From: Namhyung Kim <namhyung@kernel.org>
To: Howard Chu <howardchu95@gmail.com>
Cc: Qiao Zhao <qzhao@redhat.com>,
Arnaldo Carvalho de Melo <arnaldo.melo@gmail.com>,
Arnaldo Carvalho de Melo <acme@kernel.org>,
linux-perf-users <linux-perf-users@vger.kernel.org>,
bpf@vger.kernel.org
Subject: Re: [BUG] perf trace: failed to load -E2BIG
Date: Fri, 6 Dec 2024 12:23:09 -0800 [thread overview]
Message-ID: <Z1NdLbOUBzj91Jut@google.com> (raw)
In-Reply-To: <CAH0uvojjyEm0Ezf6sXXvykzjtD9JxijTCNr=8WGGT_r6Fyu_FQ@mail.gmail.com>
Cc-ing bpf list.
On Fri, Dec 06, 2024 at 11:03:19AM -0800, Howard Chu wrote:
> Forgot to mention clang-13 gave unbounded memory access too:
>
> ffffffff,var_off=(0x0; 0xffffffff))
> R9=scalar(id=14,smin=umin=umin32=2,smax=umax=0xffffffff,var_off=(0x0;
> 0xffffffff))
> 90: (85) call bpf_probe_read_user#112
> R2 unbounded memory access, use 'var &= const' or 'if (var < const)'
> processed 490 insns (limit 1000000) max_states_per_insn 2 total_states
> 23 peak_states 23 mark_read 15
> -- END PROG LOAD LOG --
> libbpf: prog 'sys_enter': failed to load: -13
> libbpf: failed to load object 'augmented_raw_syscalls_bpf'
> libbpf: failed to load BPF skeleton 'augmented_raw_syscalls_bpf': -13
> libbpf: map '__augmented_syscalls__': can't use BPF map without FD
> (was it created?)
> libbpf: map '__augmented_syscalls__': can't use BPF map without FD
> (was it created?)
> libbpf: map '__augmented_syscalls__': can't use BPF map without FD
> (was it created?)
> libbpf: map '__augmented_syscalls__': can't use BPF map without FD
> (was it created?)
> Not enough memory to run!
>
> Kernel:
>
> perf $ uname -r
> 6.11.0-061100-generic
>
> Thanks,
> Howard
>
> On Fri, Dec 6, 2024 at 10:36 AM Howard Chu <howardchu95@gmail.com> wrote:
> >
> > Hi Qiao, Namhyung, and Arnaldo,
> >
> > Apologies. I observed the same issue and tested perf with trace BPF
> > skel generated by clang-13 to clang-18, turns out BPF skelw generated
> > by clang version <= clang-16 are not loadable, with clang-15 and -16
> > showing the same error as yours. Additionally, the BPF verifier is
> > running longer than usual to process the instructions.
> >
> > perf $ ./perf trace -e write --max-events=1
> > libbpf: prog 'sys_enter': BPF program load failed: Argument list too long
> > libbpf: prog 'sys_enter': -- BEGIN PROG LOAD LOG --
> > 0: R1=ctx() R10=fp0
> > ; int sys_enter(struct syscall_enter_args *args) @
> > augmented_raw_syscalls.bpf.c:527
> > 0: (bf) r7 = r1 ; R1=ctx() R7_w=ctx()
> > ; return bpf_get_current_pid_tgid(); @ augmented_raw_syscalls.bpf.c:423
> > ...
> > 140: (79) r7 = *(u64 *)(r10 -48) ; R7_w=ctx() R10=fp0 fp-48=ctx()
> > 141: (79) r0 = *(u64 *)(r10 -56)
> > BPF program is too large. Processed 1000001 insn
> > processed 1000001 insns (limit 1000000) max_states_per_insn 28
> > total_states 37670 peak_states 330 mark_read 16
> > -- END PROG LOAD LOG --
> > libbpf: prog 'sys_enter': failed to load: -7
> > libbpf: failed to load object 'augmented_raw_syscalls_bpf'
> > libbpf: failed to load BPF skeleton 'augmented_raw_syscalls_bpf': -7
> > libbpf: map '__augmented_syscalls__': can't use BPF map without FD
> > (was it created?)
> > libbpf: map '__augmented_syscalls__': can't use BPF map without FD
> > (was it created?)
> > libbpf: map '__augmented_syscalls__': can't use BPF map without FD
> > (was it created?)
> > libbpf: map '__augmented_syscalls__': can't use BPF map without FD
> > (was it created?)
> > Not enough memory to run!
> >
> > For clang-14 however, I encountered an unbounded memory access:
> >
> > perf $ ./perf trace -e write --max-events=1
> > libbpf: prog 'sys_enter': BPF program load failed: Permission denied
> > libbpf: prog 'sys_enter': -- BEGIN PROG LOAD LOG --
> > 0: R1=ctx() R10=fp0
> > ; int sys_enter(struct syscall_enter_args *args) @
> > augmented_raw_syscalls.bpf.c:527
> > 0: (bf) r7 = r1 ; R1=ctx() R7_w=ctx()
> > ; return bpf_get_current_pid_tgid(); @ augmented_raw_syscalls.bpf.c:423
> > 1: (85) call bpf_get_current_pid_tgid#14 ; R0_w=scalar()
> > 2: (63) *(u32 *)(r10 -4) = r0 ; R0_w=scalar() R10=fp0 fp-8=mmmm????
> > 88: (79) r1 = *(u64 *)(r10 -16) ;
> > R1_w=map_value(map=beauty_payload_,ks=4,vs=24688,off=112) R10=fp0
> > fp-16=map_value(map=beauty_payload_,ks=4,vs=24688,off=112)
> > 89: (bf) r2 = r9 ;
> > R2_w=scalar(id=14,smin=umin=umin32=2,smax=umax=0xffffffff,var_off=(0x0;
> > 0xffffffff)) R9=scalar(id=14,smin=umin=umin32=2,smax=umax=0xffffffff,var_off=(0x0;
> > 0xffffffff))
> > 90: (85) call bpf_probe_read_user#112
> > R2 unbounded memory access, use 'var &= const' or 'if (var < const)'
> > processed 490 insns (limit 1000000) max_states_per_insn 2 total_states
> > 23 peak_states 23 mark_read 15
> > -- END PROG LOAD LOG --
> > libbpf: prog 'sys_enter': failed to load: -13
> > libbpf: failed to load object 'augmented_raw_syscalls_bpf'
> > libbpf: failed to load BPF skeleton 'augmented_raw_syscalls_bpf': -13
> > libbpf: map '__augmented_syscalls__': can't use BPF map without FD
> > (was it created?)
> > libbpf: map '__augmented_syscalls__': can't use BPF map without FD
> > (was it created?)
> > libbpf: map '__augmented_syscalls__': can't use BPF map without FD
> > (was it created?)
> > libbpf: map '__augmented_syscalls__': can't use BPF map without FD
> > (was it created?)
> > Not enough memory to run!
> >
> > I thought I had tested them, but apparently I didn’t. My apologies
> > again, and fixes are on the way.
> >
> > Thanks,
> > Howard
next prev parent reply other threads:[~2024-12-06 20:23 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-12-06 0:14 [BUG] perf trace: failed to load -E2BIG Namhyung Kim
[not found] ` <CA+JHD90D86YC=Kn3P_B1xLamxKS9+_zOxmKxXMWyTDQGwGnNsQ@mail.gmail.com>
2024-12-06 0:49 ` Namhyung Kim
2024-12-06 3:25 ` Qiao Zhao
2024-12-06 18:36 ` Howard Chu
2024-12-06 19:03 ` Howard Chu
2024-12-06 20:23 ` Namhyung Kim [this message]
2024-12-10 19:02 ` Arnaldo Carvalho de Melo
2024-12-10 20:24 ` Howard Chu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Z1NdLbOUBzj91Jut@google.com \
--to=namhyung@kernel.org \
--cc=acme@kernel.org \
--cc=arnaldo.melo@gmail.com \
--cc=bpf@vger.kernel.org \
--cc=howardchu95@gmail.com \
--cc=linux-perf-users@vger.kernel.org \
--cc=qzhao@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.