bpftool icon indicating copy to clipboard operation
bpftool copied to clipboard
verified publisher icon libbpf

bpftool incorrectly prints "true" for a false boolean

Open atapie opened this issue 3 years ago • 5 comments

Version:

bpftool --version
bpftool v6.7.0
using libbpf v0.7
features: libbpf_strict

This happens only in a 32-bit environment and not 64-bit. I have a BPF array with value that looks like this:

struct map_value {
   int a;
   int b;
   short c;
   bool d;
};

struct {
   __uint( type, BPF_MAP_TYPE_ARRAY );
   __uint( max_entries, 1 );
   __type( key, uint32_t );
   __type( value, struct map_value );
} my_map SEC( ".maps" );

bpftool map dump shows:

bpftool map dump name my_map --pretty
[{
        "key": ["0x00","0x00","0x00","0x00"
        ],
        "value": ["0x00","0x00","0x00","0x00","0x00","0x00","0x00","0x00","0x00","0x00","0x00","0x00"
        ],
        "formatted": {
            "key": 0,
            "value": {
                "a": 0,
                "b": 0,
                "c": 0,
                "d": true
            }
        }
    }
]

The raw bytes look right (this is the initial state of the array) but the formatted output is wrong.

atapie avatar Aug 24 '22 00:08 atapie

Thanks for the report!

The raw bytes look right (this is the initial state of the array) but the formatted output is wrong.

Interesting, I wonder what could be the cause. If you have a chance to build locally and run with GDB on your setup, it would be interesting to see what value is passed to jsonw_bool() in btf_dumper_int() (here). Otherwise I'll try to reproduce on my side, but I don't have a 32-bit setup at hand right now.

qmonnet avatar Aug 24 '22 09:08 qmonnet

Thanks for the pointer! I ran it under gdb and the value passed to jsonw_bool is true. I think the problem is the caller:

	case BTF_INT_BOOL:
		jsonw_bool(jw, *(int *)data);
		break;

The struct layout is:

a: 4 byte
b: 4 byte
c: 2 byte
d: 1 byte
padding: 1 byte

data is a pointer to d so casting to int * and dereference it will read outside the struct boundary right?

atapie avatar Aug 24 '22 18:08 atapie

Right, your analysis sounds correct. Have you tried replacing int * with bool *? If it fixes the issue, would you like to submit a patch to the mailing list? I can send one otherwise.

qmonnet avatar Aug 24 '22 19:08 qmonnet

Making it bool * fixes the issue. I submitted a patch to [email protected] since the change is straightforward but not sure yet how to link it to this issue though.

atapie avatar Aug 24 '22 23:08 atapie

Thanks a lot! Patchwork: https://patchwork.kernel.org/project/netdevbpf/patch/[email protected]/ ML archives: https://lore.kernel.org/all/[email protected]/t/#u

qmonnet avatar Aug 25 '22 09:08 qmonnet

Fixed in https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=7184aef9c0f7a81db8fd18d183ee42481d89bf35, well done. I'll pull it here at the next sync.

qmonnet avatar Sep 01 '22 19:09 qmonnet