From: Shung-Hsi Yu <shung-hsi.yu@suse.com>
To: ziye@zju.edu.cn
Cc: bot+bpf-ci@kernel.org, bpf@vger.kernel.org, ast@kernel.org,
daniel@iogearbox.net, john.fastabend@gmail.com,
andrii@kernel.org, martin.lau@linux.dev, eddyz87@gmail.com,
song@kernel.org, yonghong.song@linux.dev, kpsingh@kernel.org,
sdf@fomichev.me, haoluo@google.com, jolsa@kernel.org,
tangyazhou518@outlook.com, shenghaoyuan0928@163.com,
martin.lau@kernel.org, clm@meta.com, ihor.solodrai@linux.dev
Subject: Re: [PATCH bpf-next 1/2] bpf: support shift operations with non-const src operand
Date: Thu, 25 Jun 2026 14:47:37 +0800 [thread overview]
Message-ID: <ajzHAB3EJDD2IY83@u94a> (raw)
In-Reply-To: <e290f581e78208441b8c3069a7ec3bdc7f1fa76c189d566ca924488b418d9950@mail.kernel.org>
Nit: subject prefix is missing 'v3'.
On Tue, Jun 23, 2026 at 12:42:12PM +0000, bot+bpf-ci@kernel.org wrote:
> > diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
> > index 2abc79dbf281..bf247c219cab 100644
> > --- a/kernel/bpf/verifier.c
> > +++ b/kernel/bpf/verifier.c
>
> [ ... ]
>
> > @@ -14516,14 +14565,14 @@ static bool is_safe_to_compute_dst_reg_range(struct bpf_insn *insn,
> > case BPF_MOD:
> > return src_is_const;
> >
> > - /* Shift operators range is only computable if shift dimension operand
> > - * is a constant. Shifts greater than 31 or 63 are undefined. This
> > - * includes shifts by a negative number.
> > + /*
> > + * Shifts greater than 31 or 63 are implementation-defined behaviour.
> > + * This includes shifts by a negative number.
> > */
> > case BPF_LSH:
> > case BPF_RSH:
> > case BPF_ARSH:
> > - return (src_is_const && reg_umax(src_reg) < insn_bitness);
> > + return reg_umax(src_reg) < insn_bitness;
>
> This drops the src_is_const requirement so that non-constant but bounded
> shift amounts are now range-tracked.
>
> Is there a real use case driving this?
>
> Earlier review on this series asked whether compilers actually generate
> non-const bounded shifts, and whether any real programs are rejected today
> because of the conservative handling. It was also noted that the current
> behaviour does not reject such programs, it just falls back to an unbounded
> dst register. The range tracking added for BPF_DIV/BPF_MOD deliberately
> keeps requiring a constant operand for similar reasons.
>
> Without a motivating program that is rejected today, is it worth adding this
> complexity to the verifier?
I am with the bot here. This adds complexity in the ARSH code path, and
while LSH/RSH code path does pretty much already support non-const
shift, without a compiler generated program showing this pattern it is
hard to justify moving the patchset forward.
next prev parent reply other threads:[~2026-06-25 6:47 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-06-23 12:02 [PATCH bpf-next 0/2] bpf: support shift operations with non-const source operand Tianci Cao
2026-06-23 12:02 ` [PATCH bpf-next 1/2] bpf: support shift operations with non-const src operand Tianci Cao
2026-06-23 12:42 ` bot+bpf-ci
2026-06-25 6:47 ` Shung-Hsi Yu [this message]
2026-06-23 12:02 ` [PATCH bpf-next 2/2] selftests/bpf: Add tests for non-const src shift with bounded dst Tianci Cao
-- strict thread matches above, loose matches on Subject: below --
2026-06-12 9:38 [PATCH bpf-next 0/2] bpf: support shift operations with non-const source operand Tianci Cao
2026-06-12 9:38 ` [PATCH bpf-next 1/2] bpf: support shift operations with non-const src operand Tianci Cao
2026-06-12 10:19 ` bot+bpf-ci
2026-06-12 16:09 ` Alexei Starovoitov
2026-06-12 21:20 ` Eduard Zingerman
2026-06-15 14:50 ` 曹天赐
2026-06-12 21:17 ` Eduard Zingerman
2026-06-15 14:51 ` 曹天赐
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ajzHAB3EJDD2IY83@u94a \
--to=shung-hsi.yu@suse.com \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bot+bpf-ci@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=clm@meta.com \
--cc=daniel@iogearbox.net \
--cc=eddyz87@gmail.com \
--cc=haoluo@google.com \
--cc=ihor.solodrai@linux.dev \
--cc=john.fastabend@gmail.com \
--cc=jolsa@kernel.org \
--cc=kpsingh@kernel.org \
--cc=martin.lau@kernel.org \
--cc=martin.lau@linux.dev \
--cc=sdf@fomichev.me \
--cc=shenghaoyuan0928@163.com \
--cc=song@kernel.org \
--cc=tangyazhou518@outlook.com \
--cc=yonghong.song@linux.dev \
--cc=ziye@zju.edu.cn \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.