Logic of execution tree traversal is not 100% obvious, and had some bugs in the past. Add and expand comments to clarify what `next` and `node` variables are supposed to point to at various points of the cycle.
Signed-off-by: Marat Khalili <[email protected]> --- lib/bpf/bpf_validate.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/lib/bpf/bpf_validate.c b/lib/bpf/bpf_validate.c index 1619faf3604a..362d00c77095 100644 --- a/lib/bpf/bpf_validate.c +++ b/lib/bpf/bpf_validate.c @@ -2449,6 +2449,7 @@ evaluate(struct bpf_verifier *bvf) * each node only once. */ if (next != NULL) { + /* just started or stepped down the tree, node == next */ bvf->evin = node; idx = get_node_idx(bvf, node); @@ -2481,8 +2482,10 @@ evaluate(struct bpf_verifier *bvf) next = get_next_node(bvf, node); if (next != NULL) { - - /* proceed with next child */ + /* + * proceed with next child + * next points to an unwalked subtree of node + */ if (node->cur_edge == node->nb_edge && node->evst.cur != NULL) { restore_cur_eval_state(bvf, node); @@ -2514,6 +2517,11 @@ evaluate(struct bpf_verifier *bvf) /* first node will not have prev, signalling finish */ } + + /* + * next != NULL: stepped down the tree, node == next; + * next == NULL: stepped up after processing or pruning subtree; + */ } RTE_LOG(DEBUG, BPF, "%s(%p) returns %d, stats:\n" -- 2.43.0
