Hi,
I encounter the following BPF verifier error:

from 28 to 30: R0=imm1,min_value=1,max_value=1 R1=pkt(id=0,off=0,r=22)
R2=pkt_end R3=imm144,min_value=144,max_value=144
R4=imm0,min_value=0,max_value=0 R5=inv48,min_value=2054,max_value=2054
R10=fp
30: (bf) r5 = r3
31: (07) r5 += 23
32: (77) r5 >>= 3
33: (bf) r6 = r1
34: (0f) r6 += r5
cannot add integer value with 0 upper zero bits to ptr_to_packet
---
Shouldn't the r5 be an imm value? since it comes from r3=144 and just
doing +=23 and shift right 3 bits?
---
the C code is doing data and data_end checking:
ebpf_filter:
; int ebpf_filter(struct xdp_md* skb){
       0: r2 = *(u32 *)(r1 + 4)
; void *data = (void *)(long)skb->data;
       1: r1 = *(u32 *)(r1 + 0)
; u32 ebpf_zero = 0;
       2: r3 = 0
       3: *(u32 *)(r10 - 4) = r3
       4: r0 = 1
; if (data_end < data + BYTES(ebpf_packetOffsetInBits + 48)) {
       5: r3 = r1
       6: r3 += 6
       7: if r3 > r2 goto 1
       8: goto 1
...
LBB0_1:
; if (data_end < data + BYTES(ebpf_packetOffsetInBits + 16)) {
      30: r5 = r3
      31: r5 += 23
      32: r5 >>= 3
      33: r6 = r1
      34: r6 += r5
      35: if r6 > r2 goto 65509
; if (data_end < data + BYTES(ebpf_packetOffsetInBits + 16)) {
...
In which I was checking the packet's boundary. BYTE() is a simple macro doing
#define BYTES(w) ((w + 7) >> 3)

Thanks!
William
_______________________________________________
iovisor-dev mailing list
[email protected]
https://lists.iovisor.org/mailman/listinfo/iovisor-dev

Reply via email to