On Mon, Jul 24, 2023 at 03:42:17PM +0300, Eduard Zingerman wrote:
> Recently Luiz Capitulino reported BPF test failure for kernel version
> 6.1.36 (see [7]). The following test_verifier test failed:
> "precise: ST insn causing spi > allocated_stack".
> After back-port of the following upstream commit:
> ecdf985d7615 ("bpf: track immediate values written to stack by BPF_ST instruction")
>
> Investigation in [8] shows that test failure is not a bug, but a
> difference in BPF verifier behavior between upstream, where commits
> [1,2,3] by Andrii Nakryiko are present, and 6.1.36, where these
> commits are absent. Both Luiz and Greg suggested back-porting [1,2,3]
> from upstream to avoid divergences.
>
> Commits [1,2,3] break test_progs selftest "align/packet variable offset",
> commit [4] fixes this selftest.
>
> I did some additional testing using the following compiler versions:
> - Kernel compilation
> - gcc version 11.3.0
> - BPF tests compilation
> - clang version 16.0.6
> - clang version 17.0.0 (fa46feb31481)
>
> And identified a few more failing BPF selftests:
> - Tests failing with LLVM 16:
> - test_verifier:
> - precise: ST insn causing spi > allocated_stack FAIL (fixed by [1,2,3])
> - test_progs:
> - sk_assign (fixed by [6])
> - Tests failing with LLVM 17:
> - test_verifier:
> - precise: ST insn causing spi > allocated_stack FAIL (fixed by [1,2,3])
> - test_progs:
> - fexit_bpf2bpf/func_replace_verify (fixed by [5])
> - fexit_bpf2bpf/func_replace_return_code (fixed by [5])
> - sk_assign (fixed by [6])
>
> Commits [4,5,6] only apply to BPF selftests and don't change verifier
> behavior.
>
> After applying all of the listed commits I have test_verifier,
> test_progs, test_progs-no_alu32 and test_maps passing on my x86 setup,
> both for LLVM 16 and LLVM 17.
>
> Upstream commits in chronological order:
> [1] be2ef8161572 ("bpf: allow precision tracking for programs with subprogs")
> [2] f63181b6ae79 ("bpf: stop setting precise in current state")
> [3] 7a830b53c17b ("bpf: aggressively forget precise markings during state checkpointing")
> [4] 4f999b767769 ("selftests/bpf: make test_align selftest more robust")
> [5] 63d78b7e8ca2 ("selftests/bpf: Workaround verification failure for fexit_bpf2bpf/func_replace_return_code")
> [6] 7ce878ca81bc ("selftests/bpf: Fix sk_assign on s390x")
>
> Links:
> [7] https://lore.kernel.org/stable/935c4751-d368-df29-33a6-9f4fcae720fa@xxxxxxxxxx/
> [8] https://lore.kernel.org/stable/c9b10a8a551edafdfec855fbd35757c6238ad258.camel@xxxxxxxxx/
>
> Changelog:
> V1 -> V2: added missing signed-off-by tags
> V1: https://lore.kernel.org/stable/20230722004514.767618-1-eddyz87@xxxxxxxxx/
>
> Reported-by: Luiz Capitulino <luizcap@xxxxxxxxxx>
>
> Andrii Nakryiko (4):
> bpf: allow precision tracking for programs with subprogs
> bpf: stop setting precise in current state
> bpf: aggressively forget precise markings during state checkpointing
> selftests/bpf: make test_align selftest more robust
>
> Ilya Leoshkevich (1):
> selftests/bpf: Fix sk_assign on s390x
>
> Yonghong Song (1):
> selftests/bpf: Workaround verification failure for
> fexit_bpf2bpf/func_replace_return_code
>
> kernel/bpf/verifier.c | 202 ++++++++++++++++--
> .../testing/selftests/bpf/prog_tests/align.c | 38 ++--
> .../selftests/bpf/prog_tests/sk_assign.c | 25 ++-
> .../selftests/bpf/progs/connect4_prog.c | 2 +-
> .../selftests/bpf/progs/test_sk_assign.c | 11 +
> .../bpf/progs/test_sk_assign_libbpf.c | 3 +
> 6 files changed, 247 insertions(+), 34 deletions(-)
> create mode 100644 tools/testing/selftests/bpf/progs/test_sk_assign_libbpf.c
>
> --
> 2.41.0
>
All now queued up, thanks.
greg k-h
