Reject binary ops where the source is an uninitialized register

[Alan-Jowett]

This pull request includes several changes to enhance the handling of uninitialized registers in the assertion extraction logic and adds new test cases to cover these scenarios. The most important changes include updating the AssertExtractor class to handle cases where the source register is uninitialized and adding new YAML test cases for various arithmetic and logical operations involving uninitialized registers.

Enhancements to assertion extraction logic:

• src/assertions.cpp: Modified the AssertExtractor class to add assertions for source registers when they are uninitialized. (default case now checks if the source register is a Reg and adds an additional assertion if it is).

Addition of new test cases:

• src/test/test_yaml.cpp: Added a new YAML test case file uninit.yaml to the list of test cases.
• test-data/uninit.yaml: Created a new YAML file with multiple test cases to verify the behavior of arithmetic and logical operations involving uninitialized registers. This includes addition, subtraction, multiplication, division, modulo, AND, OR, and XOR operations.

Summary by CodeRabbit

• New Features

  • Enhanced type checking for binary and atomic operations, ensuring better validation of registers.
  • Introduced a comprehensive YAML test case to validate operations involving uninitialized registers.

• Bug Fixes

  • Improved error handling for operations involving uninitialized registers through new test cases.

• Documentation

  • Updated comments for clarity in the AssertExtractor class.

[coderabbitai]

Walkthrough

The pull request modifies the AssertExtractor class in src/assertions.cpp to improve type checking for binary and atomic operations. The operator()(const Bin& ins) method now includes logic for validating both source and destination registers as numbers. Additionally, a new assertion for the Atomic operation has been introduced. A new test case has been added in src/test/test_yaml.cpp, referencing test-data/uninit.yaml, which contains comprehensive test cases for operations involving uninitialized registers.

Changes

File	Change Summary
src/assertions.cpp	Enhanced type checking in AssertExtractor methods for binary and atomic operations, including new assertions.
src/test/test_yaml.cpp	Added a new test case using YAML_CASE for test-data/uninit.yaml.
test-data/uninit.yaml	Expanded YAML file with test cases evaluating operations between numbers and uninitialized registers.

Possibly related PRs

• When doing module and division, first cast to unsigned 32 bit then promote to 64 bit #731: This PR enhances the handling of unsigned division and modulo operations, which is closely related to the modifications in the AssertExtractor class that involve type checking for binary operations.
• Restrict udiv optimization to case where both are singletons #737: This PR focuses on improving the handling of modulo operations within the interval analysis, which aligns with the changes made in the main PR regarding type assertions for arithmetic operations.

Suggested reviewers

• dthaler

Poem

In the land of code, where rabbits play,
New tests hop in, brightening the day.
With checks for numbers, both bold and spry,
We ensure that errors will surely fly by.
So let’s celebrate with a joyful cheer,
For every new case brings us closer, my dear! 🐇✨

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: ASSERTIVE

📥 Commits

Files that changed from the base of the PR and between 06b7fff and 2b64267.

📒 Files selected for processing (1)

• src/assertions.cpp (2 hunks)

🧰 Additional context used

🔇 Additional comments (2)

src/assertions.cpp (2)

195-201: Improved Readability by Simplifying operator() Function

The function operator()(const Atomic& ins) const now directly returns the vector of assertions using an initializer list. This change enhances readability and conciseness of the code.

---

245-252: Enhanced Type Safety in Default Case of Binary Operations

The addition of type constraints for both the destination and source registers in the default case ensures that they are numbers. This improvement enhances type safety for all other binary operations not explicitly handled.

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 10

🧹 Outside diff range comments (1)

src/test/test_yaml.cpp (1)

Line range hint 1-42: Consider addressing the TODO and improving overall file structure.

While not directly related to the current change, there are a few suggestions for improving the overall structure and maintainability of this file:

1. Address the TODO comment: "TODO: move out of this framework". It might be beneficial to create a separate issue to track this refactoring task.

2. Consider replacing the YAML_CASE macro with a more explicit function or a custom Catch2 test factory. This could improve readability and make the tests easier to maintain and debug.

3. Organize the file structure by grouping includes, macro definitions, and test cases into separate sections with clear comments.

Would you like me to create a GitHub issue to track these potential improvements?

📜 Review details

Configuration used: CodeRabbit UI
Review profile: ASSERTIVE

📥 Commits

Files that changed from the base of the PR and between 80ada1c and 8c795c1.

📒 Files selected for processing (3)

• src/assertions.cpp (1 hunks)
• src/test/test_yaml.cpp (1 hunks)
• test-data/uninit.yaml (1 hunks)

🧰 Additional context used

🔇 Additional comments (4)

test-data/uninit.yaml (1)

4-20: LGTM: Well-structured test case for addition with uninitialized register

This test case effectively validates the behavior when adding an uninitialized register (r3) to a number (r0). The pre-conditions, code, and expected error messages are all appropriate for this scenario.

src/assertions.cpp (3)

249-255: Improved type checking for binary operations

The changes in the default case of the operator()(const Bin& ins) method enhance the type checking for binary operations. By adding an assertion for the source register (when it's a register), the code now ensures that both operands of binary operations are checked to be numbers. This aligns with the PR objective of improving the handling of uninitialized registers and provides a more robust type checking mechanism.

This change is a valuable improvement to the assertion extraction logic, potentially preventing issues related to uninitialized registers in binary operations.

---

Line range hint 1-255: Consistency with overall design

The changes to the operator()(const Bin& ins) method are consistent with the overall design of the AssertExtractor class. The modification enhances type checking for binary operations without affecting the handling of other instruction types or altering the public interface of the class. This localized change maintains the structure and purpose of the AssertExtractor while improving its functionality for binary operations.

The implementation is well-integrated and doesn't introduce any inconsistencies with the rest of the file.

---

249-255: Alignment with PR objectives and summary

The changes in the operator()(const Bin& ins) method align well with both the PR objectives and the AI-generated summary. The implementation successfully addresses the handling of uninitialized registers in binary operations by enhancing type checking. This improvement contributes to the overall goal of rejecting binary operations where the source is an uninitialized register.

The implementation effectively meets the stated objectives of the pull request.

[coderabbitai]

Actionable comments posted: 8

📜 Review details

Configuration used: CodeRabbit UI
Review profile: ASSERTIVE

📥 Commits

Files that changed from the base of the PR and between 8c795c1 and 5254526.

📒 Files selected for processing (1)

• test-data/uninit.yaml (1 hunks)

🧰 Additional context used

🔇 Additional comments (3)

test-data/uninit.yaml (3)

4-20: LGTM: Well-structured addition test case

The addition test case is correctly structured and includes appropriate error messages for an uninitialized register. The empty post-conditions section is correct as the operation is expected to fail.

---

303-317: Clarify expected behavior for MOV with uninitialized register

The MOV test case differs from other operations as it doesn't expect an error when moving an uninitialized register. This behavior seems inconsistent with other operations.

Questions to consider:

1. Should moving an uninitialized register be allowed?
2. If allowed, should there be a warning or some indication that r0 is now uninitialized?
3. If not allowed, should we add an error message similar to other operations?

Consider updating the test case to align with the expected behavior of moving an uninitialized register.

---

1-317: Verify completeness of test cases

The test suite covers a wide range of operations with uninitialized registers. To ensure comprehensive coverage, please verify that all required operations are included.

A past review comment mentioned the following operations: ADD, SUB, MUL, DIV, SDIV, OR, AND, LSH, RSH, MOD, SMOD, XOR, ARSH

Current test cases cover most of these, but please confirm if any additional operations need to be added or if any existing operations should be renamed for consistency (e.g., SDIV vs. signed division).

[coveralls]

coverage: 90.38% (+0.06%) from 90.324%
when pulling 2b64267 on Alan-Jowett:issue739
into 9f25cee on vbpf:main.

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI
Review profile: ASSERTIVE

📥 Commits

Files that changed from the base of the PR and between 5254526 and 4c6cb0d.

📒 Files selected for processing (1)

• src/assertions.cpp (1 hunks)

🧰 Additional context used

🔇 Additional comments (1)

src/assertions.cpp (1)

251-257: Logic in the default case is correct.

The updated default case correctly asserts that if the source operand is a register, both the destination and source registers must be numbers. This enhances type safety for binary operations involving uninitialized registers.

[coderabbitai]

Actionable comments posted: 0

🧹 Outside diff range comments (1)

src/assertions.cpp (1)

Line range hint 199-205: Redundant TypeConstraint on ins.valreg

At line 199, TypeConstraint{ins.valreg, TypeGroup::number} is added unconditionally. It is then added again inside the if block starting at line 202. This redundancy is unnecessary and can be removed to streamline the code.

