Week 24

core/Readme.md

@@ -8,12 +8,24 @@ To start with, a simple constraint would be "range constraint", meaning a regist
 
 One opinion, one benefit of designing the raw constraint from is that our runtime-check system will not depend heavily on the current linux verifier and will be portable to other verifiers.
 
+## Future work
+
+Rewrite Normalization. Plain the IR.
+
+Just store the allocated position in value. Not track users. No references.
+
+All VRs are changed to Real Registers.
+
 ## Bugs
 
 ### SplitBB operation may not work properly if it's at the top of a BB
 
+Resolved.
+
 ### Coalesce has some bugs
 
+Found root cause: you may not directly remove instructions like r1 = r1.
+
 ## Errors
 
 Reproduce: `ringbuf.c` enable coalesce will cause some error in CG

core/aux/kern_utils.c

@@ -82,6 +82,10 @@ static int apply_pass_opt(struct bpf_ir_env *env, const char *opt)
 			}
 		}
 	}
+	if (!found_pass) {
+		PRINT_LOG_ERROR(env, "Pass %s not found\n", pass_name);
+		return -EINVAL;
+	}
 	return 0;
 }
 
@@ -97,6 +101,8 @@ static int apply_global_opt(struct bpf_ir_env *env, const char *opt)
 		env->opts.print_mode = BPF_IR_PRINT_DUMP;
 	} else if (strcmp(opt, "print_detail") == 0) {
 		env->opts.print_mode = BPF_IR_PRINT_DETAIL;
+	} else if (strcmp(opt, "no_prog_check") == 0) {
+		env->opts.disable_prog_check = true;
 	} else if (strcmp(opt, "print_bpf_detail") == 0) {
 		env->opts.print_mode = BPF_IR_PRINT_BPF_DETAIL;
 	} else if (strncmp(opt, "verbose=", 8) == 0) {
@@ -128,6 +134,9 @@ static int apply_global_opt(struct bpf_ir_env *env, const char *opt)
 // Check if a builtin pass is enabled (by cfg)
 bool bpf_ir_builtin_pass_enabled(struct bpf_ir_env *env, const char *pass_name)
 {
+	if (!env) {
+		return false;
+	}
 	for (size_t i = 0; i < env->opts.builtin_pass_cfg_num; ++i) {
 		if (strcmp(env->opts.builtin_pass_cfg[i].name, pass_name) ==
 		    0) {

core/aux/prog_check.c

@@ -390,75 +390,6 @@ static void check_phi(struct bpf_ir_env *env, struct ir_function *fun)
 	}
 }
 
-static void bpf_ir_fix_bb_succ(struct bpf_ir_env *env, struct ir_function *fun)
-{
-	struct ir_basic_block **pos;
-	array_for(pos, fun->all_bbs)
-	{
-		struct ir_basic_block *bb = *pos;
-		struct ir_insn *insn = bpf_ir_get_last_insn(bb);
-		if (insn && bpf_ir_is_cond_jmp(insn)) {
-			// Conditional jmp
-			if (bb->succs.num_elem != 2) {
-				print_ir_insn_err(env, insn,
-						  "Jump instruction");
-				RAISE_ERROR(
-					"Conditional jmp with != 2 successors");
-			}
-			struct ir_basic_block **s1 = array_get(
-				&bb->succs, 0, struct ir_basic_block *);
-			struct ir_basic_block **s2 = array_get(
-				&bb->succs, 1, struct ir_basic_block *);
-			*s1 = insn->bb1;
-			*s2 = insn->bb2;
-		}
-	}
-}
-
-static void add_reach(struct bpf_ir_env *env, struct ir_function *fun,
-		      struct ir_basic_block *bb)
-{
-	if (bb->_visited) {
-		return;
-	}
-	bb->_visited = 1;
-	bpf_ir_array_push(env, &fun->reachable_bbs, &bb);
-
-	struct ir_basic_block **succ;
-	bool first = false;
-	array_for(succ, bb->succs)
-	{
-		if (!first && bb->succs.num_elem > 1) {
-			first = true;
-			// Check if visited
-			if ((*succ)->_visited) {
-				RAISE_ERROR("Loop BB detected");
-			}
-		}
-		add_reach(env, fun, *succ);
-	}
-}
-
-static void gen_reachable_bbs(struct bpf_ir_env *env, struct ir_function *fun)
-{
-	bpf_ir_clean_visited(fun);
-	bpf_ir_array_clear(env, &fun->reachable_bbs);
-	add_reach(env, fun, fun->entry);
-}
-
-static void gen_end_bbs(struct bpf_ir_env *env, struct ir_function *fun)
-{
-	struct ir_basic_block **pos;
-	bpf_ir_array_clear(env, &fun->end_bbs);
-	array_for(pos, fun->reachable_bbs)
-	{
-		struct ir_basic_block *bb = *pos;
-		if (bb->succs.num_elem == 0) {
-			bpf_ir_array_push(env, &fun->end_bbs, &bb);
-		}
-	}
-}
-
 // Interface Implementation
 
 static void check_err_and_print(struct bpf_ir_env *env, struct ir_function *fun)
@@ -477,17 +408,6 @@ static void check_err_and_print(struct bpf_ir_env *env, struct ir_function *fun)
 // Check that the program is valid and able to be compiled
 void bpf_ir_prog_check(struct bpf_ir_env *env, struct ir_function *fun)
 {
-	print_ir_err_init(fun);
-
-	bpf_ir_fix_bb_succ(env, fun);
-	CHECK_DUMP();
-
-	bpf_ir_clean_metadata_all(fun);
-	gen_reachable_bbs(env, fun);
-	CHECK_DUMP();
-	gen_end_bbs(env, fun);
-	CHECK_DUMP();
-
 	check_insn(env, fun);
 	CHECK_DUMP();