Skip to content

bpf: Update env->prev_insn_idx after do_check_insn() #9221

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed

Conversation

luisgerhorst
Copy link
Contributor

To introduce prev_aux(env), env->prev_insn_idx must be up-to-date directly after do_check_insn(). To achieve this, replace prev_insn_idx with a tmp variable (to discourage use) and update env->prev_insn_idx directly after do_check_insn().

A concern would be that some code relied on env->prev_insn_idx still having the old value between do_check_insn() and the old update-assignment. However, outside the do_check() function it is only used through push_jmp_history()/do_check_insn()/is_state_visisted() which are not called in-between the old and new assignment location. This can also be seen from the -O0 call graph for push_jmp_history() [1].

[1] https://sys.cs.fau.de/extern/person/gerhorst/25-06_d69baf_push_jmp_history_O0_callgraph.png

To introduce prev_aux(env), env->prev_insn_idx must be up-to-date
directly after do_check_insn(). To achieve this, replace prev_insn_idx
with a tmp variable (to discourage use) and update env->prev_insn_idx
directly after do_check_insn().

A concern would be that some code relied on env->prev_insn_idx still
having the old value between do_check_insn() and the old
update-assignment. However, outside the do_check() function it is only
used through push_jmp_history()/do_check_insn()/is_state_visisted()
which are not called in-between the old and new assignment location.
This can also be seen from the -O0 call graph for push_jmp_history()
[1].

[1] https://sys.cs.fau.de/extern/person/gerhorst/25-06_d69baf_push_jmp_history_O0_callgraph.png

Signed-off-by: Luis Gerhorst <[email protected]>
@kernel-patches-daemon-bpf kernel-patches-daemon-bpf bot force-pushed the bpf-next_base branch 12 times, most recently from 901b4c5 to fa8c3a1 Compare July 4, 2025 02:33
@kernel-patches-daemon-bpf
Copy link

Automatically cleaning up stale PR; feel free to reopen if needed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant