MaderNoob/galloc

Bus Fault in realloc

trueb2 opened this issue · 0 comments

trueb2 commented

I hit a bus fault when switching a library from rust-embedded/embedded-alloc#36. I don't have any bus errors when running the Heap from embedded-alloc based on the linked_list_allocator.

Running on ZephyrRTOS where a couple threads might be able to make an allocation, but NRF52840 Cortex-M4F only has one core.

[00:02:09.454,620] <err> os: bus_fault: ***** BUS FAULT *****
[00:02:09.454,650] <err> os: bus_fault:   Imprecise data bus error
[00:02:09.454,681] <err> os: esf_dump: r0/a1:  0x00000050  r1/a2:  0xe3400200  r2/a3:  0xb89bbb68
[00:02:09.454,681] <err> os: esf_dump: r3/a4:  0x20020774 r12/ip:  0x20020770 r14/lr:  0x0004da3b
[00:02:09.454,711] <err> os: esf_dump:  xpsr:  0xa1000000
[00:02:09.454,711] <err> os: esf_dump: s[ 0]:  0x00000000  s[ 1]:  0x00000000  s[ 2]:  0x00000000  s[ 3]:  0x00000000
[00:02:09.454,742] <err> os: esf_dump: s[ 4]:  0x00000000  s[ 5]:  0x00000000  s[ 6]:  0x00000000  s[ 7]:  0x00000000
[00:02:09.454,742] <err> os: esf_dump: s[ 8]:  0x00000000  s[ 9]:  0x00000000  s[10]:  0x00000000  s[11]:  0x00000000
[00:02:09.454,772] <err> os: esf_dump: s[12]:  0x00000000  s[13]:  0x00000000  s[14]:  0x00000000  s[15]:  0x00000000
[00:02:09.454,772] <err> os: esf_dump: fpscr:  0x200204f0
[00:02:09.454,803] <err> os: esf_dump: Faulting instruction address (r15/pc): 0x000610c8
[00:02:09.454,833] <err> os: z_fatal_error: >>> ZEPHYR FATAL ERROR 0: CPU exception on CPU 0
[00:02:09.454,864] <err> os: z_fatal_error: Current thread: 0x20003ed8 (max86141_fifo)
[00:02:10.268,859] <err> os: k_sys_fatal_error_handler: Halting system

That program counter is buried down in the rust_realloc call:

   610a2:	e7ad      	b.n	61000 <__rust_realloc+0x28c>
   610a4:	e9d0 1001 	ldrd	r1, r0, [r0, #4]
   610a8:	f042 0303 	orr.w	r3, r2, #3
   610ac:	f022 0703 	bic.w	r7, r2, #3
   610b0:	f8cc 3000 	str.w	r3, [ip]
   610b4:	4663      	mov	r3, ip
   610b6:	f8cc 0008 	str.w	r0, [ip, #8]
   610ba:	f843 1f04 	str.w	r1, [r3, #4]!
   610be:	2900      	cmp	r1, #0
   610c0:	f847 200c 	str.w	r2, [r7, ip]
   610c4:	bf18      	it	ne
   610c6:	608b      	strne	r3, [r1, #8]
   610c8:	f8c0 c000 	str.w	ip, [r0]
   610cc:	e798      	b.n	61000 <__rust_realloc+0x28c>
   610ce:	fa97 f1a7 	rbit	r1, r7
   610d2:	6800      	ldr	r0, [r0, #0]
   610d4:	fab1 f181 	clz	r1, r1
   610d8:	1ecb      	subs	r3, r1, #3
   610da:	f1a0 010c 	sub.w	r1, r0, #12
   610de:	2b07      	cmp	r3, #7
   610e0:	bf28      	it	cs
   610e2:	2307      	movcs	r3, #7
   610e4:	08c8      	lsrs	r0, r1, #3
   610e6:	299f      	cmp	r1, #159	; 0x9f
   610e8:	d85c      	bhi.n	611a4 <__rust_realloc+0x430>

Call stack from Rust is inside of push to BitVec, alloc::raw_vec::finish_grow, and __rust_realloc