search

aya-rs / bpf-linker

Simple BPF static linker
Apache License 2.0
192 stars 42 forks source link

BTF tests are crashing without lto=true #89

Closed qjerome closed 1 year ago

qjerome commented 1 year ago

In feature/fix-di branch, BTF tests are crashing the linker when lto=false is passed.

How to replicate: https://github.com/0xrawsec/bpf-linker/tree/bug-lto-flag-btf Built with LLVM: https://github.com/aya-rs/llvm-project/tree/rustc/16.0-2023-06-05

Backtrace:


#0  llvm::DISubprogram::getLine (this=0x0)
    at /home/quentin/Workspace/Rust/custom-bpf-linker/aya-llvm-project/llvm/include/llvm/IR/DebugInfoMetadata.h:1976
1976      unsigned getLine() const { return Line; }
warning: Missing auto-load script at offset 0 in section .debug_gdb_scripts
of file /home/quentin/Workspace/Rust/bpf-linker/target/debug/bpf-linker.
Use `info auto-load python-scripts [REGEXP]' to list them.
gef➤  bt
#0  llvm::DISubprogram::getLine (this=0x0)
    at /home/quentin/Workspace/Rust/custom-bpf-linker/aya-llvm-project/llvm/include/llvm/IR/DebugInfoMetadata.h:1976
#1  llvm::BTFDebug::beginInstruction (this=0x5561d7924830, MI=0x5561d757f0b0)
    at /home/quentin/Workspace/Rust/custom-bpf-linker/aya-llvm-project/llvm/lib/Target/BPF/BTFDebug.cpp:1372
#2  0x00005561d378f1c7 in llvm::AsmPrinter::emitFunctionBody (this=this@entry=0x5561d7c60f10)
    at /home/quentin/Workspace/Rust/custom-bpf-linker/aya-llvm-project/llvm/lib/CodeGen/AsmPrinter/AsmPrinter.cpp:1609
#3  0x00005561d338a605 in llvm::AsmPrinter::runOnMachineFunction (this=0x5561d7c60f10, MF=...)
    at /home/quentin/Workspace/Rust/custom-bpf-linker/aya-llvm-project/llvm/include/llvm/CodeGen/AsmPrinter.h:397
#4  0x00005561d383d21b in llvm::MachineFunctionPass::runOnFunction (this=0x5561d7c60f10, F=...)
    at /home/quentin/Workspace/Rust/custom-bpf-linker/aya-llvm-project/llvm/lib/CodeGen/MachineFunctionPass.cpp:91
#5  0x00005561d42b44e0 in llvm::FPPassManager::runOnFunction (this=this@entry=0x5561d8ce1d00, F=...)
    at /home/quentin/Workspace/Rust/custom-bpf-linker/aya-llvm-project/llvm/lib/IR/LegacyPassManager.cpp:1430
#6  0x00005561d42ba441 in llvm::FPPassManager::runOnModule (this=0x5561d8ce1d00, M=...)
    at /home/quentin/Workspace/Rust/custom-bpf-linker/aya-llvm-project/llvm/lib/IR/LegacyPassManager.cpp:1476
#7  0x00005561d42b4ac5 in (anonymous namespace)::MPPassManager::runOnModule (this=0x5561d79845e0, 
    M=...)
    at /home/quentin/Workspace/Rust/custom-bpf-linker/aya-llvm-project/llvm/lib/IR/LegacyPassManager.cpp:1545
#8  llvm::legacy::PassManagerImpl::run (this=0x5561d76feac0, M=...)
    at /home/quentin/Workspace/Rust/custom-bpf-linker/aya-llvm-project/llvm/lib/IR/LegacyPassManager.cpp:535
#9  0x00005561d39112a4 in LLVMTargetMachineEmit (T=T@entry=0x5561d805c770, M=M@entry=0x5561d7311150, 
    OS=..., codegen=codegen@entry=LLVMObjectFile, ErrorMessage=ErrorMessage@entry=0x7fffec7e6dc8)
    at /home/quentin/Workspace/Rust/custom-bpf-linker/aya-llvm-project/llvm/lib/Target/TargetMachineC.cpp:210
#10 0x00005561d3911154 in LLVMTargetMachineEmitToFile (T=0x5561d805c770, M=0x5561d7311150, 
    Filename=0x5561d7e21270 "/tmp/assembly/basic.s", codegen=LLVMObjectFile, 
    ErrorMessage=0x7fffec7e6dc8)
    at /home/quentin/Workspace/Rust/custom-bpf-linker/aya-llvm-project/llvm/lib/Target/TargetMachineC.cpp:226
#11 0x00005561d335fc1b in bpf_linker::llvm::codegen::{closure#0} (message=0x7fffec7e6dc8)
    at src/llvm/mod.rs:275
#12 0x00005561d3360040 in bpf_linker::llvm::Message::with<i32, bpf_linker::llvm::codegen::{closure_env#0}> (f=...) at src/llvm/mod.rs:323
#13 0x00005561d3356538 in bpf_linker::llvm::codegen (tm=0x5561d805c770, module=0x5561d7311150, 
    output=..., output_type=llvm_sys::target_machine::LLVMCodeGenFileType::LLVMObjectFile)
    at src/llvm/mod.rs:274
#14 0x00005561d333aeca in bpf_linker::linker::Linker::emit (self=0x7fffec7e84c0, output=..., 
    output_type=llvm_sys::target_machine::LLVMCodeGenFileType::LLVMObjectFile) at src/linker.rs:490
#15 0x00005561d333aac1 in bpf_linker::linker::Linker::codegen (self=0x7fffec7e84c0)
    at src/linker.rs:467
#16 0x00005561d3337e21 in bpf_linker::linker::Linker::link (self=0x7fffec7e84c0) at src/linker.rs:262
#17 0x00005561d32fec7d in bpf_linker::main () at src/bin/bpf-linker.rs:269
#18 0x00005561d33186cb in core::ops::function::FnOnce::call_once<fn(), ()> ()
    at /rustc/864bdf7843e1ceabc824ed86d97006acad6af643/library/core/src/ops/function.rs:250
#19 0x00005561d3311a9e in std::sys_common::backtrace::__rust_begin_short_backtrace<fn(), ()> (
    f=0x5561d32fd8e0 <bpf_linker::main>)
    at /rustc/864bdf7843e1ceabc824ed86d97006acad6af643/library/std/src/sys_common/backtrace.rs:135
#20 0x00005561d332a9f0 in std::rt::lang_start::{closure#0}<()> ()
    at /rustc/864bdf7843e1ceabc824ed86d97006acad6af643/library/std/src/rt.rs:166
#21 0x00005561d4e5ff4b in core::ops::function::impls::{impl#2}::call_once<(), (dyn core::ops::function::Fn<(), Output=i32> + core::marker::Sync + core::panic::unwind_safe::RefUnwindSafe)> ()
    at library/core/src/ops/function.rs:284
#22 std::panicking::try::do_call<&(dyn core::ops::function::Fn<(), Output=i32> + core::marker::Sync + core::panic::unwind_safe::RefUnwindSafe), i32> () at library/std/src/panicking.rs:524
#23 std::panicking::try<i32, &(dyn core::ops::function::Fn<(), Output=i32> + core::marker::Sync + core::panic::unwind_safe::RefUnwindSafe)> () at library/std/src/panicking.rs:488
#24 std::panic::catch_unwind<&(dyn core::ops::function::Fn<(), Output=i32> + core::marker::Sync + core::panic::unwind_safe::RefUnwindSafe), i32> () at library/std/src/panic.rs:142
#25 std::rt::lang_start_internal::{closure#2} () at library/std/src/rt.rs:148
#26 std::panicking::try::do_call<std::rt::lang_start_internal::{closure_env#2}, isize> ()
    at library/std/src/panicking.rs:524
#27 std::panicking::try<isize, std::rt::lang_start_internal::{closure_env#2}> ()
    at library/std/src/panicking.rs:488
#28 std::panic::catch_unwind<std::rt::lang_start_internal::{closure_env#2}, isize> ()
    at library/std/src/panic.rs:142
#29 std::rt::lang_start_internal () at library/std/src/rt.rs:148
#30 0x00005561d332a9ca in std::rt::lang_start<()> (main=0x5561d32fd8e0 <bpf_linker::main>, argc=0x22, 
    argv=0x7fffec7e8bd8, sigpipe=0x0)
    at /rustc/864bdf7843e1ceabc824ed86d97006acad6af643/library/std/src/rt.rs:165
#31 0x00005561d3305b2e in main ()
#32 0x00007f6fec439850 in ?? () from /usr/lib/libc.so.6
#33 0x00007f6fec43990a in __libc_start_main () from /usr/lib/libc.so.6
#34 0x00005561d32f8bc5 in _start ()
``` 
qjerome commented 1 year ago

Even though the bug does not trigger in the same conditions than #88 the root cause seems to be the same (i.e. NULL pointer passed to llvm::DISubprogram::getLine from a call to emit). So it is possible that fixing #88 would also fix this issue.

qjerome commented 1 year ago

This issue is fixed when bpf-linker gets compiled with fixed LLVM https://github.com/rust-lang/llvm-project/commit/d06f0cd0977dd16f09c259133f36c7e8b9f0d322 Link to upstream LLVM patch: https://reviews.llvm.org/D156446