[Bug tdep/31367] New: [gdb/tdep, arm epilogue unwinder] FAIL: gdb.base/unwind-on-each-insn.exp: bar: instruction 9: $fba_value == $fn_fba

["vries at gcc dot gnu.org" <sourceware-bugzilla@sourceware.org>]

https://sourceware.org/bugzilla/show_bug.cgi?id=31367

            Bug ID: 31367
           Summary: [gdb/tdep, arm epilogue unwinder] FAIL:
                    gdb.base/unwind-on-each-insn.exp: bar: instruction 9:
                    $fba_value == $fn_fba
           Product: gdb
           Version: HEAD
            Status: NEW
          Severity: normal
          Priority: P2
         Component: tdep
          Assignee: unassigned at sourceware dot org
          Reporter: vries at gcc dot gnu.org
  Target Milestone: ---

On arm-linux, I run into:
...
(gdb) PASS: gdb.base/unwind-on-each-insn.exp: bar: instruction 9: get $sp and
frame base for fn: get hexadecimal valueof "$sp"
info frame^M
Stack level 0, frame at 0xfffeec68:^M
 pc = 0xaaaaa55c in bar; saved pc = 0xaaaaa644^M
 called by frame at 0xfffeec68^M
 Arglist at 0xfffeec6c, args: ^M
 Locals at 0xfffeec6c, Previous frame's sp is 0xfffeec68^M
 Saved registers:^M
  r11 at 0xfffeec60, lr at 0xfffeec64^M
(gdb) FAIL: gdb.base/unwind-on-each-insn.exp: bar: instruction 9: $fba_value ==
$fn_fba
...

The issue can be shown on command line using:
...
$ gdb -q -iex "set trace-commands on" -batch
outputs/gdb.base/unwind-on-each-insn/unwind-on-each-insn -ex "break *bar" -ex
run -ex "info frame" -ex "nexti 8" -ex "info frame" 
+break *bar
Breakpoint 1 at 0x53c
+run

Breakpoint 1, 0xaaaaa53c in bar ()
+info frame
Stack level 0, frame at 0xfffef4f0:
 pc = 0xaaaaa53c in bar; saved pc = 0xaaaaa508
 called by frame at 0xfffef4f8
 Arglist at 0xfffef4f0, args: 
 Locals at 0xfffef4f0, Previous frame's sp is 0xfffef4f0
+nexti 8
0xaaaaa55c in bar ()
+info frame
Stack level 0, frame at 0xfffef4e8:
 pc = 0xaaaaa55c in bar; saved pc = 0xaaaaa644
 called by frame at 0xfffef4e8
 Arglist at 0xfffef4ec, args: 
 Locals at 0xfffef4ec, Previous frame's sp is 0xfffef4e8
 Saved registers:
  r11 at 0xfffef4e0, lr at 0xfffef4e4
...
Note how the two "frame at" values differ.

If we'd compiled unwind-on-each-insn-foo.c with fasynchronous-unwind-tables,
we'd get:
...
        nop
        sub     sp, fp, #4
        .cfi_def_cfa 13, 8
        @ sp needed
        pop     {fp, pc}
        .cfi_endproc
...
and if we print the cfa using this info manually we do get the expected value:
...
+print $r13 + 8
$1 = (void *) 0xfffef4f0
...

The incorrect value is served up by the arm epilogue unwinder:
...
  [frame] get_prev_frame_always_1:   ->
{level=0,type=NORMAL_FRAME,unwinder="arm
epilogue",pc=0xaaaaa55c,id={stack=0xfffef4f8,code=0x00000000aaaaa53c,!special},func=0xaaaaa53c}
// cached
...

The stack address in arm_epilogue_frame_this_id is simply taken to be sp:
...
  arm_gdbarch_tdep *tdep
    = gdbarch_tdep<arm_gdbarch_tdep> (get_frame_arch (this_frame));
  *this_id = frame_id_build (arm_cache_get_prev_sp_value (cache, tdep), func);
...
but the sp is still going be changed by the pop, and that's not taken into
account.

In other words, this assumption in arm_make_epilogue_frame_cache is incorrect:
...
  /* Since we are in epilogue, the SP has been restored.  */
...
The pop instruction still changes the SP, so it's not fully restored.

-- 
You are receiving this mail because:
You are on the CC list for the bug.