Skip to content
This repository has been archived by the owner on Jan 19, 2023. It is now read-only.

bpf verifier: register becomes inv when LSH then RSH #35

Open
williamtu opened this issue Feb 21, 2017 · 0 comments
Open

bpf verifier: register becomes inv when LSH then RSH #35

williamtu opened this issue Feb 21, 2017 · 0 comments

Comments

@williamtu
Copy link
Contributor

williamtu commented Feb 21, 2017
edited

R9 is a pkt ptr, after <<32 and >>32, it becomes invalid ?

 R0=pkt(id=0,off=25,r=58) R1=imm2,min_value=2,max_value=2 R2=inv56 R3=inv60,min_value=0,max_value=15 R4=imm6,min_value=6,max_value=6 R5=pkt_end R6=inv R7=inv60,min_value=0,max_value=15 R8=inv 
R9=pkt(id=0,off=0,r=0) R10=fp fp-184=imm fp-176=imm
407: (b7) r1 = 1
408: (b7) r0 = 0
409: (63) *(u32 *)(r10 -12) = r0
410: (63) *(u32 *)(r10 -16) = r1
411: (67) r5 <<= 32
412: (77) r5 >>= 32
413: (67) r9 <<= 32
414: (77) r9 >>= 32
415: (bf) r1 = r9
416: (07) r1 += 14
417: (2d) if r1 > r5 goto pc+188
 R0=imm0,min_value=0,max_value=0 R1=inv31 R2=inv56 R3=inv60,min_value=0,max_value=15 R4=imm6,min_value=6,max_value=6 R5=inv32 R6=inv R7=inv60,min_value=0,max_value=15 R8=inv 
R9=inv32 R10=fp fp-184=imm fp-176=imm fp-16=imm fp-8=imm
418: (79) r1 = *(u64 *)(r10 -168)
419: (73) *(u8 *)(r9 +0) = r1
R9 invalid mem access 'inv'
@williamtu williamtu changed the title bpf verifier bpf verifier: register becomes inv when LSH then RSH Feb 21, 2017
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@williamtu