From: sashiko-bot@kernel.org
To: "Ian Rogers" <irogers@google.com>
Cc: linux-perf-users@vger.kernel.org
Subject: Re: [PATCH v1 12/14] perf test: Add -j/--junit option for JUnit XML test reports
Date: Thu, 14 May 2026 17:48:58 +0000 [thread overview]
Message-ID: <20260514174859.5F9ECC2BCB3@smtp.kernel.org> (raw)
In-Reply-To: <20260513230450.529380-13-irogers@google.com>
Thank you for your contribution! Sashiko AI review found 4 potential issue(s) to consider:
- [Medium] `xml_escape` silently discards all non-ASCII/UTF-8 characters due to signed char comparison.
- [Medium] Test suites skipped via the '--skip' command-line option are omitted from the JUnit XML, creating a structural mismatch.
- [Medium] Unsafe file creation for the JUnit XML report is vulnerable to a symlink attack (Arbitrary File Overwrite).
- [Low] The globally scoped `junit_xml_buf` buffer is leaked if the test harness aborts on an error path.
--
commit f788260e3f8e93c92ba78c033616b340413eb066
Author: Ian Rogers <irogers@google.com>
perf test: Add -j/--junit option for JUnit XML test reports
This commit adds a -j/--junit command line option to perf test to generate
JUnit XML format test reports. The report captures execution latency, failures,
and skip reasons.
> diff --git a/tools/perf/tests/builtin-test.c b/tools/perf/tests/builtin-test.c
> index 765724817776e..99f5afba10822 100644
> --- a/tools/perf/tests/builtin-test.c
> +++ b/tools/perf/tests/builtin-test.c
[ ... ]
> @@ -366,8 +372,34 @@ static unsigned int summary_tests_skipped;
> static unsigned int summary_tests_failed;
> static struct strbuf summary_failed_tests_buf = STRBUF_INIT;
>
> +static char *xml_escape(const char *str)
> +{
> + struct strbuf buf = STRBUF_INIT;
> + const char *p;
> + char *res;
> +
> + if (!str)
> + return strdup("");
> +
> + for (p = str; *p; p++) {
> + if (*p == '&')
> + strbuf_addstr(&buf, "&");
> + else if (*p == '<')
> + strbuf_addstr(&buf, "<");
> + else if (*p == '>')
> + strbuf_addstr(&buf, ">");
> + else if (*p == '"')
> + strbuf_addstr(&buf, """);
> + else if (*p >= 32 || *p == '\n' || *p == '\t')
On architectures where char is signed, will *p >= 32 evaluate to false for
non-ASCII characters (like UTF-8 sequences) since their most significant bit
is set?
Could this silently discard multi-byte characters from test logs, and should
the pointer value be cast to unsigned char before comparison to avoid this?
> + strbuf_addch(&buf, *p);
> + }
> + res = strbuf_detach(&buf, NULL);
> + return res ? res : strdup("");
> +}
[ ... ]
> @@ -999,6 +1078,29 @@ static void print_tests_summary(void)
> } else {
> color_fprintf(stderr, PERF_COLOR_GREEN, "Failed tests : 0\n");
> }
> +
> + if (junit_filename) {
> + FILE *fp;
> +
> + fp = fopen(junit_filename, "w");
If perf test -j is executed with elevated privileges in a shared directory like
/tmp, could fopen() with mode "w" be vulnerable to a symlink attack?
Would it be safer to use open() with O_CREAT | O_TRUNC | O_WRONLY | O_NOFOLLOW
to prevent arbitrarily overwriting system files?
> + if (fp) {
> + unsigned int total = summary_tests_passed + summary_subtests_passed +
> + summary_tests_skipped + summary_tests_failed;
> + fprintf(fp, "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n");
> + fprintf(fp, "<testsuites>\n");
> + fprintf(fp, " <testsuite name=\"perf-tests\" tests=\"%u\" failures=\"%u\" skipped=\"%u\">\n",
> + total, summary_tests_failed, summary_tests_skipped);
If a test suite is skipped via the user override (-s/--skip), __cmd_test()
increments summary_tests_skipped but skips calling print_test_result().
Will this cause a structural mismatch in the XML report between the reported
skipped count here and the actual number of <testcase> elements emitted?
> + fprintf(fp, "%s", junit_xml_buf.buf);
> + fprintf(fp, " </testsuite>\n");
> + fprintf(fp, "</testsuites>\n");
> + fclose(fp);
> + pr_info("Wrote junit XML output to %s\n", junit_filename);
> + } else {
> + pr_err("Failed to open %s for writing junit XML output: %s\n",
> + junit_filename, strerror(errno));
> + }
> + }
> + strbuf_release(&junit_xml_buf);
If the test harness catches a signal (such as Ctrl-C) and jumps to the err_out
label in __cmd_test(), it bypasses print_tests_summary().
Could this cause junit_xml_buf to leak and trigger LeakSanitizer failures?
> strbuf_release(&summary_failed_tests_buf);
> }
>
--
Sashiko AI review · https://sashiko.dev/#/patchset/20260513230450.529380-1-irogers@google.com?part=12
next prev parent reply other threads:[~2026-05-14 17:48 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-13 23:04 [PATCH v1 00/14] perf test: Harness improvements Ian Rogers
2026-05-13 23:04 ` [PATCH v1 01/14] perf jevents.py: Make generated C code more kernel style Ian Rogers
2026-05-13 23:04 ` [PATCH v1 02/14] perf pmu-events: Add API to get metric table name and iterate tables Ian Rogers
2026-05-14 11:42 ` sashiko-bot
2026-05-13 23:04 ` [PATCH v1 03/14] perf test: Drain pipe after child finishes to avoid losing output Ian Rogers
2026-05-13 23:04 ` [PATCH v1 04/14] perf test: Support dynamic test suites with setup callback and private data Ian Rogers
2026-05-14 12:10 ` sashiko-bot
2026-05-13 23:04 ` [PATCH v1 05/14] perf test pmu-events: A sub-test per metric table Ian Rogers
2026-05-13 23:04 ` [PATCH v1 06/14] perf test: Refactor parallel poll loop to drain all pipes simultaneously Ian Rogers
2026-05-14 14:27 ` sashiko-bot
2026-05-13 23:04 ` [PATCH v1 07/14] perf test: Show snippet failure output for verbose=1 Ian Rogers
2026-05-14 15:50 ` sashiko-bot
2026-05-13 23:04 ` [PATCH v1 08/14] perf test: Add summary reporting Ian Rogers
2026-05-14 16:10 ` sashiko-bot
2026-05-13 23:04 ` [PATCH v1 09/14] perf test: Fix subtest status alignment for multi-digit indexes Ian Rogers
2026-05-13 23:04 ` [PATCH v1 10/14] perf test: Skip shebang and SPDX comments in shell test descriptions Ian Rogers
2026-05-13 23:04 ` [PATCH v1 11/14] perf test: Split monolithic 'util' test suite into sub-tests Ian Rogers
2026-05-13 23:04 ` [PATCH v1 12/14] perf test: Add -j/--junit option for JUnit XML test reports Ian Rogers
2026-05-14 17:48 ` sashiko-bot [this message]
2026-05-13 23:04 ` [PATCH v1 13/14] perf test: Add shell test to validate JUnit XML reporting output Ian Rogers
2026-05-13 23:04 ` [PATCH v1 14/14] perf test: Remove /usr/bin/cc dependency from Intel PT shell test Ian Rogers
2026-05-14 18:28 ` sashiko-bot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260514174859.5F9ECC2BCB3@smtp.kernel.org \
--to=sashiko-bot@kernel.org \
--cc=irogers@google.com \
--cc=linux-perf-users@vger.kernel.org \
--cc=sashiko-reviews@lists.linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.