1451292 - GDB on ARM64 goes into infinite loop when hitting breakpoint instruction

Status: RESOLVED FIXED

(Core :: JavaScript Engine: JIT, enhancement)

Description

[Christian Holler (:decoder)]

On ARM64, I noticed that GDB just spins forever when it hits a breakpoint instruction. Our MacroAssembler emits breakpoint instructions for assertions, so we need to change this behavior on ARM64 to emit a NULL-deref instead to allow automated testing with GDB to work properly.

Comment 1

[Lars T Hansen [:lth]]

Maybe slightly relevant, since symptoms are the same, even though the bug is reported for 32-bit ARM: https://sourceware.org/bugzilla/show_bug.cgi?id=22645

Comment 2

[Lars T Hansen [:lth]]

This appears to be caused by the payload that we put into the Brk instruction, we can only assume this means something special to gdb.  The instruction can carry a 16-bit immediate.  MacroAssembler::breakpoint() starts with the code equal to 0xA77; it increments this code after emitting the instruction; and then the payload in the instruction is set to (code & 0xFFFF).  When I change the code to zero, gdb stops as it's supposed to.

The current behavior dates back to the initial import of the arm64 support, nearly three years ago.

I did find the ability to have a code useful for some debugging work, but now that the back-end is up and running we can probably just pin it to zero.  Should there be a need to emit a different code the underlying instruction emitter that takes an explicit code will still be available.

Comment 3

[Lars T Hansen [:lth]]

Attachment: bug1451292-better-arm64-breakpoint.patch

Choose a breakpoint payload that makes gdb stop properly.

Comment 4

[Pulsebot]

Pushed by lhansen@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/236c11a47aa7
Better payload for arm64 breakpoint instruction.  r=sstangl

Comment 5

[Noemi Erli[:noemi_erli]]

https://hg.mozilla.org/mozilla-central/rev/236c11a47aa7