Re: [PATCH bpf-next v8 5/8] selftests/bpf: Add ASAN support for libarena selftests

public inbox for bpf@vger.kernel.org
 help / color / mirror / Atom feed

From: sashiko-bot@kernel.org
To: "Emil Tsalapatis" <emil@etsalapatis.com>
Cc: bpf@vger.kernel.org
Subject: Re: [PATCH bpf-next v8 5/8] selftests/bpf: Add ASAN support for libarena selftests
Date: Tue, 21 Apr 2026 21:15:37 +0000	[thread overview]
Message-ID: <20260421211538.7BCA0C2BCB0@smtp.kernel.org> (raw)
In-Reply-To: <20260421165037.4736-6-emil@etsalapatis.com>

Sashiko AI review found 2 potential issue(s):
- [Medium] The debug function `print_asan_map_state()` unsafely dereferences a potentially poisoned pointer, triggering a secondary ASAN violation.
- [Medium] The global variable `asan_violated` is not reset on error paths, breaking test isolation and causing cascading failures.
--

commit 0afb16788ca62f1167765c685d131935c9f37240
Author: Emil Tsalapatis <emil@etsalapatis.com>

selftests/bpf: Add ASAN support for libarena selftests

This commit expands the libarena selftest infrastructure to support address
sanitization, adding the necessary compiler flags to compile the library
under ASAN.

> diff --git a/tools/testing/selftests/bpf/libarena/selftests/st_asan_common.h b/tools/testing/selftests/bpf/libarena/selftests/st_asan_common.h
> new file mode 100644
> index 0000000000000..58b1b0ae6a778
> --- /dev/null
> +++ b/tools/testing/selftests/bpf/libarena/selftests/st_asan_common.h

[ ... ]

> +static inline void print_asan_map_state(void __arena *addr)
> +{
> +	arena_stdout("%s:%d ASAN %p -> (val: %x gran: %x set: [%s])",
> +			__func__, __LINE__, addr,
> +			*(s8a *)(addr), ASAN_GRANULE(addr),
> +			asan_shadow_set(addr) ? "yes" : "no");
> +}

Does reading *(s8a *)(addr) risk triggering a secondary ASAN violation?

If addr points to unmapped memory outside the arena, the dereference could
trigger a BPF exception and terminate the test before the debug output is
printed. The __noasan attribute might be needed here to avoid interception
by ASAN instrumentation.

> +/*
> + * Emit an error and force the current function to exit if the ASAN
> + * violation state is unexpected. Reset the violation state after.
> + */
> +static inline int asan_validate_addr(bool cond, void __arena *addr)
> +{
> +	if ((asan_violated != 0) == cond) {
> +		asan_violated = 0;
> +		return 0;
> +	}
> +
> +	arena_stdout("%s:%d ASAN asan_violated %lx", __func__, __LINE__,
> +			(u64)asan_violated);
> +	print_asan_map_state(addr);
> +	return -EINVAL;
> +}

Should asan_violated be reset to 0 before returning -EINVAL here?

BPF global variables persist across executions on the same skeleton. If left
non-zero, subsequent tests might fail their ASAN validation checks.

> +
> +static inline int asan_validate(void)
> +{
> +	if (!asan_violated)
> +		return 0;
> +
> +	arena_stdout("%s:%d Found ASAN violation at %lx", __func__, __LINE__,
> +			asan_violated);
> +
> +	return -EINVAL;
> +}

Similarly, does asan_violated need to be reset to 0 here to prevent cascading
failures in subsequent tests?

-- 
Sashiko AI review · https://sashiko.dev/#/patchset/20260421165037.4736-1-emil@etsalapatis.com?part=5

next prev parent reply	other threads:[~2026-04-21 21:15 UTC|newest]

Thread overview: 21+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-04-21 16:50 [PATCH bpf-next v8 0/8] Introduce arena library and runtime Emil Tsalapatis
2026-04-21 16:50 ` [PATCH bpf-next v8 1/8] selftests/bpf: Add ifdef guard for WRITE_ONCE macro in bpf_atomic.h Emil Tsalapatis
2026-04-23  8:27   ` Matt Bobrowski
2026-04-21 16:50 ` [PATCH bpf-next v8 2/8] selftests/bpf: Add basic libarena scaffolding Emil Tsalapatis
2026-04-21 20:08   ` sashiko-bot
2026-04-23  8:24   ` Matt Bobrowski
2026-04-21 16:50 ` [PATCH bpf-next v8 3/8] selftests/bpf: Move arena-related headers into libarena Emil Tsalapatis
2026-04-21 16:50 ` [PATCH bpf-next v8 4/8] selftests/bpf: Add arena ASAN runtime to libarena Emil Tsalapatis
2026-04-21 20:48   ` sashiko-bot
2026-04-21 16:50 ` [PATCH bpf-next v8 5/8] selftests/bpf: Add ASAN support for libarena selftests Emil Tsalapatis
2026-04-21 21:15   ` sashiko-bot [this message]
2026-04-21 16:50 ` [PATCH bpf-next v8 6/8] selftests/bpf: Add buddy allocator for libarena Emil Tsalapatis
2026-04-21 17:52   ` bot+bpf-ci
2026-04-21 17:56     ` Emil Tsalapatis
2026-04-21 21:42   ` sashiko-bot
2026-04-23  8:44   ` Matt Bobrowski
2026-04-23 14:00     ` Kumar Kartikeya Dwivedi
2026-04-21 16:50 ` [PATCH bpf-next v8 7/8] selftests/bpf: Add selftests for libarena buddy allocator Emil Tsalapatis
2026-04-21 21:57   ` sashiko-bot
2026-04-21 16:50 ` [PATCH bpf-next v8 8/8] selftests/bpf: Reuse stderr parsing for libarena ASAN tests Emil Tsalapatis
2026-04-21 22:16   ` sashiko-bot

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20260421211538.7BCA0C2BCB0@smtp.kernel.org \
    --to=sashiko-bot@kernel.org \
    --cc=bpf@vger.kernel.org \
    --cc=emil@etsalapatis.com \
    --cc=sashiko@lists.linux.dev \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox