[Cake] [bpf-next RFC 2/3] flow_dissector: implements eBPF parser
pete at heistp.net
Wed Aug 22 05:37:13 EDT 2018
> On Aug 22, 2018, at 11:25 AM, Toke Høiland-Jørgensen <toke at toke.dk> wrote:
> Pete Heist <pete at heistp.net> writes:
>> The eBPF verifier seems fragile to me, where I’d be moving lines of
>> code around and getting different error messages in an alien tongue.
> Well, it operates on the byte code and errs on the side of safety. I.e.,
> if it can't prove your program is safe it is going to reject it. Which
> can be less than helpful.
Yes, understood. I just found it sensitive to the place where variables are initialized, for example, even when the code looked equivalent. I’ll present a concrete example to them when I see it again.
> There's a mode where it can dump its state including the byte code it is
> operating at, which can be helpful in figuring out why you get an error.
> But it has a way to go yet compared with regular compiler error
> messages... :)
Yes, as examples: "R2 type=inv expected=fp” (which I think means that a value should was expected to be on the stack but was not) or "math between pkt pointer and 4294901760 is not allowed”, might not suggest what one needs to do, although there are hints available if one searches… :)
More information about the Cake