On Mon, Dec 16, 2024 at 9:39 AM Arthur Fabre <afabre@xxxxxxxxxxxxxx> wrote:
>
> On Sat Dec 14, 2024 at 12:55 AM CET, Eduard Zingerman wrote:
> > On Fri, 2024-12-13 at 22:27 +0100, Arthur Fabre wrote:
> [...]
> > > +++ b/tools/testing/selftests/bpf/progs/verifier_abnormal_ret.c
> > > @@ -0,0 +1,88 @@
> > > +// SPDX-License-Identifier: GPL-2.0
> > > +
> > > +#include <linux/bpf.h>
> > > +#include <bpf/bpf_helpers.h>
> > > +#include "../../../include/linux/filter.h"
> > > +#include "bpf_misc.h"
> > > +
> > > +#define TEST(NAME, CALLEE) \
> > > + SEC("socket") \
> > > + __description("abnormal_ret: " #NAME) \
> > > + __failure __msg("math between ctx pointer and register with unbounded min value") \
> > > + __naked void check_abnormal_ret_##NAME(void) \
> > > + { \
> >
> > Nit: this one and 'callee_tail_call' could be plain C.
> >
> > > + asm volatile(" \
> > > + r6 = r1; \
> > > + call " #CALLEE "; \
> > > + r6 += r0; \
> > > + r0 = 0; \
> > > + exit; \
> > > + " : \
> > > + : \
> > > + : __clobber_all); \
> > > + }
> >
> > [...]
> >
> > > +static __naked __noinline __used
> > > +int callee_tail_call(void)
> > > +{
> > > + asm volatile(" \
> > > + r2 = %[map_prog] ll; \
> > > + r3 = 0; \
> > > + call %[bpf_tail_call]; \
> > > + r0 = 0; \
> > > + exit; \
> > > +" :
> > > + : __imm(bpf_tail_call), __imm_addr(map_prog)
> > > + : __clobber_all);
> > > +}
> > > +
> > > +char _license[] SEC("license") = "GPL";
>
> Thanks for the review! Good point, I'll try to write them in C.
>
> It might not be possible to do them both entirely: clang also doesn't
> know that bpf_tail_call() can return, so it assumes the callee() will
> return a constant r0. It sometimes optimizes branches / loads out
> because of this.
I wonder whether we should tell llvm that it's similar to longjmp()
with __attribute__((noreturn)) or some other attribute.
