BPF Archive on lore.kernel.org
 help / color / Atom feed
* Fwd: [Bug 205459] New: mips: bpf: test_bpf failures, eBPF JIT on mips32 outputs invalid 64-bit insns
       [not found] <bug-205459-65011@https.bugzilla.kernel.org/>
@ 2019-11-08 23:42 ` Daniel Borkmann
  0 siblings, 0 replies; only message in thread
From: Daniel Borkmann @ 2019-11-08 23:42 UTC (permalink / raw)
  To: Paul Burton, linux-mips, Ralf Baechle, James Hogan,
	Hassan Naveed, Matt Redfearn, David Daney
  Cc: bpf, itugrok

[ Cc MIPS folks ]

Hassan, James, Paul, others, please take a look. Thanks!

-------- Forwarded Message --------
Subject: [Bug 205459] New: mips: bpf: test_bpf failures, eBPF JIT on mips32 outputs invalid 64-bit insns
Date: Thu, 07 Nov 2019 06:41:21 +0000
From: bugzilla-daemon@bugzilla.kernel.org
To: daniel@iogearbox.net

https://bugzilla.kernel.org/show_bug.cgi?id=205459

             Bug ID: 205459
            Summary: mips: bpf: test_bpf failures, eBPF JIT on mips32
                     outputs invalid 64-bit insns
            Product: Networking
            Version: 2.5
     Kernel Version: 5.2.17
           Hardware: Mips32
                 OS: Linux
               Tree: Mainline
             Status: NEW
           Severity: high
           Priority: P1
          Component: Other
           Assignee: stephen@networkplumber.org
           Reporter: itugrok@yahoo.com
         Regression: No

Created attachment 285809
   --> https://bugzilla.kernel.org/attachment.cgi?id=285809&action=edit
EXCEPTION/failures: kernel 5.2.17/mips32 (Debian 10.1)

Summary:
========

Linux 5.2.x added an eBPF JIT for MIPS32 (yay!). Based on discussion of the
original submission (https://www.spinics.net/lists/mips/msg77008.html) I
expected that:

   (1) all tests from module test_bpf.ko would pass, and
   (2) any previously JITed tests (i.e. cBPF) would still be JITed.

However, I can't reproduce the above based on my testing as per the attached
log.

Point (2) doesn't stand since the first ~30 tests are not JITed, but were
previously cBPF JITed for the most part.

As for point (1), the full test set doesn't complete, but errors out early on
with a "Reserved instruction in kernel code[#1]" error. Manually hopping
through some of the tests yields the same error for many:

   #68 ALU_MOV_K: 0x0000ffffffff0000 = 0x00000000ffffffff jited:1
   #73 ALU_ADD_X: 1 + 2 = 3 jited:1
   #74 ALU_ADD_X: 1 + 4294967294 = 4294967295 jited:1
   #75 ALU_ADD_X: 2 + 4294967294 = 0 jited:1
   #79 ALU_ADD_K: 1 + 2 = 3 jited:1
   (.. and so on ...)

Disassembling the JITed code for test #68 shows incorrect MIPS64 instructions:

   24 03 00 20     li    v1,32
   34 05 ff ff     li    a1,0xffff
   00 05 2c 38     dsll  a1,a1,0x10      <=== MIPS64 insn
   34 a5 ff ff     ori   a1,a1,0xffff
   00 05 2c 38     dsll  a1,a1,0x10      <=== MIPS64 insn
   34 06 ff ff     li    a2,0xffff
   00 06 34 38     dsll  a2,a2,0x10      <=== MIPS64 insn
   34 c6 ff ff     ori   a2,a2,0xffff

Since this was tested in the past, I'm really hoping there's a simple solution
to these problems, or else a case of "operator error". A review by someone more
knowledgeable with the MIPS32 eBPF JIT would be appreciated.

Steps to Reproduce:
===================

   # sysctl net.core.bpf_jit_enable=1
   # modprobe test_bpf
   <Kernel log with "Reserved instruction" exception>


Affected Systems Tested:
========================

   Debian 10.1 on QEMU/malta(mips32_be) [distro kernel 5.2.17-1~bpo10+1
(2019-09-30)]


Kernel Logs:
============

Boot log with test results up to first failure is attached.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, back to index

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
     [not found] <bug-205459-65011@https.bugzilla.kernel.org/>
2019-11-08 23:42 ` Fwd: [Bug 205459] New: mips: bpf: test_bpf failures, eBPF JIT on mips32 outputs invalid 64-bit insns Daniel Borkmann

BPF Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/bpf/0 bpf/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 bpf bpf/ https://lore.kernel.org/bpf \
		bpf@vger.kernel.org
	public-inbox-index bpf

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.bpf


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git