Commit 0c95c9fd authored by Andrii Nakryiko's avatar Andrii Nakryiko Committed by Alexei Starovoitov
Browse files

bpf: emit map name in register state if applicable and available 



In complicated real-world applications, whenever debugging some
verification error through verifier log, it often would be very useful
to see map name for PTR_TO_MAP_VALUE register. Usually this needs to be
inferred from key/value sizes and maybe trying to guess C code location,
but it's not always clear.

Given verifier has the name, and it's never too long, let's just emit it
for ptr_to_map_key, ptr_to_map_value, and const_ptr_to_map registers. We
reshuffle the order a bit, so that map name, key size, and value size
appear before offset and immediate values, which seems like a more
logical order.

Current output:

  R1_w=map_ptr(map=array_map,ks=4,vs=8,off=0,imm=0)

But we'll get rid of useless off=0 and imm=0 parts in the next patch.

Acked-by: default avatarEduard Zingerman <eddyz87@gmail.com>
Acked-by: default avatarStanislav Fomichev <sdf@google.com>
Signed-off-by: default avatarAndrii Nakryiko <andrii@kernel.org>
Link: https://lore.kernel.org/r/20231118034623.3320920-6-andrii@kernel.org


Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
parent 67d43dfb

kernel/bpf/log.c

+18 −6
Original line number Diff line number Diff line
@@ -553,6 +553,17 @@ static void print_scalar_ranges(struct bpf_verifier_env *env, 
	}

}



static bool type_is_map_ptr(enum bpf_reg_type t) {

	switch (base_type(t)) {

	case CONST_PTR_TO_MAP:

	case PTR_TO_MAP_KEY:

	case PTR_TO_MAP_VALUE:

		return true;

	default:

		return false;

	}

}



static void print_reg_state(struct bpf_verifier_env *env, const struct bpf_reg_state *reg)

{

	enum bpf_reg_type t;
@@ -584,16 +595,17 @@ static void print_reg_state(struct bpf_verifier_env *env, const struct bpf_reg_s 
		verbose_a("ref_obj_id=%d", reg->ref_obj_id);

	if (type_is_non_owning_ref(reg->type))

		verbose_a("%s", "non_own_ref");

	if (type_is_map_ptr(t)) {

		if (reg->map_ptr->name[0])

			verbose_a("map=%s", reg->map_ptr->name);

		verbose_a("ks=%d,vs=%d",

			  reg->map_ptr->key_size,

			  reg->map_ptr->value_size);

	}

	if (t != SCALAR_VALUE)

		verbose_a("off=%d", reg->off);

	if (type_is_pkt_pointer(t))

		verbose_a("r=%d", reg->range);

	else if (base_type(t) == CONST_PTR_TO_MAP ||

		 base_type(t) == PTR_TO_MAP_KEY ||

		 base_type(t) == PTR_TO_MAP_VALUE)

		verbose_a("ks=%d,vs=%d",

			  reg->map_ptr->key_size,

			  reg->map_ptr->value_size);

	if (tnum_is_const(reg->var_off)) {

		/* Typically an immediate SCALAR_VALUE, but

		 * could be a pointer whose offset is too big

tools/testing/selftests/bpf/prog_tests/spin_lock.c

+5 −5
Original line number Diff line number Diff line
@@ -17,18 +17,18 @@ static struct { 
	  "R1_w=ptr_foo(id=2,ref_obj_id=2,off=0,imm=0) refs=2\n6: (85) call bpf_this_cpu_ptr#154\n"

	  "R1 type=ptr_ expected=percpu_ptr_" },

	{ "lock_id_global_zero",

	  "; R1_w=map_value(off=0,ks=4,vs=4,imm=0)\n2: (85) call bpf_this_cpu_ptr#154\n"

	  "; R1_w=map_value(map=.data.A,ks=4,vs=4,off=0,imm=0)\n2: (85) call bpf_this_cpu_ptr#154\n"

	  "R1 type=map_value expected=percpu_ptr_" },

	{ "lock_id_mapval_preserve",

	  "[0-9]\\+: (bf) r1 = r0                       ;"

	  " R0_w=map_value(id=1,off=0,ks=4,vs=8,imm=0)"

	  " R1_w=map_value(id=1,off=0,ks=4,vs=8,imm=0)\n"

	  " R0_w=map_value(id=1,map=array_map,ks=4,vs=8,off=0,imm=0)"

	  " R1_w=map_value(id=1,map=array_map,ks=4,vs=8,off=0,imm=0)\n"

	  "[0-9]\\+: (85) call bpf_this_cpu_ptr#154\n"

	  "R1 type=map_value expected=percpu_ptr_" },

	{ "lock_id_innermapval_preserve",

	  "[0-9]\\+: (bf) r1 = r0                      ;"

	  " R0=map_value(id=2,off=0,ks=4,vs=8,imm=0)"

	  " R1_w=map_value(id=2,off=0,ks=4,vs=8,imm=0)\n"

	  " R0=map_value(id=2,ks=4,vs=8,off=0,imm=0)"

	  " R1_w=map_value(id=2,ks=4,vs=8,off=0,imm=0)\n"

	  "[0-9]\\+: (85) call bpf_this_cpu_ptr#154\n"

	  "R1 type=map_value expected=percpu_ptr_" },

	{ "lock_id_mismatch_kptr_kptr", "bpf_spin_unlock of different lock" },