2 "bounded loop, count to 4",
4 BPF_MOV64_IMM(BPF_REG_0
, 0),
5 BPF_ALU64_IMM(BPF_ADD
, BPF_REG_0
, 1),
6 BPF_JMP_IMM(BPF_JLT
, BPF_REG_0
, 4, -2),
10 .prog_type
= BPF_PROG_TYPE_TRACEPOINT
,
14 "bounded loop, count to 20",
16 BPF_MOV64_IMM(BPF_REG_0
, 0),
17 BPF_ALU64_IMM(BPF_ADD
, BPF_REG_0
, 3),
18 BPF_JMP_IMM(BPF_JLT
, BPF_REG_0
, 20, -2),
22 .prog_type
= BPF_PROG_TYPE_TRACEPOINT
,
25 "bounded loop, count from positive unknown to 4",
27 BPF_RAW_INSN(BPF_JMP
| BPF_CALL
, 0, 0, 0, BPF_FUNC_get_prandom_u32
),
28 BPF_JMP_IMM(BPF_JSLT
, BPF_REG_0
, 0, 2),
29 BPF_ALU64_IMM(BPF_ADD
, BPF_REG_0
, 1),
30 BPF_JMP_IMM(BPF_JLT
, BPF_REG_0
, 4, -2),
34 .prog_type
= BPF_PROG_TYPE_TRACEPOINT
,
38 "bounded loop, count from totally unknown to 4",
40 BPF_RAW_INSN(BPF_JMP
| BPF_CALL
, 0, 0, 0, BPF_FUNC_get_prandom_u32
),
41 BPF_ALU64_IMM(BPF_ADD
, BPF_REG_0
, 1),
42 BPF_JMP_IMM(BPF_JLT
, BPF_REG_0
, 4, -2),
46 .prog_type
= BPF_PROG_TYPE_TRACEPOINT
,
49 "bounded loop, count to 4 with equality",
51 BPF_MOV64_IMM(BPF_REG_0
, 0),
52 BPF_ALU64_IMM(BPF_ADD
, BPF_REG_0
, 1),
53 BPF_JMP_IMM(BPF_JNE
, BPF_REG_0
, 4, -2),
57 .prog_type
= BPF_PROG_TYPE_TRACEPOINT
,
60 "bounded loop, start in the middle",
62 BPF_MOV64_IMM(BPF_REG_0
, 0),
64 BPF_ALU64_IMM(BPF_ADD
, BPF_REG_0
, 1),
65 BPF_JMP_IMM(BPF_JLT
, BPF_REG_0
, 4, -2),
69 .errstr
= "back-edge",
70 .prog_type
= BPF_PROG_TYPE_TRACEPOINT
,
74 "bounded loop containing a forward jump",
76 BPF_MOV64_IMM(BPF_REG_0
, 0),
77 BPF_ALU64_IMM(BPF_ADD
, BPF_REG_0
, 1),
78 BPF_JMP_REG(BPF_JEQ
, BPF_REG_0
, BPF_REG_0
, 0),
79 BPF_JMP_IMM(BPF_JLT
, BPF_REG_0
, 4, -3),
83 .prog_type
= BPF_PROG_TYPE_TRACEPOINT
,
87 "bounded loop that jumps out rather than in",
89 BPF_MOV64_IMM(BPF_REG_6
, 0),
90 BPF_ALU64_IMM(BPF_ADD
, BPF_REG_6
, 1),
91 BPF_JMP_IMM(BPF_JGT
, BPF_REG_6
, 10000, 2),
92 BPF_RAW_INSN(BPF_JMP
| BPF_CALL
, 0, 0, 0, BPF_FUNC_get_prandom_u32
),
97 .prog_type
= BPF_PROG_TYPE_TRACEPOINT
,
100 "infinite loop after a conditional jump",
102 BPF_MOV64_IMM(BPF_REG_0
, 5),
103 BPF_JMP_IMM(BPF_JLT
, BPF_REG_0
, 4, 2),
104 BPF_ALU64_IMM(BPF_ADD
, BPF_REG_0
, 1),
109 .errstr
= "program is too large",
110 .prog_type
= BPF_PROG_TYPE_TRACEPOINT
,
115 BPF_MOV64_IMM(BPF_REG_1
, 0),
116 BPF_RAW_INSN(BPF_JMP
| BPF_CALL
, 0, 1, 0, 1),
118 BPF_ALU64_IMM(BPF_ADD
, BPF_REG_1
, 1),
119 BPF_MOV64_REG(BPF_REG_0
, BPF_REG_1
),
120 BPF_JMP_IMM(BPF_JLT
, BPF_REG_1
, 4, 1),
122 BPF_RAW_INSN(BPF_JMP
| BPF_CALL
, 0, 1, 0, -5),
126 .errstr
= "back-edge",
127 .prog_type
= BPF_PROG_TYPE_TRACEPOINT
,
130 "infinite loop in two jumps",
132 BPF_MOV64_IMM(BPF_REG_0
, 0),
134 BPF_JMP_IMM(BPF_JLT
, BPF_REG_0
, 4, -2),
138 .errstr
= "loop detected",
139 .prog_type
= BPF_PROG_TYPE_TRACEPOINT
,
142 "infinite loop: three-jump trick",
144 BPF_MOV64_IMM(BPF_REG_0
, 0),
145 BPF_ALU64_IMM(BPF_ADD
, BPF_REG_0
, 1),
146 BPF_ALU64_IMM(BPF_AND
, BPF_REG_0
, 1),
147 BPF_JMP_IMM(BPF_JLT
, BPF_REG_0
, 2, 1),
149 BPF_ALU64_IMM(BPF_ADD
, BPF_REG_0
, 1),
150 BPF_ALU64_IMM(BPF_AND
, BPF_REG_0
, 1),
151 BPF_JMP_IMM(BPF_JLT
, BPF_REG_0
, 2, 1),
153 BPF_ALU64_IMM(BPF_ADD
, BPF_REG_0
, 1),
154 BPF_ALU64_IMM(BPF_AND
, BPF_REG_0
, 1),
155 BPF_JMP_IMM(BPF_JLT
, BPF_REG_0
, 2, -11),
159 .errstr
= "loop detected",
160 .prog_type
= BPF_PROG_TYPE_TRACEPOINT
,