i did some more investigations.... turns out this is not a cosmetic
piece of code at all :)
suppose we have a function that ended with a branch-with-nullify-next
instruction back to the caller. if you did a "step" on the branch, and
we don't skip the nullified instruction, we would end up on the
nullified instruction which actually belongs to the next function.
for example:
Dump of assembler code for function call_with_trampolines:
0x0001217c <call_with_trampolines+0>: copy r3,r1
0x00012180 <call_with_trampolines+4>: copy sp,r3
0x00012184 <call_with_trampolines+8>: stw,ma r1,40(,sp)
0x00012188 <call_with_trampolines+12>: ldi -28,r19
0x0001218c <call_with_trampolines+16>: fstd fr5,r19(,r3)
0x00012190 <call_with_trampolines+20>: ldi -28,r19
0x00012194 <call_with_trampolines+24>: fldd r19(,r3),fr22
0x00012198 <call_with_trampolines+28>: fcpy,dbl fr22,fr4
0x0001219c <call_with_trampolines+32>: ldo 40(r3),sp
0x000121a0 <call_with_trampolines+36>: ldw,mb -40(,sp),r3
0x000121a4 <call_with_trampolines+40>: bv,n r0(rp)
End of assembler dump.
(gdb) disassemble 0x121a8
Dump of assembler code for function marker_indirect_call:
0x000121a8 <marker_indirect_call+0>: copy r3,r1
0x000121ac <marker_indirect_call+4>: copy sp,r3
0x000121b0 <marker_indirect_call+8>: stw,ma r1,40(,sp)
0x000121b4 <marker_indirect_call+12>: ldo 40(r3),sp
0x000121b8 <marker_indirect_call+16>: ldw,mb -40(,sp),r3
0x000121bc <marker_indirect_call+20>: bv,n r0(rp)
if we are at 0x121a4, and we do a step, it will stop at
"marker_indirect_call" instead of back at the caller of
"call_with_trampolines". since the insn at 0x121a8 is not actually
executed in this call sequence, the correct thing to do is to blindly
step past the nullified instruction before we make any decision on what
to do.