BPF: Emit an error for illegal LD_imm64 insn when LLVM_ENABLE_ASSERTI…

[yonghong-song]

…ONS=OFF

Jose reported an issue ([1]) where for the below illegal asm code

  r0 = 1 + w3 ll

clang actually supports it and generates the object code.

Further investigation finds that clang actually intends to reject the above code as well but only when the clang is built with LLVM_ENABLE_ASSERTIONS=ON.

I later found that clang16 (built by redhat and centos) in fedora system has the same issue since they also have LLVM_ENABLE_ASSERTIONS=OFF ([2]).

So let BPF backend report an error for the above case regardless of the LLVM_ENABLE_ASSERTIONS setting.

[1] https://lore.kernel.org/bpf/87leahx2xh.fsf@oracle.com/#t
[2] https://lore.kernel.org/bpf/840e33ec-ea4c-4b55-bda1-0be8d1e0324f@linux.dev/

[yonghong-song]

cc @4ast @anakryiko @jemarch

[eddyz87]

I tried building with LLVM_ENABLE_ASSERTIONS=OFF and the following example still does not produce error:

$ cat test-asm-ll.c
int foo(void)
{
  asm volatile ("r1 = 10 + w3 ll;");
  return 0;
}
$ clang -target bpf -c test-asm-ll.c -o - | llvm-objdump -d -
...
0000000000000000 <foo>:
       0:	18 01 00 00 0a 00 00 00 00 00 00 00 00 00 00 00	r1 = 0xa ll
       2:	b7 00 00 00 00 00 00 00	r0 = 0x0
       3:	95 00 00 00 00 00 00 00	exit

[eddyz87]

Also I'm not sure if simply asserting is good in this context. I think a better approach is to:

• create a custom visitor for MCExpr values that collects unsupported expressions (using MCStreamer::visitUsedExpr() from lib/MC/MCStreamer.cpp as an example, there are only 5 different kinds of expressions);
• call this visitor in Match_Success branch of BPFAsmParser::MatchAndEmitInstruction() and report unsupported expressions using MCAsmParserExtension::Error function to get user friendly output.

[yonghong-song]

I tried building with LLVM_ENABLE_ASSERTIONS=OFF and the following example still does not produce error:

$ cat test-asm-ll.c
int foo(void)
{
  asm volatile ("r1 = 10 + w3 ll;");
  return 0;
}
$ clang -target bpf -c test-asm-ll.c -o - | llvm-objdump -d -
...
0000000000000000 <foo>:
       0:	18 01 00 00 0a 00 00 00 00 00 00 00 00 00 00 00	r1 = 0xa ll
       2:	b7 00 00 00 00 00 00 00	r0 = 0x0
       3:	95 00 00 00 00 00 00 00	exit

@eddyz87 The following is my cmake command line:

cd llvm-project/llvm/build
cmake .. -DCMAKE_BUILD_TYPE=Release -G Ninja \
    -DLLVM_ENABLE_PROJECTS="clang;lld;compiler-rt" \
    -DLLVM_TARGETS_TO_BUILD="BPF;X86" \
    -DLLVM_ENABLE_ASSERTIONS=OFF \
    -DLLVM_ENABLE_ZLIB=ON \
    -DCMAKE_INSTALL_PREFIX=$PWD/install

ninja && ninja install

And confirms assertion is indeed off with the build

[~/work/llvm-project/llvm/build (debug-asm)]$ grep LLVM_ENABLE_ASSERTIONS CMakeCache.txt 
LLVM_ENABLE_ASSERTIONS:BOOL=OFF

Top commit

commit a4d9a52927213dd5b0087704e52641741202f88b (HEAD -> debug-asm)
Author: Yonghong Song <yonghong.song@linux.dev>
Date:   Thu Nov 30 09:11:14 2023 -0800

    debug asm

commit ba523106579fd26d52e16c1a6f4eeb839d84351f
Author: Alexey Bataev <5361294+alexey-bataev@users.noreply.github.com>
Date:   Thu Nov 30 10:04:57 2023 -0500

    [SLP][NFC] Unify code for cost estimation/codegen for buildvector, NFC. (#73182)
    
    This just moves towards reusing same function for both cost
    estimation/codegen for buildvector.

[~/work/llvm-project/llvm/build (debug-asm)]$ git show
commit a4d9a52927213dd5b0087704e52641741202f88b (HEAD -> debug-asm)
Author: Yonghong Song <yonghong.song@linux.dev>
Date:   Thu Nov 30 09:11:14 2023 -0800

...

diff --git a/llvm/lib/Target/BPF/MCTargetDesc/BPFInstPrinter.cpp b/llvm/lib/Target/BPF/MCTargetDesc/BPFInstPrinter.cpp
index 15ab55f95e69..c266538bec73 100644
--- a/llvm/lib/Target/BPF/MCTargetDesc/BPFInstPrinter.cpp
+++ b/llvm/lib/Target/BPF/MCTargetDesc/BPFInstPrinter.cpp
@@ -36,15 +36,16 @@ void BPFInstPrinter::printInst(const MCInst *MI, uint64_t Address,
 }
 
 static void printExpr(const MCExpr *Expr, raw_ostream &O) {
-#ifndef NDEBUG
   const MCSymbolRefExpr *SRE;
 
   if (const MCBinaryExpr *BE = dyn_cast<MCBinaryExpr>(Expr))
     SRE = dyn_cast<MCSymbolRefExpr>(BE->getLHS());
   else
     SRE = dyn_cast<MCSymbolRefExpr>(Expr);
-  assert(SRE && "Unexpected MCExpr type.");
+  if (!SRE)
+    report_fatal_error("Unexpected MCExpr type.");
 
+#ifndef NDEBUG
   MCSymbolRefExpr::VariantKind Kind = SRE->getKind();
 
   assert(Kind == MCSymbolRefExpr::VK_None);

The test

[~/tmp1]$ which clang                                                                                                                 
~/work/llvm-project/llvm/build/install/bin/clang        
[~/tmp1]$ clang --version
clang version 18.0.0 (https://github.com/llvm/llvm-project.git a4d9a52927213dd5b0087704e52641741202f88b)
Target: x86_64-unknown-linux-gnu
Thread model: posix
InstalledDir: /home/yhs/work/llvm-project/llvm/build/install/bin                                                                                                 
[yhs@devbig309.ftw3 ~/tmp1]$ cat t.c                                                                                                                     
  int                                                                                                                                                    
  foo ()                                                                                                                                                 
  {                                                                                                                                                      
    asm volatile ("r1 = 10 + w3 ll");                                                                                                                    
    return 0;                                                                                                                                            
  }                                                                                                                                                      
[~/tmp1]$ clang --target=bpf -O2 -g -S t.c                                                                                            
fatal error: error in backend: Unexpected MCExpr type.                                                                                                   
PLEASE submit a bug report to https://github.com/llvm/llvm-project/issues/ and include the crash backtrace, preprocessed source, and associated run scrip
t.                                                   
...

Did I miss anything?

[eddyz87]

That's what I did, yes. Let me rebuild once again, just in case.

[eddyz87]

Rebuilt everything from scratch using the following commands:

$ cmake -S llvm -B build/ -DCMAKE_BUILD_TYPE=Release -G Ninja \
  -DLLVM_ENABLE_PROJECTS="clang;lld;compiler-rt" \
  -DLLVM_TARGETS_TO_BUILD="BPF;X86" \
  -DLLVM_ENABLE_ASSERTIONS=OFF \
  -DLLVM_ENABLE_ZLIB=ON \
  -DCMAKE_C_COMPILER=/usr/bin/clang \
  -DCMAKE_CXX_COMPILER=/usr/bin/clang++
$ ninja -j14 -C build/

Confirmed that assertions are off:

$ grep LLVM_ENABLE_ASSERTIONS build/CMakeCache.txt 
LLVM_ENABLE_ASSERTIONS:BOOL=OFF

Still no error:

$ which clang
/home/eddy/work/llvm-project/build/bin/clang
$ cat test-asm-ll.c 
int foo(void)
{
  asm volatile ("r1 = 10 + w3 ll;");
  return 0;
}
$ clang -O2 --target=bpf -c test-asm-ll.c -o /dev/null
$ echo $?
0

Repository state:

fc1061e40f73 - (HEAD -> tmp) BPF: Emit an error for illegal LD_imm64 insn when LLVM_ENABLE_ASSERTIONS=OFF (6 hours ago) <Yonghong Song>
248446980317 - (main) Revert "[BPF] Attribute preserve_static_offset for structs" (22 hours ago) <Eduard Zingerman>
e86591b37d4e - [flang] Improve procedure interface compatibility checking for dummy … (#72704) (22 hours ago) <Peter Klausler>
...

