Re: [PATCH bpf-next v1 10/17] bpf: Report Resource Lifetime reference leaks

[sashiko-bot@kernel.org]

Thank you for your contribution! Sashiko AI review found 1 potential issue(s) to consider:
- [Low] Incorrect indentation of `bpf_diag_report_resource_state` calls inside `process_irq_flag`.
--

commit 55651d7f9fb67183b2ac504e84a853783f31d0f3
Author: Kumar Kartikeya Dwivedi <memxor@gmail.com>

bpf: Report Resource Lifetime reference leaks

This commit augments the verifier's reference leak detection by adding a
Resource Lifetime Safety report when a reference is still live at program
exit or throw time. It also adds detailed diagnostic reporting for invalid
resource states involving dynptrs, IRQ flags, spin locks, and iterators.

> diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
> index e9c121892b7e5..1c26614bec2b7 100644
> --- a/kernel/bpf/verifier.c
> +++ b/kernel/bpf/verifier.c

[ ... ]

> @@ -11576,6 +11665,11 @@ static int process_irq_flag(struct bpf_verifier_env *env, struct bpf_reg_state *
>  		if (!is_irq_flag_reg_valid_uninit(env, reg)) {
>  			verbose(env, "expected uninitialized irq flag as %s\n",
>  				reg_arg_name(env, argno));
> +				bpf_diag_report_resource_state(env, env->insn_idx,
> +							       "IRQ flag is already initialized",
> +							       "Saving IRQ state requires an uninitialized stack slot for the IRQ flag, but this slot already contains tracked IRQ flag "
> +							       "state.",
> +							       "Use a fresh stack slot for this save operation, or restore the existing IRQ flag before reusing the slot.");

[Severity: Low]
This isn't a bug, but it looks like there's an extra level of indentation
added to the bpf_diag_report_resource_state() call here. Should this be
adjusted to align with the verbose() call above it?

>  			return -EINVAL;
>  		}
>  
> @@ -11592,6 +11686,10 @@ static int process_irq_flag(struct bpf_verifier_env *env, struct bpf_reg_state *
>  		if (err) {
>  			verbose(env, "expected an initialized irq flag as %s\n",
>  				reg_arg_name(env, argno));
> +				bpf_diag_report_resource_state(env, env->insn_idx,
> +							       "uninitialized IRQ flag restore",
> +							       "Restoring IRQ state requires a stack slot that was initialized by a matching IRQ save operation on this path.",
> +							       "Pass the same stack slot that was previously initialized by the matching IRQ save kfunc.");

[Severity: Low]
This isn't a bug, but this call also appears to have an extra level of
indentation.

>  			return err;
>  		}

-- 
Sashiko AI review · https://sashiko.dev/#/patchset/20260605063412.974640-1-memxor@gmail.com?part=10