[DTrace-devel] BPF verifier question
Eugene Loh
eugene.loh at oracle.com
Thu Aug 27 14:22:28 PDT 2020
On 08/26/2020 07:09 PM, Kris Van Hees wrote:
> Can you post the actual verifier output plaese? Sometimes there are very
> interesting nuances hidden in it.
Here is what I have.
In the probe clause, after the call to get_bvar(), I insert a
jeq %r0, 0, pcb_exitlbl
This means that when the BPF verifier walks the instructions and hits
the problem, the value in question is no longer map_value_or_null but
simply map_value.
I run
dtrace -Sen 'BEGIN { x = curcpu; exit(0) }' >& dis.out
dtrace -n 'BEGIN { x = curcpu; exit(0) }' >& BPF.out
The basic layout of BPF.out is
instructions function description
0- 33 dt_dtrace entry until call dt_program()
36- 45 -> dt_program prologue
46- 49 dt_program clause until call to get_bvar()
74-113 -> get_bvar() case DIF_VAR_CURCPU
50- 50 dt_program map_value_or_null becomes
map_value
51- 54 dt_program get map_value, call set_gvar()
129-138 -> set_gvar()
bpf_map_update_elem(r1,fp-4,fp-16,0)
At the last instruction (138), we have:
R1_w=map_ptr(id=0,off=0,ks=4,vs=8,imm=0)
R2_w=fp-4
R3_w=fp-16
R4_w=invP0
R10=fp0
fp-8=0000????
fp-16_w=map_value
BPF: 138: (85) call bpf_map_update_elem#2
BPF: invalid indirect read from stack off -16+0 size 8
Thanks for any help.
-------------- next part --------------
Disassembly of :::BEGIN
INS OFF OPCODE INSTRUCTION
000 0000: 7b a 1 fff8 00000000 stdw [%fp-8], %r1
001 0008: 79 0 a fff8 00000000 lddw %r0, [%fp-8]
002 0016: 79 9 0 0010 00000000 lddw %r9, [%r0+16]
003 0024: 79 0 0 0008 00000000 lddw %r0, [%r0+8]
004 0032: 7a 0 0 0008 00000000 stdw [%r0+8], 0
005 0040: 7a 0 0 0010 00000000 stdw [%r0+16], 0
006 0048: 62 0 0 0000 ffffffff stw [%r0+0], -1 ! = EPID
007 0056: 62 9 0 0000 ffffffff stw [%r9+0], -1 ! = EPID
008 0064: 62 0 0 0004 00000000 stw [%r0+4], 0
009 0072: 62 9 0 0004 00000000 stw [%r9+4], 0
010 0080: 79 1 a fff8 00000000 lddw %r1, [%fp-8]
011 0088: 79 1 1 0008 00000000 lddw %r1, [%r1+8]
012 0096: b7 2 0 0000 00000121 mov %r2, 289
013 0104: 85 0 1 0000 ffffffff call dt_get_bvar ! curcpu
014 0112: 15 0 0 0015 00000000 jeq %r0, 0, 21 ! -> 036
015 0120: bf 8 0 0000 00000000 mov %r8, %r0
016 0128: bf 2 8 0000 00000000 mov %r2, %r8
017 0136: b7 1 0 0000 00000000 mov %r1, 0
018 0144: 85 0 1 0000 ffffffff call dt_set_gvar ! x
019 0152: b7 8 0 0000 00000000 mov %r8, 0
020 0160: 63 9 8 0008 00000000 stw [%r9+8], %r8
021 0168: 79 0 a fff8 00000000 lddw %r0, [%fp-8]
022 0176: 79 0 0 0008 00000000 lddw %r0, [%r0+8]
023 0184: 79 0 0 0008 00000000 lddw %r0, [%r0+8]
024 0192: 55 0 0 000b 00000000 jne %r0, 0, 11 ! -> 036
025 0200: 79 1 a fff8 00000000 lddw %r1, [%fp-8]
026 0208: 79 1 1 0000 00000000 lddw %r1, [%r1+0]
