[lldb-dev] POP instruction causes process continuation

[Christian Mayer]

Hi,

I have the following i386 assembly code:


##########
.text
.globl _main

_main:
	
	nop
	
	push %ebp
	mov %esp, %ebp
	
	sub $0x4, %esp
	push $msg1
	call _puts
	add $0x8, %esp
	
	pop %ebp
	push %ebp
	
	sub $0x4, %esp
	push $msg2
	call _puts
	add $0x8, %esp
	
	mov $5, %eax
	pop %ebp
	ret

.data
msg1:
	.ascii "Hello World!\0"
	len = . - msg1

msg2:
	.ascii "This is a second line.\0"
	len = . - msg2
##########



Compiled under Mac OS X 10.10 with the following commands:

as -W -arch i386 -o build/test3-i386.o test3-i386.s
ld -arch i386 -macosx_version_min 10.10 -no_pie -o build/test3-i386
build/test3-i386.o -lSystem


When I run the compiled binary in the shell everything works fine,
but when I debug it from _main step-by-step with "thread step-inst-over"
in LLDB 340.99.0 (ToT) - LLDB automatically continues on the first "pop
%ebp" instruction.


:> lldb build/test3-i386
lldb:> target create "build/test3-i386"
Current executable set to 'build/test3-i386' (i386).
lldb:> br s -n main
Breakpoint 1: where = test3-i386`main, address = 0x00001f6d
lldb:> process launch
Process 66822 launched: 'build/test3-i386' (i386)
Process 66822 stopped
* thread #1: tid = 0x2af723, 0x00001f6d test3-i386`main, queue =
'com.apple.main-thread', stop reason = breakpoint 1.1
    frame #0: 0x00001f6d test3-i386`main
-> 	 0x1f6d <test3-i386`main+0>: nop
   	 0x1f6e <test3-i386`main+1>: pushl  %ebp
   	 0x1f6f <test3-i386`main+2>: movl   %esp, %ebp
   	 0x1f71 <test3-i386`main+4>: subl   $0x4, %esp
lldb:> ni
Process 66822 stopped
* thread #1: tid = 0x2af723, 0x00001f6e test3-i386`main + 1, queue =
'com.apple.main-thread', stop reason = instruction step over
    frame #0: 0x00001f6e test3-i386`main + 1
-> 	 0x1f6e <test3-i386`main+1>: pushl  %ebp
   	 0x1f6f <test3-i386`main+2>: movl   %esp, %ebp
   	 0x1f71 <test3-i386`main+4>: subl   $0x4, %esp
   	 0x1f74 <test3-i386`main+7>: pushl  $0x200c
lldb:>
Process 66822 stopped
* thread #1: tid = 0x2af723, 0x00001f6f test3-i386`main + 2, queue =
'com.apple.main-thread', stop reason = instruction step over
    frame #0: 0x00001f6f test3-i386`main + 2
-> 	 0x1f6f <test3-i386`main+2>:  movl   %esp, %ebp
   	 0x1f71 <test3-i386`main+4>:  subl   $0x4, %esp
   	 0x1f74 <test3-i386`main+7>:  pushl  $0x200c
   	 0x1f79 <test3-i386`main+12>: calll  0x1f9a ; symbol stub for: puts
lldb:>
Process 66822 stopped
* thread #1: tid = 0x2af723, 0x00001f71 test3-i386`main + 4, queue =
'com.apple.main-thread', stop reason = instruction step over
    frame #0: 0x00001f71 test3-i386`main + 4
-> 	 0x1f71 <test3-i386`main+4>:  subl   $0x4, %esp
   	 0x1f74 <test3-i386`main+7>:  pushl  $0x200c
   	 0x1f79 <test3-i386`main+12>: calll  0x1f9a ; symbol stub for: puts
   	 0x1f7e <test3-i386`main+17>: addl   $0x8, %esp
lldb:>
Process 66822 stopped
* thread #1: tid = 0x2af723, 0x00001f74 test3-i386`main + 7, queue =
'com.apple.main-thread', stop reason = instruction step over
    frame #0: 0x00001f74 test3-i386`main + 7
-> 	 0x1f74 <test3-i386`main+7>:  pushl  $0x200c
   	 0x1f79 <test3-i386`main+12>: calll  0x1f9a ; symbol stub for: puts
   	 0x1f7e <test3-i386`main+17>: addl   $0x8, %esp
   	 0x1f81 <test3-i386`main+20>: popl   %ebp
lldb:>
Process 66822 stopped
* thread #1: tid = 0x2af723, 0x00001f79 test3-i386`main + 12, queue =
'com.apple.main-thread', stop reason = instruction step over
    frame #0: 0x00001f79 test3-i386`main + 12
-> 	 0x1f79 <test3-i386`main+12>: calll  0x1f9a ; symbol stub for: puts
   	 0x1f7e <test3-i386`main+17>: addl   $0x8, %esp
   	 0x1f81 <test3-i386`main+20>: popl   %ebp
   	 0x1f82 <test3-i386`main+21>: pushl  %ebp
lldb:>
Hello World!
Process 66822 stopped
* thread #1: tid = 0x2af723, 0x00001f7e test3-i386`main + 17, queue =
'com.apple.main-thread', stop reason = instruction step over
    frame #0: 0x00001f7e test3-i386`main + 17
-> 	 0x1f7e <test3-i386`main+17>: addl   $0x8, %esp
   	 0x1f81 <test3-i386`main+20>: popl   %ebp
   	 0x1f82 <test3-i386`main+21>: pushl  %ebp
   	 0x1f83 <test3-i386`main+22>: subl   $0x4, %esp
lldb:>
Process 66822 stopped
* thread #1: tid = 0x2af723, 0x00001f81 test3-i386`main + 20, queue =
'com.apple.main-thread', stop reason = instruction step over
    frame #0: 0x00001f81 test3-i386`main + 20
-> 	 0x1f81 <test3-i386`main+20>: popl   %ebp
   	 0x1f82 <test3-i386`main+21>: pushl  %ebp
   	 0x1f83 <test3-i386`main+22>: subl   $0x4, %esp
   	 0x1f86 <test3-i386`main+25>: pushl  $0x2019
lldb:>
This is a second line.
Process 66822 exited with status = 5 (0x00000005)
lldb:> ^D

When I remove

	pop %ebp
	push %ebp

it works fine. Then LLDB stops after each single instruction step over
until to the end of the program.


When I also remove the instructions for the output of the second puts()
it continues at the bottom "pop %ebp", before "ret":

##########
.text
.globl _main

_main:
	
	nop
	
	push %ebp
	mov %esp, %ebp
	
	sub $0x4, %esp
	push $msg1
	call _puts
	add $0x8, %esp
	
	mov $5, %eax
	pop %ebp
	ret

.data
msg1:
	.ascii "Hello World!\0"
	len = . - msg1

msg2:
	.ascii "This is a second line.\0"
	len = . - msg2
##########

It should do only one instruction step over.

What am I doing wrong?


Br,
Christian

-- 
Christian Mayer
software developer
http://fox21.at