From: Yonghong Song <yonghong.song@linux.dev>
To: Andrii Nakryiko <andrii.nakryiko@gmail.com>,
Eduard Zingerman <eddyz87@gmail.com>
Cc: Alexei Starovoitov <alexei.starovoitov@gmail.com>,
Andrii Nakryiko <andrii@kernel.org>,
"Lai, Yi" <yi1.lai@linux.intel.com>,
Alexei Starovoitov <ast@kernel.org>, bpf <bpf@vger.kernel.org>,
Daniel Borkmann <daniel@iogearbox.net>,
Martin KaFai Lau <martin.lau@kernel.org>,
David Faust <david.faust@oracle.com>,
"Jose E . Marchesi" <jose.marchesi@oracle.com>,
Kernel Team <kernel-team@fb.com>,
yi1.lai@intel.com
Subject: Re: [PATCH bpf-next v5 07/17] bpf: Support new 32bit offset jmp instruction
Date: Fri, 9 May 2025 17:01:02 -0700 [thread overview]
Message-ID: <d18b3908-de58-4db6-9b0e-e075e48c64e5@linux.dev> (raw)
In-Reply-To: <CAEf4Bzbgci5pOmHmYoAYTe6cYdwJ4ju=5LuT0VQzsu+aKQ1AgQ@mail.gmail.com>
On 5/9/25 5:36 AM, Andrii Nakryiko wrote:
> On Fri, May 9, 2025 at 1:50 PM Eduard Zingerman <eddyz87@gmail.com> wrote:
>> On Fri, 2025-05-09 at 10:21 -0700, Alexei Starovoitov wrote:
>>
>> [...]
>>
>>> hmm.
>>> We probably should filter out r10 somehow,
>>> since the following:
>>>> mark_precise: frame1: regs=r2 stack= before 7: (bd) if r2 <= r10 goto pc-1
>>>> mark_precise: frame1: regs=r2,r10 stack= before 6: (06) gotol pc+0
>>> is already odd.
>> Not Andrii, but here are my 5 cents.
>>
>> check_cond_jmp() allows comparing pointers with scalars.
>> is_branch_taken() predicts jumps for null comparisons.
>> Hence, tracking precision of the r2 above is correct.
>> backtrack_insn() does not know the types of the registers when
>> processing `r2 <= r10` and thus adds r10 to the tracked set.
>> Whenever a scalar is added to a PTR_TO_STACK such scalar is marked as precise.
>> This means that there is no need to track precision for constituents
>> of the PTR_TO_STACK values.
>>
>> Given above, I think that filtering out r10 should be safe.
> Yeah, it makes no sense to track r10. It's always "precise", effectively.
This does make sense. I will craft a patch to fix it (not tracking r10
during precision backtrack) soon.
>
>> In case if sequence of instructions would be more complex, e.g.:
>>
>> r9 = r10
>> if r2 <= r9 goto -1; \
>>
>> backtrack_insn() would still eventually get to r10 and stop
>> propagation.
>>
next prev parent reply other threads:[~2025-05-10 0:01 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-07-28 1:11 [PATCH bpf-next v5 00/17] bpf: Support new insns from cpu v4 Yonghong Song
2023-07-28 1:11 ` [PATCH bpf-next v5 01/17] bpf: Support new sign-extension load insns Yonghong Song
2023-07-28 1:12 ` [PATCH bpf-next v5 02/17] bpf: Support new sign-extension mov insns Yonghong Song
2023-07-28 1:12 ` [PATCH bpf-next v5 03/17] bpf: Handle sign-extenstin ctx member accesses Yonghong Song
2023-07-28 1:12 ` [PATCH bpf-next v5 04/17] bpf: Support new unconditional bswap instruction Yonghong Song
2023-07-28 1:12 ` [PATCH bpf-next v5 05/17] bpf: Support new signed div/mod instructions Yonghong Song
2023-07-28 1:12 ` [PATCH bpf-next v5 06/17] bpf: Fix jit blinding with new sdiv/smov insns Yonghong Song
2023-07-28 1:12 ` [PATCH bpf-next v5 07/17] bpf: Support new 32bit offset jmp instruction Yonghong Song
2025-04-16 3:58 ` Lai, Yi
2025-05-08 5:06 ` Yonghong Song
2025-05-09 4:09 ` Yonghong Song
2025-05-09 17:21 ` Alexei Starovoitov
2025-05-09 20:50 ` Eduard Zingerman
2025-05-09 21:36 ` Andrii Nakryiko
2025-05-10 0:01 ` Yonghong Song [this message]
2023-07-28 1:12 ` [PATCH bpf-next v5 09/17] selftests/bpf: Fix a test_verifier failure Yonghong Song
2023-07-28 1:12 ` [PATCH bpf-next v5 10/17] selftests/bpf: Add a cpuv4 test runner for cpu=v4 testing Yonghong Song
2023-07-28 2:18 ` Alexei Starovoitov
2023-07-28 4:49 ` Yonghong Song
2023-07-28 1:13 ` [PATCH bpf-next v5 11/17] selftests/bpf: Add unit tests for new sign-extension load insns Yonghong Song
2023-07-28 1:13 ` [PATCH bpf-next v5 12/17] selftests/bpf: Add unit tests for new sign-extension mov insns Yonghong Song
2023-07-28 1:13 ` [PATCH bpf-next v5 13/17] selftests/bpf: Add unit tests for new bswap insns Yonghong Song
2023-07-28 1:13 ` [PATCH bpf-next v5 14/17] selftests/bpf: Add unit tests for new sdiv/smod insns Yonghong Song
2023-07-28 1:13 ` [PATCH bpf-next v5 15/17] selftests/bpf: Add unit tests for new gotol insn Yonghong Song
2023-07-28 1:13 ` [PATCH bpf-next v5 16/17] selftests/bpf: Test ldsx with more complex cases Yonghong Song
2023-07-28 1:13 ` [PATCH bpf-next v5 17/17] docs/bpf: Add documentation for new instructions Yonghong Song
2023-07-28 1:13 ` [Bpf] " Yonghong Song
2023-07-28 13:25 ` David Vernet
2023-07-28 13:25 ` [Bpf] " David Vernet
2023-07-28 16:18 ` Yonghong Song
2023-07-28 16:18 ` [Bpf] " Yonghong Song
2023-07-28 2:20 ` [PATCH bpf-next v5 00/17] bpf: Support new insns from cpu v4 patchwork-bot+netdevbpf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=d18b3908-de58-4db6-9b0e-e075e48c64e5@linux.dev \
--to=yonghong.song@linux.dev \
--cc=alexei.starovoitov@gmail.com \
--cc=andrii.nakryiko@gmail.com \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=david.faust@oracle.com \
--cc=eddyz87@gmail.com \
--cc=jose.marchesi@oracle.com \
--cc=kernel-team@fb.com \
--cc=martin.lau@kernel.org \
--cc=yi1.lai@intel.com \
--cc=yi1.lai@linux.intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox