Turning off builtin-unembedding helps! I'm curious about how gdb modify the code when a breakpoint is set. I couldn't find useful links about this after searching. Could you provide some hint? Thank you!
On Thursday, December 2, 2021 at 4:35:26 PM UTC+8 [email protected] wrote: > gdb does modify the code when a breakpoint is set. My guess is, > builtin-unembedding for short builtin calls copies the modified code into > the v8 heap. You could try to disable short builtin calls. > https://source.chromium.org/chromium/chromium/src/+/main:v8/BUILD.gn;l=197;drc=38f97cae6bc93330b8ad916a3faefb8ec35352e1 > > On Thu, Dec 2, 2021 at 9:08 AM Jiading Guo <[email protected]> wrote: > >> Hi all, >> >> I'm following [1] to debug builtins (specifically >> `InterpreterEntryTrampoline`) with gdb. But it segfaults when I step >> through the code. After checking the assembly it turns out that the >> instruction has been modified. >> >> The desired instructions provided by `--print-builtin-code` are as >> follows: >> >> kind = BUILTIN >> name = InterpreterEntryTrampoline >> compiler = unknown >> address = 0x171700005181 >> ... >> Instructions (size = 1584) >> 0x171707687180 0 448b570b movl r10,[rdi+0xb] >> 0x171707687184 4 4d03d6 REX.W addq r10,r14 >> ... >> >> but as shown in gdb, %r10 is replaced with %edx in the first instruction: >> >> 0x223e07687181 mov 0xb(%rdi),%edx >> 0x223e07687184 add %r14,%r10 >> ... >> >> When I run the program without setting breakpoint on >> `Builtins_InterpreterEntryTrampoline` in gdb, it exits normally. [1] >> mentioned that "GDB modifies the binary". I'm wondering if gdb is modifying >> the memory content here? How can I prevent this? >> >> I also tried lldb, but after setting the breakpoint on >> `Builtins_InterpreterEntryTrampoline`, it didn't stop at this function. >> >> I'm using Ubuntu 20.04 with gdb 9.2 and lldb 10.0. Any help would be much >> appreciated. >> >> Regards, >> Jiading >> >> >> [1] https://v8.dev/docs/gdb >> [2] args.gn: >> is_component_build = true >> is_debug = true >> symbol_level = 2 >> target_cpu = "x64" >> use_goma = false >> v8_enable_backtrace = true >> v8_enable_fast_mksnapshot = true >> v8_enable_slow_dchecks = true >> v8_optimized_debug = false >> ``` >> [3] foo.js: >> function foo() { return 1; } >> foo(); >> %OptimizeFunctionOnNextCall(foo); >> foo(); >> foo(); >> >> -- >> -- >> v8-dev mailing list >> [email protected] >> http://groups.google.com/group/v8-dev >> --- >> You received this message because you are subscribed to the Google Groups >> "v8-dev" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/v8-dev/cc524ae3-1474-4a18-a420-6550459d2bf2n%40googlegroups.com >> >> <https://groups.google.com/d/msgid/v8-dev/cc524ae3-1474-4a18-a420-6550459d2bf2n%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> > -- -- v8-dev mailing list [email protected] http://groups.google.com/group/v8-dev --- You received this message because you are subscribed to the Google Groups "v8-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/v8-dev/624810e1-d8d1-4735-9b60-f47a3dc9e2f0n%40googlegroups.com.
