Commit 8efea21d authored by Edward Cree's avatar Edward Cree Committed by Alexei Starovoitov
Browse files

bpf/verifier: display non-spill stack slot types in print_verifier_state 



If a stack slot does not hold a spilled register (STACK_SPILL), then each
 of its eight bytes could potentially have a different slot_type.  This
 information can be important for debugging, and previously we either did
 not print anything for the stack slot, or just printed fp-X=0 in the case
 where its first byte was STACK_ZERO.
Instead, print eight characters with either 0 (STACK_ZERO), m (STACK_MISC)
 or ? (STACK_INVALID) for any stack slot which is neither STACK_SPILL nor
 entirely STACK_INVALID.

Signed-off-by: default avatarEdward Cree <ecree@solarflare.com>
Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
parent 679c782d

kernel/bpf/verifier.c

+25 −7
Original line number Diff line number Diff line
@@ -263,6 +263,13 @@ static const char * const reg_type_str[] = { 
	[PTR_TO_PACKET_END]	= "pkt_end",

};



static char slot_type_char[] = {

	[STACK_INVALID]	= '?',

	[STACK_SPILL]	= 'r',

	[STACK_MISC]	= 'm',

	[STACK_ZERO]	= '0',

};



static void print_liveness(struct bpf_verifier_env *env,

			   enum bpf_reg_liveness live)

{
@@ -349,15 +356,26 @@ static void print_verifier_state(struct bpf_verifier_env *env, 
		}

	}

	for (i = 0; i < state->allocated_stack / BPF_REG_SIZE; i++) {

		if (state->stack[i].slot_type[0] == STACK_SPILL) {

			verbose(env, " fp%d",

				(-i - 1) * BPF_REG_SIZE);

		char types_buf[BPF_REG_SIZE + 1];

		bool valid = false;

		int j;



		for (j = 0; j < BPF_REG_SIZE; j++) {

			if (state->stack[i].slot_type[j] != STACK_INVALID)

				valid = true;

			types_buf[j] = slot_type_char[

					state->stack[i].slot_type[j]];

		}

		types_buf[BPF_REG_SIZE] = 0;

		if (!valid)

			continue;

		verbose(env, " fp%d", (-i - 1) * BPF_REG_SIZE);

		print_liveness(env, state->stack[i].spilled_ptr.live);

		if (state->stack[i].slot_type[0] == STACK_SPILL)

			verbose(env, "=%s",

				reg_type_str[state->stack[i].spilled_ptr.type]);

		}

		if (state->stack[i].slot_type[0] == STACK_ZERO)

			verbose(env, " fp%d=0", (-i - 1) * BPF_REG_SIZE);

		else

			verbose(env, "=%s", types_buf);

	}

	verbose(env, "\n");

}

CRA Git | Maintained and supported by SUSTech CRA and CCSE