On Mon, Dec 9, 2019 at 9:32 AM Björn Töpel <bjorn.topel@xxxxxxxxx> wrote: > > This commit adds branch relaxation to the BPF JIT, and with that > support for far (offset greater than 12b) branching. > > The branch relaxation requires more than two passes to converge. For > most programs it is three passes, but for larger programs it can be > more. > > Signed-off-by: Björn Töpel <bjorn.topel@xxxxxxxxx> We have been developing a formal verification tool for BPF JIT compilers, which we have used in the past to find bugs in the RV64 and x32 BPF JITs: https://unsat.cs.washington.edu/projects/serval/ Recently I added support for verifying the JIT for branch and jump instructions, and thought it a good opportunity to verify these patches that add support for far jumps and branching. I ported these patches to our tool and ran verification, which didn't find any bugs according to our specification of BPF and RISC-V. The tool and code are publicly available, and you can read a more detailed writeup of the results here: https://github.com/uw-unsat/bpf-jit-verif/tree/far-jump-review Currently the tool works on a manually translated version of the JIT from C to Rosette, but we are experimenting with ways of making this process more automated. Reviewed-by: Luke Nelson <lukenels@xxxxxxxxxxxxxxxxx> Cc: Xi Wang <xi.wang@xxxxxxxxx>
