{"id":15057015,"url":"https://github.com/vbpf/ebpf-verifier","last_synced_at":"2025-03-30T18:05:09.088Z","repository":{"id":37734918,"uuid":"137548993","full_name":"vbpf/ebpf-verifier","owner":"vbpf","description":"eBPF verifier based on abstract interpretation","archived":false,"fork":false,"pushed_at":"2025-03-19T23:58:03.000Z","size":5867,"stargazers_count":406,"open_issues_count":37,"forks_count":45,"subscribers_count":13,"default_branch":"main","last_synced_at":"2025-03-23T17:05:21.162Z","etag":null,"topics":["abstract-interpretation","ebpf","ebpf-verifier","static-analyzer"],"latest_commit_sha":null,"homepage":"","language":"C++","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/vbpf.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE-Apache-2.0.txt","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-06-16T03:04:33.000Z","updated_at":"2025-03-21T09:46:03.000Z","dependencies_parsed_at":"2023-11-23T01:25:55.119Z","dependency_job_id":"c859e62f-4a81-40f2-806a-de50590d6daa","html_url":"https://github.com/vbpf/ebpf-verifier","commit_stats":{"total_commits":1671,"total_committers":28,"mean_commits":59.67857142857143,"dds":0.279473369239976,"last_synced_commit":"3ea1b73f68f3fff48afbd0508ca438c3b9a4d614"},"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vbpf%2Febpf-verifier","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vbpf%2Febpf-verifier/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vbpf%2Febpf-verifier/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vbpf%2Febpf-verifier/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/vbpf","download_url":"https://codeload.github.com/vbpf/ebpf-verifier/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246358337,"owners_count":20764366,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["abstract-interpretation","ebpf","ebpf-verifier","static-analyzer"],"created_at":"2024-09-24T22:00:31.213Z","updated_at":"2025-03-30T18:05:09.052Z","avatar_url":"https://github.com/vbpf.png","language":"C++","funding_links":[],"categories":["eBPF Workflow: Tools and Utilities","BPF and eBPF Projects","eBPF 工作流：工具和实用程序"],"sub_categories":["User Space eBPF","Notes","用户空间 eBPF"],"readme":"[![Coverage Status](https://coveralls.io/repos/github/vbpf/ebpf-verifier/badge.svg?branch=main)](https://coveralls.io/github/vbpf/ebpf-verifier?branch=main)[![CodeQL](https://github.com/vbpf/ebpf-verifier/actions/workflows/codeql-analysis.yml/badge.svg?branch=main)](https://github.com/vbpf/ebpf-verifier/actions/workflows/codeql-analysis.yml)\n\n# PREVAIL - A new eBPF verifier\n## a Polynomial-Runtime EBPF Verifier using an Abstract Interpretation Layer\n\n\n\nThe version discussed in the [PLDI paper](https://vbpf.github.io/assets/prevail-paper.pdf) is available [here](https://github.com/vbpf/ebpf-verifier/tree/d29fd26345c3126bf166cf1c45233a9b2f9fb0a0).\n\n## Getting Started\n\nClone:\n```\ngit clone --recurse-submodules https://github.com/vbpf/ebpf-verifier.git\ncd ebpf-verifier\n```\n\n### Building\n\n\u003cdetails open\u003e\u003csummary\u003e🐧 Linux\u003c/summary\u003e\n\n#### Dependencies (Ubuntu)\n```bash\nsudo apt install build-essential git cmake libboost-dev libyaml-cpp-dev\nsudo apt install libboost-filesystem-dev libboost-program-options-dev\n```\n\n#### Make\n```\ncmake -B build -DCMAKE_BUILD_TYPE=Release\ncmake --build build\n```\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\u003csummary\u003e🪟 Windows\u003c/summary\u003e\n  \n#### Dependencies\n* Install [git](https://git-scm.com/download/win)\n* Install [Visual Studio Build Tools 2022](https://aka.ms/vs/17/release/vs_buildtools.exe) and:\n  * Choose the \"C++ build tools\" workload (Visual Studio Build Tools 2022 has support for CMake Version 3.25)\n  * Under Individual Components, select:\n    * \"C++ Clang Compiler\"\n    * \"MSBuild support for LLVM\"\n* Install [nuget.exe](https://www.nuget.org/downloads)\n\n#### Make on Windows (which uses a multi-configuration generator)\n```\ncmake -B build\ncmake --build build --config Release\n```\n\n\u003c/details\u003e\n\n\n\u003cdetails\u003e\u003csummary\u003e🍏 macOS\u003c/summary\u003e\n\n#### Dependencies:\n```bash\nbrew install llvm cmake boost yaml-cpp\n```\nThe system llvm currently comes with Clang 15, which isn't enough to compile the ebpf-verifier, as it depends on C++20. Brew's llvm comes with Clang 17.\n\n#### Make:\n```\nexport CPATH=$(brew --prefix)/include LIBRARY_PATH=$(brew --prefix)/lib CMAKE_PREFIX_PATH=$(brew --prefix)\ncmake -B build -DCMAKE_BUILD_TYPE=Release -DCMAKE_C_COMPILER=$(brew --prefix llvm)/bin/clang -DCMAKE_CXX_COMPILER=$(brew --prefix llvm)/bin/clang++\ncmake --build build\n```\n\u003c/details\u003e\n\n\u003cdetails\u003e\u003csummary\u003e🐋 Docker\u003c/summary\u003e\n  \n#### Build and run\n```bash\ndocker build -t verifier .\ndocker run -it verifier ebpf-samples/cilium/bpf_lxc.o 2/1\n1,0.009812,4132\n# To run the Linux verifier you'll need a privileged container:\ndocker run --privileged -it verifier ebpf-samples/linux/cpustat_kern.o --domain=linux\n```\n\u003c/details\u003e\n\n### Example:\n```\nebpf-verifier$ ./check ebpf-samples/cilium/bpf_lxc.o 2/1\n1,0.008288,4064\n```\nThe output is three comma-separated values:\n* 1 or 0, for \"pass\" and \"fail\" respectively\n* The runtime of the fixpoint algorithm (in seconds)\n* The peak memory consumption, in kb, as reflected by the resident-set size (rss)\n\n\u003cdetails\u003e\u003csummary\u003eUsage\u003c/summary\u003e\n\n```\nPREVAIL is a new eBPF verifier based on abstract interpretation.\nUsage: ./check [OPTIONS] path [section] [function]\n\nPositionals:\n  path TEXT:FILE REQUIRED     Elf file to analyze\n  section SECTION             Section to analyze\n  function FUNCTION           Function to analyze\n\nOptions:\n  -h,--help                   Print this help message and exit\n  --section SECTION           Section to analyze\n  --function FUNCTION         Function to analyze\n  -l                          List programs\n  --domain DOMAIN:{stats,linux,zoneCrab,cfg} [zoneCrab]\n                              Abstract domain\n\n\nFeatures:\n  --termination,--no-verify-termination{false}\n                              Verify termination. Default: ignore\n  --allow-division-by-zero,--no-division-by-zero{false}\n                              Handling potential division by zero. Default: allow\n  -s,--strict                 Apply additional checks that would cause runtime failures\n  --include_groups GROUPS:{atomic32,atomic64,base32,base64,callx,divmul32,divmul64,packet}\n                              Include conformance groups\n  --exclude_groups GROUPS:{atomic32,atomic64,base32,base64,callx,divmul32,divmul64,packet}\n                              Exclude conformance groups\n\n\nVerbosity:\n  --simplify,--no-simplify{false}\n                              Simplify the CFG before analysis by merging chains of instructions into a single basic block. Default: enabled\n  --line-info                 Print line information\n  --print-btf-types           Print BTF types\n  --assume-assert,--no-assume-assert{false}\n                              Assume assertions (useful for debugging verification failures). Default: disabled\n  -i                          Print invariants\n  -f                          Print verifier's failure logs\n  -v                          Print both invariants and failures\n\n\nCFG output:\n  --asm FILE                  Print disassembly to FILE\n  --dot FILE                  Export control-flow graph to dot FILE\n```\n\nA standard alternative to the --asm flag is `llvm-objdump -S FILE`.\n\nThe cfg can be viewed using `dot` and the standard PDF viewer:\n```\nsudo apt install graphviz\n./check ebpf-samples/cilium/bpf_lxc.o 2/1 --dot cfg.dot --domain=stats\ndot -Tpdf cfg.dot \u003e cfg.pdf\n```\n\n\u003c/details\u003e\n\n## Testing the Linux verifier\n\nTo run the Linux verifier, you must use `sudo`:\n```\nsudo ./check ebpf-samples/linux/cpustat_kern.o tracepoint/power/cpu_idle --domain=linux\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvbpf%2Febpf-verifier","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fvbpf%2Febpf-verifier","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvbpf%2Febpf-verifier/lists"}