<table border="1" cellspacing="0" cellpadding="8">
    <tr>
        <th>Issue</th>
        <td>
            <a href=https://github.com/llvm/llvm-project/issues/138264>138264</a>
        </td>
    </tr>

    <tr>
        <th>Summary</th>
        <td>
            [BOLT][AArch64] 0-bit relocation offset expected
        </td>
    </tr>

    <tr>
      <th>Labels</th>
      <td>
            BOLT
      </td>
    </tr>

    <tr>
      <th>Assignees</th>
      <td>
      </td>
    </tr>

    <tr>
      <th>Reporter</th>
      <td>
          paschalis-mpeis
      </td>
    </tr>
</table>

<pre>
    ## Assertion Crash:
When compiling chromium with the options below using BOLT trunk, the following assertion is triggered:

```txt
AArch64MCPlusBuilder::createRelocation(const MCFixup &, const MCAsmBackend &) const: Assertion `FKI.TargetOffset == 0 && "0-bit relocation offset expected"' failed.
```


#### Details:
The crash occurs in `scanExternalRefs`, when it attempts to `createRelocation` for a `fixup_aarch64_pcrel_branch19`, which has a [non-zero TargetOffset](https://github.com/llvm/llvm-project/blob/c239acb5b6b80ddb3c6407ffc9e051f636ae41c1/llvm/lib/Target/AArch64/MCTargetDesc/AArch64AsmBackend.cpp#L66).

This fixup sets the high 19 bits of a 21-bit PC-relative immediate.

## Reproducer:
- [ ] TODO: attach compressed binary and checksum instructions

Alternatively, you can compile a binary from source (see last section).
Note: debug symbols were kept in the binary as without those bolt hits different errors.

Skip functions via `skipfuncs.txt`:
```bash
.*tap.*
Builtins_.*
```

#### Optimize with BOLT:
- BOLT revision `e046f2050578b8cda394143fafbfb476767b836a`
- Optimized build with assertions enabled

```bash
llvm-bolt --skip-funcs-file=skipfuncs.txt chrome -o chrome.bolt
```

