On Sat, 2025-08-16 at 18:06 +0000, Anton Protopopov wrote:
[...]
> diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c
> index 5d1650af899d..27e9c30ad6dc 100644
> --- a/kernel/bpf/core.c
> +++ b/kernel/bpf/core.c
[...]
> @@ -1544,6 +1562,7 @@ struct bpf_prog *bpf_jit_blind_constants(struct bpf_prog *prog)
> }
>
> clone->blinded = 1;
> + clone->len = insn_cnt;
Is this an old bug? Does it require a separate commit and a fixes tag?
> return clone;
> }
> #endif /* CONFIG_BPF_JIT */
> diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
> index e1f7744e132b..863b7114866b 100644
> --- a/kernel/bpf/verifier.c
> +++ b/kernel/bpf/verifier.c
[...]
> @@ -21665,7 +21666,15 @@ static int jit_subprogs(struct bpf_verifier_env *env)
> func[i]->aux->might_sleep = env->subprog_info[i].might_sleep;
> if (!i)
> func[i]->aux->exception_boundary = env->seen_exception;
> +
> + /*
> + * To properly pass the absolute subprog start to jit
> + * all instruction adjustments should be accumulated
> + */
> + instructions_added -= func[i]->len;
> func[i] = bpf_int_jit_compile(func[i]);
> + instructions_added += func[i]->len;
> +
Nit: This -= / += pair is a bit hackish, maybe add a separate variable
to compute current delta?
> if (!func[i]->jited) {
> err = -ENOTSUPP;
> goto out_free;