Apply this diff to remove the redundant assertion inside the if block:

             res.emplace_back(TypeConstraint{ins.valreg, TypeGroup::number});
             if (ins.op == Atomic::Op::CMPXCHG) {
                 // The memory contents pointed to by ins.access will be compared
                 // against the value of the ins.valreg register. Only numbers are
                 // supported.
-                res.emplace_back(TypeConstraint{ins.valreg, TypeGroup::number});
             }

📜 Review details

Configuration used: CodeRabbit UI
Review profile: ASSERTIVE

📥 Commits

Files that changed from the base of the PR and between 4c6cb0d and c767e2a.

📒 Files selected for processing (2)

• src/assertions.cpp (2 hunks)
• test-data/uninit.yaml (1 hunks)

🧰 Additional context used

📓 Learnings (1)

test-data/uninit.yaml (8)

Learnt from: Alan-Jowett
PR: vbpf/ebpf-verifier#740
File: test-data/uninit.yaml:39-55
Timestamp: 2024-10-17T17:36:02.883Z
Learning: In test cases, post conditions are still needed even if the operation is expected to fail due to an uninitialized register.

Learnt from: Alan-Jowett
PR: vbpf/ebpf-verifier#740
File: test-data/uninit.yaml:195-211
Timestamp: 2024-10-17T17:40:52.506Z
Learning: In `uninit.yaml` test cases, post-conditions are still needed even when the operation fails due to uninitialized registers.

Learnt from: Alan-Jowett
PR: vbpf/ebpf-verifier#740
File: test-data/uninit.yaml:249-265
Timestamp: 2024-10-17T17:40:50.096Z
Learning: The test cases in `uninit.yaml` should include post conditions even when the operation fails due to uninitialized registers.

Learnt from: Alan-Jowett
PR: vbpf/ebpf-verifier#740
File: test-data/uninit.yaml:0-0
Timestamp: 2024-10-17T17:35:01.099Z
Learning: Post conditions are required even in test cases that are expected to fail due to uninitialized registers.

Learnt from: Alan-Jowett
PR: vbpf/ebpf-verifier#740
File: test-data/uninit.yaml:57-76
Timestamp: 2024-10-17T17:35:51.453Z
Learning: In test cases, post-conditions are still needed even if the operation is expected to fail.

Learnt from: Alan-Jowett
PR: vbpf/ebpf-verifier#740
File: test-data/uninit.yaml:78-95
Timestamp: 2024-10-17T17:40:30.302Z
Learning: In the eBPF verifier project, error messages in the test cases (e.g., in 'test-data/uninit.yaml') come from the verifier and cannot be modified.

Learnt from: Alan-Jowett
PR: vbpf/ebpf-verifier#740
File: test-data/uninit.yaml:22-37
Timestamp: 2024-10-17T17:35:20.801Z
Learning: In the eBPF verifier project, error messages can't be modified in test cases, as they are produced by the verifier.

Learnt from: Alan-Jowett
PR: vbpf/ebpf-verifier#740
File: test-data/uninit.yaml:0-0
Timestamp: 2024-10-17T17:35:01.099Z
Learning: Error messages in test cases should match the verifier's actual output and cannot be modified.

🔇 Additional comments (8)

test-data/uninit.yaml (8)

1-20: LGTM: Well-structured file header and first test case

The file header contains appropriate copyright and license information. The first test case for addition with an uninitialized register is well-structured and correctly represents the expected behavior. The pre-conditions, code, post-conditions, and expected error messages are clearly defined.

---

21-95: LGTM: Comprehensive test cases for basic arithmetic operations

The test cases for subtraction, multiplication, division, and signed division are well-structured and consistent. They appropriately test the behavior of these operations with uninitialized registers. The error messages are specific to each operation, and the additional checks for non-zero divisors in division operations are correctly implemented.

---

96-137: LGTM: Modulo operations correctly handled

The test cases for modulo and signed modulo operations are well-implemented. They maintain consistency with the previous test cases and correctly handle operations with uninitialized registers. The error messages appropriately check for non-zero divisors, similar to the division operations.

---

138-247: LGTM: Comprehensive coverage of bitwise and shift operations

The test cases for bitwise operations (AND, OR, XOR) and shift operations (LSH, RSH, ARSH) are well-implemented and maintain consistency with the previous test cases. They correctly handle operations with uninitialized registers, and the error messages are appropriate and uniform across these operations. This set of test cases provides comprehensive coverage for these types of operations.

---

248-319: LGTM: Move operations correctly implemented

The test cases for move operations (MOVSX8, MOVSX16, MOVSX32, MOV) are well-implemented and consistent with the previous test cases. They correctly handle operations with uninitialized registers, and the error messages are appropriate. Notably, the MOV operation's post-conditions correctly reflect that the destination register takes on the properties of the source register, which is different from other operations.

---

320-390: LGTM: Correct handling of storing uninitialized registers to context

The test cases for storing uninitialized registers to context (8, 4, 2, and 1 byte(s)) are well-implemented and consistent. They correctly handle operations with uninitialized registers, and the error messages are appropriate for each store size. Notably, the 8-byte store has a more specific error message, correctly reflecting the additional flexibility allowed for this size.

---

391-497: LGTM: Comprehensive coverage of atomic operations

The test cases for atomic operations (add, AND, OR, XOR, XCHG, and CMPXCHG) are well-implemented and consistent. They correctly handle operations with uninitialized registers, and the error messages are appropriate and uniform across all atomic operations. The use of r5 as the source register for all atomic operations maintains consistency throughout these test cases.

---

1-497: Excellent comprehensive test suite for uninitialized register operations

This YAML file provides a thorough and well-structured set of test cases for operations involving uninitialized registers. The test cases cover a wide range of arithmetic, bitwise, move, store, and atomic operations. The consistency in structure across all test cases enhances readability and maintainability. Error messages are appropriate and specific to each operation type, correctly reflecting the expected behavior when dealing with uninitialized registers.

The comprehensive nature of this test suite will greatly contribute to ensuring the robustness of the eBPF verifier when handling uninitialized registers in various scenarios.

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI
Review profile: ASSERTIVE

📥 Commits

Files that changed from the base of the PR and between c767e2a and 9e66e33.

📒 Files selected for processing (1)

• src/assertions.cpp (2 hunks)

🧰 Additional context used

🔇 Additional comments (1)

src/assertions.cpp (1)

250-257: Type constraints in default case improve type safety

The added type constraints in the default case ensure that for all other binary operations, the destination register is a number, and the source is either an immediate or a number. This enhancement promotes type safety and consistency across binary operations not explicitly handled.

[Alan-Jowett]

Applied feedback and rebased to minimize commits.

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI
Review profile: ASSERTIVE

📥 Commits

Files that changed from the base of the PR and between bab2ccb and 06b7fff.

📒 Files selected for processing (3)

• src/assertions.cpp (2 hunks)
• src/test/test_yaml.cpp (1 hunks)
• test-data/uninit.yaml (1 hunks)

🧰 Additional context used

📓 Learnings (1)

test-data/uninit.yaml (8)

Learnt from: Alan-Jowett
PR: vbpf/ebpf-verifier#740
File: test-data/uninit.yaml:39-55
Timestamp: 2024-10-17T17:36:02.883Z
Learning: In test cases, post conditions are still needed even if the operation is expected to fail due to an uninitialized register.

Learnt from: Alan-Jowett
PR: vbpf/ebpf-verifier#740
File: test-data/uninit.yaml:195-211
Timestamp: 2024-10-17T17:40:52.506Z
Learning: In `uninit.yaml` test cases, post-conditions are still needed even when the operation fails due to uninitialized registers.

Learnt from: Alan-Jowett
PR: vbpf/ebpf-verifier#740
File: test-data/uninit.yaml:249-265
Timestamp: 2024-10-17T17:40:50.096Z
Learning: The test cases in `uninit.yaml` should include post conditions even when the operation fails due to uninitialized registers.

Learnt from: Alan-Jowett
PR: vbpf/ebpf-verifier#740
File: test-data/uninit.yaml:0-0
Timestamp: 2024-10-17T17:35:01.099Z
Learning: Post conditions are required even in test cases that are expected to fail due to uninitialized registers.

Learnt from: Alan-Jowett
PR: vbpf/ebpf-verifier#740
File: test-data/uninit.yaml:57-76
Timestamp: 2024-10-17T17:35:51.453Z
Learning: In test cases, post-conditions are still needed even if the operation is expected to fail.

Learnt from: Alan-Jowett
PR: vbpf/ebpf-verifier#740
File: test-data/uninit.yaml:78-95
Timestamp: 2024-10-17T17:40:30.302Z
Learning: In the eBPF verifier project, error messages in the test cases (e.g., in 'test-data/uninit.yaml') come from the verifier and cannot be modified.

Learnt from: Alan-Jowett
PR: vbpf/ebpf-verifier#740
File: test-data/uninit.yaml:22-37
Timestamp: 2024-10-17T17:35:20.801Z
Learning: In the eBPF verifier project, error messages can't be modified in test cases, as they are produced by the verifier.

Learnt from: Alan-Jowett
PR: vbpf/ebpf-verifier#740
File: test-data/uninit.yaml:0-0
Timestamp: 2024-10-17T17:35:01.099Z
Learning: Error messages in test cases should match the verifier's actual output and cannot be modified.

🔇 Additional comments (10)

src/test/test_yaml.cpp (1)

42-42: LGTM! New test case added successfully.

The addition of YAML_CASE("test-data/uninit.yaml") aligns with the PR objectives to improve handling of uninitialized registers. This new test case will help ensure the correctness of the changes made in the AssertExtractor class.

Let's verify if the new test file exists:

✅ Verification successful

Verification Successful

The new test case YAML_CASE("test-data/uninit.yaml") has been successfully added and the corresponding test file exists. This aligns with the PR objectives to improve handling of uninitialized registers.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Verify the existence of the new test file
if [ -f "test-data/uninit.yaml" ]; then
    echo "The new test file 'uninit.yaml' exists."
else
    echo "Error: The new test file 'uninit.yaml' is missing."
fi

Length of output: 129

test-data/uninit.yaml (8)

1-20: LGTM: Well-structured test case for addition with uninitialized register

The file header and the first test case for addition are well-structured and correct. The copyright notice, license information, and test case format are appropriate. The pre-conditions, post-conditions, and expected error messages accurately reflect the scenario of adding an uninitialized register.

---

21-137: LGTM: Consistent and comprehensive test cases for arithmetic operations

The test cases for subtraction, multiplication, division (unsigned and signed), and modulo (unsigned and signed) operations are well-structured and consistent. Each test case appropriately handles the scenario of operating with an uninitialized register. The error messages are specific to each operation, and the additional checks for non-zero divisors in division and modulo operations are correctly implemented.

---

138-193: LGTM: Consistent test cases for bitwise operations

The test cases for bitwise operations (AND, OR, XOR) with an uninitialized register are well-structured and consistent with the previous test cases. The pre-conditions, post-conditions, and error messages are appropriate for each operation, correctly handling the scenario of an uninitialized register.

---

194-247: LGTM: Comprehensive test cases for shift operations

The test cases for shift operations (LSH, RSH, ARSH) with an uninitialized register are well-structured and consistent with the previous test cases. The pre-conditions, post-conditions, and error messages are appropriate for each shift operation, correctly handling the scenario of an uninitialized register.

---

248-319: LGTM: Well-structured test cases for move operations

The test cases for move operations (MOVSX8, MOVSX16, MOVSX32, MOV) with an uninitialized register are well-structured and consistent. The pre-conditions, post-conditions, and error messages are appropriate for each move operation. The MOV operation correctly has different post-conditions, reflecting that it copies the uninitialized state of the source register.

---

320-390: LGTM: Comprehensive test cases for store operations to context

The test cases for storing uninitialized registers to context with different sizes (8, 4, 2, 1 bytes) are well-structured and consistent. The pre-conditions, post-conditions, and error messages are appropriate for each store operation. The different error message for the 8-byte store operation is correct, reflecting the specific requirements for storing to externally-visible regions.

---

391-497: LGTM: Comprehensive test cases for atomic operations

The test cases for atomic operations (add, AND, OR, XOR, XCHG, CMPXCHG) with uninitialized registers are well-structured and consistent. The pre-conditions, post-conditions, and error messages are appropriate for each atomic operation, correctly handling the scenario of an uninitialized register.

---

1-497: Excellent coverage and structure for uninitialized register tests

This YAML file provides comprehensive and well-structured test cases for operations involving uninitialized registers. The test cases cover a wide range of scenarios, including arithmetic, bitwise, shift, move, store, and atomic operations. The consistent structure, appropriate pre-conditions, post-conditions, and error messages make the file easy to understand and maintain.

Some key strengths of this file:

1. Consistent structure across all test cases
2. Comprehensive coverage of various operations
3. Appropriate error messages for each scenario
4. Correct handling of special cases (e.g., division by zero checks)
5. Clear separation of different operation types

This file will greatly contribute to ensuring the correct handling of uninitialized registers in the eBPF verifier.

src/assertions.cpp (1)

244-251: Ensure consistent type constraints for binary operations

In the default case for binary operations, the current implementation checks if the source operand is a register and applies type constraints accordingly. Consider reviewing other binary operations to ensure that similar type checks are applied consistently, especially for operations that might have specific requirements for operand types.

Run the following script to check all binary operations and their associated type constraints:

This script searches for the operator() function for Bin instructions and lists the type constraints applied within. Review the output to ensure consistency across different binary operations.