From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from 66-220-155-179.mail-mxout.facebook.com (66-220-155-179.mail-mxout.facebook.com [66.220.155.179])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 38C83191484
	for <bpf@vger.kernel.org>; Sat, 18 Jan 2025 19:20:34 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=66.220.155.179
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1737228038; cv=none; b=LDGqstLKoKgOqVppPb7sz99xdTl3eRkLH09VFn534dqHtU90nrIZB+bFseLrQ9egLum8YTaXWim2IQt94ZopA9wPdlN4eiJUZYSO3wRRjPpahMP/egxvjarE9RVIn7gQsy3MimEks/1aqdpRussn0oyDlFbA+Y4GsRFaEfOTdRY=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1737228038; c=relaxed/simple;
	bh=3fytCQMxhGemTsZ744ZL29r6DtY0PmFNIjGHnPjLrvA=;
	h=From:To:Cc:Subject:Date:Message-ID:MIME-Version; b=nkIzIfFI7+qFDezQAw2KJEDMvsTkzUTjTil0YMu7fYjJVCNSwZFgLdcZhIM5qeXpBr7KS2WEVj7T3OU1cQHQr2q5NeRJtCn1OAH5/1TaE/21uFZx+jwTyeIsqk4r9JyqS7dTqPJUs2hsaToX1IFr655qeaOPzROKdQvD+o8IN/k=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=linux.dev; spf=fail smtp.mailfrom=linux.dev; arc=none smtp.client-ip=66.220.155.179
Authentication-Results: smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=linux.dev
Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=linux.dev
Received: by devbig309.ftw3.facebook.com (Postfix, from userid 128203)
	id 6C70CD1B48BE; Sat, 18 Jan 2025 11:20:19 -0800 (PST)
From: Yonghong Song <yonghong.song@linux.dev>
To: bpf@vger.kernel.org
Cc: Alexei Starovoitov <ast@kernel.org>,
	Andrii Nakryiko <andrii@kernel.org>,
	Daniel Borkmann <daniel@iogearbox.net>,
	kernel-team@fb.com,
	Martin KaFai Lau <martin.lau@kernel.org>
Subject: [PATCH bpf-next v2 0/3] bpf: Allow 'may_goto 0' instruction
Date: Sat, 18 Jan 2025 11:20:19 -0800
Message-ID: <20250118192019.2123689-1-yonghong.song@linux.dev>
X-Mailer: git-send-email 2.43.5
Precedence: bulk
X-Mailing-List: bpf@vger.kernel.org
List-Id: <bpf.vger.kernel.org>
List-Subscribe: <mailto:bpf+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:bpf+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable

Emil Tsalapatis from Meta reported such a case where 'may_goto 0' insn is
generated by clang-19 compiler and this caused verification failure
since 'may_goto 0' is rejected by verifier.

In fact, 'may_goto 0' insn is actually a no-op and it won't hurt
verification. The only side effect is that the verifier will convert
the insn to a sequence of codes like
   /* r10 - 8 stores the implicit loop count */
   r11 =3D *(u64 *)(r10 -8)
   if r11 =3D=3D 0x0 goto pc+2
   r11 -=3D 1
   *(u64 *)(r10 -8) =3D r11

With this patch set 'may_goto 0' insns are allowed in verification which
also removes those insns.

Changelogs:
  v1 -> v2:
    - Instead of a separate function, removing 'may_goto 0' in existing
      func opt_remove_nops().

Yonghong Song (3):
  bpf: Allow 'may_goto 0' instruction in verifier
  bpf: Remove 'may_goto 0' instruction in opt_remove_nops()
  selftests/bpf: Add some tests related to 'may_goto 0' insns

 kernel/bpf/verifier.c                         | 14 ++-
 .../selftests/bpf/prog_tests/verifier.c       |  4 +
 .../selftests/bpf/progs/verifier_may_goto_1.c | 97 +++++++++++++++++++
 .../selftests/bpf/progs/verifier_may_goto_2.c | 28 ++++++
 4 files changed, 138 insertions(+), 5 deletions(-)
 create mode 100644 tools/testing/selftests/bpf/progs/verifier_may_goto_1=
.c
 create mode 100644 tools/testing/selftests/bpf/progs/verifier_may_goto_2=
.c

--=20
2.43.5