public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug target/112654] New: bpf: bpf program load failure
@ 2023-11-21 16:18 brianwitte at mailfence dot com
2023-11-21 16:22 ` [Bug target/112654] " brianwitte at mailfence dot com
` (4 more replies)
0 siblings, 5 replies; 6+ messages in thread
From: brianwitte at mailfence dot com @ 2023-11-21 16:18 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112654
Bug ID: 112654
Summary: bpf: bpf program load failure
Product: gcc
Version: unknown
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: target
Assignee: unassigned at gcc dot gnu.org
Reporter: brianwitte at mailfence dot com
Target Milestone: ---
This branch has of my bpf application can reproduce error.
git clone -b gcc-bpf-backend-load-failure_2023-11-21
git@git.sr.ht:~brianwitte/waldo-80211
./scripts/fetch_libraries.sh
make
make gcc-bpf # or make clang to compare
sudo ./waldo_gcc-bpf
Toolchain commit hashes:
$ cat current_working_toolchain/config
GCC_COMMIT_HASH=bc274b8d677212fbfc317d379acb02e0eef696a0
BINUTILS_COMMIT_HASH=74affa1bc070ff0530b2a1b92d8d9fbcae6024ec
libbpf: prog 'kprobe_ieee80211_request_scan': -- BEGIN PROG LOAD LOG --
0: R1=ctx(off=0,imm=0) R10=fp0
0: (79) r0 = *(u64 *)(r1 +112) ; R0_w=scalar() R1=ctx(off=0,imm=0)
1: (15) if r0 == 0x0 goto pc+38 ; R0_w=scalar()
2: (b7) r2 = 42 ; R2_w=42
3: (18) r1 = 0xffff8cce3d293aaa ;
R1_w=map_value(off=410,ks=4,vs=568,imm=0)
5: (62) *(u32 *)(r10 -12) = 15170 ; R10=fp0 fp-16=mmmm????
6: (bf) r3 = r10 ; R3_w=fp0 R10=fp0
7: (07) r3 += -12 ; R3_w=fp-12
8: (85) call bpf_trace_printk#6 ; R0=scalar()
9: (85) call bpf_ktime_get_ns#5 ; R0_w=scalar()
10: (b7) r4 = 0 ; R4_w=0
11: (7b) *(u64 *)(r10 -8) = r0 ; R0_w=scalar() R10=fp0 fp-8_w=mmmmmmmm
12: (bf) r3 = r10 ; R3_w=fp0 R10=fp0
13: (bf) r2 = r10 ; R2_w=fp0 R10=fp0
14: (07) r3 += -8 ; R3_w=fp-8
15: (07) r2 += -12 ; R2_w=fp-12
16: (18) r1 = 0xffff8cce3d290c00 ; R1_w=map_ptr(off=0,ks=4,vs=8,imm=0)
18: (85) call bpf_map_update_elem#2 ; R0=scalar()
19: (bf) r4 = r0
BPF_MOV uses reserved fields
processed 18 insns (limit 1000000) max_states_per_insn 0 total_states 2
peak_states 2 mark_read 1
-- END PROG LOAD LOG --
bkz at debian in ~/src/waldo-80211 (gcc-bpf-backend-load-failure_2023-11-21●●)
$ $HOME/root-bpf/bin/bpf-unknown-none-objdump -d build_output/waldo.gcc.bpf.o
build_output/waldo.gcc.bpf.o: file format elf64-bpfle
Disassembly of section kprobe/ieee80211_register_hw:
0000000000000000 <kprobe_ieee80211_register_hw>:
0: 85 00 00 00 0e 00 00 00 call 14
8: b7 02 00 00 10 00 00 00 mov %r2,16
10: bf 06 00 00 00 00 00 00 mov %r6,%r0
18: bf a1 00 00 00 00 00 00 mov %r1,%r10
20: 07 01 00 00 f0 ff ff ff add %r1,-16
28: 85 00 00 00 10 00 00 00 call 16
30: 18 05 00 00 00 00 00 00 lddw %r5,0
38: 00 00 00 00 00 00 00 00
40: bf a4 00 00 00 00 00 00 mov %r4,%r10
48: bf 63 00 00 00 00 00 00 mov %r3,%r6
50: 07 04 00 00 f0 ff ff ff add %r4,-16
58: 77 03 00 00 20 00 00 00 rsh %r3,32
60: b7 02 00 00 22 00 00 00 mov %r2,34
68: 18 01 00 00 e9 01 00 00 lddw %r1,489
70: 00 00 00 00 00 00 00 00
78: 85 00 00 00 06 00 00 00 call 6
80: b7 00 00 00 00 00 00 00 mov %r0,0
88: 95 00 00 00 00 00 00 00 exit
Disassembly of section kprobe/ieee80211_unregister_hw:
0000000000000000 <kprobe_ieee80211_unregister_hw>:
0: 85 00 00 00 0e 00 00 00 call 14
8: b7 02 00 00 10 00 00 00 mov %r2,16
10: bf 06 00 00 00 00 00 00 mov %r6,%r0
18: bf a1 00 00 00 00 00 00 mov %r1,%r10
20: 07 01 00 00 f0 ff ff ff add %r1,-16
28: 85 00 00 00 10 00 00 00 call 16
30: 18 05 00 00 16 00 00 00 lddw %r5,22
38: 00 00 00 00 00 00 00 00
40: bf a4 00 00 00 00 00 00 mov %r4,%r10
48: bf 63 00 00 00 00 00 00 mov %r3,%r6
50: 07 04 00 00 f0 ff ff ff add %r4,-16
58: 77 03 00 00 20 00 00 00 rsh %r3,32
60: b7 02 00 00 22 00 00 00 mov %r2,34
68: 18 01 00 00 e9 01 00 00 lddw %r1,489
70: 00 00 00 00 00 00 00 00
78: 85 00 00 00 06 00 00 00 call 6
80: b7 00 00 00 00 00 00 00 mov %r0,0
88: 95 00 00 00 00 00 00 00 exit
Disassembly of section kprobe/register_netdev:
0000000000000000 <kprobe_register_netdev>:
0: 79 17 70 00 00 00 00 00 ldxdw %r7,[%r1+112]
8: 85 00 00 00 0e 00 00 00 call 14
10: c7 00 00 00 20 00 00 00 arsh %r0,32
18: bf a1 00 00 00 00 00 00 mov %r1,%r10
20: bf 06 00 00 00 00 00 00 mov %r6,%r0
28: b7 02 00 00 10 00 00 00 mov %r2,16
30: 07 01 00 00 d0 ff ff ff add %r1,-48
38: 85 00 00 00 10 00 00 00 call 16
40: 15 07 11 00 00 00 00 00 jeq %r7,0,17
48: bf a0 00 00 00 00 00 00 mov %r0,%r10
50: 18 01 00 00 2e 00 00 00 lddw %r1,46
58: 00 00 00 00 00 00 00 00
60: 07 00 00 00 d0 ff ff ff add %r0,-48
68: 7b 1a f0 ff 00 00 00 00 stxdw [%r10-16],%r1
70: 7b 6a e0 ff 00 00 00 00 stxdw [%r10-32],%r6
78: 7b 0a e8 ff 00 00 00 00 stxdw [%r10-24],%r0
80: 7b 7a f8 ff 00 00 00 00 stxdw [%r10-8],%r7
88: b7 04 00 00 20 00 00 00 mov %r4,32
90: bf a3 00 00 00 00 00 00 mov %r3,%r10
98: b7 02 00 00 2d 00 00 00 mov %r2,45
a0: 07 03 00 00 e0 ff ff ff add %r3,-32
a8: 18 01 00 00 0b 02 00 00 lddw %r1,523
b0: 00 00 00 00 00 00 00 00
b8: 85 00 00 00 b1 00 00 00 call 177
c0: b7 00 00 00 00 00 00 00 mov %r0,0
c8: 95 00 00 00 00 00 00 00 exit
d0: 18 05 00 00 2e 00 00 00 lddw %r5,46
d8: 00 00 00 00 00 00 00 00
e0: bf a4 00 00 00 00 00 00 mov %r4,%r10
e8: bf 63 00 00 00 00 00 00 mov %r3,%r6
f0: 07 04 00 00 d0 ff ff ff add %r4,-48
f8: b7 02 00 00 22 00 00 00 mov %r2,34
