On Wed, May 9, 2018 at 4:38 PM, Paul Chaignon <[email protected]> wrote:
> On Wed, May 09, 2018 at 07:26:17AM -0700, Alexei Starovoitov wrote: > > On Wed, May 9, 2018 at 4:48 AM, Paul Chaignon via iovisor-dev > > <[email protected]> wrote: > > > Hi, > > > > > > I'm getting an "invalid indirect read from stack" when trying to run > the > > > following bcc script: > > > > > > paul$ cat tmp.py > > > from bcc import BPF > > > bpf_text = """ > > > #include <uapi/linux/ptrace.h> > > > #include <net/sock.h> > > > #include <bcc/proto.h> > > > > > > BPF_HASH(currsock, u32, struct sock **); > > > > > > int trace_entry(struct pt_regs *ctx, struct sock *sk) { > > > u32 zero = 0; > > > struct sock **skp = &sk; > > > currsock.update(&zero, &skp); > > > return 0; > > > }; > > > """ > > > b = BPF(text=bpf_text) > > > b.load_func("trace_entry", BPF.KPROBE) > > > > > > paul$ sudo python tmp.py > > > bpf: Failed to load program: Permission denied > > > 0: (79) r1 = *(u64 *)(r1 +112) > > > 1: (7b) *(u64 *)(r10 -8) = r1 > > > 2: (b7) r1 = 0 > > > 3: (63) *(u32 *)(r10 -12) = r1 > > > 4: (bf) r1 = r10 > > > 5: (07) r1 += -8 > > > 6: (7b) *(u64 *)(r10 -24) = r1 > > > 7: (18) r1 = 0xffff8801ed41b300 > > > 9: (bf) r2 = r10 > > > 10: (07) r2 += -12 > > > 11: (bf) r3 = r10 > > > 12: (07) r3 += -24 > > > 13: (b7) r4 = 0 > > > 14: (85) call 2 > > > invalid indirect read from stack off -24+0 size 8 > > > > > > As far as I can see, that program is valid; the stack offset r10-24 was > > > initialized on line 6 with the value read from context on line 1. Is > this > > > an error on the verifier's side or am I missing something? > > > > verifier complains that fp-24 was initialized with > > pointer to stack. > > I see. I had no idea kprobe BPF programs couldn't store stack pointers in > maps. > Never mind. I see why that's not possible. Not sure what I was thinking. > > > I don't think you really meant to take local stack pointer > > and store it into the map: > > struct sock **skp = &sk; > > Actually, I did. This is just a dummy example to test a fix for the bcc > rewriter I'm working on. But if BPF programs can't save stack pointers to > maps, that will actually ease my work :) >
_______________________________________________ iovisor-dev mailing list [email protected] https://lists.iovisor.org/mailman/listinfo/iovisor-dev
