<table border="1" cellspacing="0" cellpadding="8">
    <tr>
        <th>Issue</th>
        <td>
            <a href=https://github.com/llvm/llvm-project/issues/113154>113154</a>
        </td>
    </tr>

    <tr>
        <th>Summary</th>
        <td>
            builtin trap placed after frame pop on Arm 32 bit
        </td>
    </tr>

    <tr>
      <th>Labels</th>
      <td>
            backend:ARM,
            miscompilation
      </td>
    </tr>

    <tr>
      <th>Assignees</th>
      <td>
      </td>
    </tr>

    <tr>
      <th>Reporter</th>
      <td>
          DavidSpickett
      </td>
    </tr>
</table>

<pre>
    Since https://github.com/llvm/llvm-project/pull/109628, we have had an lldb test failure on 32 bit Arm:
https://lab.llvm.org/buildbot/#/builders/18/builds/5545

```
# CHECK: frame #{{.*}}`g() at verbose_trap-in-stl.cpp
 ^
<stdin>:11:88: note: scanning from here
* thread #1, name = 'verbose_trap-in', stop reason = Bounds error: out-of-bounds access
 ^
<stdin>:12:44: note: possible intended match here
 frame #2: 0x00410694 verbose_trap-in-stl.test.tmp.out`main at verbose_trap-in-stl.cpp:15:3
 ^
Input file: <stdin>
Check file: /home/tcwg-buildbot/worker/lldb-arm-ubuntu/llvm-project/lldb/test/Shell/Recognizer/verbose_trap-in-stl.test

-dump-input=help explains the following input dump.
```

This test checks that lldb can show the first frame of user written code when there's an error in the STL. So in this case we expect to see `g()` in the backtrace, rather than the operator[], or main as we now get.

This appears to be because the trap instruction generated by `__builtin_trap` is put after the frame information is reset:
```
(lldb) dis
verbose_trap-in-stl.test.tmp.out`std::__1::vector<int>::operator[]:
 0x400558 <+0>:  push   {r11, lr}
    0x40055c <+4>:  mov    r11, sp
 0x400560 <+8>:  sub    sp, sp, #8
    0x400564 <+12>: str    r0, [sp, #0x4]
    0x400568 <+16>: str    r1, [sp]
    0x40056c <+20>: mov sp, r11
    0x400570 <+24>: pop    {r11, lr}
->  0x400574 <+28>: trap
    0x400578 <+32>: bx     lr
```

I can show this with another example: https://godbolt.org/z/jnGWh1Wqh
```
void fn() {
 __builtin_trap();
}
```
Produces:
```
fn():
  push {r11, lr}
  mov r11, sp
  pop {r11, lr}
  .inst 0xe7ffdefe
  bx lr
```
`fn` has the trap after the frame pointer and link register is reset. This is not the case on RISC-V:
```
fn():
  addi sp, sp, -16
  sw ra, 12(sp)
  sw s0, 8(sp)
  addi s0, sp, 16
  unimp <<<<<<<<< trap is here
  lw ra, 12(sp)
  lw s0, 8(sp)
  addi sp, sp, 16
  ret
```
And I think changing the frame information before the trap is misleading because a debugger will see a PC within `fn` but the unwind information will look as if it is already in the caller of `fn`.

I don't know right now whether the linked change has caused the problem or merely exposed the problem by changing how leaf functions are handled.
</pre>
<img width="1px" height="1px" alt="" src="http://email.email.llvm.org/o/eJyUV91u67gRfhr6ZmBDomTZufCF4hy3B22BxcmiexlQ4sjihiJVkoqdffpiKCl2fOJuFzCUSPM__GY-SXivjgZxx9aPbP20EENords9iTcln3tVv2IIi8rK992zMjVCG0LvWVYyfmD8cFShHapVbTvGD1q_zX-WvbO_Yx0YP_SD1owf0uSh4FvG93BCaMUbXSQIA1rLCgL6AI1QenAI1kDGoVIBStdRqOSJJeXnwFpUKwq0su7I-KEalJaVDVGYzQ_QeYq8ne_pbr3O16PD6Vok02-85Rns__5t_w-WldA40SGQw80j2zyuGC_Z5ol-RXJkVM0DiABv6Crr8SU40S-VWfqgV3Xfjw6Brb9NrrO9D1IZln1jWZmmLCu3WwpjbED662thjDJHaJztoEWHc04lhNahkJRLSj00MbHsCRjf3IRnfEMaPtgeHApvTVR8tIORHtA56yiYHcLSNstqfCzqGr3_k4w5y8o8v864t96rSiMoE9BIlNCJULdXuV96SNaQnJMkT5PiIf-yawSDVej6lR0CK5JOKPO_GpyV6ZplZXab93fTDwEapWOS11VE8b7F-vUi5ofWdsj4IdSn4_IKSSfrXtFFRMtqKVy3HKrBhOFnjJMCOUBPd88tRsj_wNoejfoj-rhX7jUWl3LoSNgPgWVPLeoe8NxroYyH0CI0Vmt7IoREHSD11dcwjtdfW-XH0aqpZHIiwjhwtTDgW3sa_SpH4xdPyjYweHRwcioENFBbiXBq0ZCmQ8Y3nqY24ghUfArPv_5zBc92vFUeauGRxhzPPdYBggWPCJehYUUym1aifg1O1EiYdYJiUJaj0PboRLBuXE2kYR2MoPDk39gTHDGsfqpZ9D0K5ylyhVBhLQaP0SW1H5TxwQ11UNbAEQ0FQQnVO6X48kIICMrEk4qZeqBmiybE3HBqlDKNdZ2ITpQHhx7Dx7L6aatsR4g8gFTTmP0f-PdBksesfHlJx3_esKZ-ZHtlwjiVLCtv2jTnAMk5T5L1eksTwPhjMhoA9INvAYBtHl0at4l2tNNGI4DZrp7s8tmus28knox8_ylMkUzq21ndDxWp-37S5ntaA9vbOEU-GdJ-iZY-uBgniSbrxw_b5JxTgbcO5gLT4sZBenHwhdlcH58bQ_WNsajEG_XNXB-f-9HbHu61ccmybx-Wc4F8bk1E1q3_uYpsbkN1Jil5vT_h368HWXk4qdCCMDbOEZ5F149L7oa1raysDhN3_sH44Xfzt9_a9Lf_tF_GerNKQmMmxiMyHJO_mZVxtrNJ-tGLG2e_OCuHGv29WZnjXHA8AvYOXOnQbhEZj-aO_oqGH5IzbppGYjPTFHX7XqeLpDG0CFrhLzvkdh30ljjQgTAStDKv4PCoPD2Zl8MK4m5SnugzWsY9aQ38-P68X_77LzRESKk-DdYyLWaZP4ET9CzljG9J_HAl8nGotreS0WFycXjxNxjV9RGbd37TTvXXrA_6fhb6T7Lov8rCYfiyOaWR8J2wb16hboU5Ejt-vaQrbKy7ZgEPnfIahSSbmSQESKyG45EoUGkdmUvAL_s4WsrABxqqYTzEwZyUkZ8iRUNt7SvxlGpABQomNL3Cvc_MVwut0RHfzi5XnydbWnqXC_BKNOfUsQ2R8E4tTiyJEWgox8Ix4jMWIaOwd7bS2EXORIf6nfjY3kqr90vfaI1oFA00g4ns6EE48mukRrlayF0mH7IHscBduuEP6zQp8mLR7rI8WRcFTyuJ2Mg832COIkuqYiu3TVqtF2rHE56nCU_TNNvwYrXJ6yZv6jzNBW62a2R5gp1Q-uOdfqG8H3CXplm6zhdaVKh9_EThnF4Z0BAzlj_-xThnfM8475SvbdcrHY-AHq-fFm4XX9Sq4ehZnmjlg79ECCpo3E0bbIREr0WNcprtea57GtHSddNHyWJweveXv4JiOfFrZKzobcf_GwAA__-IWf9z">