For some reason, when debugger steps through jalr instruction, it jumps to the wrong address (in fact, it jumps to the target address +8). This corrupts execution flow and leads to strange firmware behavior under debug. I reproduced this with two debug scripts: first (debug_good) executes normally from one breakpoint to another, and the second (debug_bad) steps through jalr instruction and then breaks on the trap handler.
I don’t know what’s the cause of the problem, but this behavior is quite annoying.
Archive with a binary and debug scripts: https://pilvi.disasm.info/s/XZ8mbiMQCGHi3ar/download
Steps to reproduce:
- Run
JLinkGDBServer -device FE310 -if JTAG -speed 4000 -port 3333 - Run the following commands:
riscv64-unknown-elf-gdb -x debug_good
riscv64-unknown-elf-gdb -x debug_bad
These two gdb scripts lead to a different breakpoints despite they differ only in a pair of si commands
My setup:
gdb from the riscv64-unknown-elf-gcc-8.3.0-2019.08.0-x86_64-linux-ubuntu14 toolchain from SiFive
JLinkGDBServer from the JLink_Linux_V660a_x86_64 package (latest at the moment)
Board: HiFive1 Rev B
Linux OS