<table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>Issue</th>
<td>
<a href=https://github.com/llvm/llvm-project/issues/155334>155334</a>
</td>
</tr>
<tr>
<th>Summary</th>
<td>
[LLDB] BT not working correctly with Machine Function Splitting.
</td>
</tr>
<tr>
<th>Labels</th>
<td>
lldb
</td>
</tr>
<tr>
<th>Assignees</th>
<td>
</td>
</tr>
<tr>
<th>Reporter</th>
<td>
ayermolo
</td>
</tr>
</table>
<pre>
When MFS is enabled cold code is split off into a different "function".
If a breakpoint or crash point if debugging a core backtrace does not work.
Poking around the code.
I think what is happening is function gets split into hot and cold code, with corresponding entries in eh_frame and DW_AT_ranges in debug information.
When function is created for SymbolContext two ranges, one with negative start, are combined into one. With negative start.
During RegisterContextUnwind::InitializeZerothFrame()
when m_full_unwind_plan_sp = GetFullUnwindPlanForFrame(); is invoked and FuncUnwindersSP is created ranges are created in
UnwindTable::GetFuncUnwindersContainingAddress
For base_address it uses correct GileAddress at offset 0x2017ab and subtracts range base (-75). So base_address becomes address of hot function: 0x201760.
This leads to using wrong FDE is used:
```
intern-state th1/fr0 with pc value of 0x2017ab, symbol name is 'action(int, bool) (.cold)'
intern-state th1/fr0 0x00000000002017ab: CFA=rsp +8 => rsp=CFA+0 rip=[CFA-8]
intern-state th1/fr0 CFA is 0x7fffffffe9b8: Register rsp (7) contents are 0x7fffffffe9b0, offset is 8
intern-state th1/fr0 initialized frame current pc is 0x2017ab cfa is 0x7fffffffe9b8 afa is 0xffffffffffffffff using assembly insn profiling UnwindPlan
intern-state th1/fr0 supplying caller's saved rip (16)'s location using assembly insn profiling UnwindPlan
intern-state th1/fr0 supplying caller's register rip (16) from the stack, saved at CFA plus offset -8 [saved at 0x7fffffffe9b0]
intern-state th1/fr1 pc = 0x10000000000017f
```
```
0000000000201760 <_Z6actionib>:
; __attribute__((noinline)) int action(int a, bool crash) {
201760: 55 pushq %rbp
201761: 48 89 e5 movq %rsp, %rbp
201764: 48 83 ec 10 subq $0x10, %rsp
```
```
00000000002017ab <_Z6actionib.cold>:
; return 0;
2017ab: c7 45 fc 00 00 00 00 movl $0x0, -0x4(%rbp)
2017b2: e9 eb ff ff ff jmp 0x2017a2 <_Z6actionib+0x42>
```
eh_frame:
```
00000064 0000001c 00000068 FDE cie=00000000 pc=00201760...002017ab
Format: DWARF32
DW_CFA_advance_loc: 1 to 0x201761
DW_CFA_def_cfa_offset: +16
DW_CFA_offset: RBP -16
DW_CFA_advance_loc: 3 to 0x201764
DW_CFA_def_cfa_register: RBP
DW_CFA_advance_loc1: 70 to 0x2017aa
DW_CFA_def_cfa: RSP +8
DW_CFA_nop:
DW_CFA_nop:
0x201760: CFA=RSP+8: RIP=[CFA-8]
0x201761: CFA=RSP+16: RBP=[CFA-16], RIP=[CFA-8]
0x201764: CFA=RBP+16: RBP=[CFA-16], RIP=[CFA-8]
0x2017aa: CFA=RSP+8: RBP=[CFA-16], RIP=[CFA-8]
00000084 00000014 00000088 FDE cie=00000000 pc=002017ab...002017c2
Format: DWARF32
DW_CFA_def_cfa: RBP +16
DW_CFA_offset: RBP -16
DW_CFA_nop:
DW_CFA_nop:
0x2017ab: CFA=RBP+16: RBP=[CFA-16], RIP=[CFA-8]
```
Debug information has two ranges:
```
DW_TAG_subprogram
DW_AT_ranges (indexed (0x0) rangelist = 0x0000001c
[0x00000000002017ab, 0x00000000002017c2)
[0x0000000000201760, 0x00000000002017ab))
DW_AT_frame_base (DW_OP_reg6 RBP)
DW_AT_linkage_name ("_Z6actionib")
```
Examples of the issue:
Trunk LLVM
```
* thread #1, name = 'main.exe', stop reason = breakpoint 2.1
* frame #0: 0x00000000002017cb main.exe`action(a=1004, crash=true) at mainAOT.cpp:12:5
```
llvm-19
```
* thread #1, name = 'main.exe', stop reason = breakpoint 2.1
* frame #0: 0x00000000002017ab main.exe`action(a=1004, crash=true) at mainAOT.cpp:12:5
frame #1: 0x010000000000017f
frame #2: 0x0000000000201840 main.exe`main(argc=1, argv=0x00007fffffffd608) at mainAOT.cpp:23:3
```
mainAOT.cpp
```
#include <cstdlib>
int helper4(int a, int loop) {
for(int i = 0; i < loop; i++) {
a = a + 1;
}
return a;
}
__attribute__((noinline)) int action(int a, bool crash) {
a = helper4(a, rand() % 1000);
if (crash) {
return 0;
}
return a;
}
int main(int argc, char** argv) {
int loop = rand() % 1000;
int return_value = 0;
for (int i = 0; i < loop; ++i) {
return_value -= action(loop - i, false);
}
action(loop, true);
return return_value;
}
```
run.sh
```
COMP=/home/ayermolo/local/llvm-build-upstream-release/bin
$COMP/clang++ -g2 -fprofile-generate=. mainAOT.cpp -c -o mainProf.o
$COMP/clang++ -fuse-ld=lld -fno-pie -fprofile-generate=. mainProf.o -o mainProf.exe
env LLVM_PROFILE_FILE=test.profraw ./mainProf.exe
$COMP/clang++ $COMMONARGS -g2 -fprofile-use=test.profdata -ffunction-sections -fsplit-machine-functions mainAOT.cpp -c -o main.o
$COMP/clang++ -fuse-ld=lld -Wl,-no-pie -fno-pie main.o -o main.exe
```
Run LLDB
b main.cpp:12 (in if (crash))
bt
</pre>
<img width="1" height="1" alt="" src="http://email.email.llvm.org/o/eJzEWFlv47iy_jXMS0GGRFleHvLgpdVooPt2kOTeAPMiUBJlc0KTuiSVpM-vPyhSsuWlp2fmDHAEI9FS_OqrlSUxa8VOcX5PsjXJtnesc3tt7tkPbg5a6rtS1z_uX_Zcwbf8CYQFrlgpeQ2Vlvin5njTtlI40E0DQjkNDGrRNNxw5YBQ2nSqckIrQumExKsvDTAoDWevrRbKgTZQGWb3EC5FAzUvu91OqB0wqLThULLq1RlWcag1t6C0g3dtXhHtQb96QaM7VYPbc0_K6wG3F-oV3vfMIck9a1uuUFhYGDjBjruBv-e-1w6YGtlH6AbehdsjE8Ntq1WNGFw5I7gFoYDvi8awA_frti_F6rkwTO3CQ28LCNVoc2CoEamReOV9emQhLFSGM8draLSBpx-HUsuNVo5_OHDvGgIgctGKBz6K75gTbxysY8bhI2bQ-kMpFK-DNVrxCbxcSyOJbWfQkEe-E9Zx02v7X_UuVE3SFUlXX5RwgknxL_4bN9rtc7SS0AWhSxKv3tGCQ9F0UhadX1W0kqnCtkDSLXzmLu-kDHgPkqlcmzFAukarhXrTr7z2rss7VQVxbuzTw9gpvT-9gf0toUi8CuLPmJKBstc6gkGrmMCor-racGuD93NtoGSWFyzcBeGgs9yGIFcOPgvJ-xXAfGpb7iD-oHEyZ6Wna7sSc9LZwM7jAaGLaJ4RupzAkz5XUfJKH9CI_lo3PtmO1ZGuevxZ3OfI815YkJzVFpyGzmK43o1WO8i3n9A9neU-VF6azOL-F6-EctyoyDrmOLh9QmjemDjkTVvBG5MdRwKDQZg91icdKMxkYYHQOevLdiGUz69Sa0noEo2cYH1gGOn8Uh0eJ5XxR3w8el3pCjb5iqRbg6lC1wvMF5J-AmNbkm7xGV3HYARekWy9yVfRgmRb-GNNm3yFvOOPeRMOviwXqGzIcAj6FnO0ocJ0Vy7k1Nma2FdZCLiwsPi5O8WxPmoIHaDqjO96bRWo9OlSNeyaGrDhbnNx9KFm1vJDKX-AUFZBa3QjJN4_ldTPqdmubeUPlK6YlNwQOrdg2RvWkvBeSGYhfBakrnxn-ttqz-NwU7U5xmCkHRqjD75nW8eqV5-EniJzPpqt7OwQiWgBJFsfH19ELNve4nQklWBAsCnFH8kpHeNk3lzUzcXleerOYiDppvhtFupClCT91FdfuoaiYM4ZUXaOF4XvcQulhZJCce_oJXZkGJcUsKGowgboS2u-JvEKIOjD7M0yIPGy7ez-_0m8JDQzZXsSSVBkuoDFErgXPOi3Qc62iH-5YjqsSIFXkMRwdZB4absyoEzRYwOMbf-Ku1h54a7QM8Y-w8Nw1xkFMUm95aceUc1hmkFTQRyffiOOB_0mB46eYhR_TL3jvcF-jwo2lxTx-BJ4CU3T_65s_v3QknjZ1yy9DDVdxx9TiuyvXDDs_zc7cfDHbAp9ylX9yWzhm3glOEm3g9ugrfxVvwtMJseeiabkfoRAU8KxfVk95inFZ9uXYpOvCla_MVXxQuoKxRLcNvo9JfEQvVzNm6JqWBFqC0UJXSezEdLpyeP6AaLw7Cdq0pGa6Qhj0DLUfo_2EySfyfP4hMXYNZaHeHrwu8YYR-k2eP_WnWFXPW08j08PHgHRvjyc7zLjJcnlkmQ2GHFck8xwEd38MdJ0hLT-T5AYu23GnwYKmbY4JuRwsvhVQrLymJAV_VVC3orb-uGvpdmfCOp4mvh7fr2o5e3luA57ZscT-K0aR3rPq8-F7crW6J1hB0_x_Dh7MQC_A9T8g9d46hvYMqiQwrp-rxpaxg00bFnZ-sZwRTdXI1dF-2Z4Y8UsvrUCcZb9osDbN7jCj7hIePtSfH_Awp55V_e99pbBUqhXtuOFHyt9d6ZnbbXndhGGTx_s0Eruh2ScD4S1Xd9fn02nXuHr1__7drmMrsDtDWfo0jRBu4LSdIvD7IEJNeEfHCdWHDScbsFwZrXyEqMXUjoJzRIBw1hHaBqH-fzCsyUcYWfxcW9nJN0mcTxFPWFnT7fOdDgH4OyCS1bfnydVi9mc4OaUXdgi5dshSpbXqfZfMJL9k0ZiYhzVJb2665nsTIzeYLWYxmNWeIqczA77VRJehndv2Lv8umFYrGfx4iZBmpJ0lV4n4ljqMhKpUJXsanT-prKulmEi9IMo7LlsuZmOJz08kVq34zmv0aYXEaHo_XsxIgZRvCJ07X-nVQDMSzNsqJD0oxOQedgp-pGKhfvhLolX_-yEGhiczPSihqk6vN_jwAgY2PCu75eIBjvAFdLVDPgLO5BYH3DPEYOOSbhnhlBfIT72Iw2D5z3lWxzTk1xQWoRX5CEkQ6zgV8EKsRIj5Wd4kY_a4GFPKcIAb6Bh0vKRrwYfnAmjYF9jvVzvorGSM2-NEtZ0amL31y1l8_2b3xZpvtcHTmg-fPwjNMdXQ4n_sR-VnZB11LXWGc4OkeGSM-Scl_5bDKFTD0XzSjK1C56AaEchasJbJI92XHHDHI4Yk3EFQlRBpP2dB6Obif45XtNZHuF7xFbKGqJG6agV_I90BMQzfOwa8YqrN7-RFA-P3_MvXz8V-AfbGLdugnCGvcOE0Pxi3W1m4e637_-zevz8dGF3Z_kYt2aOQdQMn34iy_1_C1HjP0VGB1btheLRIGF_4qy_4KgXSegmOnqrPwkgR7jevvMe-Ngp-Pp1i1nVbwVDUw_lcFHXYUMvXZ9pw--uvk_rZbpkd_w-mWezZLbI4uxuf7-oKa-zKpuXFc2WlCcpq8pps0iS-XyaLuI7cU9jmsULOovjNIuzSc3rpKKzimdNSjPKyDTmBybkBNN0os3uzs8L90mWpen0TrKSS-u_cFMqZe2njmx7Z-77tN5ZMo1x7rInBCec9F_FveXZFtbPx-_O_ttG-FAof4SPat9CwPw3TD82PmEcnVC7yV1n5P3eudYPjzQnNN8Jt-_wffjQ19ZQYq3Rv_PKEZp7CyyheW_E2z39dwAAAP__r9Lhdg">