Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Invalid usage of the XADD return value #91888

Closed
arieleiz opened this issue May 12, 2024 · 4 comments · Fixed by #92742
Closed

Invalid usage of the XADD return value #91888

arieleiz opened this issue May 12, 2024 · 4 comments · Fixed by #92742
Assignees
@inclyc
Labels
backend:BPF crash Prefer [crash-on-valid] or [crash-on-invalid]

Comments

@arieleiz
Copy link

When building an eBPF program, I get the final error:

fatal error: error in backend: line 37: Invalid usage of the XADD return value
PLEASE submit a bug report to https://github.com/llvm/llvm-project/issues/ and include the crash backtrace, preprocessed source, and associated run script.
Stack dump:
0.      Program arguments: clang -O2 -mcpu=v1 -I./bpftool/src/libbpf/include/ -I./ -D__TARGET_ARCH_x86=1 -target bpfel -c /home/user/ebpf/src2/ebpfcode.c -o /home/user/ebpf/src2/bpf_bpfel.o -fno-ident -fdebug-prefix-map=/home/user/ebpf/src2=. -fdebug-compilation-dir . -g "-D__BPF_TARGET_MISSING=\"GCC error \\\"The eBPF is using target specific macros, please provide -target that is not bpf, bpfel or bpfeb\\\"\"" -MD -MP -MF/tmp/bpf2go1503467571
1.      <eof> parser at end of file
2.      Code generation
3.      Running pass 'Function Pass Manager' on module '/home/user/ebpf/src2/ebpfcode.c'.
4.      Running pass 'BPF PreEmit Checking' on function '@next_event_id'
 #0 0x00007f2f77abbe1a llvm::sys::PrintStackTrace(llvm::raw_ostream&, int) (/lib64/libLLVM-17.so+0x8bbe1a)
 #1 0x00007f2f77ab97a4 llvm::sys::RunSignalHandlers() (/lib64/libLLVM-17.so+0x8b97a4)
 #2 0x00007f2f779f07e2 (/lib64/libLLVM-17.so+0x7f07e2)
 #3 0x00007f2f779f079f (/lib64/libLLVM-17.so+0x7f079f)
 #4 0x00007f2f77ab5c1d (/lib64/libLLVM-17.so+0x8b5c1d)
 #5 0x0000000000412eb7 (/usr/bin/clang-17+0x412eb7)
 #6 0x00007f2f77a02137 llvm::report_fatal_error(llvm::Twine const&, bool) (/lib64/libLLVM-17.so+0x802137)
 #7 0x00007f2f7a9ea9e7 (/lib64/libLLVM-17.so+0x37ea9e7)
 #8 0x00007f2f77ef568c llvm::MachineFunctionPass::runOnFunction(llvm::Function&) (/lib64/libLLVM-17.so+0xcf568c)
 #9 0x00007f2f77c325b5 llvm::FPPassManager::runOnFunction(llvm::Function&) (/lib64/libLLVM-17.so+0xa325b5)
#10 0x00007f2f77c39393 llvm::FPPassManager::runOnModule(llvm::Module&) (/lib64/libLLVM-17.so+0xa39393)
#11 0x00007f2f77c32c6a llvm::legacy::PassManagerImpl::run(llvm::Module&) (/lib64/libLLVM-17.so+0xa32c6a)
#12 0x00007f2f7f36e825 clang::EmitBackendOutput(clang::DiagnosticsEngine&, clang::HeaderSearchOptions const&, clang::CodeGenOptions const&, clang::TargetOptions const&, clang::LangOptions const&, llvm::StringRef, llvm::Module*, clang::BackendAction, llvm::IntrusiveRefCntPtr<llvm::vfs::FileSystem>, std::unique_ptr<llvm::raw_pwrite_stream, std::default_delete<llvm::raw_pwrite_stream>>) (/lib64/libclang-cpp.so.17+0x1b6e825)
#13 0x00007f2f7f76b048 (/lib64/libclang-cpp.so.17+0x1f6b048)
#14 0x00007f2f7e117526 clang::ParseAST(clang::Sema&, bool, bool) (/lib64/libclang-cpp.so.17+0x917526)
#15 0x00007f2f8032dc86 clang::FrontendAction::Execute() (/lib64/libclang-cpp.so.17+0x2b2dc86)
#16 0x00007f2f8029ae40 clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) (/lib64/libclang-cpp.so.17+0x2a9ae40)
#17 0x00007f2f803ae6d4 clang::ExecuteCompilerInvocation(clang::CompilerInstance*) (/lib64/libclang-cpp.so.17+0x2bae6d4)
#18 0x0000000000412911 cc1_main(llvm::ArrayRef<char const*>, char const*, void*) (/usr/bin/clang-17+0x412911)
#19 0x000000000040fd25 (/usr/bin/clang-17+0x40fd25)
#20 0x00007f2f7fed4bfd (/lib64/libclang-cpp.so.17+0x26d4bfd)
#21 0x00007f2f779f0774 llvm::CrashRecoveryContext::RunSafely(llvm::function_ref<void ()>) (/lib64/libLLVM-17.so+0x7f0774)
#22 0x00007f2f7fed4627 clang::driver::CC1Command::Execute(llvm::ArrayRef<std::optional<llvm::StringRef>>, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>*, bool*) const (/lib64/libclang-cpp.so.17+0x26d4627)
#23 0x00007f2f7fe9afee clang::driver::Compilation::ExecuteCommand(clang::driver::Command const&, clang::driver::Command const*&, bool) const (/lib64/libclang-cpp.so.17+0x269afee)
#24 0x00007f2f7fe9b257 clang::driver::Compilation::ExecuteJobs(clang::driver::JobList const&, llvm::SmallVectorImpl<std::pair<int, clang::driver::Command const*>>&, bool) const (/lib64/libclang-cpp.so.17+0x269b257)
#25 0x00007f2f7feb85da clang::driver::Driver::ExecuteCompilation(clang::driver::Compilation&, llvm::SmallVectorImpl<std::pair<int, clang::driver::Command const*>>&) (/lib64/libclang-cpp.so.17+0x26b85da)
#26 0x000000000040f568 clang_main(int, char**, llvm::ToolContext const&) (/usr/bin/clang-17+0x40f568)
#27 0x000000000041c036 main (/usr/bin/clang-17+0x41c036)
#28 0x00007f2f76a3feb0 __libc_start_call_main (/lib64/libc.so.6+0x3feb0)
#29 0x00007f2f76a3ff60 __libc_start_main@GLIBC_2.2.5 (/lib64/libc.so.6+0x3ff60)
#30 0x000000000040c425 _start (/usr/bin/clang-17+0x40c425)
Error: can't execute clang: exit status 1
@EugeneZelenko EugeneZelenko added backend:BPF crash Prefer [crash-on-valid] or [crash-on-invalid] and removed new issue labels May 12, 2024
@EugeneZelenko
Copy link
Contributor

