At link-time, when attempting to consolidate DWARF debug frame information (i.e. the contents of the .debug_frame section), the linker can, in some cases, generate incorrect addresses for information contained in a Frame Description Entry (FDE) for a given function.

For example, consider the debug frame information for a main() function in an object file that is input to the linker:

Function: main
Length: 28
CIE Pointer: 00000000
Initial Location: 0x00000000
Address Range: 88
State Table:
0x00000000 CFA:R13
0x00000002 CFA:R13+20
R4->[R13]
R5->[R13+4]
R6->[R13+8]
R7->[R13+12]
R14->[R13+16]
0x00000004 CFA:R13+48
R4->[R13+28]
R5->[R13+32]
R6->[R13+36]
R7->[R13+40]
R14->[R13+44]

Note: Such information about a function can be displayed using the following command on an ELF object file:

> tiarmofd -g --obj_display=none --dwarf_display=none,dframe main.o > main_fde.txt

Now consider the FDE for the main() function from the linked output file:

Function: main
Length: 36
CIE Pointer: 00000000
Initial Location: 0x000019a4
Address Range: 88
State Table:
0x000019a4 CFA:R13
0x000019a4 CFA:R13+20
R4->[R13]
R5->[R13+4]
R6->[R13+8]
R7->[R13+12]
R14->[R13+16]
0x000019a4 CFA:R13+48
R4->[R13+28]
R5->[R13+32]
R6->[R13+36]
R7->[R13+40]
R14->[R13+44]
0x000019f0 CFA:R13+48
R4->[R13+28]
R5->[R13+32]
R6->[R13+36]
R7->[R13+40]
R14->[R13+44]

Note that the first three Call Frame Address (CFA) entries are annotated with the same address. This is incorrect and does not correspond with the information that was obtained from the object file that contains the definition of main(). The linker should have advanced the CFA addresses for main() in the linked output in the same manner as was done for the input object file.

The above information can be obtained from the linked output file using a similar tiarmofd command as mentioned earlier:

> tiarmofd -g --obj_display=none --dwarf_display=none,dframe a.out > a_frames.txt