Skip to content
This repository has been archived by the owner on Jan 19, 2023. It is now read-only.

bpf verifier: register becomes inv when LSH then RSH #35

Open
williamtu opened this issue Feb 21, 2017 · 0 comments
Open

bpf verifier: register becomes inv when LSH then RSH #35

williamtu opened this issue Feb 21, 2017 · 0 comments

Comments

@williamtu
Copy link
Contributor

williamtu commented Feb 21, 2017
edited
Loading

R9 is a pkt ptr, after <<32 and >>32, it becomes invalid ?

 R0=pkt(id=0,off=25,r=58) R1=imm2,min_value=2,max_value=2 R2=inv56 R3=inv60,min_value=0,max_value=15 R4=imm6,min_value=6,max_value=6 R5=pkt_end R6=inv R7=inv60,min_value=0,max_value=15 R8=inv 
R9=pkt(id=0,off=0,r=0) R10=fp fp-184=imm fp-176=imm
407: (b7) r1 = 1
408: (b7) r0 = 0
409: (63) *(u32 *)(r10 -12) = r0
410: (63) *(u32 *)(r10 -16) = r1
411: (67) r5 <<= 32
412: (77) r5 >>= 32
413: (67) r9 <<= 32
414: (77) r9 >>= 32
415: (bf) r1 = r9
416: (07) r1 += 14
417: (2d) if r1 > r5 goto pc+188
 R0=imm0,min_value=0,max_value=0 R1=inv31 R2=inv56 R3=inv60,min_value=0,max_value=15 R4=imm6,min_value=6,max_value=6 R5=inv32 R6=inv R7=inv60,min_value=0,max_value=15 R8=inv 
R9=inv32 R10=fp fp-184=imm fp-176=imm fp-16=imm fp-8=imm
418: (79) r1 = *(u64 *)(r10 -168)
419: (73) *(u8 *)(r9 +0) = r1
R9 invalid mem access 'inv'
@williamtu williamtu changed the title bpf verifier Feb 21, 2017
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
1 participant
@williamtu