[Bug breakpoints/13247] New: Wrong breakpoint address for ARM binary built with -O2

[Bug breakpoints/13247] New: Wrong breakpoint address for ARM binary built with -O2

[christian.prochaska@genode-labs.com]

http://sourceware.org/bugzilla/show_bug.cgi?id=13247

             Bug #: 13247
           Summary: Wrong breakpoint address for ARM binary built with -O2
           Product: gdb
           Version: 7.3
            Status: NEW
          Severity: normal
          Priority: P2
         Component: breakpoints
        AssignedTo: unassigned@sourceware.org
        ReportedBy: christian.prochaska@genode-labs.com
    Classification: Unclassified


Created attachment 5958
  --> http://sourceware.org/bugzilla/attachment.cgi?id=5958
source, gcc temporary files and binaries of the test program

Platform
--------

Debian Squeeze armel (QEMU image from
http://people.debian.org/~aurel32/qemu/armel/)

GCC 4.6.1 built from source
---------------------------

Using built-in specs.
COLLECT_GCC=/opt/gcc/bin/gcc
COLLECT_LTO_WRAPPER=/opt/gcc-4.6.1/libexec/gcc/armv5tejl-unknown-linux-gnueabi/4.6.1/lto-wrapper
Target: armv5tejl-unknown-linux-gnueabi
Configured with: ../gcc-4.6.1/configure --prefix=/opt/gcc-4.6.1
Thread model: posix
gcc version 4.6.1 (GCC)


GDB 7.3.1 built from source
---------------------------

GNU gdb (GDB) 7.3.1
Copyright (C) 2011 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "armv5tejl-unknown-linux-gnueabi".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.


Test program
------------

---- func1.h ----

struct arg_struct { int arg1, arg2, arg3, arg4, arg5; };

extern void func1(struct arg_struct func1_args);

---- func1.c ----

#include "func1.h"                                  

void func1(struct arg_struct func1_args)            
{
}

---- main.c ----

#include "func1.h"

int main(int argc, char *argv[])
{
        struct arg_struct test_args = {1, 2, 3, 4, 5};

        func1(test_args);

        return 0;
}

----------------

Correct breakpoint address of func1 when building with -O0:

$ /opt/gcc/bin/gcc -O0 -g -save-temps main.c func1.c
$ gdb ./a.out -ex "b func1" -ex "run" -ex "disassemble func1" -ex "info args"

Reading symbols from /home/user/test/a.out...done.
Breakpoint 1 at 0x83b8: file func1.c, line 5.
Starting program: /home/user/test/a.out

Breakpoint 1, func1 (func1_args=...) at func1.c:5
5       }
Dump of assembler code for function func1:
   0x000083a4 <+0>:     sub     sp, sp, #16
   0x000083a8 <+4>:     push    {r11}           ; (str r11, [sp, #-4]!)
   0x000083ac <+8>:     add     r11, sp, #0
   0x000083b0 <+12>:    add     r12, r11, #4
   0x000083b4 <+16>:    stm     r12, {r0, r1, r2, r3}
=> 0x000083b8 <+20>:    add     sp, r11, #0
   0x000083bc <+24>:    pop     {r11}
   0x000083c0 <+28>:    add     sp, sp, #16
   0x000083c4 <+32>:    bx      lr
End of assembler dump.
func1_args = {arg1 = 1, arg2 = 2, arg3 = 3, arg4 = 4, arg5 = 5}

---------------

Wrong breakpoint address when building with -O2:

$ /opt/gcc/bin/gcc -O2 -g -save-temps main.c func1.c
$ gdb ./a.out -ex "b func1" -ex "run" -ex "disassemble func1" -ex "info args"

Reading symbols from /home/user/test/a.out...done.
Breakpoint 1 at 0x8390: file func1.c, line 4.
Starting program: /home/user/test/a.out

Breakpoint 1, func1 (func1_args=...) at func1.c:4
4       {
Dump of assembler code for function func1:
   0x0000838c <+0>:     sub     sp, sp, #16
=> 0x00008390 <+4>:     sub     r12, sp, #4
   0x00008394 <+8>:     stmib   r12, {r0, r1, r2, r3}
   0x00008398 <+12>:    add     sp, sp, #16
   0x0000839c <+16>:    bx      lr
End of assembler dump.
func1_args = {arg1 = 1073895576, arg2 = 1073912552, arg3 = 0, arg4 = 33368,
  arg5 = 5}

---------------

The breakpoint address should be 0x8398 instead of 0x8390 for arg1-arg4 to be
shown correctly.

The attached archive contains the source, gcc temporary files and the binaries
of the test program. I can provide more files/information if needed.

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

[Bug breakpoints/13247] Wrong breakpoint address for ARM binary built with -O2

[christian.prochaska@genode-labs.com]

http://sourceware.org/bugzilla/show_bug.cgi?id=13247

--- Comment #1 from Christian Prochaska <christian.prochaska@genode-labs.com> 2011-10-05 16:09:15 UTC ---
I'm still quite new to DWARF, but noted a difference in the line number
information for the two binaries:

-O0 binary
----------

 The File Name Table:
  Entry Dir     Time    Size    Name
  1     0       0       0       func1.c
  2     0       0       0       func1.h

 Line Number Statements:
  Extended opcode 2: set Address to 0x83a4
  Special opcode 8: advance Address by 0 to 0x83a4 and Line by 3 to 4
  Special opcode 146: advance Address by 20 to 0x83b8 and Line by 1 to 5
  Advance PC by 16 to 0x83c8
  Extended opcode 1: End of Sequence

-O2 binary
----------

 The File Name Table:
  Entry Dir     Time    Size    Name
  1     0       0       0       func1.c
  2     0       0       0       func1.h

 Line Number Statements:
  Extended opcode 2: set Address to 0x838c
  Special opcode 8: advance Address by 0 to 0x838c and Line by 3 to 4
  Special opcode 33: advance Address by 4 to 0x8390 and Line by 0 to 4
  Special opcode 62: advance Address by 8 to 0x8398 and Line by 1 to 5
  Advance PC by 8 to 0x83a0
  Extended opcode 1: End of Sequence

-------------

I wonder about the line with opcode 33 in the output for the -O2 binary, it
seems superfluous to me? Also, the next line with opcode 62 contains the
correct breakpoint address 0x8398 which was not chosen by GDB.

After looking at the assembly files, I guess the line number statements are
related to the ".loc" statements? In func1.s for the -O2 build there appears
two times ".loc 1 4 0", which is not the case for the -O0 build.

func1:
.LFB0:
        .file 1 "func1.c"
        .loc 1 4 0
        .cfi_startproc
        @ args = 20, pretend = 16, frame = 0
        @ frame_needed = 0, uses_anonymous_args = 0
        @ link register save eliminated.
        sub     sp, sp, #16
.LCFI0:
        .cfi_def_cfa_offset 16
        .loc 1 4 0
        sub     ip, sp, #4
        stmib   ip, {r0, r1, r2, r3}
        .loc 1 5 0
        add     sp, sp, #16
        bx      lr
        .cfi_endproc

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

[Bug breakpoints/13247] Wrong breakpoint address for ARM binary built with -O2

[christian.prochaska@genode-labs.com]

http://sourceware.org/bugzilla/show_bug.cgi?id=13247

--- Comment #2 from Christian Prochaska <christian.prochaska@genode-labs.com> 2011-10-06 15:28:31 UTC ---
According to the comments linked from Bug 12573 the function prologue is not to
be skipped at all for -O2 and instead it is assumed that DWARF location
information is always correct. So I guess in my case the location information
is incorrect?

<2><175>: Abbrev Number: 6 (DW_TAG_formal_parameter)
   <176>   DW_AT_name        : (indirect string, offset: 0x65): func1_args     
   <17a>   DW_AT_decl_file   : 1       
   <17b>   DW_AT_decl_line   : 3       
   <17c>   DW_AT_type        : <0x106> 
   <180>   DW_AT_location    : 2 byte block: 91 70     (DW_OP_fbreg: -16)

>From my current understanding, DW_AT_location is rather supposed to link to a
location list containing the information that a part of func1_args is stored in
registers for PC values 0x838c-0x8394 and in memory later, starting with PC
value 0x8398?

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.