Weird behavior on RISC-V code (compiled with the toolchain) #1434
Comments
alex-paschoaletto
changed the title
|
Did you debug your code to find out why it crashes/hangs in the failure case? In particular what CSRs like |
|
Thanks for spending the time to try reducing the problem/make such a clear writeup about this hang. |
Hello there! I'm sorry if I didn't provide enough information. I am quite new to this world of low-level debugging and don't know exactly how to do what you say. Could you please explain how would I check the register values throughout execution?
Yeah, sure! Here's the terminal output to |
The The values of these registers should be available by dumping them in some way from, say, a catch-all trap/exception handler or via interactive debugging. If the problem doesn't actually result in a trap/exception then interactive debugging should still help to identify where/when/why the code doesn't behave as you expect and pinpoint the root cause of the problem. There is plenty of info about debugging RISC-V programs running on QEMU available elsewhere. E.g.: |
|
@TommyMurphyTM1234 provided some great links for debugging with QEMU - the second link is helpful for debugging when using qemu-system (which your program does). If you're able to extract this problem into a program that runs in qemu-user mode ( AKA if you can reproduce the problem with a flow like this: I can reduce it down to a preprocessed C file that compiler people can work with :) |
That's a very good point/suggestion about compiling the code for some non RISC-V ISA (e.g. x86_64 or Arm) and comparing the results to the RISC-V case. If the program still crashes in the non-RISC-V case then it strengthens the hypothesis that it's a problem with the actual code rather than the toolchain. |
|
I'm sorry for the absence, have been a bit busy lately.
Thank you very much for the enlightenment! I'm currently learning how to use gdb, but a colleague of mine with some knowledge on that has done me a favor of running this project with gdb. When the application hangs, these are the
Ok! I will give a try on that and report results here as soon as I have them.
I understand and agree, but like I said running on QEMU emulating ARM (MPS2 M3) performed just fine. Running on the Raspberry Pi Pico (ARM Cortex M0+) also shown no issues whatsoever. I also have a new finding: on the past thursday I ran this program on a Seeed XIAO ESP32-C3 (RISC-V based) and the program behaved well on all cases. Unfortunately, however, the test conditions were not the same, since Espressif has its own compiler (riscv32-esp-elf-gcc) and their custom flavor of FreeRTOS. Hopefully this might be an useful piece of information, though. |
|
|
The assembly code around this
The code itself is this one, located in FreeRTOS´ portASM file: freertos_risc_v_exception_handler:
portcontextSAVE_EXCEPTION_CONTEXT
/* a0 now contains mcause. */
li t0, 11 /* 11 == environment call. */
bne a0, t0, other_exception /* Not an M environment call, so some other exception. */
call vTaskSwitchContext
portcontextRESTORE_CONTEXTWith that in mind, |
|
Ok, so I have a new finding. After a deeper analysis of the code line-by-line at an assembly level and consistently checking the linked list state, I've found out the inlined code will hang right after creating and printing the items for the first time because So it looks like the first This is what the linked list with 5 items inside looks like normally: And this is what it looks like after corruption: Note that all elements within the linked list are stored on the heap (0x8000...). The data within 0x3030... or 0x3031... is just some code I don't really understand the purpose of but assume it has something to do with the illegal instruction mask: With that said, I suppose the problem is related to the standard C printf("item: whatever");instead of printf("item: %d", itemValue);The linked list pointers are never corrupted. It still may not explain the first problem I reported of encapsulated vs inline code, but it is a problem that deserves some attention anyway. |
|
After all the problem seems to have been that the RISC-V port had a Increasing to a greater value, such as 700 bytes, got everything working alright. Thanks for the help anyway! |
|
Thanks a lot for following up with an explanation of the root cause @alex-paschoaletto! 👍 |
Hello everyone! hope you're all doing well.
I don't know if this is the proper place to ask for help or report a bug, so please feel free to warn me in case I should post this elsewhere. I've been trying to develop real-time software on RISC-V (taking the official FreeRTOS QEMU demo ports as a starting point), but some very weird issues got in the way and made me decide to ask for help. I have already placed this issue on the FreeRTOS forums, but as one might see throughout this post, it might have something to do with the compiler and not the RTOS library.
TL:DR
This repository contains a sample project that illustrates well one of the problems I've been getting lately. It basically goes like this: the program executes fine when a certain code snippet is encapsulated within a function, but "crashes" (i.e. hangs) when the same snippet is placed directly in the main code:
The scope shouldn't matter at all here, since there is no local variable being used or anything like that. Also, in favor of simplicity the sample code doesn't even uses FreeRTOS' tasks or scheduler, just the pvPortMalloc/vPortFree functions.
Context
It all started with me deciding to use the ESFree library to append the EDF scheduler to the project, but the code didn't work out-of-the-box on neither of the 'virt' ports. It ran OK on the ARM ports for QEMU, though, so I figured it should be some incompatibility issue on the RISC-V side. While investigating, I found the problem seemed to be related to the linked lists API, as the List_t uxNumberOfItems variable just seemed to go crazy on a certain point of the code that wasn't even supposed to interact with it.
I then decided to create my own library for managing linked lists as a workaround and created a whole new sample project to test it, but my attempt of making it happen also went sideways with a new bug: the code would execute just fine when a certain snippet were placed inside a dedicated function, but not so much when placed directly on the main code. That is what I describe on the TL:DR section above.
This doesn't really seem to me like a problem within FreeRTOS, as like I said there are no schedulers or tasks being used. The only resources provided by FreeRTOS which I actually use on the sample project are pvPortMalloc and vPortFree, but the problem happens anyway with regular malloc (as shown below). I can't really cross FreeRTOS out of the equation, though, since the whole port setup (e.g. libraries, assembly files and makefile) has been provided by it.
Workarounds
These were my attempts of solving the problem so far:
I am familiar with many programming languages, but FreeRTOS/QEMU/compiler developing/debugging are definitely out of my league. Hence why I'm here asking for help from the clever ones. I'll be posting this issue on the QEMU forums aswell, if any. Hopefully someone might help me out on this quest.
Thanks in advance.
The text was updated successfully, but these errors were encountered: