Re: [PATCH bpf-next v4 2/2] selftests/bpf: Add test for conditional jumps on same scalar register
From: Eduard Zingerman
Date: Mon Nov 03 2025 - 13:15:04 EST
On Mon, 2025-11-03 at 14:31 +0800, KaFai Wan wrote:
> Add test cases to verify the correctness of the BPF verifier's branch analysis
> when conditional jumps are performed on the same scalar register. And make sure
> that JGT does not trigger verifier BUG.
>
> Signed-off-by: KaFai Wan <kafai.wan@xxxxxxxxx>
> ---
Thank you for adding these.
Acked-by: Eduard Zingerman <eddyz87@xxxxxxxxx>
(but a comment needs a fix)
[...]
> +SEC("socket")
> +__description("jset on same register, scalar value unknown branch 3")
> +__msg("4: (b7) r0 = 0 {{.*}} R0=0")
> +__msg("6: (b7) r0 = 1 {{.*}} R0=1")
> +__success __log_level(2)
> +__flag(BPF_F_TEST_REG_INVARIANTS)
> +__naked void jset_on_same_register_5(void *ctx)
> +{
> + asm volatile(" \
> + /* range [-1;-1] */ \
^^
Typo, should be [-1;1].
> + call %[bpf_get_prandom_u32]; \
> + r0 &= 0x2; \
> + r0 -= 1; \
> + if r0 & r0 goto l1_%=; \
> +l0_%=: r0 = 0; \
> + exit; \
> +l1_%=: r0 = 1; \
> + exit; \
> +" :
> + : __imm(bpf_get_prandom_u32)
> + : __clobber_all);
> +}
> +
> char _license[] SEC("license") = "GPL";