Could you please try 18 or main branch? https://godbolt.org should be helpful.

@EugeneZelenko EugeneZelenko added the incomplete Issue not complete (e.g. missing a reproducer, build arguments, etc.) label May 12, 2024
@arieleiz
Copy link
Author

Yes, it happens with 18 and main.
Code to reproduce in godbolt.org:

typedef unsigned int u32;
volatile u32 GLOBAL_EVENT_ID = 0;

u32 next_event_id()
{
    return __sync_fetch_and_add(&GLOBAL_EVENT_ID, 1);
}

Here is with trunk branch:

fatal error: error in backend: line 6: Invalid usage of the XADD return value
PLEASE submit a bug report to https://github.com/llvm/llvm-project/issues/ and include the crash backtrace, preprocessed source, and associated run script.
Stack dump:
0.	Program arguments: /opt/compiler-explorer/clang-trunk/bin/clang++ -g -o /app/output.s -S -target bpf -fcolor-diagnostics -fno-crash-diagnostics -O2 <source>
1.	<eof> parser at end of file
2.	Code generation
3.	Running pass 'Function Pass Manager' on module '<source>'.
4.	Running pass 'BPF PreEmit Checking' on function '@_Z13next_event_idv'
 #0 0x0000000003702088 llvm::sys::PrintStackTrace(llvm::raw_ostream&, int) (/opt/compiler-explorer/clang-trunk/bin/clang+++0x3702088)
 #1 0x00000000037001d4 llvm::sys::CleanupOnSignal(unsigned long) (/opt/compiler-explorer/clang-trunk/bin/clang+++0x37001d4)
 #2 0x0000000003655113 llvm::CrashRecoveryContext::HandleExit(int) (/opt/compiler-explorer/clang-trunk/bin/clang+++0x3655113)
 #3 0x00000000036f77ae llvm::sys::Process::Exit(int, bool) (/opt/compiler-explorer/clang-trunk/bin/clang+++0x36f77ae)
 #4 0x0000000000c5af16 (/opt/compiler-explorer/clang-trunk/bin/clang+++0xc5af16)
 #5 0x000000000365e1c3 llvm::report_fatal_error(llvm::Twine const&, bool) (/opt/compiler-explorer/clang-trunk/bin/clang+++0x365e1c3)
 #6 0x00000000017a670d (anonymous namespace)::BPFMIPreEmitChecking::processAtomicInsts() (.isra.0) BPFMIChecking.cpp:0:0
 #7 0x0000000002b8ea10 llvm::MachineFunctionPass::runOnFunction(llvm::Function&) (.part.0) MachineFunctionPass.cpp:0:0
 #8 0x00000000030b9df2 llvm::FPPassManager::runOnFunction(llvm::Function&) (/opt/compiler-explorer/clang-trunk/bin/clang+++0x30b9df2)
 #9 0x00000000030b9f71 llvm::FPPassManager::runOnModule(llvm::Module&) (/opt/compiler-explorer/clang-trunk/bin/clang+++0x30b9f71)
#10 0x00000000030bbc20 llvm::legacy::PassManagerImpl::run(llvm::Module&) (/opt/compiler-explorer/clang-trunk/bin/clang+++0x30bbc20)
#11 0x0000000003982f1e clang::EmitBackendOutput(clang::DiagnosticsEngine&, clang::HeaderSearchOptions const&, clang::CodeGenOptions const&, clang::TargetOptions const&, clang::LangOptions const&, llvm::StringRef, llvm::Module*, clang::BackendAction, llvm::IntrusiveRefCntPtr<llvm::vfs::FileSystem>, std::unique_ptr<llvm::raw_pwrite_stream, std::default_delete<llvm::raw_pwrite_stream>>, clang::BackendConsumer*) (/opt/compiler-explorer/clang-trunk/bin/clang+++0x3982f1e)
#12 0x0000000003f7f625 clang::BackendConsumer::HandleTranslationUnit(clang::ASTContext&) (/opt/compiler-explorer/clang-trunk/bin/clang+++0x3f7f625)
#13 0x0000000005e5938c clang::ParseAST(clang::Sema&, bool, bool) (/opt/compiler-explorer/clang-trunk/bin/clang+++0x5e5938c)
#14 0x0000000003f7fea5 clang::CodeGenAction::ExecuteAction() (/opt/compiler-explorer/clang-trunk/bin/clang+++0x3f7fea5)
#15 0x000000000421ae61 clang::FrontendAction::Execute() (/opt/compiler-explorer/clang-trunk/bin/clang+++0x421ae61)
#16 0x00000000041a0d3b clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) (/opt/compiler-explorer/clang-trunk/bin/clang+++0x41a0d3b)
#17 0x00000000042ff5c3 clang::ExecuteCompilerInvocation(clang::CompilerInstance*) (/opt/compiler-explorer/clang-trunk/bin/clang+++0x42ff5c3)
#18 0x0000000000c5cc9c cc1_main(llvm::ArrayRef<char const*>, char const*, void*) (/opt/compiler-explorer/clang-trunk/bin/clang+++0xc5cc9c)
#19 0x0000000000c56d9d ExecuteCC1Tool(llvm::SmallVectorImpl<char const*>&, llvm::ToolContext const&) driver.cpp:0:0
#20 0x0000000003fc8869 void llvm::function_ref<void ()>::callback_fn<clang::driver::CC1Command::Execute(llvm::ArrayRef<std::optional<llvm::StringRef>>, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>*, bool*) const::'lambda'()>(long) Job.cpp:0:0
#21 0x0000000003655013 llvm::CrashRecoveryContext::RunSafely(llvm::function_ref<void ()>) (/opt/compiler-explorer/clang-trunk/bin/clang+++0x3655013)
#22 0x0000000003fc8a89 clang::driver::CC1Command::Execute(llvm::ArrayRef<std::optional<llvm::StringRef>>, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>*, bool*) const (.part.0) Job.cpp:0:0
#23 0x0000000003f8f097 clang::driver::Compilation::ExecuteCommand(clang::driver::Command const&, clang::driver::Command const*&, bool) const (/opt/compiler-explorer/clang-trunk/bin/clang+++0x3f8f097)
#24 0x0000000003f8fa4d clang::driver::Compilation::ExecuteJobs(clang::driver::JobList const&, llvm::SmallVectorImpl<std::pair<int, clang::driver::Command const*>>&, bool) const (/opt/compiler-explorer/clang-trunk/bin/clang+++0x3f8fa4d)
#25 0x0000000003f997fc clang::driver::Driver::ExecuteCompilation(clang::driver::Compilation&, llvm::SmallVectorImpl<std::pair<int, clang::driver::Command const*>>&) (/opt/compiler-explorer/clang-trunk/bin/clang+++0x3f997fc)
#26 0x0000000000c5a141 clang_main(int, char**, llvm::ToolContext const&) (/opt/compiler-explorer/clang-trunk/bin/clang+++0xc5a141)
#27 0x0000000000b3be64 main (/opt/compiler-explorer/clang-trunk/bin/clang+++0xb3be64)
#28 0x000072553e029d90 (/lib/x86_64-linux-gnu/libc.so.6+0x29d90)
#29 0x000072553e029e40 __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x29e40)
#30 0x0000000000c5683e _start (/opt/compiler-explorer/clang-trunk/bin/clang+++0xc5683e)
Compiler returned: 1

Here with 18.1:

fatal error: error in backend: line 6: Invalid usage of the XADD return value
PLEASE submit a bug report to https://github.com/llvm/llvm-project/issues/ and include the crash backtrace, preprocessed source, and associated run script.
Stack dump:
0.	Program arguments: /opt/compiler-explorer/clang-18.1.0/bin/clang++ -g -o /app/output.s -S -target bpf -fcolor-diagnostics -fno-crash-diagnostics -O2 <source>
1.	<eof> parser at end of file
2.	Code generation
3.	Running pass 'Function Pass Manager' on module '<source>'.
4.	Running pass 'BPF PreEmit Checking' on function '@_Z13next_event_idv'
 #0 0x000000000351ae38 llvm::sys::PrintStackTrace(llvm::raw_ostream&, int) (/opt/compiler-explorer/clang-18.1.0/bin/clang+++0x351ae38)
 #1 0x0000000003518f84 llvm::sys::CleanupOnSignal(unsigned long) (/opt/compiler-explorer/clang-18.1.0/bin/clang+++0x3518f84)
 #2 0x0000000003467543 llvm::CrashRecoveryContext::HandleExit(int) (/opt/compiler-explorer/clang-18.1.0/bin/clang+++0x3467543)
 #3 0x000000000351097e llvm::sys::Process::Exit(int, bool) (/opt/compiler-explorer/clang-18.1.0/bin/clang+++0x351097e)
 #4 0x0000000000c17976 (/opt/compiler-explorer/clang-18.1.0/bin/clang+++0xc17976)
 #5 0x0000000003470593 llvm::report_fatal_error(llvm::Twine const&, bool) (/opt/compiler-explorer/clang-18.1.0/bin/clang+++0x3470593)
 #6 0x0000000001713a85 (anonymous namespace)::BPFMIPreEmitChecking::processAtomicInsts() (.isra.0) BPFMIChecking.cpp:0:0
 #7 0x00000000029bc2f0 llvm::MachineFunctionPass::runOnFunction(llvm::Function&) (.part.0) MachineFunctionPass.cpp:0:0
 #8 0x0000000002ee69e2 llvm::FPPassManager::runOnFunction(llvm::Function&) (/opt/compiler-explorer/clang-18.1.0/bin/clang+++0x2ee69e2)
 #9 0x0000000002ee6b61 llvm::FPPassManager::runOnModule(llvm::Module&) (/opt/compiler-explorer/clang-18.1.0/bin/clang+++0x2ee6b61)
#10 0x0000000002ee87e0 llvm::legacy::PassManagerImpl::run(llvm::Module&) (/opt/compiler-explorer/clang-18.1.0/bin/clang+++0x2ee87e0)
#11 0x000000000378ad99 clang::EmitBackendOutput(clang::DiagnosticsEngine&, clang::HeaderSearchOptions const&, clang::CodeGenOptions const&, clang::TargetOptions const&, clang::LangOptions const&, llvm::StringRef, llvm::Module*, clang::BackendAction, llvm::IntrusiveRefCntPtr<llvm::vfs::FileSystem>, std::unique_ptr<llvm::raw_pwrite_stream, std::default_delete<llvm::raw_pwrite_stream>>, clang::BackendConsumer*) (/opt/compiler-explorer/clang-18.1.0/bin/clang+++0x378ad99)
#12 0x0000000003d5b2d1 clang::BackendConsumer::HandleTranslationUnit(clang::ASTContext&) (/opt/compiler-explorer/clang-18.1.0/bin/clang+++0x3d5b2d1)
#13 0x0000000005b965d9 clang::ParseAST(clang::Sema&, bool, bool) (/opt/compiler-explorer/clang-18.1.0/bin/clang+++0x5b965d9)
#14 0x0000000003d5a725 clang::CodeGenAction::ExecuteAction() (/opt/compiler-explorer/clang-18.1.0/bin/clang+++0x3d5a725)
#15 0x0000000003fe2aa1 clang::FrontendAction::Execute() (/opt/compiler-explorer/clang-18.1.0/bin/clang+++0x3fe2aa1)
#16 0x0000000003f6010b clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) (/opt/compiler-explorer/clang-18.1.0/bin/clang+++0x3f6010b)
#17 0x00000000040c2473 clang::ExecuteCompilerInvocation(clang::CompilerInstance*) (/opt/compiler-explorer/clang-18.1.0/bin/clang+++0x40c2473)
#18 0x0000000000c19746 cc1_main(llvm::ArrayRef<char const*>, char const*, void*) (/opt/compiler-explorer/clang-18.1.0/bin/clang+++0xc19746)
#19 0x0000000000c1211d ExecuteCC1Tool(llvm::SmallVectorImpl<char const*>&, llvm::ToolContext const&) driver.cpp:0:0
#20 0x0000000003da1979 void llvm::function_ref<void ()>::callback_fn<clang::driver::CC1Command::Execute(llvm::ArrayRef<std::optional<llvm::StringRef>>, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>*, bool*) const::'lambda'()>(long) Job.cpp:0:0
#21 0x0000000003467443 llvm::CrashRecoveryContext::RunSafely(llvm::function_ref<void ()>) (/opt/compiler-explorer/clang-18.1.0/bin/clang+++0x3467443)
#22 0x0000000003da1b99 clang::driver::CC1Command::Execute(llvm::ArrayRef<std::optional<llvm::StringRef>>, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>*, bool*) const (.part.0) Job.cpp:0:0
#23 0x0000000003d69d17 clang::driver::Compilation::ExecuteCommand(clang::driver::Command const&, clang::driver::Command const*&, bool) const (/opt/compiler-explorer/clang-18.1.0/bin/clang+++0x3d69d17)
#24 0x0000000003d6a6cd clang::driver::Compilation::ExecuteJobs(clang::driver::JobList const&, llvm::SmallVectorImpl<std::pair<int, clang::driver::Command const*>>&, bool) const (/opt/compiler-explorer/clang-18.1.0/bin/clang+++0x3d6a6cd)
#25 0x0000000003d7445c clang::driver::Driver::ExecuteCompilation(clang::driver::Compilation&, llvm::SmallVectorImpl<std::pair<int, clang::driver::Command const*>>&) (/opt/compiler-explorer/clang-18.1.0/bin/clang+++0x3d7445c)
#26 0x0000000000c16a21 clang_main(int, char**, llvm::ToolContext const&) (/opt/compiler-explorer/clang-18.1.0/bin/clang+++0xc16a21)
#27 0x0000000000b0fa84 main (/opt/compiler-explorer/clang-18.1.0/bin/clang+++0xb0fa84)
#28 0x000077e129429d90 (/lib/x86_64-linux-gnu/libc.so.6+0x29d90)
#29 0x000077e129429e40 __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x29e40)
#30 0x0000000000c1191e _start (/opt/compiler-explorer/clang-18.1.0/bin/clang+++0xc1191e)
Compiler returned: 1

@EugeneZelenko EugeneZelenko removed the incomplete Issue not complete (e.g. missing a reproducer, build arguments, etc.) label May 12, 2024
@arieleiz
Copy link
Author

This might be a clue: If I change __sync_fetch_and_add() to __sync_bool_compare_and_swap() ,
I get

/home/user/ebpf/src2/ebpfcode.c:50:12: error: Unsupported atomic operations, please use 64 bit version
   50 |         if(__sync_bool_compare_and_swap(id_ptr, id, id + 1))
      |            ^
fatal error: error in backend: Cannot select: 0x1863040: i64,ch = AtomicCmpSwap<(load store seq_cst seq_cst (s32) on %ir.2)> 0x1862fd0:1, 0x1862f60, 0x1862fd0, 0x1862da0, ./ebpfcode.c:50:12
  0x1862f60: i64,ch = CopyFromReg 0x14cb830, Register:i64 %0, ./ebpfcode.c:49:18
    0x18629b0: i64 = Register %0
  0x1862fd0: i64,ch = load<(volatile load (s32) from %ir.2, !tbaa !155), zext from i32> 0x14cb830, 0x1862f60, undef:i64, ./ebpfcode.c:49:18
    0x1862f60: i64,ch = CopyFromReg 0x14cb830, Register:i64 %0, ./ebpfcode.c:49:18
      0x18629b0: i64 = Register %0
    0x1862e10: i64 = undef
  0x1862da0: i64 = add 0x1862fd0, Constant:i64<1>, ./ebpfcode.c:50:56
    0x1862fd0: i64,ch = load<(volatile load (s32) from %ir.2, !tbaa !155), zext from i32> 0x14cb830, 0x1862f60, undef:i64, ./ebpfcode.c:49:18
      0x1862f60: i64,ch = CopyFromReg 0x14cb830, Register:i64 %0, ./ebpfcode.c:49:18
        0x18629b0: i64 = Register %0
      0x1862e10: i64 = undef
    0x1862d30: i64 = Constant<1>
In function: next_event_id
PLEASE submit a bug report to https://github.com/llvm/llvm-project/issues/ and include the crash backtrace, preprocessed source, and associated run script.
Stack dump:
0.      Program arguments: clang -O2 -mcpu=v1 -I./bpftool/src/libbpf/include/ -I./ -D__TARGET_ARCH_x86=1 -target bpfel -c /home/user/ebpf/src2/ebpfcode.c -o /home/user/ebpf/src2/bpf_bpfel.o -fno-ident -fdebug-prefix-map=/home/user/ebpf/src2=. -fdebug-compilation-dir . -g "-D__BPF_TARGET_MISSING=\"GCC error \\\"The eBPF is using target specific macros, please provide -target that is not bpf, bpfel or bpfeb\\\"\"" -MD -MP -MF/tmp/bpf2go530511853
1.      <eof> parser at end of file
2.      Code generation
3.      Running pass 'Function Pass Manager' on module '/home/user/ebpf/src2/ebpfcode.c'.
4.      Running pass 'BPF DAG->DAG Pattern Instruction Selection' on function '@next_event_id'
 #0 0x00007fbc3d8bbe1a llvm::sys::PrintStackTrace(llvm::raw_ostream&, int) (/lib64/libLLVM-17.so+0x8bbe1a)
 #1 0x00007fbc3d8b97a4 llvm::sys::RunSignalHandlers() (/lib64/libLLVM-17.so+0x8b97a4)
 #2 0x00007fbc3d7f07e2 (/lib64/libLLVM-17.so+0x7f07e2)
 #3 0x00007fbc3d7f079f (/lib64/libLLVM-17.so+0x7f079f)
 #4 0x00007fbc3d8b5c1d (/lib64/libLLVM-17.so+0x8b5c1d)
 #5 0x0000000000412eb7 (/usr/bin/clang-17+0x412eb7)
 #6 0x00007fbc3d802137 llvm::report_fatal_error(llvm::Twine const&, bool) (/lib64/libLLVM-17.so+0x802137)
 #7 0x00007fbc3e22160d llvm::SelectionDAGISel::CannotYetSelect(llvm::SDNode*) (/lib64/libLLVM-17.so+0x122160d)
 #8 0x00007fbc3e220ab8 llvm::SelectionDAGISel::SelectCodeCommon(llvm::SDNode*, unsigned char const*, unsigned int) (/lib64/libLLVM-17.so+0x1220ab8)
 #9 0x00007fbc407cf51a (/lib64/libLLVM-17.so+0x37cf51a)
#10 0x00007fbc3e2175df llvm::SelectionDAGISel::DoInstructionSelection() (/lib64/libLLVM-17.so+0x12175df)
#11 0x00007fbc3e216ade llvm::SelectionDAGISel::CodeGenAndEmitDAG() (/lib64/libLLVM-17.so+0x1216ade)
#12 0x00007fbc3e215ba1 llvm::SelectionDAGISel::SelectAllBasicBlocks(llvm::Function const&) (/lib64/libLLVM-17.so+0x1215ba1)
#13 0x00007fbc3e213100 llvm::SelectionDAGISel::runOnMachineFunction(llvm::MachineFunction&) (/lib64/libLLVM-17.so+0x1213100)
#14 0x00007fbc3dcf568c llvm::MachineFunctionPass::runOnFunction(llvm::Function&) (/lib64/libLLVM-17.so+0xcf568c)
#15 0x00007fbc3da325b5 llvm::FPPassManager::runOnFunction(llvm::Function&) (/lib64/libLLVM-17.so+0xa325b5)
#16 0x00007fbc3da39393 llvm::FPPassManager::runOnModule(llvm::Module&) (/lib64/libLLVM-17.so+0xa39393)
#17 0x00007fbc3da32c6a llvm::legacy::PassManagerImpl::run(llvm::Module&) (/lib64/libLLVM-17.so+0xa32c6a)
#18 0x00007fbc4516e825 clang::EmitBackendOutput(clang::DiagnosticsEngine&, clang::HeaderSearchOptions const&, clang::CodeGenOptions const&, clang::TargetOptions const&, clang::LangOptions const&, llvm::StringRef, llvm::Module*, clang::BackendAction, llvm::IntrusiveRefCntPtr<llvm::vfs::FileSystem>, std::unique_ptr<llvm::raw_pwrite_stream, std::default_delete<llvm::raw_pwrite_stream>>) (/lib64/libclang-cpp.so.17+0x1b6e825)
#19 0x00007fbc4556b048 (/lib64/libclang-cpp.so.17+0x1f6b048)
#20 0x00007fbc43f17526 clang::ParseAST(clang::Sema&, bool, bool) (/lib64/libclang-cpp.so.17+0x917526)
#21 0x00007fbc4612dc86 clang::FrontendAction::Execute() (/lib64/libclang-cpp.so.17+0x2b2dc86)
#22 0x00007fbc4609ae40 clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) (/lib64/libclang-cpp.so.17+0x2a9ae40)
#23 0x00007fbc461ae6d4 clang::ExecuteCompilerInvocation(clang::CompilerInstance*) (/lib64/libclang-cpp.so.17+0x2bae6d4)
#24 0x0000000000412911 cc1_main(llvm::ArrayRef<char const*>, char const*, void*) (/usr/bin/clang-17+0x412911)
#25 0x000000000040fd25 (/usr/bin/clang-17+0x40fd25)
#26 0x00007fbc45cd4bfd (/lib64/libclang-cpp.so.17+0x26d4bfd)
#27 0x00007fbc3d7f0774 llvm::CrashRecoveryContext::RunSafely(llvm::function_ref<void ()>) (/lib64/libLLVM-17.so+0x7f0774)
#28 0x00007fbc45cd4627 clang::driver::CC1Command::Execute(llvm::ArrayRef<std::optional<llvm::StringRef>>, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>*, bool*) const (/lib64/libclang-cpp.so.17+0x26d4627)
#29 0x00007fbc45c9afee clang::driver::Compilation::ExecuteCommand(clang::driver::Command const&, clang::driver::Command const*&, bool) const (/lib64/libclang-cpp.so.17+0x269afee)
#30 0x00007fbc45c9b257 clang::driver::Compilation::ExecuteJobs(clang::driver::JobList const&, llvm::SmallVectorImpl<std::pair<int, clang::driver::Command const*>>&, bool) const (/lib64/libclang-cpp.so.17+0x269b257)
#31 0x00007fbc45cb85da clang::driver::Driver::ExecuteCompilation(clang::driver::Compilation&, llvm::SmallVectorImpl<std::pair<int, clang::driver::Command const*>>&) (/lib64/libclang-cpp.so.17+0x26b85da)
#32 0x000000000040f568 clang_main(int, char**, llvm::ToolContext const&) (/usr/bin/clang-17+0x40f568)
#33 0x000000000041c036 main (/usr/bin/clang-17+0x41c036)
#34 0x00007fbc3c83feb0 __libc_start_call_main (/lib64/libc.so.6+0x3feb0)
#35 0x00007fbc3c83ff60 __libc_start_main@GLIBC_2.2.5 (/lib64/libc.so.6+0x3ff60)
#36 0x000000000040c425 _start (/usr/bin/clang-17+0x40c425)
clang: error: clang frontend command failed with exit code 70 (use -v to see invocation)
clang version 17.0.6 (RESF 17.0.6-5.el9)
Target: bpfel
Thread model: posix
InstalledDir: /usr/bin
...

