[apparmor] [Bug 2025030] [NEW] apparmor_parser -O no-expr-simplify problematic
Launchpad Bug Tracker
2025030 at bugs.launchpad.net
Mon Jun 26 08:46:54 UTC 2023
You have been subscribed to a private bug by Michael Vogt (mvo):
There was a recent issue with a core refresh that caused breakage. Upon
further investigation it turns out that the apparmor_parser uses an
substantial of memory.
Upon some more investigation it turns out that that -O no-expr-simplify
makes both time to compile and memory usage increase 10x. Tested with
22.04 but I see the same ballpark results with 16.04:
$ /usr/bin/time --verbose apparmor_parser -S 2.59/profiles/snap.screenly-client.command-executor > /dev/null
Command being timed: "apparmor_parser -S 2.59/profiles/snap.screenly-client.command-executor"
User time (seconds): 4.32
Maximum resident set size (kbytes): 117392
$ /usr/bin/time --verbose apparmor_parser -O no-expr-simplify -S 2.59/profiles/snap.screenly-client.command-executor > /dev/null
Command being timed: "apparmor_parser -O no-expr-simplify -S 2.59/profiles/snap.screenly-client.command-executor"
User time (seconds): 40.64
Maximum resident set size (kbytes): 1015816
Profile is attached.
It seems like we seriously need to consider dropping "-O no-expr-simplify".
For context:
https://bugs.launchpad.net/ubuntu-rtm/+source/apparmor/+bug/1383858
is why it was added in the first place
And some recent work to make things faster:
https://gitlab.com/apparmor/apparmor/-/merge_requests/711
** Affects: snapd
Importance: Undecided
Status: New
--
apparmor_parser -O no-expr-simplify problematic
https://bugs.launchpad.net/bugs/2025030
You received this bug notification because you are a member of AppArmor Developers, which is subscribed to the bug report.
More information about the AppArmor
mailing list