bpf: Don't run arg-tracking analysis twice on main subprog

Because subprog 0, the main subprog, is considered a global function,
we end up running the arg-tracking dataflow analysis twice on it. That
results in slightly longer verification but mostly in more verbose
verifier logs. This patch fixes it by keeping only the iteration over
global subprogs.

When running over all of Cilium's programs with BPF_LOG_LEVEL2, this
reduces verbosity by ~20% on average.

Fixes: bf0c571f7feb6 ("bpf: introduce forward arg-tracking dataflow analysis")
Signed-off-by: Paul Chaignon <paul.chaignon@gmail.com>
Acked-by: Eduard Zingerman <eddyz87@gmail.com>
Link: https://lore.kernel.org/r/e4d7b53d4963ef520541a782f5fc8108a168877c.1778176504.git.paul.chaignon@gmail.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>

diff --git a/kernel/bpf/liveness.c b/kernel/bpf/liveness.c
index 332e6e003f270a38a150496fade9d88e4b17d4dd..58197d73b120108b5bd53f5a10af13ecd2bd5cd3 100644 (file)
--- a/kernel/bpf/liveness.c
+++ b/kernel/bpf/liveness.c
@@ -1914,26 +1914,15 @@ int bpf_compute_subprog_arg_access(struct bpf_verifier_env *env)
                return -ENOMEM;
        }
 
-       instance = call_instance(env, NULL, 0, 0);
-       if (IS_ERR(instance)) {
-               err = PTR_ERR(instance);
-               goto out;
-       }
-       err = analyze_subprog(env, NULL, info, instance, callsites);
-       if (err)
-               goto out;
-
        /*
-        * Subprogs and callbacks that don't receive FP-derived arguments
-        * cannot access ancestor stack frames, so they were skipped during
-        * the recursive walk above.  Async callbacks (timer, workqueue) are
-        * also not reachable from the main program's call graph.  Analyze
-        * all unvisited subprogs as independent roots at depth 0.
+        * Analyze every subprog in reverse topological order (callers
+        * before callees) so that each subprog is analyzed before its
+        * callees, allowing the recursive walk inside analyze_subprog()
+        * to naturally reach callees that receive FP-derived args.
         *
-        * Use reverse topological order (callers before callees) so that
-        * each subprog is analyzed before its callees, allowing the
-        * recursive walk inside analyze_subprog() to naturally
-        * reach nested callees that also lack FP-derived args.
+        * Subprogs and callbacks that don't receive FP-derived arguments
+        * cannot access ancestor stack frames are analyzed independently.
+        * Async callbacks (timer, workqueue) are handled the same way.
         */
        for (k = env->subprog_cnt - 1; k >= 0; k--) {
                int sub = env->subprog_topo_order[k];