027 0216: 18 2 0 0000 ffffffff lddw %r2, 0x00000000ffffffff
028 0224: 00 0 0 0000 00000000 ! buffers
029 0232: 18 3 0 0000 ffffffff lddw %r3, 0x00000000ffffffff
030 0240: 00 0 0 0000 00000000
031 0248: bf 4 9 0000 00000000 mov %r4, %r9
032 0256: 07 4 0 0000 fffffffc add %r4, -4
033 0264: b7 5 0 0000 0000000c mov %r5, 12
034 0272: 07 5 0 0000 00000004 add %r5, 4
035 0280: 85 0 0 0000 00000019 call bpf_perf_event_output
036 0288: b7 0 0 0000 00000000 mov %r0, 0
037 0296: 95 0 0 0000 00000000 exit
NAME ID KND SCP RANGE FLAG TYPE
curcpu 121 scl glb [0-37] r D type (pointer) (size 8)
x 500 scl glb [0-37] w D type (pointer) (size 8)
BPF OFFSET VALUE NAME
R_BPF_INSN_DISP32 48 1 EPID
R_BPF_INSN_DISP32 56 1 EPID
R_BPF_INSN_DISP32 104 *UND* dt_get_bvar
R_BPF_INSN_DISP32 144 *UND* dt_set_gvar
R_BPF_INSN_64 216 *UND* buffers
-------------- next part --------------
dtrace: description 'BEGIN ' matched 1 probe
BPF: func#0 @0
BPF: func#1 @36
BPF: func#2 @74
BPF: func#3 @129
BPF: 0: R1=ctx(id=0,off=0,imm=0) R10=fp0
BPF: 0: (7b) *(u64 *)(r10 -24) = r1
BPF: 1: R1=ctx(id=0,off=0,imm=0) R10=fp0 fp-24_w=ctx
BPF: 1: (62) *(u32 *)(r10 -16) = 0
BPF: 2: R1=ctx(id=0,off=0,imm=0) R10=fp0 fp-16=????mmmm fp-24_w=ctx
BPF: 2: (18) r1 = 0xffff8f8f1fa54a00
BPF: 4: R1_w=map_ptr(id=0,off=0,ks=4,vs=128,imm=0) R10=fp0 fp-16=????mmmm fp-24_w=ctx
BPF: 4: (bf) r2 = r10
BPF: 5: R1_w=map_ptr(id=0,off=0,ks=4,vs=128,imm=0) R2_w=fp0 R10=fp0 fp-16=????mmmm fp-24_w=ctx
BPF: 5: (07) r2 += -16
BPF: 6: R1_w=map_ptr(id=0,off=0,ks=4,vs=128,imm=0) R2_w=fp-16 R10=fp0 fp-16=????mmmm fp-24_w=ctx
BPF: 6: (85) call bpf_map_lookup_elem#1
BPF: 7: R0_w=map_value_or_null(id=1,off=0,ks=4,vs=128,imm=0) R10=fp0 fp-16=????mmmm fp-24_w=ctx
BPF: 7: (15) if r0 == 0x0 goto pc+26
BPF: R0_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R10=fp0 fp-16=????mmmm fp-24_w=ctx
BPF: 8: R0_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R10=fp0 fp-16=????mmmm fp-24_w=ctx
BPF: 8: (7b) *(u64 *)(r10 -16) = r0
BPF: 9: R0_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R10=fp0 fp-16_w=map_value fp-24_w=ctx
BPF: 9: (07) r0 += 104
BPF: 10: R0_w=map_value(id=0,off=104,ks=4,vs=128,imm=0) R10=fp0 fp-16_w=map_value fp-24_w=ctx
BPF: 10: (7a) *(u64 *)(r0 +0) = 0
BPF: R0_w=map_value(id=0,off=104,ks=4,vs=128,imm=0) R10=fp0 fp-16_w=map_value fp-24_w=ctx
BPF: 11: R0_w=map_value(id=0,off=104,ks=4,vs=128,imm=0) R10=fp0 fp-16_w=map_value fp-24_w=ctx
BPF: 11: (07) r0 += 8
BPF: 12: R0_w=map_value(id=0,off=112,ks=4,vs=128,imm=0) R10=fp0 fp-16_w=map_value fp-24_w=ctx
BPF: 12: (7b) *(u64 *)(r10 -8) = r0
BPF: 13: R0_w=map_value(id=0,off=112,ks=4,vs=128,imm=0) R10=fp0 fp-8_w=map_value fp-16_w=map_value fp-24_w=ctx
BPF: 13: (79) r7 = *(u64 *)(r10 -16)
BPF: 14: R0_w=map_value(id=0,off=112,ks=4,vs=128,imm=0) R7_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R10=fp0 fp-8_w=map_value fp-16_w=map_value fp-24_w=ctx
BPF: 14: (79) r8 = *(u64 *)(r10 -24)
BPF: 15: R0_w=map_value(id=0,off=112,ks=4,vs=128,imm=0) R7_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R8_w=ctx(id=0,off=0,imm=0) R10=fp0 fp-8_w=map_value fp-16_w=map_value fp-24_w=ctx
BPF: 15: (79) r0 = *(u64 *)(r8 +112)
BPF: 16: R0_w=invP(id=0) R7_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R8_w=ctx(id=0,off=0,imm=0) R10=fp0 fp-8_w=map_value fp-16_w=map_value fp-24_w=ctx
BPF: 16: (7b) *(u64 *)(r7 +24) = r0
BPF: R0_w=invP(id=0) R7_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R8_w=ctx(id=0,off=0,imm=0) R10=fp0 fp-8_w=map_value fp-16_w=map_value fp-24_w=ctx
BPF: 17: R0_w=invP(id=0) R7_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R8_w=ctx(id=0,off=0,imm=0) R10=fp0 fp-8_w=map_value fp-16_w=map_value fp-24_w=ctx
BPF: 17: (79) r0 = *(u64 *)(r8 +104)
BPF: 18: R0_w=invP(id=0) R7_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R8_w=ctx(id=0,off=0,imm=0) R10=fp0 fp-8_w=map_value fp-16_w=map_value fp-24_w=ctx
BPF: 18: (7b) *(u64 *)(r7 +32) = r0
BPF: R0_w=invP(id=0) R7_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R8_w=ctx(id=0,off=0,imm=0) R10=fp0 fp-8_w=map_value fp-16_w=map_value fp-24_w=ctx
BPF: 19: R0_w=invP(id=0) R7_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R8_w=ctx(id=0,off=0,imm=0) R10=fp0 fp-8_w=map_value fp-16_w=map_value fp-24_w=ctx
BPF: 19: (79) r0 = *(u64 *)(r8 +96)
BPF: 20: R0_w=invP(id=0) R7_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R8_w=ctx(id=0,off=0,imm=0) R10=fp0 fp-8_w=map_value fp-16_w=map_value fp-24_w=ctx
BPF: 20: (7b) *(u64 *)(r7 +40) = r0
BPF: R0_w=invP(id=0) R7_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R8_w=ctx(id=0,off=0,imm=0) R10=fp0 fp-8_w=map_value fp-16_w=map_value fp-24_w=ctx
BPF: 21: R0_w=invP(id=0) R7_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R8_w=ctx(id=0,off=0,imm=0) R10=fp0 fp-8_w=map_value fp-16_w=map_value fp-24_w=ctx
BPF: 21: (79) r0 = *(u64 *)(r8 +88)
BPF: 22: R0_w=invP(id=0) R7_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R8_w=ctx(id=0,off=0,imm=0) R10=fp0 fp-8_w=map_value fp-16_w=map_value fp-24_w=ctx
BPF: 22: (7b) *(u64 *)(r7 +48) = r0
BPF: R0_w=invP(id=0) R7_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R8_w=ctx(id=0,off=0,imm=0) R10=fp0 fp-8_w=map_value fp-16_w=map_value fp-24_w=ctx
BPF: 23: R0_w=invP(id=0) R7_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R8_w=ctx(id=0,off=0,imm=0) R10=fp0 fp-8_w=map_value fp-16_w=map_value fp-24_w=ctx
BPF: 23: (79) r0 = *(u64 *)(r8 +72)
BPF: 24: R0_w=invP(id=0) R7_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R8_w=ctx(id=0,off=0,imm=0) R10=fp0 fp-8_w=map_value fp-16_w=map_value fp-24_w=ctx
BPF: 24: (7b) *(u64 *)(r7 +56) = r0
BPF: R0_w=invP(id=0) R7_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R8_w=ctx(id=0,off=0,imm=0) R10=fp0 fp-8_w=map_value fp-16_w=map_value fp-24_w=ctx
BPF: 25: R0_w=invP(id=0) R7_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R8_w=ctx(id=0,off=0,imm=0) R10=fp0 fp-8_w=map_value fp-16_w=map_value fp-24_w=ctx
BPF: 25: (79) r0 = *(u64 *)(r8 +64)
BPF: 26: R0_w=invP(id=0) R7_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R8_w=ctx(id=0,off=0,imm=0) R10=fp0 fp-8_w=map_value fp-16_w=map_value fp-24_w=ctx
BPF: 26: (7b) *(u64 *)(r7 +64) = r0
BPF: R0_w=invP(id=0) R7_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R8_w=ctx(id=0,off=0,imm=0) R10=fp0 fp-8_w=map_value fp-16_w=map_value fp-24_w=ctx
BPF: 27: R0_w=invP(id=0) R7_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R8_w=ctx(id=0,off=0,imm=0) R10=fp0 fp-8_w=map_value fp-16_w=map_value fp-24_w=ctx
BPF: 27: (7a) *(u64 *)(r7 +48) = 0
BPF: R0_w=invP(id=0) R7_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R8_w=ctx(id=0,off=0,imm=0) R10=fp0 fp-8_w=map_value fp-16_w=map_value fp-24_w=ctx
BPF: 28: R0_w=invP(id=0) R7_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R8_w=ctx(id=0,off=0,imm=0) R10=fp0 fp-8_w=map_value fp-16_w=map_value fp-24_w=ctx
BPF: 28: (7a) *(u64 *)(r7 +56) = 0
BPF: R0_w=invP(id=0) R7_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R8_w=ctx(id=0,off=0,imm=0) R10=fp0 fp-8_w=map_value fp-16_w=map_value fp-24_w=ctx
BPF: 29: R0_w=invP(id=0) R7_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R8_w=ctx(id=0,off=0,imm=0) R10=fp0 fp-8_w=map_value fp-16_w=map_value fp-24_w=ctx
BPF: 29: (7a) *(u64 *)(r7 +64) = 0
BPF: R0_w=invP(id=0) R7_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R8_w=ctx(id=0,off=0,imm=0) R10=fp0 fp-8_w=map_value fp-16_w=map_value fp-24_w=ctx
BPF: 30: R0_w=invP(id=0) R7_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R8_w=ctx(id=0,off=0,imm=0) R10=fp0 fp-8_w=map_value fp-16_w=map_value fp-24_w=ctx
BPF: 30: (7a) *(u64 *)(r7 +72) = 0
BPF: R0_w=invP(id=0) R7_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R8_w=ctx(id=0,off=0,imm=0) R10=fp0 fp-8_w=map_value fp-16_w=map_value fp-24_w=ctx
BPF: 31: R0_w=invP(id=0) R7_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R8_w=ctx(id=0,off=0,imm=0) R10=fp0 fp-8_w=map_value fp-16_w=map_value fp-24_w=ctx
BPF: 31: (bf) r1 = r10
BPF: 32: R0_w=invP(id=0) R1_w=fp0 R7_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R8_w=ctx(id=0,off=0,imm=0) R10=fp0 fp-8_w=map_value fp-16_w=map_value fp-24_w=ctx
BPF: 32: (07) r1 += -24
BPF: 33: R0=invP(id=0) R1=fp-24 R7=map_value(id=0,off=0,ks=4,vs=128,imm=0) R8=ctx(id=0,off=0,imm=0) R10=fp0 fp-8=map_value fp-16=map_value fp-24=ctx
BPF: 33: (85) call pc+2
BPF: caller:
BPF: R7=map_value(id=0,off=0,ks=4,vs=128,imm=0) R8=ctx(id=0,off=0,imm=0) R10=fp0 fp-8=map_value fp-16=map_value fp-24=ctx
BPF: callee:
BPF: frame1: R1=fp-24 R10=fp0
BPF: 36: frame1: R1=fp-24 R10=fp0
BPF: 36: (7b) *(u64 *)(r10 -8) = r1
BPF: 37: frame1: R1=fp-24 R10=fp0 fp-8_w=fp
BPF: 37: (79) r0 = *(u64 *)(r10 -8)
BPF: 38: frame1: R0_w=fp-24 R1=fp-24 R10=fp0 fp-8_w=fp
BPF: 38: (79) r9 = *(u64 *)(r0 +16)
BPF: 39: frame1: R0_w=fp-24 R1=fp-24 R9_w=map_value(id=0,off=112,ks=4,vs=128,imm=0) R10=fp0 fp-8_w=fp
BPF: 39: (79) r0 = *(u64 *)(r0 +8)
BPF: 40: frame1: R0_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R1=fp-24 R9_w=map_value(id=0,off=112,ks=4,vs=128,imm=0) R10=fp0 fp-8_w=fp
BPF: 40: (7a) *(u64 *)(r0 +8) = 0
BPF: frame1: R0_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R1=fp-24 R9_w=map_value(id=0,off=112,ks=4,vs=128,imm=0) R10=fp0 fp-8_w=fp
BPF: 41: frame1: R0_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R1=fp-24 R9_w=map_value(id=0,off=112,ks=4,vs=128,imm=0) R10=fp0 fp-8_w=fp
BPF: 41: (7a) *(u64 *)(r0 +16) = 0
BPF: frame1: R0_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R1=fp-24 R9_w=map_value(id=0,off=112,ks=4,vs=128,imm=0) R10=fp0 fp-8_w=fp
BPF: 42: frame1: R0_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R1=fp-24 R9_w=map_value(id=0,off=112,ks=4,vs=128,imm=0) R10=fp0 fp-8_w=fp
BPF: 42: (62) *(u32 *)(r0 +0) = 1
BPF: frame1: R0_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R1=fp-24 R9_w=map_value(id=0,off=112,ks=4,vs=128,imm=0) R10=fp0 fp-8_w=fp
BPF: 43: frame1: R0_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R1=fp-24 R9_w=map_value(id=0,off=112,ks=4,vs=128,imm=0) R10=fp0 fp-8_w=fp
BPF: 43: (62) *(u32 *)(r9 +0) = 1
BPF: frame1: R0_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R1=fp-24 R9_w=map_value(id=0,off=112,ks=4,vs=128,imm=0) R10=fp0 fp-8_w=fp
BPF: 44: frame1: R0_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R1=fp-24 R9_w=map_value(id=0,off=112,ks=4,vs=128,imm=0) R10=fp0 fp-8_w=fp
BPF: 44: (62) *(u32 *)(r0 +4) = 0
BPF: frame1: R0_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R1=fp-24 R9_w=map_value(id=0,off=112,ks=4,vs=128,imm=0) R10=fp0 fp-8_w=fp
BPF: 45: frame1: R0_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R1=fp-24 R9_w=map_value(id=0,off=112,ks=4,vs=128,imm=0) R10=fp0 fp-8_w=fp
BPF: 45: (62) *(u32 *)(r9 +4) = 0
BPF: frame1: R0_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R1=fp-24 R9_w=map_value(id=0,off=112,ks=4,vs=128,imm=0) R10=fp0 fp-8_w=fp
