Lines Matching refs:insn_idx
171 int insn_idx; member
772 static int acquire_reference_state(struct bpf_verifier_env *env, int insn_idx) in acquire_reference_state() argument
783 state->refs[new_ofs].insn_idx = insn_idx; in acquire_reference_state()
929 int *insn_idx, bool pop_log) in pop_stack() argument
945 if (insn_idx) in pop_stack()
946 *insn_idx = head->insn_idx; in pop_stack()
958 int insn_idx, int prev_insn_idx, in push_stack() argument
969 elem->insn_idx = insn_idx; in push_stack()
1722 struct bpf_insn *insn = env->prog->insnsi + env->insn_idx; in check_reg_arg()
1755 reg->subreg_def = rw64 ? DEF_NOT_SUBREG : env->insn_idx + 1; in check_reg_arg()
1773 p[cnt - 1].idx = env->insn_idx; in push_jmp_history()
2024 int last_idx = env->insn_idx; in __mark_chain_precision()
2274 int off, int size, int value_regno, int insn_idx) in check_stack_write() argument
2278 u32 dst_reg = env->prog->insnsi[insn_idx].dst_reg; in check_stack_write()
2316 verbose_linfo(env, insn_idx, "; "); in check_stack_write()
2338 int *poff = &env->insn_aux_data[insn_idx].sanitize_stack_off; in check_stack_write()
2355 insn_idx, *poff, soff); in check_stack_write()
2421 verbose_linfo(env, env->insn_idx, "; "); in check_stack_read()
2761 static int check_ctx_access(struct bpf_verifier_env *env, int insn_idx, int off, int size, in check_ctx_access() argument
2784 env->insn_aux_data[insn_idx].ctx_field_size = info.ctx_field_size; in check_ctx_access()
2807 static int check_sock_access(struct bpf_verifier_env *env, int insn_idx, in check_sock_access() argument
2841 env->insn_aux_data[insn_idx].ctx_field_size = in check_sock_access()
3401 static int check_mem_access(struct bpf_verifier_env *env, int insn_idx, u32 regno, in check_mem_access() argument
3477 err = check_ctx_access(env, insn_idx, off, size, t, ®_type, &btf_id); in check_mem_access()
3479 verbose_linfo(env, insn_idx, "; "); in check_mem_access()
3518 value_regno, insn_idx); in check_mem_access()
3553 err = check_sock_access(env, insn_idx, regno, off, size, t); in check_mem_access()
3597 static int check_xadd(struct bpf_verifier_env *env, int insn_idx, struct bpf_insn *insn) in check_xadd() argument
3633 err = check_mem_access(env, insn_idx, insn->dst_reg, insn->off, in check_xadd()
3639 return check_mem_access(env, insn_idx, insn->dst_reg, insn->off, in check_xadd()
4740 int *insn_idx) in check_func_call() argument
4754 target_insn = *insn_idx + insn->imm; in check_func_call()
4806 *insn_idx /* callsite */, in check_func_call()
4827 *insn_idx = target_insn; in check_func_call()
4838 static int prepare_func_exit(struct bpf_verifier_env *env, int *insn_idx) in prepare_func_exit() argument
4868 *insn_idx = callee->callsite + 1; in prepare_func_exit()
4872 verbose(env, "to caller at %d:\n", *insn_idx); in prepare_func_exit()
4905 int func_id, int insn_idx) in record_func_map() argument
4907 struct bpf_insn_aux_data *aux = &env->insn_aux_data[insn_idx]; in record_func_map()
4948 int func_id, int insn_idx) in record_func_key() argument
4950 struct bpf_insn_aux_data *aux = &env->insn_aux_data[insn_idx]; in record_func_key()
4992 state->refs[i].id, state->refs[i].insn_idx); in check_reference_leak()
4997 static int check_helper_call(struct bpf_verifier_env *env, int func_id, int insn_idx) in check_helper_call() argument
5057 err = record_func_map(env, &meta, func_id, insn_idx); in check_helper_call()
5061 err = record_func_key(env, &meta, func_id, insn_idx); in check_helper_call()
5069 err = check_mem_access(env, insn_idx, meta.regno, i, BPF_B, in check_helper_call()
5204 int id = acquire_reference_state(env, insn_idx); in check_helper_call()
5325 return &env->insn_aux_data[env->insn_idx]; in cur_aux()
5439 ret = push_stack(env, env->insn_idx + 1, env->insn_idx, true); in sanitize_ptr_alu()
6619 dst_reg->subreg_def = env->insn_idx + 1; in check_alu_op()
7436 struct bpf_insn *insn, int *insn_idx) in check_cond_jmp_op() argument
7514 *insn_idx += insn->off; in check_cond_jmp_op()
7523 other_branch = push_stack(env, *insn_idx + insn->off + 1, *insn_idx, in check_cond_jmp_op()
7777 regs[BPF_REG_0].subreg_def = env->insn_idx + 1; in check_ld_abs()
8589 if (sl->state.insn_idx != insn || in clean_live_states()
9014 static int is_state_visited(struct bpf_verifier_env *env, int insn_idx) in is_state_visited() argument
9023 if (!env->insn_aux_data[insn_idx].prune_point) in is_state_visited()
9041 pprev = explored_state(env, insn_idx); in is_state_visited()
9044 clean_live_states(env, insn_idx, cur); in is_state_visited()
9048 if (sl->state.insn_idx != insn_idx) in is_state_visited()
9053 verbose_linfo(env, insn_idx, "; "); in is_state_visited()
9054 verbose(env, "infinite loop detected at insn %d\n", insn_idx); in is_state_visited()
9177 new->insn_idx = insn_idx; in is_state_visited()
9179 "BUG is_state_visited:branches_to_explore=%d insn %d\n", new->branches, insn_idx); in is_state_visited()
9182 cur->first_insn_idx = insn_idx; in is_state_visited()
9184 new_sl->next = *explored_state(env, insn_idx); in is_state_visited()
9185 *explored_state(env, insn_idx) = new_sl; in is_state_visited()
9274 if (env->insn_idx >= insn_cnt) { in do_check()
9276 env->insn_idx, insn_cnt); in do_check()
9280 insn = &insns[env->insn_idx]; in do_check()
9290 err = is_state_visited(env, env->insn_idx); in do_check()
9298 env->prev_insn_idx, env->insn_idx, in do_check()
9302 verbose(env, "%d: safe\n", env->insn_idx); in do_check()
9316 verbose(env, "%d:", env->insn_idx); in do_check()
9319 env->prev_insn_idx, env->insn_idx, in do_check()
9332 verbose_linfo(env, env->insn_idx, "; "); in do_check()
9333 verbose(env, "%d: ", env->insn_idx); in do_check()
9338 err = bpf_prog_offload_verify_insn(env, env->insn_idx, in do_check()
9345 env->insn_aux_data[env->insn_idx].seen = env->pass_cnt; in do_check()
9346 prev_insn_idx = env->insn_idx; in do_check()
9372 err = check_mem_access(env, env->insn_idx, insn->src_reg, in do_check()
9378 prev_src_type = &env->insn_aux_data[env->insn_idx].ptr_type; in do_check()
9403 err = check_xadd(env, env->insn_idx, insn); in do_check()
9406 env->insn_idx++; in do_check()
9422 err = check_mem_access(env, env->insn_idx, insn->dst_reg, in do_check()
9428 prev_dst_type = &env->insn_aux_data[env->insn_idx].ptr_type; in do_check()
9456 err = check_mem_access(env, env->insn_idx, insn->dst_reg, in do_check()
9484 err = check_func_call(env, insn, &env->insn_idx); in do_check()
9486 err = check_helper_call(env, insn->imm, env->insn_idx); in do_check()
9500 env->insn_idx += insn->off + 1; in do_check()
9520 err = prepare_func_exit(env, &env->insn_idx); in do_check()
9537 &env->insn_idx, pop_log); in do_check()
9547 err = check_cond_jmp_op(env, insn, &env->insn_idx); in do_check()
9564 env->insn_idx++; in do_check()
9565 env->insn_aux_data[env->insn_idx].seen = env->pass_cnt; in do_check()
9575 env->insn_idx++; in do_check()
10023 desc->insn_idx += len - 1; in adjust_poke_descs()
10643 u32 insn_idx = prog->aux->poke_tab[j].insn_idx; in jit_subprogs() local
10646 if (!(insn_idx >= subprog_start && in jit_subprogs()
10647 insn_idx <= subprog_end)) in jit_subprogs()
10657 func[i]->insnsi[insn_idx - subprog_start].imm = ret + 1; in jit_subprogs()
11009 .insn_idx = i + delta, in fixup_bpf_calls()
11357 env->insn_idx = env->subprog_info[i].start; in do_check_subprogs()
11358 WARN_ON_ONCE(env->insn_idx == 0); in do_check_subprogs()
11375 env->insn_idx = 0; in do_check_main()