I got a report for a failure in BPF verifier on a recent kernel with
perf lock contention command. It checks task->sighand->siglock without
checking if sighand is NULL or not. Let's add one.
; if (&curr->sighand->siglock == (void *)lock)
265: (79) r1 = *(u64 *)(r0 +2624) ; frame1: R0_w=trusted_ptr_task_struct(off=0,imm=0) R1_w=rcu_ptr_or_null_sighand_struct(off=0,imm=0)
266: (b7) r2 = 0 ; frame1: R2_w=0
267: (0f) r1 += r2
R1 pointer arithmetic on rcu_ptr_or_null_ prohibited, null-check it first
processed 164 insns (limit 1000000) max_states_per_insn 1 total_states 15 peak_states 15 mark_read 5
-- END PROG LOAD LOG --
libbpf: prog 'contention_end': failed to load: -13
libbpf: failed to load object 'lock_contention_bpf'
libbpf: failed to load BPF skeleton 'lock_contention_bpf': -13
Failed to load lock-contention BPF skeleton
lock contention BPF setup failed
lock contention did not detect any lock contention
Signed-off-by: Namhyung Kim <[email protected]>
---
tools/perf/util/bpf_skel/lock_contention.bpf.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/perf/util/bpf_skel/lock_contention.bpf.c b/tools/perf/util/bpf_skel/lock_contention.bpf.c
index fb54bd38e7d0..4e5914d7eeaa 100644
--- a/tools/perf/util/bpf_skel/lock_contention.bpf.c
+++ b/tools/perf/util/bpf_skel/lock_contention.bpf.c
@@ -305,7 +305,7 @@ static inline __u32 check_lock_type(__u64 lock, __u32 flags)
break;
case LCB_F_SPIN: /* spinlock */
curr = bpf_get_current_task_btf();
- if (&curr->sighand->siglock == (void *)lock)
+ if (curr->sighand && &curr->sighand->siglock == (void *)lock)
return LCD_F_SIGHAND_LOCK;
break;
default:
--
2.44.0.478.gd926399ef9-goog
On Tue, Apr 2, 2024 at 11:45 AM Namhyung Kim <[email protected]> wrote:
>
> I got a report for a failure in BPF verifier on a recent kernel with
> perf lock contention command. It checks task->sighand->siglock without
> checking if sighand is NULL or not. Let's add one.
>
> ; if (&curr->sighand->siglock == (void *)lock)
> 265: (79) r1 = *(u64 *)(r0 +2624) ; frame1: R0_w=trusted_ptr_task_struct(off=0,imm=0) R1_w=rcu_ptr_or_null_sighand_struct(off=0,imm=0)
> 266: (b7) r2 = 0 ; frame1: R2_w=0
> 267: (0f) r1 += r2
> R1 pointer arithmetic on rcu_ptr_or_null_ prohibited, null-check it first
> processed 164 insns (limit 1000000) max_states_per_insn 1 total_states 15 peak_states 15 mark_read 5
> -- END PROG LOAD LOG --
> libbpf: prog 'contention_end': failed to load: -13
> libbpf: failed to load object 'lock_contention_bpf'
> libbpf: failed to load BPF skeleton 'lock_contention_bpf': -13
> Failed to load lock-contention BPF skeleton
> lock contention BPF setup failed
> lock contention did not detect any lock contention
>
> Signed-off-by: Namhyung Kim <[email protected]>
Reviewed-by: Ian Rogers <[email protected]>
Thanks,
Ian
> ---
> tools/perf/util/bpf_skel/lock_contention.bpf.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/tools/perf/util/bpf_skel/lock_contention.bpf.c b/tools/perf/util/bpf_skel/lock_contention.bpf.c
> index fb54bd38e7d0..4e5914d7eeaa 100644
> --- a/tools/perf/util/bpf_skel/lock_contention.bpf.c
> +++ b/tools/perf/util/bpf_skel/lock_contention.bpf.c
> @@ -305,7 +305,7 @@ static inline __u32 check_lock_type(__u64 lock, __u32 flags)
> break;
> case LCB_F_SPIN: /* spinlock */
> curr = bpf_get_current_task_btf();
> - if (&curr->sighand->siglock == (void *)lock)
> + if (curr->sighand && &curr->sighand->siglock == (void *)lock)
> return LCD_F_SIGHAND_LOCK;
> break;
> default:
> --
> 2.44.0.478.gd926399ef9-goog
>
On Tue, Apr 02, 2024 at 11:45:43AM -0700, Namhyung Kim wrote:
> I got a report for a failure in BPF verifier on a recent kernel with
> perf lock contention command. It checks task->sighand->siglock without
> checking if sighand is NULL or not. Let's add one.
>
> ; if (&curr->sighand->siglock == (void *)lock)
> 265: (79) r1 = *(u64 *)(r0 +2624) ; frame1: R0_w=trusted_ptr_task_struct(off=0,imm=0) R1_w=rcu_ptr_or_null_sighand_struct(off=0,imm=0)
> 266: (b7) r2 = 0 ; frame1: R2_w=0
> 267: (0f) r1 += r2
> R1 pointer arithmetic on rcu_ptr_or_null_ prohibited, null-check it first
> processed 164 insns (limit 1000000) max_states_per_insn 1 total_states 15 peak_states 15 mark_read 5
> -- END PROG LOAD LOG --
> libbpf: prog 'contention_end': failed to load: -13
> libbpf: failed to load object 'lock_contention_bpf'
> libbpf: failed to load BPF skeleton 'lock_contention_bpf': -13
> Failed to load lock-contention BPF skeleton
> lock contention BPF setup failed
> lock contention did not detect any lock contention
>
> Signed-off-by: Namhyung Kim <[email protected]>
Acked-by: Arnaldo Carvalho de Melo <[email protected]>
Are you going to have this merged into perf-tools?
A Fixes: tag isn't perhaps needed as it worked in the past?
- Arnaldo
> ---
> tools/perf/util/bpf_skel/lock_contention.bpf.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/tools/perf/util/bpf_skel/lock_contention.bpf.c b/tools/perf/util/bpf_skel/lock_contention.bpf.c
> index fb54bd38e7d0..4e5914d7eeaa 100644
> --- a/tools/perf/util/bpf_skel/lock_contention.bpf.c
> +++ b/tools/perf/util/bpf_skel/lock_contention.bpf.c
> @@ -305,7 +305,7 @@ static inline __u32 check_lock_type(__u64 lock, __u32 flags)
> break;
> case LCB_F_SPIN: /* spinlock */
> curr = bpf_get_current_task_btf();
> - if (&curr->sighand->siglock == (void *)lock)
> + if (curr->sighand && &curr->sighand->siglock == (void *)lock)
> return LCD_F_SIGHAND_LOCK;
> break;
> default:
> --
> 2.44.0.478.gd926399ef9-goog
On Tue, Apr 2, 2024 at 12:45 PM Arnaldo Carvalho de Melo
<[email protected]> wrote:
>
> On Tue, Apr 02, 2024 at 11:45:43AM -0700, Namhyung Kim wrote:
> > I got a report for a failure in BPF verifier on a recent kernel with
> > perf lock contention command. It checks task->sighand->siglock without
> > checking if sighand is NULL or not. Let's add one.
> >
> > ; if (&curr->sighand->siglock == (void *)lock)
> > 265: (79) r1 = *(u64 *)(r0 +2624) ; frame1: R0_w=trusted_ptr_task_struct(off=0,imm=0) R1_w=rcu_ptr_or_null_sighand_struct(off=0,imm=0)
> > 266: (b7) r2 = 0 ; frame1: R2_w=0
> > 267: (0f) r1 += r2
> > R1 pointer arithmetic on rcu_ptr_or_null_ prohibited, null-check it first
> > processed 164 insns (limit 1000000) max_states_per_insn 1 total_states 15 peak_states 15 mark_read 5
> > -- END PROG LOAD LOG --
> > libbpf: prog 'contention_end': failed to load: -13
> > libbpf: failed to load object 'lock_contention_bpf'
> > libbpf: failed to load BPF skeleton 'lock_contention_bpf': -13
> > Failed to load lock-contention BPF skeleton
> > lock contention BPF setup failed
> > lock contention did not detect any lock contention
> >
> > Signed-off-by: Namhyung Kim <[email protected]>
>
> Acked-by: Arnaldo Carvalho de Melo <[email protected]>
>
> Are you going to have this merged into perf-tools?
>
> A Fixes: tag isn't perhaps needed as it worked in the past?
Fixes: 1811e82767dcc ("perf lock contention: Track and show siglock
with address")
It was introduced in v6.4 and it should be fine to have this
even without the error. I'll queue it to perf-tools.
Thanks,
Namhyung
On Tue, Apr 02, 2024 at 01:42:05PM -0700, Namhyung Kim wrote:
> On Tue, Apr 2, 2024 at 12:45 PM Arnaldo Carvalho de Melo <[email protected]> wrote:
> > Acked-by: Arnaldo Carvalho de Melo <[email protected]>
> > Are you going to have this merged into perf-tools?
> > A Fixes: tag isn't perhaps needed as it worked in the past?
> Fixes: 1811e82767dcc ("perf lock contention: Track and show siglock
> with address")
> It was introduced in v6.4 and it should be fine to have this
> even without the error. I'll queue it to perf-tools.
ok, better, people trying the tool with a recent kernel will experience
this, so its the right thing to get it thru perf-tools.
Thanks!
- Arnaldo
On Tue, Apr 2, 2024 at 2:37 PM Arnaldo Carvalho de Melo <[email protected]> wrote:
>
> On Tue, Apr 02, 2024 at 01:42:05PM -0700, Namhyung Kim wrote:
> > On Tue, Apr 2, 2024 at 12:45 PM Arnaldo Carvalho de Melo <[email protected]> wrote:
> > > Acked-by: Arnaldo Carvalho de Melo <[email protected]>
>
> > > Are you going to have this merged into perf-tools?
>
> > > A Fixes: tag isn't perhaps needed as it worked in the past?
>
> > Fixes: 1811e82767dcc ("perf lock contention: Track and show siglock
> > with address")
>
> > It was introduced in v6.4 and it should be fine to have this
> > even without the error. I'll queue it to perf-tools.
>
> ok, better, people trying the tool with a recent kernel will experience
> this, so its the right thing to get it thru perf-tools.
Hmm.. it was not sufficient. I've got another report of failure on loading
the BPF program. It seems the verifier treated the NULL check and
the later loading separately.
I'll send v2 soon.
Thanks,
Namhyung
; curr = bpf_get_current_task_btf();
264: (85) call bpf_get_current_task_btf#158
; frame1: R0_w=trusted_ptr_task_struct(off=0,imm=0)
; if (curr->sighand && &curr->sighand->siglock == (void *)lock)
265: (79) r1 = *(u64 *)(r0 +2624)
; frame1: R0_w=trusted_ptr_task_struct(off=0,imm=0)
R1_w=rcu_ptr_or_null_sighand_struct(off=0,imm=0)
; if (curr->sighand && &curr->sighand->siglock == (void *)lock)
266: (15) if r1 == 0x0 goto pc+5
; frame1: R1_w=rcu_ptr_sighand_struct(off=0,imm=0)
267: (b7) r1 = 0 ; frame1: R1_w=0
; if (curr->sighand && &curr->sighand->siglock == (void *)lock)
268: (79) r2 = *(u64 *)(r0 +2624)
; frame1: R0_w=trusted_ptr_task_struct(off=0,imm=0)
R2_w=rcu_ptr_or_null_sighand_struct(off=0,imm=0)
269: (0f) r2 += r1
R2 pointer arithmetic on rcu_ptr_or_null_ prohibited, null-check it first
processed 166 insns (limit 1000000) max_states_per_insn 0
total_states 15 peak_states 15 mark_read 5
-- END PROG LOAD LOG --
libbpf: prog 'contention_end': failed to load: -13
libbpf: failed to load object 'lock_contention_bpf'
libbpf: failed to load BPF skeleton 'lock_contention_bpf': -13
Failed to load lock-contention BPF skeleton
lock contention BPF setup failed