anjiahao1 opened a new pull request, #18332:
URL: https://github.com/apache/nuttx/pull/18332
## Summary
* **Why change is necessary**: GDB backtrace from kernel space to user
space was broken on ARM architectures. When debugging syscalls, GDB would
report "Backtrace stopped: previous frame identical to this frame (corrupt
stack?)" instead of showing the complete call chain.
* **What functional part of the code is being changed**: Syscall dispatch
mechanism for ARM architectures (armv6-m, armv7-m, armv7-r, armv8-m, armv8-r).
* **How does the change exactly work**:
1. For armv7-m/armv8-m/armv6-m: Optimize existing CFI (Call Frame
Information) directives in `arm_dispatch_syscall.S` to use correct CFA-relative
offsets instead of absolute offsets.
2. For armv7-r/armv8-r: Move syscall dispatch from C code
(`arm_syscall.c`) to assembly (`arm_dispatch_syscall.S`) with proper CFI
directives, and update `arm_vectors.S` to set up the stack frame correctly for
unwinding.
The CFI directives tell the debugger how to unwind the stack frames,
enabling proper backtrace across the kernel/user boundary.
## Impact
* Is new feature added? Is existing feature changed? YES - Adds debugger
stack unwinding support for syscalls on armv7-r/armv8-r, improves existing
support on armv6-m/armv7-m/armv8-m.
* Impact on user (will user need to adapt to change)? NO - This is a
debugging improvement with no API changes.
* Impact on build (will build process change)? NO
* Impact on hardware (will arch(s) / board(s) / driver(s) change)? YES -
Affects ARM architectures: armv6-m, armv7-m, armv7-r, armv8-m, armv8-r. No
functional change, only debug information.
* Impact on documentation (is update required / provided)? NO
* Impact on security (any sort of implications)? NO
* Impact on compatibility (backward/forward/interoperability)? NO
* Anything else to consider? The change moves dispatch_syscall from C to
assembly for armv7-r/armv8-r to enable proper CFI generation.
## Testing
I confirm that changes are verified on local setup and works as intended:
* Build Host(s): Linux x86_64, arm-none-eabi-gcc
* Target(s): qemu-armv7r:pnsh (QEMU Cortex-R5F)
Run command:
```
$ <QEMU_PATH>/bin/qemu-system-arm \
-L <QEMU_PATH>/share/qemu \
-M virt -semihosting -nographic -cpu cortex-r5f \
-device loader,file=./nuttx_user \
-device loader,file=./nuttx -S -s
```
Testing logs before change:
```
➜ arm-none-eabi-gdb nuttx -ex "target remot :1234"
GNU gdb (GDB) 15.1
...
Reading symbols from nuttx...
Remote debugging using :1234
_vector_start () at armv7-r/arm_vectortab.S:66
66 ldr pc, .Lresethandler /* 0x00:
Reset */
(gdb) add-symbol-file nuttx_user
add symbol table from file "nuttx_user"
(y or n) y
Reading symbols from nuttx_user...
(gdb) b write
Breakpoint 1 at 0x11540: write. (2 locations)
(gdb) c
Continuing.
Breakpoint 1.1, write (fd=1, buf=0x98b63 <g_erasetoeol>, nbytes=3) at
vfs/fs_write.c:457
457 iov.iov_base = (void *)buf;
(gdb) bt
#0 write (fd=1, buf=0x98b63 <g_erasetoeol>, nbytes=3) at
vfs/fs_write.c:457
#1 0x00000790 in dispatch_syscall () at armv7-r/arm_syscall.c:124
Backtrace stopped: previous frame identical to this frame (corrupt stack?)
```
Testing logs after change:
```
➜ arm-none-eabi-gdb nuttx -ex "target remot :1234"
GNU gdb (GDB) 15.1
...
Reading symbols from nuttx...
Remote debugging using :1234
a_vector_start () at armv7-r/arm_vectortab.S:66
66 ldr pc, .Lresethandler /* 0x00:
Reset */
(gdb) add-symbol-file nuttx_user
add symbol table from file "nuttx_user"
(y or n) y
Reading symbols from nuttx_user...
(gdb) c
Continuing.
^C
Program received signal SIGINT, Interrupt.
0x0000c148 in up_idle () at chip/qemu_idle.c:63
63 }
(gdb) b write
Breakpoint 1 at 0x11548: write. (2 locations)
(gdb) c
Continuing.
Breakpoint 1.2, write (parm1=1, parm2=0x40800008 <g_nshprompt>, parm3=5)
at proxies/PROXY_write.c:9
9 return (ssize_t)sys_call3((unsigned int)SYS_write,
(uintptr_t)parm1, (uintptr_t)parm2, (uintptr_t)parm3);
(gdb) c
Continuing.
Breakpoint 1.1, write (fd=1, buf=0x40800008 <g_nshprompt>, nbytes=5) at
vfs/fs_write.c:457
457 iov.iov_base = (void *)buf;
(gdb) bt
#0 write (fd=1, buf=0x40800008 <g_nshprompt>, nbytes=5) at
vfs/fs_write.c:457
#1 0x00000cac in arm_dispatch_syscall () at
armv7-r/arm_dispatch_syscall.S:93
#2 0x00088de4 in write (parm1=1082130440, parm2=0x5 <nx_write+4>,
parm3=5) at proxies/PROXY_write.c:9
#3 0x00080e78 in nsh_session (pstate=0x40801200, login=login@entry=1,
argc=argc@entry=1,
argv=argv@entry=0x40802018) at nsh_session.c:224
#4 0x00080ca8 in nsh_consolemain (argc=argc@entry=1,
argv=argv@entry=0x40802018) at nsh_consolemain.c:77
#5 0x00080c4c in nsh_main (argc=1, argv=0x40802018) at nsh_main.c:76
#6 0x00080064 in nxtask_startup (entrypt=0x80c04 <nsh_main>, argc=1,
argv=0x40802018)
at sched/task_startup.c:72
#7 0x00004114 in nxtask_start () at task/task_start.c:106
#8 0x00000000 in ?? ()
```
**Result**: Full backtrace from kernel space to user space now works
correctly.
## PR verification Self-Check
* [X] This PR introduces only one functional change.
* [X] I have updated all required description fields above.
* [X] My PR adheres to Contributing Guidelines and Documentation (git
commit title and message, coding standard, etc).
* [ ] My PR is still work in progress (not ready for review).
* [X] My PR is ready for review and can be safely merged into a codebase.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
