Yes, this is to be expected. The dfa build algorithm can have
exponential state explosive. Expr simplification is a technique to help
avoid/mitigate that from happening. There is no reason that expr
simplification shouldn't be done.
In the past Jamie had disabled it for a couple of reasons.
1. fo
I did a quick experiment in our "interfaces-many-snap-provided" test to
see what impact the options have. I ran spread with:
$ spread -shell-after -v qemu:ubuntu-22.04-64:tests/main/interfaces-
many-snap-provided
And inside spread (on 22.04) compiled the profiles with/without no-expr-
simplify:
You have been subscribed to a private bug by Michael Vogt (mvo):
There was a recent issue with a core refresh that caused breakage. Upon
further investigation it turns out that the apparmor_parser uses an
substantial of memory.
Upon some more investigation it turns out that that -O no-expr-simpli
Just another data point, it seems some expressions are quite
pathological, e.g. removing
/sys/devices/{,*pcie-controller/,platform/{soc,scb}/*.pcie/}pci[0-9a-f]*/**/config
r,
/sys/devices/{,*pcie-controller/,platform/{soc,scb}/*.pcie/}pci[0-9a-f]*/**/revision
r,
/sys/devices/{,*pcie-controller/,
** Changed in: snapd
Status: New => In Progress
--
You received this bug notification because you are a member of AppArmor
Developers, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2025030
Title:
apparmor_parser -O no-expr-simplify problematic
Status in snapd:
