GDB stepi "Cannot insert breakpoint 0. Cannot access memory at address 0xfffffff

[incf]

Hi,

I'm using a STM32, ST's GDB server, and the most recent version of GDB.

When I wish to debug assembly language in interrupt routines I often find myself single stepping assembly instructions with the "stepi" command.

At the end of an interrupt routine on an ARM Cortex, the processor branches to a special address like 0xfffffffd to return.

I would like to single step through a branch to 0xfffffffd,

Code: [Select]

(gdb) si
0x0800024a in ?? ()
0x0800024c in ?? ()
Warning:
Cannot insert breakpoint 0.
Cannot access memory at address 0xfffffffd
Unfortunately, I run into problem doing this using ST's GDB server. (if I use the probe-rs GDB server it works fine, but probe-rs is broken in other ways that makes it unusable)

Is there any way to single step GDB through the end of an ISR without inserting a breakpoint at 0xfffffffd?

[newbrain]

0xFFFF'FFFD is not a real address, and the processor does not really jump to it, so, no, you cannot put a breakpoint there.

It's a special marker, called EXC_RETURN that's used in the Arm architecture to tell the CPU to pop an exception (i.e., loosely, an interrupt or fault or service request) stack frame.

Its lower bits encode the information on which stack to use, whether to return to Handler or Thread modes, and whether the stack frame includes FP registers to restore.
See table 2.17 in chapter 2.3.7 of the Cortex M4 Generic User Guide - this is for M4, an M0(+) - I seem to remember you are using one? - does not have FP, so only three values are used.

Specifically, 0xFFFF'FFFD returns to Thread Mode - exceptions switch automatically to Handler Mode if the processor is not already in that mode - restores the registers from an exception stack frame (see the preceding sections in either manual) kept in the Process Stack Pointer (PSP), meaning generally that this exception was triggered in Thread Mode, and select PSP as the stack pointer in use from that moment on.

EtA: A good debugger knows about it, and will show where in the code you are supposed to return, using the info in the stack frame. Put a BP at the end of the ISR.

[incf]

That begs the question: Is there any way to single step GDB* through the end of an ISR without inserting a breakpoint at all? (probe-rs seemingly does it)

*using ST's GDB server

Yes it's cortex-M0

Picking apart the stack should not be necessary. I believe there is a special JTAG command to single step an assembly instruction without needing a breakpoint (probe-rs uses it apparently). What is unknown is how to trigger it, or if it is possible at al using ST's tools.

[incf]

addendum: I suppose another way of expressing what is needed is something with behavior similar to a data watchpoint on the program counter register

Or better yet, a watchpoint on PC that uses the conditional match operators supported by the core's debug unit.

Edit: this does not work as a stepi substitute for some reason with SVC instructions

edit2: GDB with ST's GDB server implements "watch $pc" as inserting hidden code breakpoints rather than using the watchpoint unit?

edit3: the debug unit supports two methods of single stepping: C_STEP bit and a PC watchpoint with all of the bits masked. I'm beginning to think there is no way of coaxing ST's server into doing either.

[bson]

Probably a bug in their particular gdbserver.