https://gcc.gnu.org/bugzilla/show_bug.cgi?id=114523
Bug ID: 114523
Summary: bpf: ssa-phiopt optimization generates unverifiable
code.
Product: gcc
Version: unknown
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: target
Assignee: unassigned at gcc dot gnu.org
Reporter: cupertino.miranda at oracle dot com
Target Milestone: ---
BTF verifier is a static analyzer that identifies possible kernel threats with
BPF applications.
The example below is a small reproducer obtained from debugging the last issue
presented in https://github.com/systemd/systemd/issues/31888.
extern int bar ();
int baz;
int foo ()
{
int quux = bar ();
if (baz)
{
if (quux)
return 1;
}
else
{
if (!quux)
return 1;
}
return 0;
}
The following code gets optimized by phiopt2 like:
Removing basic block 6
Removing basic block 4
Removing basic block 3
Removing basic block 5
Merging blocks 2 and 7
int foo ()
{
int quux;
int baz.0_1;
int _2;
_Bool _6;
_Bool _11;
_Bool _12;
<bb 2> [local count: 1073741824]:
quux_5 = bar ();
baz.0_1 = baz;
_6 = quux_5 == 0;
_11 = baz.0_1 != 0;
_12 = _6 ^ _11;
_2 = (int) _12;
return _2;
}
The produced code from this optimization, in the original issue in github,
results in unverifiable code for the BPF execution environment.
For now it is unclear if the problem is within the verifier or not.
As a resolution for the problem 2 paths should be taken:
- Create a reproducer in the testing environment for bpf-next and report the
problem within the respective mailing list.
- Disable the optimization for BPF until the verifier fixes the limitation if
possible.