#### Error log:

```txt
BOLT-INFO: shared object or position-independent executable detected
BOLT-INFO: Target architecture: aarch64
BOLT-INFO: BOLT version: e046f2050578b8cda394143fafbfb476767b836a
BOLT-INFO: first alloc address is 0x0
BOLT-INFO: creating new program header table at address 0xee00000, offset 0xee00000
BOLT-WARNING: debug info will be stripped from the binary. Use -update-debug-sections to keep it.
BOLT-INFO: enabling relocation mode
BOLT-WARNING: ignoring symbol __ehdr_start at 0x0, which lies outside .interp
llvm-bolt: /home/user/llvm-project/bolt/lib/Target/AArch64/AArch64MCPlusBuilder.cpp:2341: virtual std::optional<Relocation> (anonymous namespace)::AArch64MCPlusBuilder::createRelocation(const MCFixup &, const MCAsmBackend &) const: Assertion `FKI.TargetOffset == 0 && "0-bit relocation offset expected"' failed.
 #0 0x0000ecb0cce31578 llvm::sys::PrintStackTrace(llvm::raw_ostream&, int) /home/user/llvm-project/llvm/lib/Support/Unix/Signals.inc:804:13
 #1 0x0000ecb0cce2f3c4 store /usr/bin/../lib/gcc/aarch64-linux-gnu/13/../../../../include/c++/13/atomic:279:2
 #2 0x0000ecb0cce2f3c4 llvm::sys::RunSignalHandlers() /home/user/llvm-project/llvm/lib/Support/Signals.cpp:107:16
 #3 0x0000ecb0cce31ca0 SignalHandler(int, siginfo_t*, void*) /home/user/llvm-project/llvm/lib/Support/Unix/Signals.inc:418:13
 #4 0x0000ecb0cf0ae8f8 (linux-vdso.so.1+0x8f8)
 #5 0x0000ecb0cc747608 __pthread_kill_implementation ./nptl/pthread_kill.c:44:76
 #6 0x0000ecb0cc6fcb3c raise ./signal/../sysdeps/posix/raise.c:27:6
 #7 0x0000ecb0cc6e7e00 abort ./stdlib/abort.c:81:7
 #8 0x0000ecb0cc6f5cc0 __assert_fail_base ./assert/assert.c:93:7
 #9 0x0000ecb0cc6f5d30 __assert_perror_fail ./assert/assert-perr.c:31:1
#10 0x0000ecb0c9562928 getOpcode /home/user/llvm-project/llvm/include/llvm/MC/MCInst.h:199:39
#11 0x0000ecb0c9562928 llvm::bolt::MCPlusBuilder::isCFI(llvm::MCInst const&) const /home/user/llvm-project/bolt/include/bolt/Core/MCPlusBuilder.h:1815:17
#12 0x0000ecb0c9089314 _M_is_engaged /usr/bin/../lib/gcc/aarch64-linux-gnu/13/../../../../include/c++/13/optional:473:58
#13 0x0000ecb0c9089314 _M_get /usr/bin/../lib/gcc/aarch64-linux-gnu/13/../../../../include/c++/13/optional:479:2
#14 0x0000ecb0c9089314 operator-> /usr/bin/../lib/gcc/aarch64-linux-gnu/13/../../../../include/c++/13/optional:968:39
#15 0x0000ecb0c9089314 llvm::bolt::BinaryFunction::scanExternalRefs() /home/user/llvm-project/bolt/lib/Core/BinaryFunction.cpp:1799:7
#16 0x0000ecb0cdda6400 ~TimeRegion /home/user/llvm-project/llvm/include/llvm/Support/Timer.h:160:9
#17 0x0000ecb0cdda6400 llvm::bolt::RewriteInstance::disassembleFunctions() /home/user/llvm-project/bolt/lib/Rewrite/RewriteInstance.cpp:3415:5
#18 0x0000ecb0cdd9efe0 processMetadataPreCFG /home/user/llvm-project/bolt/lib/Rewrite/RewriteInstance.cpp:3319:20
#19 0x0000ecb0cdd9efe0 llvm::bolt::RewriteInstance::run() /home/user/llvm-project/bolt/lib/Rewrite/RewriteInstance.cpp:730:3
#20 0x0000c97e55096014 getPtr /home/user/llvm-project/llvm/include/llvm/Support/Error.h:278:42
#21 0x0000c97e55096014 operator bool /home/user/llvm-project/llvm/include/llvm/Support/Error.h:241:16
#22 0x0000c97e55096014 main /home/user/llvm-project/bolt/tools/driver/llvm-bolt.cpp:260:17
#23 0x0000ecb0cc6e84c4 __libc_start_call_main ./csu/../sysdeps/nptl/libc_start_call_main.h:74:3
#24 0x0000ecb0cc6e8598 call_init ./csu/../csu/libc-start.c:128:20
#25 0x0000ecb0cc6e8598 __libc_start_main ./csu/../csu/libc-start.c:347:5
#26 0x0000c97e55094030 _start (/home/user/llvm-project/build/bin/llvm-bolt+0x14030)
PLEASE submit a bug report to https://github.com/llvm/llvm-project/issues/ and include the crash backtrace.
Stack dump:
0.      Program arguments: llvm-bolt -o chrome.bolt --skip-funcs-file=skipfuncs.txt chrome
[1]    1905728 abort (core dumped)  llvm-bolt -o chrome.bolt --skip-funcs-file=skipfuncs.txt chrome
```


# Build Chromium from Source:
Based on the [official Chromium Guide](https://chromium.googlesource.com/chromium/src/+/main/docs/linux/build_instructions.md).

Tested on:
- Host Machine: Ubuntu 22.04.4 LTS (6.8.0-1015-aws, c7i, x86)
- Chromium version: a3e414899de9028990fbd7022e4184469932e890


```bash
cd $HOME
git clone https://chromium.googlesource.com/chromium/tools/depot_tools.git
export PATH="$PATH:$HOME/depot_tools"

mkdir chromium && cd chromium
fetch --nohooks chromium
```


Edit `.gclient` to set target and pull PGO profiles:

```bash
vim .gclient # and adjust like below:
```

```python
solutions = [
  {
    "name": "src",
 "url": "https://chromium.googlesource.com/chromium/src.git",
 "managed": False,
    "custom_deps": {},
    "custom_vars": {
 "checkout_pgo_profiles": True,
    },
  },
]
target_cpu = ["arm64"]
```

Then pull components and install dependencies:
```bash
gclient sync
gclient runhooks

# verify that pgo profile was downloaded:
ls -l chrome/build/pgo_profiles/

cd src
./build/install-build-deps.sh # assumes Ubuntu
```

Set GN arguments:
```bash
gn args out/Default # Your EDITOR will open. Paste the below args:
```


```python
is_debug=false
target_cpu="arm64"
symbol_level=1
target_os="linux"
chrome_pgo_phase=2
dcheck_always_on=false
is_official_build=true
disable_fieldtrial_testing_config=true
arm_control_flow_integrity="none"
```

Build chromium (you'll need [bolt-chromium-0bitreloc.patch](https://gist.githubusercontent.com/paschalis-mpeis/5071aca6960bcc9e54a954c2fb2030b4/raw/c16f0277522d6bf22cfdac438de1019a83672d18/bolt-chromium-0bitreloc.patch)):


```bash
gn gen out/Default
git am ~/bolt-chromium-0bitreloc.patch

autoninja -C out/Default chrome
```

The binary will be at `out/Default/chrome`.

