core panic callback stalls on deadline violations
With the introduction of queue buffers at topics (cf. commit 7bc6b6a1) a strange bug occurred when urtCorePanic()
because a deadline was missed.
More specifically, the function stalls when the reason
is set to the global _urt_core_status
variable, or (if that line is disabled) when urtEventSourceBroadcast()
is executed thereafter.
When both lines are disabled, the urtCorePanic()
completes successfully, but - obviously - not with the desired effect.
Several observations were made, which make this bug very strange, though.
The issue only occurs when µRT is configured to use the new queue buffers for topics.
When ring buffers are selected, everything works as expected.
Also, the issue only occurs for the publish-subscribe subsystem.
Deadline violations of RPCs do not show such erratic behaviour.
Most peculiar however, jitter violations (for publish-subscribe) do neither exhibit this issue, even though the exact same code path is executed.
Internally, a timer is armed with its trigger time set to either the deadline or the upper bound of the allowed jitter - which of both comes first.
So for jitter violations, the exact same timer is used to execute exactly the same code with the only difference being the propagated reason value (either URT_STATUS_DEADLINEVIOLATION
or URT_STATUS_JITTERVIOLATION
respectively).
The oddity of this bug suggests, that it might actually be caused by a compiler bug, but while the issue was detected using GCC 9.3.1, it could also be reproduced with GCC 11.3.1. In order to track down the root cause, I suggest to investigate is further, using different compilers and devices.
Status of Investigation
device | GGC 9.3.1 | GCC 11.3.1 |
---|---|---|
NUCLEO-L476RG | fail | fail |