I'm fairly certain these are right, but I wanted to get another set of eyes on them before I committed them.

Haven't checked the numbers yet, but perhaps assert?

There are two different perspectives here of assert vs unreachable vs other things.

In general you want unreachable if the code is unreachable and not a bad value - the latter you want asserts.

In this case one thing we can also do is report a fatal error if we get to this point as well with invalid assembly. There's not a lot of that in MC right now, but it's probably the right direction. Better errors would be good, but would involve some reworking of the MC infrastructure to pass around an error context and might not be worth it at the moment.

Not quite what I meant, but if you want to ensure that this crashes the compiler rather than emitting bad code then this is fine. Can you also add a TODO with "this should return an error" or some such?

Thanks!

-eric

Hi folks, I think llvm_unreachable is really the wrong error handling strategy here. It _won't_ necessarily cause the process to exit on a release build. This is actually one of the cases where it is possible to report a nice error without too much hassle. In rL299529 I added an MCContext parameter to MCAsmBackend::applyFixup in order to make it easy to use MCContext::reportError for effort reporting in helper functions like adjustFixupValue. Due to later upstream changes, you now get hold of your MCContext via the MCAssembler argument. You can see an example of this approach in action in D23568.

In D33574#849770, @asb wrote:

Hi folks, I think llvm_unreachable is really the wrong error handling strategy here. It _won't_ necessarily cause the process to exit on a release build. This is actually one of the cases where it is possible to report a nice error without too much hassle. In rL299529 I added an MCContext parameter to MCAsmBackend::applyFixup in order to make it easy to use MCContext::reportError for effort reporting in helper functions like adjustFixupValue. Due to later upstream changes, you now get hold of your MCContext via the MCAssembler argument. You can see an example of this approach in action in D23568.

I think that the test here is: is this something that a user could hit, (including with inline assembly, etc.), or does this indicate an internal problem only? For internal errors, we have lots of checks that we optimize out for release builds (and there's always the option of building release+asserts, and I deploy those builds on more experimental platforms as a general rule). If it is something that a user could hit, then it should be an error that the user will always get.

In D33574#850019, @hfinkel wrote:

I think that the test here is: is this something that a user could hit, (including with inline assembly, etc.), or does this indicate an internal problem only? For internal errors, we have lots of checks that we optimize out for release builds (and there's always the option of building release+asserts, and I deploy those builds on more experimental platforms as a general rule). If it is something that a user could hit, then it should be an error that the user will always get.

That matches my understanding of when to use report_fatal_error or mechanisms like MCContext::reportError. Unless I'm missing in the PowerPC backend, I believe invalid fixup values can be easily triggered by user input, e.g.

b distant
.space 1<<27
distant: