On 07/09/2022 00:46, Alexei Starovoitov wrote:
> On Tue, Sep 6, 2022 at 6:36 AM Quentin Monnet <quentin@xxxxxxxxxxxxx> wrote:
>>
>> Naturally, the display of disassembled instructions comes with a few
>> minor differences. Here is a sample output with libbfd (already
>> supported before this patch):
>>
>> # bpftool prog dump jited id 56
>> bpf_prog_6deef7357e7b4530:
>> 0: nopl 0x0(%rax,%rax,1)
>> 5: xchg %ax,%ax
>> 7: push %rbp
>> 8: mov %rsp,%rbp
>> b: push %rbx
>> c: push %r13
>> e: push %r14
>> 10: mov %rdi,%rbx
>> 13: movzwq 0xb0(%rbx),%r13
>> 1b: xor %r14d,%r14d
>> 1e: or $0x2,%r14d
>> 22: mov $0x1,%eax
>> 27: cmp $0x2,%r14
>> 2b: jne 0x000000000000002f
>> 2d: xor %eax,%eax
>> 2f: pop %r14
>> 31: pop %r13
>> 33: pop %rbx
>> 34: leave
>> 35: ret
>> 36: int3
>>
>> LLVM supports several variants that we could set when initialising the
>> disassembler, for example with:
>>
>> LLVMSetDisasmOptions(*ctx,
>> LLVMDisassembler_Option_AsmPrinterVariant);
>>
>> but the default printer is kept for now. Here is the output with LLVM:
>>
>> # bpftool prog dump jited id 56
>> bpf_prog_6deef7357e7b4530:
>> 0: nopl (%rax,%rax)
>> 5: nop
>> 7: pushq %rbp
>> 8: movq %rsp, %rbp
>> b: pushq %rbx
>> c: pushq %r13
>> e: pushq %r14
>> 10: movq %rdi, %rbx
>> 13: movzwq 176(%rbx), %r13
>> 1b: xorl %r14d, %r14d
>> 1e: orl $2, %r14d
>> 22: movl $1, %eax
>> 27: cmpq $2, %r14
>> 2b: jne 2
>> 2d: xorl %eax, %eax
>> 2f: popq %r14
>
> If I'm reading the asm correctly the difference is significant.
> jne 0x2f was an absolute address and jmps were easy
> to follow.
> While in llvm disasm it's 'jne 2' ?! What is 2 ?
> 2 bytes from the next insn of 0x2d ?
Yes, that's it. Apparently, this is how the operand is encoded, and
libbfd does the translation to the absolute address:
# bpftool prog dump jited id 7868 opcodes
[...]
2b: jne 0x000000000000002f
75 02
[...]
The same difference is observable between objdump and llvm-objdump on an
x86-64 binary for example, although they usually have labels to refer to
("jne -22 <_obstack_memory_used+0x7d0>"), making the navigation
easier. The only mention I could find of that difference is a report
from 2013 [0].
[0] https://discourse.llvm.org/t/llvm-objdump-disassembling-jmp/29584/2
> That is super hard to read.
> Is there a way to tune/configure llvm disasm?
There's a function and some options to tune it, but I tried them and
none applies to converting the jump operands.
int LLVMSetDisasmOptions(LLVMDisasmContextRef DC, uint64_t Options);
/* The option to produce marked up assembly. */
#define LLVMDisassembler_Option_UseMarkup 1
/* The option to print immediates as hex. */
#define LLVMDisassembler_Option_PrintImmHex 2
/* The option use the other assembler printer variant */
#define LLVMDisassembler_Option_AsmPrinterVariant 4
/* The option to set comment on instructions */
#define LLVMDisassembler_Option_SetInstrComments 8
/* The option to print latency information alongside instructions */
#define LLVMDisassembler_Option_PrintLatency 16
I found that LLVMDisassembler_Option_AsmPrinterVariant read better,
although in my patch I kept the default output which looked closer to
the existing from libbfd. Here's what the option produces:
bpf_prog_6deef7357e7b4530:
0: nop dword ptr [rax + rax]
5: nop
7: push rbp
8: mov rbp, rsp
b: push rbx
c: push r13
e: push r14
10: mov rbx, rdi
13: movzx r13, word ptr [rbx + 180]
1b: xor r14d, r14d
1e: or r14d, 2
22: mov eax, 1
27: cmp r14, 2
2b: jne 2
2d: xor eax, eax
2f: pop r14
31: pop r13
33: pop rbx
34: leave
35: re
But the jne operand remains a '2'. I'm not aware of any option to change
it in LLVM's disassembler :(.