100: 18 01 00 00 e9 01 00 00 lddw %r1,489
108: 00 00 00 00 00 00 00 00
110: 85 00 00 00 06 00 00 00 call 6
118: b7 00 00 00 00 00 00 00 mov %r0,0
120: 95 00 00 00 00 00 00 00 exit
Disassembly of section kprobe/unregister_netdev:
0000000000000000 <kprobe_unregister_netdev>:
0: 79 17 70 00 00 00 00 00 ldxdw %r7,[%r1+112]
8: 85 00 00 00 0e 00 00 00 call 14
10: c7 00 00 00 20 00 00 00 arsh %r0,32
18: bf a1 00 00 00 00 00 00 mov %r1,%r10
20: bf 06 00 00 00 00 00 00 mov %r6,%r0
28: b7 02 00 00 10 00 00 00 mov %r2,16
30: 07 01 00 00 d0 ff ff ff add %r1,-48
38: 85 00 00 00 10 00 00 00 call 16
40: 15 07 11 00 00 00 00 00 jeq %r7,0,17
48: bf a0 00 00 00 00 00 00 mov %r0,%r10
50: 18 01 00 00 3e 00 00 00 lddw %r1,62
58: 00 00 00 00 00 00 00 00
60: 07 00 00 00 d0 ff ff ff add %r0,-48
68: 7b 1a f0 ff 00 00 00 00 stxdw [%r10-16],%r1
70: 7b 6a e0 ff 00 00 00 00 stxdw [%r10-32],%r6
78: 7b 0a e8 ff 00 00 00 00 stxdw [%r10-24],%r0
80: 7b 7a f8 ff 00 00 00 00 stxdw [%r10-8],%r7
88: b7 04 00 00 20 00 00 00 mov %r4,32
90: bf a3 00 00 00 00 00 00 mov %r3,%r10
98: b7 02 00 00 2d 00 00 00 mov %r2,45
a0: 07 03 00 00 e0 ff ff ff add %r3,-32
a8: 18 01 00 00 0b 02 00 00 lddw %r1,523
b0: 00 00 00 00 00 00 00 00
b8: 85 00 00 00 b1 00 00 00 call 177
c0: b7 00 00 00 00 00 00 00 mov %r0,0
c8: 95 00 00 00 00 00 00 00 exit
d0: 18 05 00 00 3e 00 00 00 lddw %r5,62
d8: 00 00 00 00 00 00 00 00
e0: bf a4 00 00 00 00 00 00 mov %r4,%r10
e8: bf 63 00 00 00 00 00 00 mov %r3,%r6
f0: 07 04 00 00 d0 ff ff ff add %r4,-48
f8: b7 02 00 00 22 00 00 00 mov %r2,34
100: 18 01 00 00 e9 01 00 00 lddw %r1,489
108: 00 00 00 00 00 00 00 00
110: 85 00 00 00 06 00 00 00 call 6
118: b7 00 00 00 00 00 00 00 mov %r0,0
120: 95 00 00 00 00 00 00 00 exit
Disassembly of section kprobe/ieee80211_request_scan:
0000000000000000 <kprobe_ieee80211_request_scan>:
0: 79 10 70 00 00 00 00 00 ldxdw %r0,[%r1+112]
8: 15 00 26 00 00 00 00 00 jeq %r0,0,38
10: b7 02 00 00 2a 00 00 00 mov %r2,42
18: 18 01 00 00 9a 01 00 00 lddw %r1,410
20: 00 00 00 00 00 00 00 00
28: 62 0a f4 ff 42 3b 00 00 stw [%r10-12],15170
30: bf a3 00 00 00 00 00 00 mov %r3,%r10
38: 07 03 00 00 f4 ff ff ff add %r3,-12
40: 85 00 00 00 06 00 00 00 call 6
48: 85 00 00 00 05 00 00 00 call 5
50: b7 04 00 00 00 00 00 00 mov %r4,0
58: 7b 0a f8 ff 00 00 00 00 stxdw [%r10-8],%r0
60: bf a3 00 00 00 00 00 00 mov %r3,%r10
68: bf a2 00 00 00 00 00 00 mov %r2,%r10
70: 07 03 00 00 f8 ff ff ff add %r3,-8
78: 07 02 00 00 f4 ff ff ff add %r2,-12
80: 18 01 00 00 00 00 00 00 lddw %r1,0
88: 00 00 00 00 00 00 00 00
90: 85 00 00 00 02 00 00 00 call 2
98: bf 04 20 00 00 00 00 00 movs %r4,%r0,32
a0: 56 00 0d 00 00 00 00 00 jne32 %r0,0,13
a8: bf a2 00 00 00 00 00 00 mov %r2,%r10
b0: 18 01 00 00 00 00 00 00 lddw %r1,0
b8: 00 00 00 00 00 00 00 00
c0: 07 02 00 00 f4 ff ff ff add %r2,-12
c8: 85 00 00 00 01 00 00 00 call 1
d0: 61 a3 f4 ff 00 00 00 00 ldxw %r3,[%r10-12]
d8: bf 04 00 00 00 00 00 00 mov %r4,%r0
e0: b7 02 00 00 48 00 00 00 mov %r2,72
e8: 18 01 00 00 0e 01 00 00 lddw %r1,270
f0: 00 00 00 00 00 00 00 00
f8: 85 00 00 00 06 00 00 00 call 6
100: b7 00 00 00 00 00 00 00 mov %r0,0
108: 95 00 00 00 00 00 00 00 exit
110: 61 a3 f4 ff 00 00 00 00 ldxw %r3,[%r10-12]
118: b7 02 00 00 44 00 00 00 mov %r2,68
120: 18 01 00 00 56 01 00 00 lddw %r1,342
128: 00 00 00 00 00 00 00 00
130: 85 00 00 00 06 00 00 00 call 6
138: 05 00 ed ff 00 00 00 00 ja -19
140: b7 02 00 00 25 00 00 00 mov %r2,37
148: 18 01 00 00 c4 01 00 00 lddw %r1,452
150: 00 00 00 00 00 00 00 00
158: 85 00 00 00 06 00 00 00 call 6
160: b7 00 00 00 00 00 00 00 mov %r0,0
168: 95 00 00 00 00 00 00 00 exit
Disassembly of section kprobe/ieee80211_scan_completed:
0000000000000000 <kprobe_ieee80211_scan_completed>:
0: 79 10 70 00 00 00 00 00 ldxdw %r0,[%r1+112]
8: 15 00 2b 00 00 00 00 00 jeq %r0,0,43
10: b7 02 00 00 2c 00 00 00 mov %r2,44
18: b7 03 00 00 42 3b 00 00 mov %r3,15170
20: 18 01 00 00 bb 00 00 00 lddw %r1,187
28: 00 00 00 00 00 00 00 00
30: 62 0a fc ff 42 3b 00 00 stw [%r10-4],15170
38: 85 00 00 00 06 00 00 00 call 6
40: 18 01 00 00 00 00 00 00 lddw %r1,0
48: 00 00 00 00 00 00 00 00
50: bf a2 00 00 00 00 00 00 mov %r2,%r10
58: 07 02 00 00 fc ff ff ff add %r2,-4
60: 85 00 00 00 01 00 00 00 call 1
68: bf 06 00 00 00 00 00 00 mov %r6,%r0
70: 15 00 17 00 00 00 00 00 jeq %r0,0,23
78: 85 00 00 00 05 00 00 00 call 5
80: 79 63 00 00 00 00 00 00 ldxdw %r3,[%r6+0]
88: 1f 30 00 00 00 00 00 00 sub %r0,%r3
90: 61 a4 fc ff 00 00 00 00 ldxw %r4,[%r10-4]
98: bf 03 00 00 00 00 00 00 mov %r3,%r0
a0: b7 02 00 00 34 00 00 00 mov %r2,52
a8: 18 01 00 00 87 00 00 00 lddw %r1,135
b0: 00 00 00 00 00 00 00 00
b8: 85 00 00 00 06 00 00 00 call 6
c0: bf a2 00 00 00 00 00 00 mov %r2,%r10
c8: 18 01 00 00 00 00 00 00 lddw %r1,0
d0: 00 00 00 00 00 00 00 00
d8: 07 02 00 00 fc ff ff ff add %r2,-4
e0: 85 00 00 00 03 00 00 00 call 3
e8: bf 04 20 00 00 00 00 00 movs %r4,%r0,32
f0: 16 00 05 00 00 00 00 00 jeq32 %r0,0,5
f8: 61 a3 fc ff 00 00 00 00 ldxw %r3,[%r10-4]
100: b7 02 00 00 46 00 00 00 mov %r2,70
108: 18 01 00 00 41 00 00 00 lddw %r1,65
110: 00 00 00 00 00 00 00 00
118: 85 00 00 00 06 00 00 00 call 6
120: b7 00 00 00 00 00 00 00 mov %r0,0
128: 95 00 00 00 00 00 00 00 exit
130: 61 a3 fc ff 00 00 00 00 ldxw %r3,[%r10-4]
138: b7 02 00 00 41 00 00 00 mov %r2,65
140: 18 01 00 00 00 00 00 00 lddw %r1,0
148: 00 00 00 00 00 00 00 00
150: 85 00 00 00 06 00 00 00 call 6
158: b7 00 00 00 00 00 00 00 mov %r0,0
160: 95 00 00 00 00 00 00 00 exit
168: b7 02 00 00 27 00 00 00 mov %r2,39
170: 18 01 00 00 e7 00 00 00 lddw %r1,231
178: 00 00 00 00 00 00 00 00
180: 85 00 00 00 06 00 00 00 call 6
188: b7 00 00 00 00 00 00 00 mov %r0,0
190: 95 00 00 00 00 00 00 00 exit
Disassembly of section kretprobe/ieee80211_get_channel_khz:
0000000000000000 <kretprobe_ieee80211_get_channel_khz>:
0: b7 00 00 00 00 00 00 00 mov %r0,0
8: 95 00 00 00 00 00 00 00 exit
I have also attached .s file.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug target/112654] bpf: bpf program load failure
2023-11-21 16:18 [Bug target/112654] New: bpf: bpf program load failure brianwitte at mailfence dot com
@ 2023-11-21 16:22 ` brianwitte at mailfence dot com
2023-11-21 16:28 ` brianwitte at mailfence dot com
` (3 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: brianwitte at mailfence dot com @ 2023-11-21 16:22 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112654
--- Comment #1 from Brian Witte <brianwitte at mailfence dot com> ---
Created attachment 56658
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=56658&action=edit
this is a *.tmp.s file
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug target/112654] bpf: bpf program load failure
2023-11-21 16:18 [Bug target/112654] New: bpf: bpf program load failure brianwitte at mailfence dot com
2023-11-21 16:22 ` [Bug target/112654] " brianwitte at mailfence dot com
@ 2023-11-21 16:28 ` brianwitte at mailfence dot com
2023-11-21 17:00 ` jemarch at gcc dot gnu.org
` (2 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: brianwitte at mailfence dot com @ 2023-11-21 16:28 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112654
--- Comment #2 from Brian Witte <brianwitte at mailfence dot com> ---
$ ./pretty_uname.sh
System Information
------------------
Kernel Name: Linux
Node Name: debian
Kernel Release: 6.5.0-4-amd64
Kernel Version: #1 SMP PREEMPT_DYNAMIC Debian 6.5.10-1 (2023-11-03)
Machine: x86_64
Operating System: GNU/Linux
Distribution: Debian GNU/Linux
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug target/112654] bpf: bpf program load failure
2023-11-21 16:18 [Bug target/112654] New: bpf: bpf program load failure brianwitte at mailfence dot com
2023-11-21 16:22 ` [Bug target/112654] " brianwitte at mailfence dot com
2023-11-21 16:28 ` brianwitte at mailfence dot com
@ 2023-11-21 17:00 ` jemarch at gcc dot gnu.org
2023-11-21 17:20 ` jemarch at gcc dot gnu.org
2023-11-21 18:40 ` brianwitte at mailfence dot com
4 siblings, 0 replies; 6+ messages in thread
From: jemarch at gcc dot gnu.org @ 2023-11-21 17:00 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112654
--- Comment #3 from Jose E. Marchesi <jemarch at gcc dot gnu.org> ---
The instruction failing validation seems to be:
e0: bf a4 00 00 00 00 00 00 mov %r4,%r10
Which is a regular MOV instruction with zeroes in imm32 and offset16. It has
SRC=X. So I don't understand why the verifier is rejecting that instruction...
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug target/112654] bpf: bpf program load failure
2023-11-21 16:18 [Bug target/112654] New: bpf: bpf program load failure brianwitte at mailfence dot com
` (2 preceding siblings ...)
2023-11-21 17:00 ` jemarch at gcc dot gnu.org
@ 2023-11-21 17:20 ` jemarch at gcc dot gnu.org
2023-11-21 18:40 ` brianwitte at mailfence dot com
4 siblings, 0 replies; 6+ messages in thread
From: jemarch at gcc dot gnu.org @ 2023-11-21 17:20 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112654
--- Comment #4 from Jose E. Marchesi <jemarch at gcc dot gnu.org> ---
I think the problem here may be that OP's kernel doesn't understand BPF V4
instructions, and the program above has been compiled with them (movs). Try to
use -mcpu=v3?
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug target/112654] bpf: bpf program load failure
2023-11-21 16:18 [Bug target/112654] New: bpf: bpf program load failure brianwitte at mailfence dot com
` (3 preceding siblings ...)
2023-11-21 17:20 ` jemarch at gcc dot gnu.org
@ 2023-11-21 18:40 ` brianwitte at mailfence dot com
4 siblings, 0 replies; 6+ messages in thread
From: brianwitte at mailfence dot com @ 2023-11-21 18:40 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112654
Brian Witte <brianwitte at mailfence dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |RESOLVED
Resolution|--- |INVALID
--- Comment #5 from Brian Witte <brianwitte at mailfence dot com> ---
My issue is now fixed.
As Jose said, the core issue was my kernel (Debian 6.5.10-1) needing the
-mcpu=v3 flag in order to properly compile for the bpf target.
Closing issue.
Thanks for the help!
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2023-11-21 18:40 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-11-21 16:18 [Bug target/112654] New: bpf: bpf program load failure brianwitte at mailfence dot com
2023-11-21 16:22 ` [Bug target/112654] " brianwitte at mailfence dot com
2023-11-21 16:28 ` brianwitte at mailfence dot com
2023-11-21 17:00 ` jemarch at gcc dot gnu.org
2023-11-21 17:20 ` jemarch at gcc dot gnu.org
2023-11-21 18:40 ` brianwitte at mailfence dot com
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).