Re: [PATCH bpf-next v2 4/4] selftests/bpf: Add kfunc set test to resolve_btfids

All of lore.kernel.org
 help / color / mirror / Atom feed

From: sashiko-bot@kernel.org
To: "Ihor Solodrai" <ihor.solodrai@linux.dev>
Cc: bpf@vger.kernel.org
Subject: Re: [PATCH bpf-next v2 4/4] selftests/bpf: Add kfunc set test to resolve_btfids
Date: Wed, 24 Jun 2026 01:04:50 +0000	[thread overview]
Message-ID: <20260624010451.2031E1F000E9@smtp.kernel.org> (raw)
In-Reply-To: <20260624005546.1818483-5-ihor.solodrai@linux.dev>

Thank you for your contribution! Sashiko AI review found 1 potential issue(s) to consider:
- [Medium] Failure of the `ASSERT_EQ` check on `set->cnt` does not halt execution, leading to an out-of-bounds array read in the subsequent loop in `check_kfunc_set()`.
--

commit 9cd3f00b88448034723a89667e181cfaf756806b
Author: Ihor Solodrai <ihor.solodrai@linux.dev>

selftests/bpf: Add kfunc set test to resolve_btfids

This commit extends the resolve_btfids selftest to cover kfunc sets defined
with BTF_KFUNCS_START and BTF_KFUNCS_END. It verifies that resolve_btfids
correctly processes BTF_ID_FLAGS, resolves function IDs, and ensures the
kfunc set is sorted.

> diff --git a/tools/testing/selftests/bpf/prog_tests/resolve_btfids.c b/tools/testing/selftests/bpf/prog_tests/resolve_btfids.c
> index 98ce8fca2007e..ac51fd4548214 100644
> --- a/tools/testing/selftests/bpf/prog_tests/resolve_btfids.c
> +++ b/tools/testing/selftests/bpf/prog_tests/resolve_btfids.c
[ ... ]
> @@ -122,6 +159,31 @@ static int resolve_symbols(struct btf *btf)
>  	return 0;
>  }
>  
> +static void check_kfunc_set(struct btf_id_set8 *set)
> +{
> +	unsigned int i, j;
> +
> +	ASSERT_EQ(set->flags, BTF_SET8_KFUNCS, "kfunc_set_flags");
> +	ASSERT_EQ(set->cnt, ARRAY_SIZE(kfunc_symbols), "kfunc_set_cnt");
> +

[Severity: Medium]
In the modern BPF selftests framework, ASSERT_EQ() evaluates to a boolean
and logs a failure but does not automatically return from the function.

If the resolve_btfids tool has a bug and sets an unexpectedly large value
for set->cnt, the assertion will fail, but execution unconditionally proceeds
to the loop.

Could this cause the test to iterate past the actual bounds of the array,
reading out of bounds from set->pairs[i] and crashing with a segmentation
fault? Would it be safer to wrap this check in an early return, such as
if (!ASSERT_EQ(...)) return; ?

> +	for (i = 0; i < set->cnt; i++) {
> +		for (j = 0; j < ARRAY_SIZE(kfunc_symbols); j++) {
> +			if (kfunc_symbols[j].id == (s32)set->pairs[i].id) {
> +				ASSERT_EQ(set->pairs[i].flags,
> +					  kfunc_symbols[j].flags, "kfunc_flags_check");
> +				break;
> +			}
> +		}
[ ... ]

-- 
Sashiko AI review · https://sashiko.dev/#/patchset/20260624005546.1818483-1-ihor.solodrai@linux.dev?part=4

     prev parent reply	other threads:[~2026-06-24  1:04 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-06-24  0:55 [PATCH bpf-next v2 0/4] Modernize resolve_btfids selftest Ihor Solodrai
2026-06-24  0:55 ` [PATCH bpf-next v2 1/4] tools/bpf: Sync btf_ids.h to tools Ihor Solodrai
2026-06-24  0:55 ` [PATCH bpf-next v2 2/4] selftests/bpf: Modernize resolve_btfids test scaffolding Ihor Solodrai
2026-06-24  0:55 ` [PATCH bpf-next v2 3/4] selftests/bpf: Fix resolve_btfids test reads of BTF ID sets in PIE builds Ihor Solodrai
2026-06-24  1:30   ` bot+bpf-ci
2026-06-24  0:55 ` [PATCH bpf-next v2 4/4] selftests/bpf: Add kfunc set test to resolve_btfids Ihor Solodrai
2026-06-24  1:04   ` sashiko-bot [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20260624010451.2031E1F000E9@smtp.kernel.org \
    --to=sashiko-bot@kernel.org \
    --cc=bpf@vger.kernel.org \
    --cc=ihor.solodrai@linux.dev \
    --cc=sashiko-reviews@lists.linux.dev \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.