</pre>
<img width="1" height="1" alt="" src="http://email.email.llvm.org/o/eJzceltv27qy_6dRXggbFHV_yIMT113Ff7UN2ixs_J8EihrZXKFFgaRy2Q_7sx8MKflW97Snp2cf4ARBLEvDmeFcfjMchVsrtz3AbZTdRdn6ho9up83twK3YcSXtYj-AtDeNbt9uI5ZELCEra8E4qXtyb7jdRckqoqt_7KAnQu8HqWS_JWJn9F6Oe_Ii3Y64HRA94BJLGlD6hYwWqe4-__lInBn7p4jde6pOK6Vf8Bk_SJGWOCO3WzDQBmH4m9Pw615dRFerlRG7PP14_6BGezdK1YJB2mQlDHAHX0BpwZFdxEqhe-vIx_uNfB0HErEcpc83V3Z_x8UT9G14UoUnUbI62XiU083_-7B85GYL7nPXWXAkStZRsiY0LMtJxBhdNNIRc5BNdCCF1wGEgzZiLGIF6bhU0C5PdzVtkq6CzSfLr8FxqWwwwuMOiEAHEC3EaCyRXi8reP_u1YHpufoCnUVm7J68oH-kI9w52A_OEqeR-hvr5JR02hCODzu0T825N209CAOqbgzvxS6uDmyl2JEdt7giu-t1v_gnGE1OLRNl64iVO-cGrznbRGyzlW43Nkuh9xHbKPU8fywGo_8G4SK2aZRuIrYRLKm4aLImb0ratk0i8pQWXScqoFnc5UnOIY1FfMJH4rqgQcQ2U2hEbPPxPtxcgxXHB0eHL8UwRCz5M0e3L4P9H3fSEm8IYgHNtgOyk9sdiSvSSGeJ7ggnLPaefrhfGFDcyWcgcr-HVnIHy1NHki8wGN2OIoQnXS3QbCTK1uTx8_ozRhl3joudzyUD1kJLGtlz80Z43xKxA_Fkxz2RvXVmFD6ngoCV8k5H4eoNffOmRyL4nJVA-MyoM3pPrB6NABKx0gIQxa0jFkTIEL_5T9oB6tNCM26Jfds3WlnyAgbIEwwOww2NMStnfarr0RG30xZIo5UjO7RQK7sODPSOgDHa2MkgX5_kQLqxD3sgz9LHnH2SA960S0zsnE4JP-dFg4BDV8uIrRwf8COiK8x3J3tbT98vs-g0hT4PTu7lPyEAEwLQ7AcPRgaepZ0yHGiad4xmNCvKphQtT6o0TpOOd03XpEVe5EVTJjkPghYH1i1pEICChAOMWQI9bxS0F_g17cgHv7fZYoE2WHgjLDqpIErWZ1YJ4ApkoaerJa77wb7foemJ0tvvIShuf_Hh08bHoN1xAy3RDeYi0YYM2krcxUL2LQzQt96dryBGh5siLbiAaBeMQsIRhBCJFKPxMTVhyiW1d8EzGPQAfv9pD1zw6aSxjnCltCC8bTGNsIrQV3pJ6fEPy00PL2Qwemv4nuyAt2BI2Bl3Bxb0FYDiD2bXBOXHexPnf6y-fPrw6f0xc2TfafIilSINEOuMHAZoQw4e82dJ_rJAFuPQcgcLv3AxpaOH6ieAgUi3vNTfxxTqf1Jk9rqFK9rIba8NkoZUJnUNu9bU1nGDZcFb54DoSoIlenRWtkCWsndghtMoRYYR2-z0HiK2GS2YKwCOdP8JHF-r2R6CkxVL0hhFPEvjRq6IdW2o5qGL4CpK7k-KVvIOcYz3un_b69GSnu_BDlxAxKqw7v9If0AillD0FKUUREOFgCTOipL40uf3Y99suHgwsndfHRdPj8abojwSGf5Sa-sM8P20Pdk73MuPfHpWYr-Ow6AN3v6rl694Q257ruxS9iJKViVNo2QVJ5Pe8bnerEtESqzTBovQZrQorZF9xDbL5UHEVmClnuBioWQ_vi62_RixTZzMlBd_ZC_U2OIWRMTu_G8g5k7vJSrGCowKNunFrul1xZ5fxj7s7w_etwqMjVj53zDZbKsQ8DEt8G8-6ZRc-lhwSs6kR6z0LrsnVm4RYmqHxY_dk2ctW3_5e72ZxuWpN9NTDTvKoexKTMLgoufW6qXVyzhid_S17NBQ08LsbGtFWuS0JHU9uJ0B3tZPUqla7gcFe-hdyAr0aj84FbHNKdnSq4UxVsx2y8-Y551oEkEMlxY8E-t3NAeKfbMtDBa5aut37CmXIUSiZDVzLc65QgGUEt5o4wJX1wYL-lt-eYnoVUzLywulMiEoqevQGdSY3HXDJw3DzcOFZ1YlJ8yqS2ZtcsJs8B2W53mN3QKfe54JKhiHJiE-Q5Qqy1nFSoLANQjdws9G0THvphsf7_2fD711SzwlxhWmXVJNUuNrUo95N1WZKFldAW1p7zcfzhAtyJmw-ASXf7ZKHbWfbtxrA17_0-rkt1HGGX4U0z7O8KOiZZXEKak_1tLW0G_5Ftp_E74da-MqLTBmsnJSMfmOitia_S_oNqMvqpZeU00PYLjTZhEq-79ZwSovT-M0u6bhtTi9853cZjrRTNXj8jT-czXjrHWaIvGc_Vw3Cp9Ucyye4V_b8jyllPzrUe7hC2x9Y_KLuXwsDshsSgR_OpvNVFwTfc1MX-DFSAeYrrwXEG620iJE7RsF8w5_yVYT8-PVLGayV5L65M0mpctzpSvogOIxQIC1H8Hxljv-YOB-8_43q5HEPgnopEd1TY-fNp4Z-_8JWxUJ-jcJKrK5SIiqgCyjVU7jFIvEgzO_Iar88dRHFSsw-9IJH1h8TeyMD6TRWv1e6f7c4fswlM6uSd9z-eNEmizttFbYYbRGPh_J8OF80vFJNBcTlly0GmUqUlLXSjYinNRqwZWqvQqIZ8KO37YzU690bZHfZJGe-DW9lJhVJfH0spfuUki4RM4Lz9k3EzErT4KZZdc4nu3hmvpXOSdpccxWll94I6XY-4QDrE-AH7gEi_ihjhyPstiixsgrNKkPf75bfX1H7NjspSOc4BneAEYKHsT_y2NMae0I6BU_v5uC0J_8w_C24eLJ4QENz3f-uEbacT-EMQ1dEv_zME0muNmO2BejBuRkZHQ2CfrpCRKaNbuLo2yNMuKKZgUrp8bWH4MNeF3wIFqR3yPv2oCb-PaK3M_vDPxs5KufTwYz3HELLdFh4Bhld7rrpJBcHZe8H2UL1wbN84uI5VbrrYIw9ZwcNj_D5DHC02M_gNGJKauF9RHZj69z9NSnY9flvj2ZE4N1Xsd5nPiHto585GInez_y-qsZezcSxpY0Xabkz8evaON8WS7pIqZxtuAv1s8ZCokfr2UewnFx3OTJZIwnkMZpWVUtVJSVVUW7pi0oY5DGZZrmVZUwKKsTM1_MGwV2pekfnz--i-hqKx0RSvdAfsl4B5CDQbvaf1tupYvoCl593jysHv-IkrUfZ6Thy2qWfrYMKby6-6dWmuNbpGlkItrDrYiuOnBiRxaLXu-0frKnj74Ns3etdCTK6XIrlITeRTnFdLbgiJtmlH1LhlEp8vD-M_YAGMj222npZL9nuSczLzyX-eW8_Xu0jij5BOE918X0-oLV8OZ2uo_oymo1hlFflKwxwPGwR6IifBISMdZzRDYW5m7MhyuL2H04FbLRqOPDX00A77NTrnve4_Fl4rzhysL0MOgkRuv0vg5VJ0gv7qJifY3omZtToiDAv83Qo6uHra4PJg9Uj2Y8lXbkerjEdKer4L1aDOPBeIxxs89TZORJLuz_uIM-eFro_aB7xNMJnK3jSpF5wi3kIQAuvD873r714uSrGXsfikdkewYjuzfidtyRYavnuCIv3JJWv_RK83Z-q6ksWagZKo_l6tw2m8BbtARjwL8JOVBO-i_89wW6ZWl3ITitHfdgJxD61iRfwZH3n87Ky7Vd90jh58IR26yh46MKwf__9WjIu_WHx89fwqhbD9AvyQO3LtS68NYXV19PiWtZIW3tB-FRsu587J06O8DJwc90FabatYJnUFGyjo_U2gbiCcmROBg5hN2OWyxYeLv1AVlz9cLfbI1Ie5AsbT1XnTrYO1k7DFHqzy6NgrqToFpnkMKBdbLf1kL3ndweSbnZ4z1ntKo7pV9q2TvYGunegoq97mHCwHMDhQp5goflmx4jVihFeoAWwx5L8WKmWNBGOj9YXg7cid31d7DWLUMHgw0T6gW9m6Dh4h8AIrbJaBFzwfMqp40QFWQpr7JUsK5hNKFN6udnL4gqcd5RVhQZY23edIyJruUiTcoWYhpXvEzygrVxOXXJ39eZVdP8_ntFbNuTLfTn8TiVM74n__qhAM-Uj073sv-bk8X9RWh_r215PL73nF_scF9dzjWZABaw7ER0ddPeJm2VVPwGbuMizbHhKpOb3S3EVdFSmkIrkqrjKS3ylFW0LJKiiEtW3MhbRllGM8piluUsWeZd3sQZq2iVtVxkPEop7LlUS-zRltpsb3zbeRsnJcvTG8UbUPY2YKN_5-mh8cbchp5u3NoopUpaZ48cnHTK_1uIX5Cto-xufneTrcmPXl3cjEbd_nqzPCn-fMv-IwAA__8G97ns">