[yonghong-song]

It is very strange. I am using the same cmake options.

cmake .. -DCMAKE_BUILD_TYPE=Release -G Ninja \
    -DLLVM_ENABLE_PROJECTS="clang;lld;compiler-rt" \
    -DLLVM_TARGETS_TO_BUILD="BPF;X86" \
    -DLLVM_ENABLE_ASSERTIONS=OFF \
    -DLLVM_ENABLE_ZLIB=ON \
    -DCMAKE_C_COMPILER=/usr/bin/clang \
    -DCMAKE_CXX_COMPILER=/usr/bin/clang++ \
    -DCMAKE_INSTALL_PREFIX=$PWD/install

ninja && ninja install

The top commits in my repo

465ab5867fa7 (HEAD -> ed-tmp) debug asm
248446980317 Revert "[BPF] Attribute preserve_static_offset for structs"
e86591b37d4e [flang] Improve procedure interface compatibility checking for dummy … (#72704)
f8a21dff70cc [SPIR-V] Mark currently failing tests as XFAIL (#73858)
...

where the top commit is this patch.

Still I got the same failure. My previous initial compiler is not specified and it uses 'gcc' 8.5 on the host.
Explicit specifying clang/clang++ are specified in the above.

$ rpm -qf /usr/bin/clang
clang-15.0.7-1.module_el8.8.0+1258+af79b238.x86_64
$ rpm -qf /usr/bin/clang++
clang-15.0.7-1.module_el8.8.0+1258+af79b238.x86_64

@4ast, @anakryiko if you got time, could you try as well with your setup with this patch and LLVM_ENABLE_ASSERTIONS=OFF?

@eddyz87 Could you debug why it didn't error out? That is, why the code path didn't reach printExpr() function and triggers an error?

[eddyz87]

For me, when assertions are enabled, the error is reported not in printExpr, but in BPFMCCodeEmitter::getMachineOpValue:

$ clang -O2 --target=bpf -c test-asm-ll.c -o /dev/null 
clang: /home/eddy/work/llvm-project/llvm/lib/Target/BPF/MCTargetDesc/BPFMCCodeEmitter.cpp:92: unsigned int (anonymous namespace)::BPFMCCodeEmitter::getMachineOpValue(const MCInst &, const MCOperand &, SmallVectorImpl<MCFixup> &, const MCSubtargetInfo &) const: Assertion `Expr->getKind() == MCExpr::SymbolRef' failed.
PLEASE submit a bug report to https://github.com/llvm/llvm-project/issues/ and include the crash backtrace, preprocessed source, and associated run script.
Stack dump:
0.	Program arguments: clang -O2 --target=bpf -c test-asm-ll.c -o /dev/null
1.	<eof> parser at end of file
2.	Code generation
3.	Running pass 'Function Pass Manager' on module 'test-asm-ll.c'.
4.	Running pass 'BPF Assembly Printer' on function '@foo'
 #0 0x000055ef0b9e3954 llvm::sys::PrintStackTrace(llvm::raw_ostream&, int) (/home/eddy/work/llvm-project/build/bin/clang-18+0x3aba954)
 #1 0x000055ef0b9e331d llvm::sys::CleanupOnSignal(unsigned long) (/home/eddy/work/llvm-project/build/bin/clang-18+0x3aba31d)
 #2 0x000055ef0b982f39 (anonymous namespace)::CrashRecoveryContextImpl::HandleCrash(int, unsigned long) CrashRecoveryContext.cpp:0:0
 #3 0x000055ef0b9830cf CrashRecoverySignalHandler(int) CrashRecoveryContext.cpp:0:0
 #4 0x00007fa04003f190 __restore_rt (/lib64/libc.so.6+0x3f190)
 #5 0x00007fa040091dec __pthread_kill_implementation (/lib64/libc.so.6+0x91dec)
 #6 0x00007fa04003f0c6 gsignal (/lib64/libc.so.6+0x3f0c6)
 #7 0x00007fa0400268d7 abort (/lib64/libc.so.6+0x268d7)
 #8 0x00007fa0400267eb _nl_load_domain.cold (/lib64/libc.so.6+0x267eb)
 #9 0x00007fa040037016 (/lib64/libc.so.6+0x37016)
#10 0x000055ef0ad9285d (/home/eddy/work/llvm-project/build/bin/clang-18+0x2e6985d)
#11 0x000055ef0ad92305 (anonymous namespace)::BPFMCCodeEmitter::getBinaryCodeForInstr(llvm::MCInst const&, llvm::SmallVectorImpl<llvm::MCFixup>&, llvm::MCSubtargetInfo const&) const BPFMCCodeEmitter.cpp:0:0
#12 0x000055ef0ad92061 (anonymous namespace)::BPFMCCodeEmitter::encodeInstruction(llvm::MCInst const&, llvm::SmallVectorImpl<char>&, llvm::SmallVectorImpl<llvm::MCFixup>&, llvm::MCSubtargetInfo const&) const BPFMCCodeEmitter.cpp:0:0
#13 0x000055ef0b81eef4 llvm::MCELFStreamer::emitInstToData(llvm::MCInst const&, llvm::MCSubtargetInfo const&) (/home/eddy/work/llvm-project/build/bin/clang-18+0x38f5ef4)
#14 0x000055ef0b82f480 llvm::MCObjectStreamer::emitInstruction(llvm::MCInst const&, llvm::MCSubtargetInfo const&) (/home/eddy/work/llvm-project/build/bin/clang-18+0x3906480)
#15 0x000055ef0ad8f39c (anonymous namespace)::BPFAsmParser::MatchAndEmitInstruction(llvm::SMLoc, unsigned int&, llvm::SmallVectorImpl<std::unique_ptr<llvm::MCParsedAsmOperand, std::default_delete<llvm::MCParsedAsmOperand>>>&, llvm::MCStreamer&, unsigned long&, bool) BPFAsmParser.cpp:0:0
#16 0x000055ef0b87b159 (anonymous namespace)::AsmParser::parseAndMatchAndEmitTargetInstruction((anonymous namespace)::ParseStatementInfo&, llvm::StringRef, llvm::AsmToken, llvm::SMLoc) AsmParser.cpp:0:0
#17 0x000055ef0b870550 (anonymous namespace)::AsmParser::parseStatement((anonymous namespace)::ParseStatementInfo&, llvm::MCAsmParserSemaCallback*) AsmParser.cpp:0:0
#18 0x000055ef0b86bc7a (anonymous namespace)::AsmParser::Run(bool, bool) AsmParser.cpp:0:0
#19 0x000055ef0c37f8e4 llvm::AsmPrinter::emitInlineAsm(llvm::StringRef, llvm::MCSubtargetInfo const&, llvm::MCTargetOptions const&, llvm::MDNode const*, llvm::InlineAsm::AsmDialect) const (/home/eddy/work/llvm-project/build/bin/clang-18+0x44568e4)
#20 0x000055ef0c380842 llvm::AsmPrinter::emitInlineAsm(llvm::MachineInstr const*) const (/home/eddy/work/llvm-project/build/bin/clang-18+0x4457842)
#21 0x000055ef0c36e5a1 llvm::AsmPrinter::emitFunctionBody() (/home/eddy/work/llvm-project/build/bin/clang-18+0x44455a1)

Subsequently, the following modification works with both assertions on and off:

diff --git a/llvm/lib/Target/BPF/MCTargetDesc/BPFMCCodeEmitter.cpp b/llvm/lib/Target/BPF/MCTargetDesc/BPFMCCodeEmitter.cpp
index b807d6904004..4f4ebdabf810 100644
--- a/llvm/lib/Target/BPF/MCTargetDesc/BPFMCCodeEmitter.cpp
+++ b/llvm/lib/Target/BPF/MCTargetDesc/BPFMCCodeEmitter.cpp
@@ -89,6 +89,14 @@ unsigned BPFMCCodeEmitter::getMachineOpValue(const MCInst &MI,
 
   const MCExpr *Expr = MO.getExpr();
 
