From: sashiko-bot@kernel.org
To: "Emil Tsalapatis" <emil@etsalapatis.com>
Cc: bpf@vger.kernel.org
Subject: Re: [PATCH bpf-next v8 5/8] selftests/bpf: Add ASAN support for libarena selftests
Date: Tue, 21 Apr 2026 21:15:37 +0000 [thread overview]
Message-ID: <20260421211538.7BCA0C2BCB0@smtp.kernel.org> (raw)
In-Reply-To: <20260421165037.4736-6-emil@etsalapatis.com>
Sashiko AI review found 2 potential issue(s):
- [Medium] The debug function `print_asan_map_state()` unsafely dereferences a potentially poisoned pointer, triggering a secondary ASAN violation.
- [Medium] The global variable `asan_violated` is not reset on error paths, breaking test isolation and causing cascading failures.
--
commit 0afb16788ca62f1167765c685d131935c9f37240
Author: Emil Tsalapatis <emil@etsalapatis.com>
selftests/bpf: Add ASAN support for libarena selftests
This commit expands the libarena selftest infrastructure to support address
sanitization, adding the necessary compiler flags to compile the library
under ASAN.
> diff --git a/tools/testing/selftests/bpf/libarena/selftests/st_asan_common.h b/tools/testing/selftests/bpf/libarena/selftests/st_asan_common.h
> new file mode 100644
> index 0000000000000..58b1b0ae6a778
> --- /dev/null
> +++ b/tools/testing/selftests/bpf/libarena/selftests/st_asan_common.h
[ ... ]
> +static inline void print_asan_map_state(void __arena *addr)
> +{
> + arena_stdout("%s:%d ASAN %p -> (val: %x gran: %x set: [%s])",
> + __func__, __LINE__, addr,
> + *(s8a *)(addr), ASAN_GRANULE(addr),
> + asan_shadow_set(addr) ? "yes" : "no");
> +}
Does reading *(s8a *)(addr) risk triggering a secondary ASAN violation?
If addr points to unmapped memory outside the arena, the dereference could
trigger a BPF exception and terminate the test before the debug output is
printed. The __noasan attribute might be needed here to avoid interception
by ASAN instrumentation.
> +/*
> + * Emit an error and force the current function to exit if the ASAN
> + * violation state is unexpected. Reset the violation state after.
> + */
> +static inline int asan_validate_addr(bool cond, void __arena *addr)
> +{
> + if ((asan_violated != 0) == cond) {
> + asan_violated = 0;
> + return 0;
> + }
> +
> + arena_stdout("%s:%d ASAN asan_violated %lx", __func__, __LINE__,
> + (u64)asan_violated);
> + print_asan_map_state(addr);
> + return -EINVAL;
> +}
Should asan_violated be reset to 0 before returning -EINVAL here?
BPF global variables persist across executions on the same skeleton. If left
non-zero, subsequent tests might fail their ASAN validation checks.
> +
> +static inline int asan_validate(void)
> +{
> + if (!asan_violated)
> + return 0;
> +
> + arena_stdout("%s:%d Found ASAN violation at %lx", __func__, __LINE__,
> + asan_violated);
> +
> + return -EINVAL;
> +}
Similarly, does asan_violated need to be reset to 0 here to prevent cascading
failures in subsequent tests?
--
Sashiko AI review · https://sashiko.dev/#/patchset/20260421165037.4736-1-emil@etsalapatis.com?part=5
next prev parent reply other threads:[~2026-04-21 21:15 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-21 16:50 [PATCH bpf-next v8 0/8] Introduce arena library and runtime Emil Tsalapatis
2026-04-21 16:50 ` [PATCH bpf-next v8 1/8] selftests/bpf: Add ifdef guard for WRITE_ONCE macro in bpf_atomic.h Emil Tsalapatis
2026-04-23 8:27 ` Matt Bobrowski
2026-04-21 16:50 ` [PATCH bpf-next v8 2/8] selftests/bpf: Add basic libarena scaffolding Emil Tsalapatis
2026-04-21 20:08 ` sashiko-bot
2026-04-23 8:24 ` Matt Bobrowski
2026-04-26 18:42 ` Alexei Starovoitov
2026-04-26 18:58 ` Emil Tsalapatis
2026-04-21 16:50 ` [PATCH bpf-next v8 3/8] selftests/bpf: Move arena-related headers into libarena Emil Tsalapatis
2026-04-21 16:50 ` [PATCH bpf-next v8 4/8] selftests/bpf: Add arena ASAN runtime to libarena Emil Tsalapatis
2026-04-21 20:48 ` sashiko-bot
2026-04-21 16:50 ` [PATCH bpf-next v8 5/8] selftests/bpf: Add ASAN support for libarena selftests Emil Tsalapatis
2026-04-21 21:15 ` sashiko-bot [this message]
2026-04-21 16:50 ` [PATCH bpf-next v8 6/8] selftests/bpf: Add buddy allocator for libarena Emil Tsalapatis
2026-04-21 17:52 ` bot+bpf-ci
2026-04-21 17:56 ` Emil Tsalapatis
2026-04-21 21:42 ` sashiko-bot
2026-04-23 8:44 ` Matt Bobrowski
2026-04-23 14:00 ` Kumar Kartikeya Dwivedi
2026-04-23 16:43 ` Emil Tsalapatis
2026-04-23 20:24 ` Matt Bobrowski
2026-04-24 15:25 ` Emil Tsalapatis
2026-04-21 16:50 ` [PATCH bpf-next v8 7/8] selftests/bpf: Add selftests for libarena buddy allocator Emil Tsalapatis
2026-04-21 21:57 ` sashiko-bot
2026-04-21 16:50 ` [PATCH bpf-next v8 8/8] selftests/bpf: Reuse stderr parsing for libarena ASAN tests Emil Tsalapatis
2026-04-21 22:16 ` sashiko-bot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260421211538.7BCA0C2BCB0@smtp.kernel.org \
--to=sashiko-bot@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=emil@etsalapatis.com \
--cc=sashiko@lists.linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.