Re: [PATCH bpf-next 04/18] bpf: Extend liveness analysis to track stack argument slots

[Yonghong Song <yonghong.song@linux.dev>]

On 4/24/26 11:00 AM, bot+bpf-ci@kernel.org wrote:
>> bpf: Extend liveness analysis to track stack argument slots
>>
>> BPF_REG_PARAMS (R11) is at index MAX_BPF_REG, which is beyond the
>> register tracking arrays in const_fold.c and liveness.c. Handle it
>> explicitly to avoid out-of-bounds accesses.
>>
>> In liveness.c, extend the arg tracking dataflow to cover stack arg
>> slots. Otherwise, pointers passed through stack args are invisible
>> to liveness, causing the pointed-to stack slots to be incorrectly
>> poisoned.
>>
>> Add a parallel tracking array (at_stack_arg_out/at_stack_arg_entry)
>> in arg_track_xfer() to record FP-derived values stored to outgoing
>> stack arg slots and to restore them on incoming reads. Extend
>> record_call_access() to check stack arg slots for FP-derived
>> pointers at kfunc call sites, reusing the record_arg_access() helper
>> extracted in the previous patch. Pass stack arg state from caller to
>> callee in analyze_subprog() so that callees can track pointers
>> received through stack args.
>>
>> Signed-off-by: Yonghong Song <yonghong.song@linux.dev>
> The commit message describes fixing out-of-bounds accesses and extending
> liveness analysis, which suggests this fixes a bug introduced in a prior
> commit. Should this include a Fixes: tag? Looking at the commit history, it
> appears this should reference:
>
>      Fixes: 8ade62ae1543 ("bpf: Support stack arguments for bpf functions")

Not really. See "bpf: Enable r11 based insns". So you can consider this
still a preparation patch.

>
>
> ---
> AI reviewed your patch. Please fix the bug or email reply why it's not a bug.
> See: https://github.com/kernel-patches/vmtest/blob/master/ci/claude/README.md
>
> CI run summary: https://github.com/kernel-patches/bpf/actions/runs/24902767240