+  if (Expr->getKind() != MCExpr::SymbolRef) {
+    std::string Msg;
+    llvm::raw_string_ostream S(Msg);
+    S << "getMachineOpValue: unexpected Expr->getKind() == "
+      << (unsigned)Expr->getKind() << ": "
+      << "'" << *Expr << "'" << "\n";
+    report_fatal_error(StringRef(Msg));
+  }
   assert(Expr->getKind() == MCExpr::SymbolRef);
 
   if (MI.getOpcode() == BPF::JAL)

Still, I think that error should be reported earlier, when expressions are parsed.

[yonghong-song]

Okay, my crash call stack:

clang: ../lib/Target/BPF/MCTargetDesc/BPFInstPrinter.cpp:46: void printExpr(const llvm::MCExpr*, llvm::raw_ostream&): Assertion `SRE && "Unexpected MCExpr type."' failed.                                                                                                                
PLEASE submit a bug report to https://github.com/llvm/llvm-project/issues/ and include the crash backtrace, preprocessed source, and associated run script.                                                                                                                               
Stack dump:                                                                                                                                  0.      Program arguments: /home/yhs/work/llvm-project/llvm/build/install/bin/clang --target=bpf -O2 -S -fcolor-diagnostics -o t.s t.c       
1.      <eof> parser at end of file                                                                                                          2.      Code generation                                                                                                                      
3.      Running pass 'Function Pass Manager' on module 't.c'.                                                                                
4.      Running pass 'BPF Assembly Printer' on function '@foo'                                                                               
 #0 0x0000000001d664f8 llvm::sys::PrintStackTrace(llvm::raw_ostream&, int) (/home/yhs/work/llvm-project/llvm/build/install/bin/clang+0x1d664f
8)                                                                                                                                           
 #1 0x0000000001d6432c llvm::sys::CleanupOnSignal(unsigned long) (/home/yhs/work/llvm-project/llvm/build/install/bin/clang+0x1d6432c)        
 #2 0x0000000001cb85e0 CrashRecoverySignalHandler(int) CrashRecoveryContext.cpp:0:0                                                          
 #3 0x00007f12ab012cf0 __restore_rt (/lib64/libpthread.so.0+0x12cf0)                                                                         
 #4 0x00007f12a8c4eacf raise (/lib64/libc.so.6+0x4eacf)                                                                                      
 #5 0x00007f12a8c21ea5 abort (/lib64/libc.so.6+0x21ea5)                                                                                      
 #6 0x00007f12a8c21d79 _nl_load_domain.cold.0 (/lib64/libc.so.6+0x21d79)                                                                     
 #7 0x00007f12a8c47426 (/lib64/libc.so.6+0x47426)
 #8 0x0000000000b5579f printExpr(llvm::MCExpr const*, llvm::raw_ostream&) BPFInstPrinter.cpp:0:0
 #9 0x0000000000b55fcc llvm::BPFInstPrinter::printImm64Operand(llvm::MCInst const*, unsigned int, llvm::raw_ostream&) (/home/yhs/work/llvm-pr
oject/llvm/build/install/bin/clang+0xb55fcc)                                                                                                 
#10 0x0000000000b5756c llvm::BPFInstPrinter::printInst(llvm::MCInst const*, unsigned long, llvm::StringRef, llvm::MCSubtargetInfo const&, llvm::raw_ostream&) (/home/yhs/work/llvm-project/llvm/build/install/bin/clang+0xb5756c)                                                         #11 0x0000000001a62e7c (anonymous namespace)::MCAsmStreamer::emitInstruction(llvm::MCInst const&, llvm::MCSubtargetInfo const&) MCAsmStreamer.cpp:0:0                                                                                                                                     
#12 0x0000000000b50b2d (anonymous namespace)::BPFAsmParser::MatchAndEmitInstruction(llvm::SMLoc, unsigned int&, llvm::SmallVectorImpl<std::unique_ptr<llvm::MCParsedAsmOperand, std::default_delete<llvm::MCParsedAsmOperand>>>&, llvm::MCStreamer&, unsigned long&, bool) BPFAsmParser.cp
p:0:0
#13 0x0000000001b22721 (anonymous namespace)::AsmParser::parseAndMatchAndEmitTargetInstruction((anonymous namespace)::ParseStatementInfo&, llvm::StringRef, llvm::AsmToken, llvm::SMLoc) AsmParser.cpp:0:0
#14 0x0000000001b37c3b (anonymous namespace)::AsmParser::parseStatement((anonymous namespace)::ParseStatementInfo&, llvm::MCAsmParserSemaCallback*) (.part.818) AsmParser.cpp:0:0
#15 0x0000000001b32b61 (anonymous namespace)::AsmParser::Run(bool, bool) AsmParser.cpp:0:0
#16 0x000000000297d969 llvm::AsmPrinter::emitInlineAsm(llvm::StringRef, llvm::MCSubtargetInfo const&, llvm::MCTargetOptions const&, llvm::MDNode const*, llvm::InlineAsm::AsmDialect) const (/home/yhs/work/llvm-project/llvm/build/install/bin/clang+0x297d969)
#17 0x000000000297e90d llvm::AsmPrinter::emitInlineAsm(llvm::MachineInstr const*) const (/home/yhs/work/llvm-project/llvm/build/install/bin/clang+0x297e90d)
#18 0x00000000029798e1 llvm::AsmPrinter::emitFunctionBody() (/home/yhs/work/llvm-project/llvm/build/install/bin/clang+0x29798e1)
#19 0x0000000000af1b75 llvm::AsmPrinter::runOnMachineFunction(llvm::MachineFunction&) (/home/yhs/work/llvm-project/llvm/build/install/bin/clang+0xaf1b75)

[yonghong-song]

For me, when assertions are enabled, the error is reported not in printExpr, but in BPFMCCodeEmitter::getMachineOpValue:
...

Subsequently, the following modification works with both assertions on and off:

diff --git a/llvm/lib/Target/BPF/MCTargetDesc/BPFMCCodeEmitter.cpp b/llvm/lib/Target/BPF/MCTargetDesc/BPFMCCodeEmitter.cpp
index b807d6904004..4f4ebdabf810 100644
--- a/llvm/lib/Target/BPF/MCTargetDesc/BPFMCCodeEmitter.cpp
+++ b/llvm/lib/Target/BPF/MCTargetDesc/BPFMCCodeEmitter.cpp
@@ -89,6 +89,14 @@ unsigned BPFMCCodeEmitter::getMachineOpValue(const MCInst &MI,
 
   const MCExpr *Expr = MO.getExpr();
 
+  if (Expr->getKind() != MCExpr::SymbolRef) {
+    std::string Msg;
+    llvm::raw_string_ostream S(Msg);
+    S << "getMachineOpValue: unexpected Expr->getKind() == "
+      << (unsigned)Expr->getKind() << ": "
+      << "'" << *Expr << "'" << "\n";
+    report_fatal_error(StringRef(Msg));
+  }
   assert(Expr->getKind() == MCExpr::SymbolRef);
 
   if (MI.getOpcode() == BPF::JAL)

Still, I think that error should be reported earlier, when expressions are parsed.

The above code is in BPFMCCodeEmitter which is later than my crash point, so I suspect it won't affect my crash signature. Indeed, I applied the above change and my crash pattern remains the same.

[eddyz87]

I cherry-picked your commit 9dcd1f9fd005 on top of main, removed old build directory and rebuilt everything from scratch again. Now local behavior matches your behavior: regardless assertions on or off the following error is reported: fatal error: error in backend: Unexpected MCExpr type. + stack trace.

I apologize for causing this confusion.
Probably I reconfigured LLVM but did not delete old build directory.

I can approve this change if you don't plan to update it to report error on parsing stage.

[yonghong-song]

No problem, it is still a mystery why old build interferes with new build, I suppose cmake should take care of this. But anyway, glad now we are on the same page.

I think the current change is okay and I don't plan to check other asserts at this moment. Those asserts are mostly for BPF llvm backend developers. I assume most (if not all) users should be able to write inline asm with correct syntax if they intend to embed inline asm in their bpf programs. So please stamp if you get a chance. Thanks!