BPF: 46: frame1: R0_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R1=fp-24 R9_w=map_value(id=0,off=112,ks=4,vs=128,imm=0) R10=fp0 fp-8_w=fp
BPF: 46: (79) r1 = *(u64 *)(r10 -8)
BPF: 47: frame1: R0_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R1_w=fp-24 R9_w=map_value(id=0,off=112,ks=4,vs=128,imm=0) R10=fp0 fp-8_w=fp
BPF: 47: (79) r1 = *(u64 *)(r1 +8)
BPF: 48: frame1: R0_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R1_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R9_w=map_value(id=0,off=112,ks=4,vs=128,imm=0) R10=fp0 fp-8_w=fp
BPF: 48: (b7) r2 = 289
BPF: 49: frame1: R0_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R1_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R2_w=invP289 R9_w=map_value(id=0,off=112,ks=4,vs=128,imm=0) R10=fp0 fp-8_w=fp
BPF: 49: (85) call pc+24
BPF: caller:
BPF: frame1: R9_w=map_value(id=0,off=112,ks=4,vs=128,imm=0) R10=fp0 fp-8_w=fp
BPF: callee:
BPF: frame2: R1_w=map_value(id=0,off=0,ks=4,vs=128,imm=0) R2_w=invP289 R10=fp0
BPF: 74: frame2: R1=map_value(id=0,off=0,ks=4,vs=128,imm=0) R2=invP289 R10=fp0
BPF: 74: (bc) w2 = w2
BPF: 75: frame2: R1=map_value(id=0,off=0,ks=4,vs=128,imm=0) R2_w=invP289 R10=fp0
BPF: 75: (15) if r2 == 0x110 goto pc+41
BPF: 76: frame2: R1=map_value(id=0,off=0,ks=4,vs=128,imm=0) R2_w=invP289 R10=fp0
BPF: 76: (b5) if r2 <= 0x110 goto pc+7
BPF: 77: frame2: R1=map_value(id=0,off=0,ks=4,vs=128,imm=0) R2_w=invP289 R10=fp0
BPF: 77: (15) if r2 == 0x11e goto pc+41
BPF: 78: frame2: R1=map_value(id=0,off=0,ks=4,vs=128,imm=0) R2_w=invP289 R10=fp0
BPF: 78: (25) if r2 > 0x11e goto pc+26
BPF: 105: frame2: R1=map_value(id=0,off=0,ks=4,vs=128,imm=0) R2_w=invP289 R10=fp0
BPF: 105: (15) if r2 == 0x11f goto pc+8
BPF: 106: frame2: R1=map_value(id=0,off=0,ks=4,vs=128,imm=0) R2_w=invP289 R10=fp0
BPF: 106: (55) if r2 != 0x121 goto pc-12
BPF: 107: frame2: R1=map_value(id=0,off=0,ks=4,vs=128,imm=0) R2_w=invP289 R10=fp0
BPF: 107: (62) *(u32 *)(r10 -4) = 0
BPF: 108: frame2: R1=map_value(id=0,off=0,ks=4,vs=128,imm=0) R2_w=invP289 R10=fp0 fp-8=mmmm????
BPF: 108: (bf) r2 = r10
BPF: 109: frame2: R1=map_value(id=0,off=0,ks=4,vs=128,imm=0) R2_w=fp0 R10=fp0 fp-8=mmmm????
BPF: 109: (07) r2 += -4
BPF: 110: frame2: R1=map_value(id=0,off=0,ks=4,vs=128,imm=0) R2_w=fp-4 R10=fp0 fp-8=mmmm????
BPF: 110: (18) r1 = 0xffff8f8f1fa56600
BPF: 112: frame2: R1_w=map_ptr(id=0,off=0,ks=4,vs=24,imm=0) R2_w=fp-4 R10=fp0 fp-8=mmmm????
BPF: 112: (85) call bpf_map_lookup_elem#1
BPF: 113: frame2: R0=map_value_or_null(id=2,off=0,ks=4,vs=24,imm=0) R10=fp0 fp-8=mmmm????
BPF: 113: (95) exit
BPF: returning from callee:
BPF: frame2: R0=map_value_or_null(id=2,off=0,ks=4,vs=24,imm=0) R10=fp0 fp-8=mmmm????
BPF: to caller at 50:
BPF: frame1: R0=map_value_or_null(id=2,off=0,ks=4,vs=24,imm=0) R9=map_value(id=0,off=112,ks=4,vs=128,imm=0) R10=fp0 fp-8=fp
BPF: 50: frame1: R0=map_value_or_null(id=2,off=0,ks=4,vs=24,imm=0) R9=map_value(id=0,off=112,ks=4,vs=128,imm=0) R10=fp0 fp-8=fp
BPF: 50: (15) if r0 == 0x0 goto pc+21
BPF: frame1: R0=map_value(id=0,off=0,ks=4,vs=24,imm=0) R9=map_value(id=0,off=112,ks=4,vs=128,imm=0) R10=fp0 fp-8=fp
BPF: 51: frame1: R0=map_value(id=0,off=0,ks=4,vs=24,imm=0) R9=map_value(id=0,off=112,ks=4,vs=128,imm=0) R10=fp0 fp-8=fp
BPF: 51: (bf) r8 = r0
BPF: 52: frame1: R0=map_value(id=0,off=0,ks=4,vs=24,imm=0) R8_w=map_value(id=0,off=0,ks=4,vs=24,imm=0) R9=map_value(id=0,off=112,ks=4,vs=128,imm=0) R10=fp0 fp-8=fp
BPF: 52: (bf) r2 = r8
BPF: 53: frame1: R0=map_value(id=0,off=0,ks=4,vs=24,imm=0) R2_w=map_value(id=0,off=0,ks=4,vs=24,imm=0) R8_w=map_value(id=0,off=0,ks=4,vs=24,imm=0) R9=map_value(id=0,off=112,ks=4,vs=128,imm=0) R10=fp0 fp-8=fp
BPF: 53: (b7) r1 = 0
BPF: 54: frame1: R0=map_value(id=0,off=0,ks=4,vs=24,imm=0) R1_w=invP0 R2_w=map_value(id=0,off=0,ks=4,vs=24,imm=0) R8_w=map_value(id=0,off=0,ks=4,vs=24,imm=0) R9=map_value(id=0,off=112,ks=4,vs=128,imm=0) R10=fp0 fp-8=fp
BPF: 54: (85) call pc+74
BPF: caller:
BPF: frame1: R8_w=map_value(id=0,off=0,ks=4,vs=24,imm=0) R9=map_value(id=0,off=112,ks=4,vs=128,imm=0) R10=fp0 fp-8=fp
BPF: callee:
BPF: frame2: R1_w=invP0 R2_w=map_value(id=0,off=0,ks=4,vs=24,imm=0) R10=fp0
BPF: 129: frame2: R1_w=invP0 R2_w=map_value(id=0,off=0,ks=4,vs=24,imm=0) R10=fp0
BPF: 129: (63) *(u32 *)(r10 -4) = r1
BPF: 130: frame2: R1_w=invP0 R2_w=map_value(id=0,off=0,ks=4,vs=24,imm=0) R10=fp0 fp-8=0000????
BPF: 130: (7b) *(u64 *)(r10 -16) = r2
BPF: 131: frame2: R1_w=invP0 R2_w=map_value(id=0,off=0,ks=4,vs=24,imm=0) R10=fp0 fp-8=0000???? fp-16_w=map_value
BPF: 131: (b7) r4 = 0
BPF: 132: frame2: R1_w=invP0 R2_w=map_value(id=0,off=0,ks=4,vs=24,imm=0) R4_w=invP0 R10=fp0 fp-8=0000???? fp-16_w=map_value
BPF: 132: (bf) r3 = r10
BPF: 133: frame2: R1_w=invP0 R2_w=map_value(id=0,off=0,ks=4,vs=24,imm=0) R3_w=fp0 R4_w=invP0 R10=fp0 fp-8=0000???? fp-16_w=map_value
BPF: 133: (07) r3 += -16
BPF: 134: frame2: R1_w=invP0 R2_w=map_value(id=0,off=0,ks=4,vs=24,imm=0) R3_w=fp-16 R4_w=invP0 R10=fp0 fp-8=0000???? fp-16_w=map_value
BPF: 134: (bf) r2 = r10
BPF: 135: frame2: R1_w=invP0 R2_w=fp0 R3_w=fp-16 R4_w=invP0 R10=fp0 fp-8=0000???? fp-16_w=map_value
BPF: 135: (07) r2 += -4
BPF: 136: frame2: R1_w=invP0 R2_w=fp-4 R3_w=fp-16 R4_w=invP0 R10=fp0 fp-8=0000???? fp-16_w=map_value
BPF: 136: (18) r1 = 0xffff8f8f7f733200
BPF: 138: frame2: R1_w=map_ptr(id=0,off=0,ks=4,vs=8,imm=0) R2_w=fp-4 R3_w=fp-16 R4_w=invP0 R10=fp0 fp-8=0000???? fp-16_w=map_value
BPF: 138: (85) call bpf_map_update_elem#2
BPF: invalid indirect read from stack off -16+0 size 8
BPF: verification time 313 usec
BPF: stack depth 24+8+4+16
BPF: processed 74 insns (limit 1000000) max_states_per_insn 0 total_states 3 peak_states 3 mark_read 1
dtrace: could not enable tracing: BPF program load for 'dtrace:::BEGIN' failed: Permission denied
More information about the DTrace-devel
mailing list