map_symbol is false, so changed them to $x.
(riscv_frag_align_code): Updated since riscv_mapping_state is changed.
(riscv_init_frag): Likewise.
(s_riscv_insn): Likewise.
(riscv_elf_final_processing): Call riscv_release_subset_list to release
subset_list of riscv_rps_as, rather than only release arch_str in the
riscv_write_out_attrs.
(riscv_write_out_attrs): No need to call riscv_arch_str, just get arch_str
from subset_list of riscv_rps_as.
* config/tc-riscv.h (riscv_segment_info_type): Record current $x+arch mapping
symbol of each segment.
* testsuite/gas/riscv/mapping-0*: Merged and replaced by mapping.s.
* testsuite/gas/riscv/mapping.s: New testcase, to test most of the cases in
one file.
* testsuite/gas/riscv/mapping-symbols.d: Likewise.
* testsuite/gas/riscv/mapping-dis.d: Likewise.
* testsuite/gas/riscv/mapping-non-arch.s: New testcase for the case that
does need any $x+arch.
* testsuite/gas/riscv/mapping-non-arch.d: Likewise.
* testsuite/gas/riscv/option-arch-01a.d: Updated.
opcodes/
* riscv-dis.c (riscv_disassemble_insn): Set riscv_fpr_names back to
riscv_fpr_names_abi or riscv_fpr_names_numeric when zfinx is disabled
for some specfic code region.
(riscv_get_map_state): Recognized mapping symbols $x+arch, and then reset
the architecture string once the ISA is different.
Zero initialize engine_fns entirely at creation, then override those
fields we intend to use, rather than zero just initializing the unused
fields later on.
There should be no user visible changes after this commit.
I noticed an address in a test name:
...
PASS: gdb.base/eh_return.exp: gdb_breakpoint: \
set breakpoint at *0x000000000040071b
...
Stabilize the test name by using "set breakpoint on address" instead.
Likewise in two other test-cases.
Tested on x86_64-linux.
Propagate fix from commit 17c68d98f7 ("[gdb/testsuite] Disable styling in host
board local-remote-host.exp") to local-remote-host-native.exp.
Tested on x86_64-linux.
I noticed that running test-case gdb.mi/mi-exec-run.exp with host board
local-remote-host.exp takes about 44 seconds.
I found two silent timeouts responsible for this.
The first is in mi_gdb_exit, where we have:
...
if { [is_remote host] && [board_info host exists fileid] } {
send_gdb "999-gdb-exit\n"
gdb_expect 10 {
-re "y or n" {
send_gdb "y\n"
exp_continue
}
-re "Undefined command.*$gdb_prompt $" {
send_gdb "quit\n"
exp_continue
}
-re "DOSEXIT code" { }
}
}
...
so in gdb.log we see:
...
999-gdb-exit^M
999^exit^M
=thread-exited,id="1",group-id="i1"^M
=thread-group-exited,id="i1"^M
...
after which expect just waits for the timeout.
Fix this by adding a gdb_expect clause to parse the exit:
...
-re "\r\n999\\^exit\r\n" { }
...
Note that we're not parsing the thread-exited/thread-group-exited messages, because
they may not be present:
...
$ gdb -i=mi
=thread-group-added,id="i1"
(gdb)
999-gdb-exit
999^exit
$
...
After fixing that, we have:
...
(gdb) ^M
saw mi error
PASS: gdb.mi/mi-exec-run.exp: inferior-tty=separate: mi=separate: \
force-fail=1: run failure detected
quit^M
&"quit\n"^M
...
What seems to be happening is that default_gdb_exit sends a cli interpreter
quit command to an mi interpreter, after which again expect just waits for the
timeout.
Fix this by adding mi_gdb_exit to the end of the test-case, as in many other
gdb.mi/*.exp test-cases.
After these two fixes, the test-case takes about 4 seconds.
Tested on x86_64-linux.
I build gdb using -O2, and ran the testsuite using taskset -c 0, and ran into:
...
(gdb) PASS: gdb.server/connect-with-no-symbol-file.exp: sysroot=: \
action=delete: setup: adjust sysroot
builtin_spawn gdbserver --once localhost:2385 /connect-with-no-symbol-file^M
/bin/bash: connect-with-no-symbol-file: Permission denied^M
/bin/bash: line 0: exec: connect-with-no-symbol-file: cannot execute: \
Permission denied^M
During startup program exited with code 126.^M
Exiting^M
target remote localhost:2385^M
`connect-with-no-symbol-file' has disappeared; keeping its symbols.^M
localhost:2385: Connection timed out.^M
(gdb) FAIL: gdb.server/connect-with-no-symbol-file.exp: sysroot=: \
action=delete: connection to GDBserver succeeded
...
The expected series of events is (skipping disconnect and detach as I don't
think they're relevant to the problem):
- enter scenario "permission"
- cp $exec.bak $exec
- gdbserver start with $exec
- chmod 000 $exec
- connect to gdbserver
- enter scenario "delete"
- cp $exec.bak $exec
- gdbserver start with $exec
- delete $exec
- connect to gdbserver
The problem is that the chmod is executed using remote_spawn:
...
} elseif { $action == "permission" } {
remote_spawn target "chmod 000 $target_exec"
}
...
without waiting on the resulting spawn id, so we're not sure when the
chmod will have effect.
The FAIL we're seeing above is explained by the chmod having effect during the
delete scenario, after the "cp $exec.bak $exec" and before the "gdbserver
start with $exec".
Fix this by using remote_exec instead.
Likewise, fix a similar case in gdb.mi/mi-exec-run.exp.
Tested on x86_64-linux.
Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=29726
elfnn-riscv.c: In function ‘riscv_relax_resolve_delete_relocs’:
elfnn-riscv.c:4256:30: error: operand of ‘?:’ changes signedness from ‘int’ to ‘unsigned int’ due to unsignedness of other operand [-Werror=sign-compare]
So make the operands unsigned could resolve problem.
bfd/
* elfnn-riscv.c (riscv_relax_resolve_delete_relocs): Fixed build
failures for -Werror=sign-compare.
Given a fuzzed object file in an archive with section size exceeding
file size, objcopy will report an error like "section size (0xfeffffff
bytes) is larger than file size (0x17a bytes)" but will create a copy
of the object laid out for the large section. That means a large
temporary file on disk that is read back and written to the output
archive, which can take a while. The output archive is then deleted
due to the error. Avoid some of this silliness.
* objcopy.c (copy_section): If section contents cannot be read
set output section size to zero.
commit 67527cffcd enabled previously disabled tests unresolved-1-dyn,
thumb-plt and thumb-plt-got for nacl. The first fails due to trying
to link against mixed-lib.so which isn't compiled for nacl. The last
two fail with
objdump: tmpdir/dump(.rel.plt): relocation 0 has invalid symbol index 14885104
and
readelf: Error: bad symbol index: 00e320f0 in reloc
Relocation section '.rel.plt' at offset 0x128 contains 1 entry:
Offset Info Type Sym. Value Symbol's Name
e320f000 e320f000 R_ARM_NONE
* testsuite/ld-arm/arm-elf.exp: Disable unresolved-1-dyn,
thumb-plt and thumb-plt-got for nacl.
Since commit 90319cefe3 ("GDB/Guile: Don't assert that an integer value
is boolean"), I see:
FAIL: gdb.guile/scm-parameter.exp: kind=PARAM_ZINTEGER: test-PARAM_ZINTEGER-param: guile (set-parameter-value! test-PARAM_ZINTEGER-param #:unlimited)
FAIL: gdb.guile/scm-parameter.exp: kind=PARAM_ZUINTEGER: test-PARAM_ZUINTEGER-param: guile (set-parameter-value! test-PARAM_ZUINTEGER-param #:unlimited)
This comes from the fact that GDB outputs this:
ERROR: In procedure set-parameter-value!:
In procedure gdbscm_set_parameter_value_x: Wrong type argument in position 2 (expecting integer): #:unlimited
Error while executing Scheme code.
while the test expects an additional "ERROR:" on the second line,
something like this:
ERROR: In procedure set-parameter-value!:
ERROR: In procedure gdbscm_set_parameter_value_x: Wrong type argument in position 2 (expecting integer): #:unlimited
Error while executing Scheme code.
Guile 2.0 outputs the `ERROR:` on the second line, while later versions
do not. Change the pattern to accept both outputs. This is similar to
commit 6bbe1a929c ("[gdb/testsuite] Fix gdb.guile/scm-breakpoint.exp
with guile 3.0").
Change-Id: I9dc45e7492a4f08340cad974610242ed689de959
Arm v8-M Architecture Reference Manual,
D1.2.95 EXC_RETURN, Exception Return Payload
describes ES bit:
"ES, bit [0]
Exception Secure. The security domain the exception was taken to.
The possible values of this bit are:
0 Non-secure.
1 Secure"
arm-tdep.c:3443, arm_m_exception_cache () function tests this bit:
exception_domain_is_secure = (bit (lr, 0) == 0);
The test is negated!
Later on line 3553, the condition evaluates if an additional state
context is stacked:
/* With the Security extension, the hardware saves R4..R11 too. */
if (tdep->have_sec_ext && secure_stack_used
&& (!default_callee_register_stacking || exception_domain_is_secure))
RM, B3.19 Exception entry, context stacking
reads:
RPLHM "In a PE with the Security Extension, on taking an exception,
the PE hardware:
...
2. If exception entry requires a transition from Secure state to
Non-secure state, the PE hardware extends the stack frame and also
saves additional state context."
So we should test for !exception_domain_is_secure instead of non-negated
value!
These two bugs compensate each other so unstacking works correctly.
But another test of exception_domain_is_secure (negated due to the
first bug) prevents arm_unwind_secure_frames to work as expected:
/* Unwinding from non-secure to secure can trip security
measures. In order to avoid the debugger being
intrusive, rely on the user to configure the requested
mode. */
if (secure_stack_used && !exception_domain_is_secure
&& !arm_unwind_secure_frames)
Test with GNU gdb (GDB) 13.0.50.20221016-git.
Stopped in a non-secure handler:
(gdb) set arm unwind-secure-frames 0
(gdb) bt
#0 HAL_SYSTICK_Callback () at C:/dvl/stm32l5trustzone/GPIO_IOToggle_TrustZone/NonSecure/Src/nsmain.c:490
#1 0x0804081c in SysTick_Handler ()
at C:/dvl/stm32l5trustzone/GPIO_IOToggle_TrustZone/NonSecure/Src/nsstm32l5xx_it.c:134
#2 <signal handler called>
#3 HAL_GPIO_ReadPin (GPIOx=0x52020800, GPIO_Pin=8192)
at C:/dvl/stm32l5trustzone/GPIO_IOToggle_TrustZone/Drivers/STM32L5xx_HAL_Driver/Src/stm32l5xx_hal_gpio.c:386
#4 0x0c000338 in SECURE_Mode () at C:/dvl/stm32l5trustzone/GPIO_IOToggle_TrustZone/Secure/Src/main.c:86
#5 0x080403f2 in main () at C:/dvl/stm32l5trustzone/GPIO_IOToggle_TrustZone/NonSecure/Src/nsmain.c:278
Backtrace stopped: previous frame inner to this frame (corrupt stack?)
The frames #3 and #4 are secure. backtrace should stop before #3.
Stopped in a secure handler:
(gdb) bt
#0 HAL_SYSTICK_Callback () at C:/dvl/stm32l5trustzone/GPIO_IOToggle_TrustZone/Secure/Src/main.c:425
#1 0x0c000b6a in SysTick_Handler ()
at C:/dvl/stm32l5trustzone/GPIO_IOToggle_TrustZone/Secure/Src/stm32l5xx_it.c:234
warning: Non-secure to secure stack unwinding disabled.
