last week i was working on a small program to submit perf events to the userspace, when i found out that the commit #36 might have introduced the issue.
what happens is that i am able to happily compile the code, however, it barfs like this when i try to load it:
panic: ebpf_prog_load() failed: 0: (bf) r6 = r1
1: (61) r2 = *(u32 *)(r6 +4)
2: (61) r1 = *(u32 *)(r6 +0)
3: (bf) r3 = r1
4: (07) r3 += 14
5: (2d) if r3 > r2 goto pc+41
R1=pkt(id=0,off=0,r=14,imm=0) R2=pkt_end(id=0,off=0,imm=0) R3=pkt(id=0,off=14,r=14,imm=0) R6=ctx(id=0,off=0,imm=0) R10=fp0,call_-1
6: (71) r3 = *(u8 *)(r1 +12)
7: (71) r4 = *(u8 *)(r1 +13)
8: (67) r4 <<= 8
9: (4f) r4 |= r3
10: (55) if r4 != 0x8 goto pc+36
R1=pkt(id=0,off=0,r=14,imm=0) R2=pkt_end(id=0,off=0,imm=0) R3=inv(id=0,umax_value=255,var_off=(0x0; 0xff)) R4=inv8 R6=ctx(id=0,off=0,imm=0) R10=fp0,call_-1
11: (bf) r3 = r1
12: (07) r3 += 34
13: (2d) if r3 > r2 goto pc+33
R1=pkt(id=0,off=0,r=34,imm=0) R2=pkt_end(id=0,off=0,imm=0) R3=pkt(id=0,off=34,r=34,imm=0) R4=inv8 R6=ctx(id=0,off=0,imm=0) R10=fp0,call_-1
14: (71) r3 = *(u8 *)(r1 +23)
15: (55) if r3 != 0x11 goto pc+31
R1=pkt(id=0,off=0,r=34,imm=0) R2=pkt_end(id=0,off=0,imm=0) R3=inv17 R4=inv8 R6=ctx(id=0,off=0,imm=0) R10=fp0,call_-1
16: (bf) r3 = r1
17: (07) r3 += 42
18: (2d) if r3 > r2 goto pc+28
R1=pkt(id=0,off=0,r=42,imm=0) R2=pkt_end(id=0,off=0,imm=0) R3=pkt(id=0,off=42,r=42,imm=0) R4=inv8 R6=ctx(id=0,off=0,imm=0) R10=fp0,call_-1
19: (bf) r4 = r1
20: (07) r4 += 50
21: (2d) if r4 > r2 goto pc+25
R1=pkt(id=0,off=0,r=50,imm=0) R2=pkt_end(id=0,off=0,imm=0) R3=pkt(id=0,off=42,r=50,imm=0) R4=pkt(id=0,off=50,r=50,imm=0) R6=ctx(id=0,off=0,imm=0) R10=fp0,call_-1
22: (69) r2 = *(u16 *)(r1 +36)
23: (55) if r2 != 0x9411 goto pc+23
R1=pkt(id=0,off=0,r=50,imm=0) R2=inv37905 R3=pkt(id=0,off=42,r=50,imm=0) R4=pkt(id=0,off=50,r=50,imm=0) R6=ctx(id=0,off=0,imm=0) R10=fp0,call_-1
24: (61) r2 = *(u32 *)(r3 +0)
25: (15) if r2 == 0x0 goto pc+21
R1=pkt(id=0,off=0,r=50,imm=0) R2=inv(id=0,umax_value=4294967295,var_off=(0x0; 0xffffffff)) R3=pkt(id=0,off=42,r=50,imm=0) R4=pkt(id=0,off=50,r=50,imm=0) R6=ctx(id=0,off=0,imm=0) R10=fp0,call_-1
26: (b7) r2 = 0
27: (7b) *(u64 *)(r10 -8) = r2
28: (61) r2 = *(u32 *)(r1 +26)
29: (63) *(u32 *)(r10 -8) = r2
30: (69) r1 = *(u16 *)(r1 +34)
31: (dc) r1 = be16 r1
32: (6b) *(u16 *)(r10 -4) = r1
33: (bf) r7 = r10
34: (07) r7 += -8
35: (18) r1 = 0xffff8fea69922000
37: (bf) r2 = r7
38: (85) call bpf_map_lookup_elem#1
39: (bf) r1 = r6
40: (18) r2 = 0xffff8feaa7c18000
42: (18) r3 = 0xffffffff
44: (bf) r4 = r7
45: (b7) r5 = 8
46: (85) call bpf_skb_load_bytes#26
unknown func bpf_skb_load_bytes#26
goroutine 1 [running]:
main.main()
i found out that the bpf_perf_event_output is called by the id 26, which strangely maps to skb_load_bytes.
# llvm-objdump-9 -S kern/xdp.elf
kern/xdp.elf: file format ELF64-BPF
Disassembly of section xdp:
0000000000000000 xdp_jitd:
0: bf 16 00 00 00 00 00 00 r6 = r1
1: 61 62 04 00 00 00 00 00 r2 = *(u32 *)(r6 + 4)
2: 61 61 00 00 00 00 00 00 r1 = *(u32 *)(r6 + 0)
3: bf 13 00 00 00 00 00 00 r3 = r1
4: 07 03 00 00 0e 00 00 00 r3 += 14
5: 2d 23 29 00 00 00 00 00 if r3 > r2 goto +41 <LBB0_9>
6: 71 13 0c 00 00 00 00 00 r3 = *(u8 *)(r1 + 12)
7: 71 14 0d 00 00 00 00 00 r4 = *(u8 *)(r1 + 13)
8: 67 04 00 00 08 00 00 00 r4 <<= 8
9: 4f 34 00 00 00 00 00 00 r4 |= r3
10: 55 04 24 00 08 00 00 00 if r4 != 8 goto +36 <LBB0_9>
11: bf 13 00 00 00 00 00 00 r3 = r1
12: 07 03 00 00 22 00 00 00 r3 += 34
13: 2d 23 21 00 00 00 00 00 if r3 > r2 goto +33 <LBB0_9>
14: 71 13 17 00 00 00 00 00 r3 = *(u8 *)(r1 + 23)
15: 55 03 1f 00 11 00 00 00 if r3 != 17 goto +31 <LBB0_9>
16: bf 13 00 00 00 00 00 00 r3 = r1
17: 07 03 00 00 2a 00 00 00 r3 += 42
18: 2d 23 1c 00 00 00 00 00 if r3 > r2 goto +28 <LBB0_9>
19: bf 14 00 00 00 00 00 00 r4 = r1
20: 07 04 00 00 32 00 00 00 r4 += 50
21: 2d 24 19 00 00 00 00 00 if r4 > r2 goto +25 <LBB0_9>
22: 69 12 24 00 00 00 00 00 r2 = *(u16 *)(r1 + 36)
23: 55 02 17 00 11 94 00 00 if r2 != 37905 goto +23 <LBB0_9>
24: 61 32 00 00 00 00 00 00 r2 = *(u32 *)(r3 + 0)
25: 15 02 15 00 00 00 00 00 if r2 == 0 goto +21 <LBB0_9>
26: b7 02 00 00 00 00 00 00 r2 = 0
27: 7b 2a f8 ff 00 00 00 00 *(u64 *)(r10 - 8) = r2
28: 61 12 1a 00 00 00 00 00 r2 = *(u32 *)(r1 + 26)
29: 63 2a f8 ff 00 00 00 00 *(u32 *)(r10 - 8) = r2
30: 69 11 22 00 00 00 00 00 r1 = *(u16 *)(r1 + 34)
31: dc 01 00 00 10 00 00 00 r1 = be16 r1
32: 6b 1a fc ff 00 00 00 00 *(u16 *)(r10 - 4) = r1
33: bf a7 00 00 00 00 00 00 r7 = r10
34: 07 07 00 00 f8 ff ff ff r7 += -8
35: 18 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 r1 = 0 ll
37: bf 72 00 00 00 00 00 00 r2 = r7
38: 85 00 00 00 01 00 00 00 call 1
39: bf 61 00 00 00 00 00 00 r1 = r6
40: 18 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 r2 = 0 ll
42: 18 03 00 00 ff ff ff ff 00 00 00 00 00 00 00 00 r3 = 4294967295 ll
44: bf 74 00 00 00 00 00 00 r4 = r7
45: b7 05 00 00 08 00 00 00 r5 = 8
46: 85 00 00 00 1a 00 00 00 call 26
0000000000000178 LBB0_9:
47: b7 00 00 00 02 00 00 00 r0 = 2
48: 95 00 00 00 00 00 00 00 exit
the program is successfully loaded if i do a git revert on the commit and compile it:
goebpf(master)» git revert 4910d571d799ca6c94728f5aad303c0f154a831f [15:52:46]
[master 6c9a65b] Revert "[maps] Implement bpf_map_get_next_key (#36)"
6 files changed, 321 deletions(-)
--------------
# llvm-objdump-9 -S kern/xdp.elf
kern/xdp.elf: file format ELF64-BPF
Disassembly of section xdp:
0000000000000000 xdp_jitd:
0: bf 16 00 00 00 00 00 00 r6 = r1
1: 61 62 04 00 00 00 00 00 r2 = *(u32 *)(r6 + 4)
2: 61 61 00 00 00 00 00 00 r1 = *(u32 *)(r6 + 0)
3: bf 13 00 00 00 00 00 00 r3 = r1
4: 07 03 00 00 0e 00 00 00 r3 += 14
5: 2d 23 29 00 00 00 00 00 if r3 > r2 goto +41 <LBB0_9>
6: 71 13 0c 00 00 00 00 00 r3 = *(u8 *)(r1 + 12)
7: 71 14 0d 00 00 00 00 00 r4 = *(u8 *)(r1 + 13)
8: 67 04 00 00 08 00 00 00 r4 <<= 8
9: 4f 34 00 00 00 00 00 00 r4 |= r3
10: 55 04 24 00 08 00 00 00 if r4 != 8 goto +36 <LBB0_9>
11: bf 13 00 00 00 00 00 00 r3 = r1
12: 07 03 00 00 22 00 00 00 r3 += 34
13: 2d 23 21 00 00 00 00 00 if r3 > r2 goto +33 <LBB0_9>
14: 71 13 17 00 00 00 00 00 r3 = *(u8 *)(r1 + 23)
15: 55 03 1f 00 11 00 00 00 if r3 != 17 goto +31 <LBB0_9>
16: bf 13 00 00 00 00 00 00 r3 = r1
17: 07 03 00 00 2a 00 00 00 r3 += 42
18: 2d 23 1c 00 00 00 00 00 if r3 > r2 goto +28 <LBB0_9>
19: bf 14 00 00 00 00 00 00 r4 = r1
20: 07 04 00 00 32 00 00 00 r4 += 50
21: 2d 24 19 00 00 00 00 00 if r4 > r2 goto +25 <LBB0_9>
22: 69 12 24 00 00 00 00 00 r2 = *(u16 *)(r1 + 36)
23: 55 02 17 00 11 94 00 00 if r2 != 37905 goto +23 <LBB0_9>
24: 61 32 00 00 00 00 00 00 r2 = *(u32 *)(r3 + 0)
25: 15 02 15 00 00 00 00 00 if r2 == 0 goto +21 <LBB0_9>
26: b7 02 00 00 00 00 00 00 r2 = 0
27: 7b 2a f8 ff 00 00 00 00 *(u64 *)(r10 - 8) = r2
28: 61 12 1a 00 00 00 00 00 r2 = *(u32 *)(r1 + 26)
29: 63 2a f8 ff 00 00 00 00 *(u32 *)(r10 - 8) = r2
30: 69 11 22 00 00 00 00 00 r1 = *(u16 *)(r1 + 34)
31: dc 01 00 00 10 00 00 00 r1 = be16 r1
32: 6b 1a fc ff 00 00 00 00 *(u16 *)(r10 - 4) = r1
33: bf a7 00 00 00 00 00 00 r7 = r10
34: 07 07 00 00 f8 ff ff ff r7 += -8
35: 18 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 r1 = 0 ll
37: bf 72 00 00 00 00 00 00 r2 = r7
38: 85 00 00 00 01 00 00 00 call 1
39: bf 61 00 00 00 00 00 00 r1 = r6
40: 18 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 r2 = 0 ll
42: 18 03 00 00 ff ff ff ff 00 00 00 00 00 00 00 00 r3 = 4294967295 ll
44: bf 74 00 00 00 00 00 00 r4 = r7
45: b7 05 00 00 08 00 00 00 r5 = 8
46: 85 00 00 00 19 00 00 00 call 25
0000000000000178 LBB0_9:
47: b7 00 00 00 02 00 00 00 r0 = 2
48: 95 00 00 00 00 00 00 00 exit
-----------------------
# ./<binary>
Maps:
<map1>: Hash, Fd 5
<map2>: Event array, Fd 6
Programs:
<xdp_prog>: XDP, size 392, license "GPL"
System data: map[xdp_prog:0xc0000b8480]Attaching program xdp_prog
[perf event received]
^C
i spent the past two days trying to get it fixed, no luck so far.
can you help me?