Received: by 2002:a05:7412:e794:b0:fa:551:50a7 with SMTP id o20csp681528rdd; Tue, 9 Jan 2024 17:07:24 -0800 (PST) X-Google-Smtp-Source: AGHT+IGGpKvcuzKVumCyYElMwC/RIDk9Ky71222XRsLm4JzRRgnTM66gh5W7eUokwnxWn1Br/TpH X-Received: by 2002:a05:620a:164b:b0:783:15f5:c8 with SMTP id c11-20020a05620a164b00b0078315f500c8mr348659qko.50.1704848844568; Tue, 09 Jan 2024 17:07:24 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1704848844; cv=none; d=google.com; s=arc-20160816; b=jiJIhZ353T0t/CeIFJcjWyHMS7GHrlNJNuO23nOe7DSnR1IQdstgHWB6gK90FjCPjh WC4xWprh6phN0VTb98SAgruyOnrWLiYyve93gS7tG7c191FVgcXwM0OkBIPwjPtUHnkU FXZEzIAa0/ArDxOPyxZP8mn2qGqEvuFc2jl23e+ZA2aC2w2ACAfIxrl5vYMFi7pzSz3B M/cbC3hCsl4OUSs8FLevPkjn/790tmTNgPQ0I47BGr9M6r+w8mHzvVRS3eU82v5OsZAf O5rl/pmJ1GTvXoZzKXgv1YpMqzhwsPtQaR5w+RIcVggvPOxX5pmLHN26gPQijZRpRVTj TikQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:list-unsubscribe:list-subscribe :list-id:precedence:dkim-signature; bh=0kzeKZQ2q2UJ+/AdvmSxOy2poTn653uHKZFwHZADhUA=; fh=5dbCIxUgaVHL5JSS537+NCfIjZH8IR7/s65cqsPrbGU=; b=MI3CzEqnJB2SUkwExrESqnM65hc/OeNEG/UopPB5CYujlBKkisi5QqnjVTpws/Oc3/ WPWnOUepZRCKGMaB/zPMj13Dh99i/l7JUKTzRP72Bt7EqAXDqKJtRS0sc7V0pCIfhXIZ 9L+EMuNHpsfp0Ie1KzDNIGnrbKoxhp+wX337BJ1YKJo+Zcsswx4wdo+CqV+Oz+U0M09T c4v1pOVbRjoqTWTTx5ZpJCXgPVpSqX46K0z//KB+jQXZqafEOQUn0YZNk9yC5P5Frq+c OQ3w2sbGBpvvS4UP+gPu8sgm6gLMoSM1AZD0IbtpIlo/pHi7ljbAP/qJJwQ660r+x/OF 5qmg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=PK1ewSEO; spf=pass (google.com: domain of linux-kernel+bounces-21604-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-21604-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id w5-20020a05620a094500b0078166136e7fsi3012659qkw.598.2024.01.09.17.07.24 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 09 Jan 2024 17:07:24 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-21604-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=PK1ewSEO; spf=pass (google.com: domain of linux-kernel+bounces-21604-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-21604-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 55B541C2397C for ; Wed, 10 Jan 2024 01:07:24 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 514721375; Wed, 10 Jan 2024 01:07:14 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="PK1ewSEO" Received: from mail-wr1-f53.google.com (mail-wr1-f53.google.com [209.85.221.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 13B6163D; Wed, 10 Jan 2024 01:07:10 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-wr1-f53.google.com with SMTP id ffacd0b85a97d-336746c7b6dso3212420f8f.0; Tue, 09 Jan 2024 17:07:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1704848829; x=1705453629; darn=vger.kernel.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=0kzeKZQ2q2UJ+/AdvmSxOy2poTn653uHKZFwHZADhUA=; b=PK1ewSEOyIhnYsEFalGRfMoGuaz15quBsfYIuMyxwfCj+0jXEk8XfwKudmKM97wiwG ayh9qDDbmtlfvuCb/X29SBRDTcSCKifE0vUgen+7T6chdjFYl2Y9nsxHOIVeL6zhRlp6 /ZByq1XXTxVNcn20YscSv3+LS2OYw8mm74cM0fg4PbiWzrHWdGM282kUFR1uPPrImqgi 0SY2nkzGdTjrhc/3WRV7esa5V0Gfy+AAononmtwHmZvMo3L3AnV4Ure5CiWBACruLHyZ VJHTjYGEj6OSJoZRez70ySLVctPatFs8CHvrj43oc+Bb88j44lnwurtxj2tKgoPejeYE nOug== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1704848829; x=1705453629; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=0kzeKZQ2q2UJ+/AdvmSxOy2poTn653uHKZFwHZADhUA=; b=fgYKYpT9f3L/v7GGOiWlhdoGkS80dqTsFJU6c/+uYDQvnTXh1l62/hYXRJ8krR7a7s cWvUDojeLvRWkbNLvFPaBxCMU08Pl57/NoVA2u1ZKMjzNFLIoLCzxMmg0s/4Y5znWFmN fkfJbgYzgoQoBr6296er169Z/oSU5GEoH9vfG/8Z4/2jqWhyipr15oGTJbrIRWF8uVc6 htqI9+5MFU3mzlrDyAqFmrXffPEgcDnuJGprufoMDIXVTJcFi+rBqy2LFGlUJEckNanI IjmCyfuHtzoXgj3AXvM9kP5DvPFtUxoVnKbbD6HVOA5UNuh/sHHgWGw6FY7yngrygYrX dWqQ== X-Gm-Message-State: AOJu0YzKdhQP4gzB6cFCg5b7EMScXUZ9yYyS6i21OyYNsSRDFsqrm84B I1Rb2JRGceZfT93uY1UyeQ7OY2SdC3DH8oXKmNw= X-Received: by 2002:a5d:453a:0:b0:336:9689:bc70 with SMTP id j26-20020a5d453a000000b003369689bc70mr78104wra.44.1704848829109; Tue, 09 Jan 2024 17:07:09 -0800 (PST) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 References: <20240103185403.610641-1-brho@google.com> <20240103185403.610641-3-brho@google.com> <781a86b1-c02b-4bb8-bc79-bfbd4f2ff146@google.com> In-Reply-To: <781a86b1-c02b-4bb8-bc79-bfbd4f2ff146@google.com> From: Alexei Starovoitov Date: Tue, 9 Jan 2024 17:06:57 -0800 Message-ID: Subject: Re: [PATCH v2 bpf-next 2/2] selftests/bpf: add inline assembly helpers to access array elements To: Barret Rhoden Cc: Yonghong Song , Eddy Z , Jiri Olsa , Andrii Nakryiko , Alexei Starovoitov , Daniel Borkmann , Song Liu , Matt Bobrowski , bpf , LKML Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Tue, Jan 9, 2024 at 5:02=E2=80=AFPM Barret Rhoden wrot= e: > > On 1/4/24 16:30, Barret Rhoden wrote: > [snip] > >> > >> The LLVM bpf backend has made some improvement to handle the case like > >> r1 =3D ... > >> r2 =3D r1 + 1 > >> if (r2 < num) ... > >> using r1 > >> by preventing generating the above code pattern. > >> > >> The implementation is a pattern matching style so surely it won't be > >> able to cover all cases. > >> > >> Do you have specific examples which has verification failure due to > >> false array out of bound access? > > > [ snip ] > > > > > I'll play around and see if I can come up with a selftest that can run > > into any of these "you did the check, but threw the check away" scenari= os. > > I got an example for this, and will include it in my next patch version, > which I'll CC you on. > > If we can get the compiler to spill the register r1 to the stack (L11 in > the asm below), it might spill it before doing the bounds check. Then > it checks the register (L12), but the verifier doesn't know that applies > to the stack variable too. Later, we refill r1 from the stack (L21). This is a known issue. It's addressed as part of Maxim's series: https://patchwork.kernel.org/user/todo/netdevbpf/?series=3D815208