#2 <signal handler called>
The exception from secure to secure erroneously stops unwinding. It should
continue as far as the security unlimited backtrace:
(gdb) set arm unwind-secure-frames 1
(gdb) si <-- used to rebuild frame cache after change of unwind-secure-frames
0x0c0008e6 425 if (SecureTimingDelay != 0U)
(gdb) bt
#0 0x0c0008e6 in HAL_SYSTICK_Callback () at C:/dvl/stm32l5trustzone/GPIO_IOToggle_TrustZone/Secure/Src/main.c:425
#1 0x0c000b6a in SysTick_Handler ()
at C:/dvl/stm32l5trustzone/GPIO_IOToggle_TrustZone/Secure/Src/stm32l5xx_it.c:234
#2 <signal handler called>
#3 0x0c000328 in SECURE_Mode () at C:/dvl/stm32l5trustzone/GPIO_IOToggle_TrustZone/Secure/Src/main.c:88
#4 0x080403f2 in main () at C:/dvl/stm32l5trustzone/GPIO_IOToggle_TrustZone/NonSecure/Src/nsmain.c:278
Backtrace stopped: previous frame inner to this frame (corrupt stack?)
Set exception_domain_is_secure to the value expected by its name.
Fix exception_domain_is_secure usage in the additional state context
stacking condition.
Signed-off-by: Tomas Vanek <vanekt@fbl.cz>
Arm v8-M Architecture Reference Manual,
D1.2.141 IPSR, Interrupt Program Status Register reads
"Exception, bits [8:0]"
9 bits, not 8! It is uncommon but true!
Signed-off-by: Tomas Vanek <vanekt@fbl.cz>
In the lockup state the PC value of the the outer frame is irreversibly
lost. The other registers are intact so LR likely contains
PC of some frame next to the outer one, but we cannot analyze
the nearest outer frame without knowing its PC
therefore we do not know SP fixup for this frame.
The frame unwinder possibly gets mad due to the wrong SP value.
To prevent problems terminate unwinding if PC contains the magic
value of the lockup state.
Example session wihtout this change,
Cortex-M33 CPU in lockup, gdb 13.0.50.20221016-git:
----------------
(gdb) c
Continuing.
Program received signal SIGINT, Interrupt.
0xeffffffe in ?? ()
(gdb) bt
#0 0xeffffffe in ?? ()
#1 0x0c000a9c in HardFault_Handler ()
at C:/dvl/stm32l5trustzone/GPIO_IOToggle_TrustZone/Secure/Src/stm32l5xx_it.c:99
#2 0x2002ffd8 in ?? ()
Backtrace stopped: previous frame identical to this frame (corrupt stack?)
(gdb)
----------------
The frame #1 is at correct PC taken from LR, #2 is a total nonsense.
With the change:
----------------
(gdb) c
Continuing.
Program received signal SIGINT, Interrupt.
warning: ARM M in lockup state, stack unwinding terminated.
<signal handler called>
(gdb) bt
#0 <signal handler called>
(gdb)
----------------
There is a visible drawback of emitting a warning in a cache buildnig routine
as introduced in Torbjörn SVENSSON's
[PATCH v4] gdb/arm: Stop unwinding on error, but do not assert
The warning is printed just once and not repeated on each backtrace command.
Signed-off-by: Tomas Vanek <vanekt@fbl.cz>
Should be functionally the same, but uses more pythonic idioms to get
fewer lines of code, and to make sure to not leak open file handles.
Approved-By: Simon Marchi <simon.marchi@efficios.com>
The current logic limits itself to a maxdepth of 4 when looking for
results. This wouldn't be a problem if cris didn't have a testsuite
at a depth of 5 which we end up ignoring when summarizing. Rather
than bump the number from 4 to 5, rework the code so that we gather
the exact set of tests that we tried to run.
