Segfault when hitting breakpoint in RO memory regions

Question

Segfault when hitting breakpoint in RO memory regions

mrnuke-adaptrum opened this issue 7 years ago · 7 comments

When hitting a breakpoint in a memory region that is readonly (e.g. XIP NOR flash), openocd segfaults.

gdb backtrace:

Info : accepting 'gdb' connection on tcp/3334

Thread 1 "openocd" received signal SIGSEGV, Segmentation fault.
arc_dbg_set_breakpoint (target=0x917970, breakpoint=0x9605c0) at ../src/target/arc_dbg.c:83
83                      while (comparator_list[bp_num].used)
(gdb) bt
#0  arc_dbg_set_breakpoint (target=0x917970, breakpoint=0x9605c0) at ../src/target/arc_dbg.c:83
#1  0x00000000004d5ba3 in breakpoint_add_internal (target=0x917970, address=537026608, length=4, type=BKPT_HARD)
    at ../src/target/breakpoints.c:81
#2  0x000000000044aadd in gdb_breakpoint_watchpoint_packet (packet=0x874a60 <gdb_packet_buffer> "Z1,20026030,4", 
    packet_size=<optimized out>, connection=<optimized out>) at ../src/server/gdb_server.c:1625
#3  gdb_input_inner (connection=<optimized out>) at ../src/server/gdb_server.c:2851
#4  gdb_input (connection=<optimized out>) at ../src/server/gdb_server.c:3018
#5  0x000000000044c75a in server_loop (command_context=command_context@entry=0x8bd030)
    at ../src/server/server.c:492
#6  0x000000000040514b in openocd_thread (cmd_ctx=0x8bd030, argv=0x7fffffffde08, argc=<optimized out>)
    at ../src/openocd.c:304
#7  openocd_main (argc=<optimized out>, argv=0x7fffffffde08) at ../src/openocd.c:341
#8  0x00007ffff6cf3401 in __libc_start_main () from /lib64/libc.so.6
#9  0x0000000000404b6a in _start ()
(gdb) print bp_num
$1 = 0
(gdb) print comparator_list
$2 = (struct arc32_comparator *) 0x0
(gdb) print arc32
$3 = <optimized out>
(gdb)

Answer 1 · 2017-03-27T22:58:40.000Z

Hi,

Does your processor has action points (aka hardware breakpoints)? How many? Can you run GDB command monitor arc num-actionpoints in GDB (or run arc num-actionpoints in OpenOCD scripts after arget has been configured). Or you can check arc32->actionpoints_num and arc32->actionpoints_num_avail in the segfaulting function.

Answer 2 · 2017-03-27T23:31:10.000Z

arc32->actionpoints_num_avail is 0 on my CPU.

Answer 3 · 2017-03-27T23:35:27.000Z

However, the hardware lead tells me that we should have 36 actionpoints on the cpu.

Answer 4 · 2017-03-28T12:15:11.000Z

Hi,

Thanks for the patch.

It is strange that OpenOCD doesn't properly detect your actions points - it reads AP_BUILD AUX register to identify amount of action breakpoints. Can be seen here. In worst case you can simply alter the configuration script and call arc num-actionpoints NUMBER with your actual AP amount. However, it also strange if you have 36 APs - ARC ISA currently supports only up to 8 APs in a core, so you'd need to have 4 cores with 8 APs to get a total of 36, but still each core's actionpoints are private to the core, so saying that there is 36 of them is not entirely correct. If your processor uses some custom mechanism instead of standard ARC actionpoints, then it's not a surprise that OpenOCD fails to detect them properly.

Answer 5 · 2017-03-28T20:02:13.000Z

I see num_actionpoints is set for arcv2, but not arc compact, which is what I'm using.

Answer 6 · 2017-03-29T13:54:40.000Z

I see. Note that we never tested OpenOCD Actionpoint support on ARCcompact, so I'm not sure how it would work, thus this check at the configuration file.

Answer 7 · 2017-03-29T17:17:12.000Z

Oh. Breaking in XIP is not critical, as I can usually relocate the binary to SRAM. As far as the segfault issue goes, that has been resolved. Thank you for all the info.