Skip to content

Commit a69e70a

Browse files
elazargclaude
andauthored
Human-friendly CLI output for bin/prevail (#1042)
* Replace CSV output with human-friendly PASS/FAIL CLI output The default output was `{0|1},{seconds},{memory_kb}` — a CSV row for benchmarking scripts that is unfriendly for humans. Benchmarking is better done externally (time, /usr/bin/time -v). New output: `PASS: section/function` or `FAIL: section/function` with the first error and a hint line pointing to --failure-slice / -v. Add -q/--quiet (exit code only) and --cfg (replaces --domain cfg). Remove dead code: --domain option (linux, stats, zoneCrab selectors), linux_verifier, memsize helpers, collect_stats/stats_headers, fnv1a64, @headers special filename, bin/check alias, and stale benchmark scripts. Move src/main/check.cpp → src/main.cpp (simplified, rewritten). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Elazar Gershuni <elazarg@gmail.com> * Graduate loop3.o from skip to expected failure The >4x performance improvement means loop3.o no longer hangs. It now completes quickly but is rejected due to type precision loss through the loop join (VerifierTypeTracking). * Remove redundant install exclude, fix doc path - Remove `PATTERN "main.cpp" EXCLUDE` from install — the glob only matches *.hpp/*.h so main.cpp would never be included anyway. - Fix `./prevail` → `./bin/prevail` in docs/architecture.md for consistency with the actual binary location. --------- Signed-off-by: Elazar Gershuni <elazarg@gmail.com> Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
1 parent d7a46ca commit a69e70a

27 files changed

+110
-666
lines changed

AGENTS.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@
1010
## Quick project facts
1111
- **Language & standards:** Core verifier is implemented in modern C++20 (see `CMakeLists.txt`).
1212
- **Primary deliverables:**
13-
- `check`: command-line verifier for eBPF object files.
13+
- `prevail`: command-line verifier for eBPF object files.
1414
- `tests`: Catch2-based regression suite.
1515
- `run_yaml`: YAML test case runner.
1616
- **Third-party code:** resides under `external/` and is treated as vendored dependencies. Do not edit these unless explicitly asked.
@@ -39,7 +39,7 @@
3939
```
4040
4. **Spot-check the verifier** against bundled samples:
4141
```bash
42-
./prevail ebpf-samples/cilium/bpf_lxc.o 2/1
42+
./bin/prevail ebpf-samples/cilium/bpf_lxc.o 2/1
4343
```
4444
5. **Capture reasoning.** When a change introduces or relies on a new invariant, add a targeted regression test and document the invariant in code comments or `docs/` notes so future auditors can reconstruct the argument.
4545

CHANGELOG.md

Lines changed: 14 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@
33
## v0.2.0 (2026-02-22)
44

55
Major expansion of type system, platform modeling, and safety guarantees.
6-
27 commits since v0.1.3.
6+
34 commits since v0.1.3.
77

88
### Type system
99

@@ -36,22 +36,32 @@ Major expansion of type system, platform modeling, and safety guarantees.
3636
domain (#960).
3737
- Propagate alloc_mem_size through helpers and decompose kfunc flags.
3838

39+
### Performance
40+
41+
- >4× faster verification on large programs through splitdbm graph
42+
internals modernization and zone domain optimizations (#1017).
43+
3944
### Diagnostics
4045

4146
- Add failure slicing: `--failure-slice` prints a minimal causal trace
4247
from the first verification error back to its root cause.
48+
- Human-friendly CLI output: `PASS: section/function` / `FAIL: section/function`
49+
with first error and hint line, replacing the old CSV format.
50+
- Add `-q`/`--quiet` flag (exit code only, no stdout).
4351

4452
### Infrastructure
4553

4654
- Overhaul ELF loader and bump ebpf-samples (#1026).
4755
- Handle invalid BTF map metadata gracefully (#1034).
48-
- Modernize splitdbm graph internals (#1017).
4956
- Add MSVC debug assert handler (#1018).
5057
- Simplify test framework: drop per-test diagnostic strings, reclassify
5158
genuinely-unsafe programs as rejections, document VerifyIssueKind enum
5259
centrally.
53-
- Rename main executable from `bin/check` to `bin/prevail`; `bin/check` is
54-
kept as a backwards-compatible copy during the transition.
60+
- Rename main executable from `bin/check` to `bin/prevail`.
61+
- Remove dead code: `--domain` option (`linux`, `stats` paths),
62+
`linux_verifier`, `memsize` helpers, `collect_stats`, stale benchmark
63+
scripts.
64+
- Move CLI entry point from `src/main/check.cpp` to `src/main.cpp`.
5565
- Bump external/libbtf, external/bpf_conformance, actions/checkout.
5666

5767
## v0.1.3

CMakeLists.txt

Lines changed: 3 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -99,7 +99,7 @@ include(cmake/SetupBoostHeaders.cmake)
9999
string(REGEX REPLACE "([][+.*()^$?|\\\\])" "\\\\\\1" prevail_source_dir_escaped "${prevail_source_dir}")
100100

101101
file(GLOB_RECURSE prevail_LIB_SRC CONFIGURE_DEPENDS "${prevail_source_dir}/src/*.cpp")
102-
list(FILTER prevail_LIB_SRC EXCLUDE REGEX "${prevail_source_dir_escaped}/src/main/.*")
102+
list(FILTER prevail_LIB_SRC EXCLUDE REGEX "${prevail_source_dir_escaped}/src/main\\.cpp$")
103103
list(FILTER prevail_LIB_SRC EXCLUDE REGEX "${prevail_source_dir_escaped}/src/test/.*")
104104

105105
add_library(prevail ${prevail_LIB_SRC})
@@ -178,8 +178,8 @@ set_target_properties(prevail PROPERTIES
178178

179179
set(prevail_binary_dir "${prevail_source_dir}/bin" CACHE INTERNAL "")
180180

181-
# Main executable: bin/prevail (with bin/check alias for backwards compatibility)
182-
add_executable(prevail-cli "${prevail_source_dir}/src/main/check.cpp" "${prevail_source_dir}/src/main/linux_verifier.cpp")
181+
# Main executable: bin/prevail
182+
add_executable(prevail-cli "${prevail_source_dir}/src/main.cpp")
183183
set_target_properties(prevail-cli PROPERTIES OUTPUT_NAME "prevail")
184184
target_link_libraries(prevail-cli PRIVATE prevail ${CMAKE_DL_LIBS})
185185
if (CMAKE_CONFIGURATION_TYPES)
@@ -192,13 +192,6 @@ else ()
192192
set_target_properties(prevail-cli PROPERTIES
193193
RUNTIME_OUTPUT_DIRECTORY "${prevail_binary_dir}")
194194
endif ()
195-
# Transitional alias: bin/check -> bin/prevail
196-
add_custom_command(TARGET prevail-cli POST_BUILD
197-
COMMAND ${CMAKE_COMMAND} -E copy_if_different
198-
"$<TARGET_FILE:prevail-cli>"
199-
"$<TARGET_FILE_DIR:prevail-cli>/check$<TARGET_FILE_SUFFIX:prevail-cli>"
200-
COMMENT "Creating backwards-compatible bin/check alias"
201-
)
202195

203196
# Tests
204197
if (prevail_ENABLE_TESTS)
@@ -256,7 +249,6 @@ install(TARGETS prevail libbtf GSL
256249
install(DIRECTORY "${prevail_source_dir}/src/"
257250
DESTINATION "${CMAKE_INSTALL_INCLUDEDIR}/prevail"
258251
FILES_MATCHING PATTERN "*.hpp" PATTERN "*.h"
259-
PATTERN "main/*" EXCLUDE
260252
PATTERN "test/*" EXCLUDE
261253
)
262254

README.md

Lines changed: 11 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -88,9 +88,6 @@ cmake --build build
8888
```bash
8989
docker build -t prevail .
9090
docker run -it prevail ebpf-samples/cilium/bpf_lxc.o 2/1
91-
1,0.009812,4132
92-
# To run the Linux verifier you'll need a privileged container:
93-
docker run --privileged -it prevail ebpf-samples/linux/cpustat_kern.o --domain=linux
9491
```
9592

9693
</details>
@@ -99,18 +96,12 @@ docker run --privileged -it prevail ebpf-samples/linux/cpustat_kern.o --domain=l
9996

10097
```
10198
$ bin/prevail ebpf-samples/cilium/bpf_lxc.o 2/1
102-
1,0.014153,6080
99+
PASS: 2/1
103100
```
104101

105-
The output is three comma-separated values:
106-
107-
* 1 or 0, for "pass" and "fail" respectively
108-
* The runtime of the fixpoint algorithm (in seconds)
109-
* The peak memory consumption, in kb, as reflected by the resident-set size (rss)
110-
111102
<details><summary>Usage</summary>
112103

113-
```
104+
```text
114105
PREVAIL is a new eBPF verifier based on abstract interpretation.
115106
116107
@@ -127,8 +118,8 @@ OPTIONS:
127118
--section SECTION Section to analyze
128119
--function FUNCTION Function to analyze
129120
-l List programs
130-
--domain DOMAIN:{stats,linux,zoneCrab,cfg} [zoneCrab]
131-
Abstract domain
121+
-q, --quiet No stdout output, exit code only
122+
--cfg Print control-flow graph and exit
132123
133124
Features:
134125
--termination, --no-verify-termination{false}
@@ -144,14 +135,16 @@ Features:
144135
Verbosity:
145136
--simplify, --no-simplify{false}
146137
Simplify the display of the CFG by merging chains of instructions
147-
into a single basic block. Default: enabled
138+
into a single basic block. Default: enabled (disabled with
139+
--failure-slice)
148140
--line-info Print line information
149141
--print-btf-types Print BTF types
150-
--failure-slice Print minimal failure diagnostic (causal trace)
151-
--failure-slice-depth N
152-
Maximum backward traversal steps (default: 200)
153142
-v Print invariants and first failure
154143
-f Print first failure
144+
--failure-slice Print minimal failure slices showing only instructions that
145+
contributed to errors
146+
--failure-slice-depth UINT
147+
Maximum backward steps for failure slicing (default: 200)
155148
156149
CFG output:
157150
--asm FILE Print disassembly to FILE
@@ -164,16 +157,8 @@ The cfg can be viewed using `dot` and the standard PDF viewer:
164157

165158
```
166159
sudo apt install graphviz
167-
bin/prevail ebpf-samples/cilium/bpf_lxc.o 2/1 --dot cfg.dot --domain=stats
160+
bin/prevail ebpf-samples/cilium/bpf_lxc.o 2/1 --dot cfg.dot
168161
dot -Tpdf cfg.dot > cfg.pdf
169162
```
170163

171164
</details>
172-
173-
## Testing the Linux verifier
174-
175-
To run the Linux verifier, you must use `sudo`:
176-
177-
```
178-
sudo bin/prevail ebpf-samples/linux/cpustat_kern.o tracepoint/power/cpu_idle --domain=linux
179-
```

docs/README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -93,7 +93,7 @@ Prevail verifies that eBPF programs:
9393

9494
```text
9595
src/
96-
├── main/ # Entry points (check.cpp - CLI verifier)
96+
├── main.cpp # CLI entry point
9797
├── ir/ # Intermediate representation
9898
│ ├── syntax.hpp # Instruction definitions
9999
│ └── cfg_builder.cpp

docs/architecture.md

Lines changed: 7 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -169,16 +169,19 @@ Separating assertions from semantics enables:
169169

170170
## Entry Points
171171

172-
### CLI Tool: `check`
172+
### CLI Tool
173173

174-
**File**: `src/main/check.cpp`
174+
**File**: `src/main.cpp`
175175

176176
```bash
177-
./prevail <elf-file> <section>/<function> [options]
177+
./bin/prevail <elf-file> <section>/<function> [options]
178178
```
179179

180180
Options:
181-
- `--domain`: Choose abstract domain (e.g., `zoneCrab`)
181+
- `-q`/`--quiet`: No stdout output, exit code only
182+
- `--cfg`: Print control-flow graph and exit
183+
- `--failure-slice`: Print causal trace for failures
184+
- `-v`: Print invariants and first failure
182185
- `--no-simplify`: Don't merge basic blocks
183186
- `--strict`: Require explicit map bounds
184187

docs/building.md

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -119,7 +119,6 @@ After building, you'll find these executables in `bin/`:
119119
| Executable | Description |
120120
|------------|-------------|
121121
| `prevail` | Main verifier CLI tool |
122-
| `check` | Backwards-compatible alias for `prevail` |
123122
| `tests` | Catch2 test runner |
124123
| `run_yaml` | YAML test case runner |
125124

docs/failure-slicing.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -472,4 +472,4 @@ verification failures. When using failure slices with an LLM:
472472
| `src/fwd_analyzer.cpp` | Hooks to populate deps during forward analysis |
473473
| `src/ir/parse.cpp` | Invariant filter integration in `operator<<(StringInvariant)` |
474474
| `src/config.hpp` | `collect_instruction_deps` flag |
475-
| `src/main/check.cpp` | `--failure-slice` and `--failure-slice-depth` CLI flags |
475+
| `src/main.cpp` | `--failure-slice` and `--failure-slice-depth` CLI flags |

scripts/.check-license.ignore

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -47,8 +47,6 @@ external/catch.hpp
4747
# Files using BSD-3-Clause
4848
external/CLI11/CLI11.hpp
4949

50-
# Files using CC-BY-SA-2.5 license
51-
src/main/memsize_linux.hpp
5250

5351
# Files with custom licenses embedded
5452
src/crab_utils/heap.hpp

scripts/README.md

Lines changed: 0 additions & 28 deletions
This file was deleted.

0 commit comments

Comments
 (0)