@inclyc
Copy link
Member

inclyc commented May 19, 2024
edited

Reduced:

@GLOBAL_EVENT_ID = global i32 0, align 4

define i32 @next_event_id() #0 {
entry:
  %0 = atomicrmw add ptr @GLOBAL_EVENT_ID, i32 1 seq_cst, align 4
  ret i32 %0
}

Currently, BPF has XADD (locked add) insn support and the
asm looks like:

  lock *(u32 *)(r1 + 0) += r2
  lock *(u64 *)(r1 + 0) += r2

The instruction itself does not have a return value.

At the source code level, users often use

  __sync_fetch_and_add()

which eventually translates to XADD. The return value of
__sync_fetch_and_add() is supposed to be the old value
in the xadd memory location. Since BPF::XADD insn does not support such a return value, if such an illegal usage
pattern is detected, a fatal error will be reported like

  line 4: Invalid usage of the XADD return value

if compiled with -g, or

Invalid usage of the XADD return value

if compiled without -g.

fatal error: error in backend: Cannot select: 0x1863040: i64,ch = AtomicCmpSwap<(load store seq_cst seq_cst (s32) on %ir.2)> 0x1862fd0:1, 0x1862f60, 0x1862fd0, 0x1862da0, ./ebpfcode.c:50:12

This is indeed another bug though.

@inclyc inclyc self-assigned this May 19, 2024
@inclyc inclyc linked a pull request May 20, 2024 that will close this issue
[BPF] report Invalid usage of the XADD return value" elegantly #92742
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@inclyc inclyc

Labels
backend:BPF crash Prefer [crash-on-valid] or [crash-on-invalid]
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[BPF] report Invalid usage of the XADD return value" elegantly llvm/llvm-project
3 participants
@arieleiz @EugeneZelenko @inclyc