From: Eduard Zingerman <eddyz87@gmail.com>
To: Ihor Solodrai <ihor.solodrai@linux.dev>,
bot+bpf-ci@kernel.org, bpf@vger.kernel.org, andrii@kernel.org,
ast@kernel.org
Cc: dwarves@vger.kernel.org, alan.maguire@oracle.com,
acme@kernel.org, tj@kernel.org, kernel-team@meta.com,
daniel@iogearbox.net, martin.lau@kernel.org,
yonghong.song@linux.dev, clm@meta.com
Subject: Re: [PATCH bpf-next v1 3/8] bpf: Support for kfuncs with KF_MAGIC_ARGS
Date: Wed, 29 Oct 2025 16:59:45 -0700 [thread overview]
Message-ID: <36befdc138d8f1b15fab46c3d2c4d9f8b313779b.camel@gmail.com> (raw)
In-Reply-To: <c974f5ed-b6d2-4716-a119-7efab07e2e8e@linux.dev>
On Wed, 2025-10-29 at 13:49 -0700, Ihor Solodrai wrote:
[...]
> > > +static s32 impl_by_magic_kfunc(s32 func_id)
> > > +{
> > > + int i;
> > > +
> > > + for (i = 0; i < BTF_ID_LIST_SIZE(magic_kfuncs); i += 2) {
> > > + if (magic_kfuncs[i] == func_id)
> > > + return magic_kfuncs[i + 1];
> > ^^^^^^^^^^^^^^^^^
> >
> > Can impl_by_magic_kfunc() overflow magic_kfuncs[]? With the current
> > initialization using BTF_ID_UNUSED, BTF_ID_LIST_SIZE(magic_kfuncs)
> > equals 1. The loop condition checks i < 1, so when i=0 it executes and
> > accesses magic_kfuncs[i+1], which is magic_kfuncs[1]. This is outside
> > the array bounds.
>
> Hmm... Given we do i += 2, this can't happen if magic_kfuncs table is
> defined correctly. Also if BTF_ID_UNUSED is passed in here, we have
> bigger problems.
>
> I guess changing the loop condition to size-1 wouldn't hurt.
The code is fine and there is no need to bow to the AI overlord.
That time will come, but it hasn't come yet.
[...]
next prev parent reply other threads:[~2025-10-29 23:59 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-10-29 19:01 [PATCH bpf-next v1 0/8] bpf: magic kernel functions Ihor Solodrai
2025-10-29 19:01 ` [PATCH bpf-next v1 1/8] bpf: Add BTF_ID_LIST_END and BTF_ID_LIST_SIZE macros Ihor Solodrai
2025-10-29 19:41 ` bot+bpf-ci
2025-10-29 20:44 ` Ihor Solodrai
2025-10-29 23:54 ` Eduard Zingerman
2025-10-29 19:01 ` [PATCH bpf-next v1 2/8] bpf: Refactor btf_kfunc_id_set_contains Ihor Solodrai
2025-10-29 23:55 ` Eduard Zingerman
2025-10-29 19:01 ` [PATCH bpf-next v1 3/8] bpf: Support for kfuncs with KF_MAGIC_ARGS Ihor Solodrai
2025-10-29 19:41 ` bot+bpf-ci
2025-10-29 20:49 ` Ihor Solodrai
2025-10-29 23:59 ` Eduard Zingerman [this message]
2025-10-29 23:54 ` Eduard Zingerman
2025-10-30 0:03 ` Alexei Starovoitov
2025-10-30 16:31 ` Ihor Solodrai
2025-10-30 17:26 ` Eduard Zingerman
2025-10-30 10:24 ` kernel test robot
2025-10-30 11:58 ` kernel test robot
2025-10-30 13:54 ` kernel test robot
2025-10-29 19:01 ` [PATCH bpf-next v1 4/8] bpf: Support __magic prog_aux arguments for kfuncs Ihor Solodrai
2025-10-29 19:01 ` [PATCH bpf-next v1 5/8] bpf: Re-define bpf_wq_set_callback as magic kfunc Ihor Solodrai
2025-10-30 0:16 ` Eduard Zingerman
2025-10-29 19:01 ` [PATCH bpf-next v1 6/8] bpf,docs: Document KF_MAGIC_ARGS flag and __magic annotation Ihor Solodrai
2025-10-30 0:21 ` Eduard Zingerman
2025-10-29 19:01 ` [PATCH bpf-next v1 7/8] bpf: Re-define bpf_task_work_schedule_* kfuncs as magic Ihor Solodrai
2025-10-29 19:01 ` [PATCH bpf-next v1 8/8] bpf: Re-define bpf_stream_vprintk as a magic kfunc Ihor Solodrai
2025-10-30 0:44 ` [PATCH bpf-next v1 0/8] bpf: magic kernel functions Eduard Zingerman
2025-10-30 6:11 ` Eduard Zingerman
2025-10-30 18:14 ` Eduard Zingerman
2025-10-30 18:24 ` Ihor Solodrai
2025-10-30 18:37 ` Eduard Zingerman
2025-10-30 18:26 ` Alan Maguire
2025-10-30 18:42 ` Eduard Zingerman
2025-10-30 18:46 ` Ihor Solodrai
2025-10-30 19:47 ` Andrii Nakryiko
2025-10-30 20:02 ` Ihor Solodrai
2025-10-30 20:38 ` Andrii Nakryiko
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=36befdc138d8f1b15fab46c3d2c4d9f8b313779b.camel@gmail.com \
--to=eddyz87@gmail.com \
--cc=acme@kernel.org \
--cc=alan.maguire@oracle.com \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bot+bpf-ci@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=clm@meta.com \
--cc=daniel@iogearbox.net \
--cc=dwarves@vger.kernel.org \
--cc=ihor.solodrai@linux.dev \
--cc=kernel-team@meta.com \
--cc=martin.lau@kernel.org \
--cc=tj@kernel.org \
--cc=yonghong.song@linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox