From: sashiko-bot@kernel.org
To: "Ian Rogers" <irogers@google.com>
Cc: linux-perf-users@vger.kernel.org
Subject: Re: [PATCH v1 12/14] perf test: Add -j/--junit option for JUnit XML test reports
Date: Thu, 14 May 2026 17:48:58 +0000 [thread overview]
Message-ID: <20260514174859.5F9ECC2BCB3@smtp.kernel.org> (raw)
In-Reply-To: <20260513230450.529380-13-irogers@google.com>
Thank you for your contribution! Sashiko AI review found 4 potential issue(s) to consider:
- [Medium] `xml_escape` silently discards all non-ASCII/UTF-8 characters due to signed char comparison.
- [Medium] Test suites skipped via the '--skip' command-line option are omitted from the JUnit XML, creating a structural mismatch.
- [Medium] Unsafe file creation for the JUnit XML report is vulnerable to a symlink attack (Arbitrary File Overwrite).
- [Low] The globally scoped `junit_xml_buf` buffer is leaked if the test harness aborts on an error path.
--
commit f788260e3f8e93c92ba78c033616b340413eb066
Author: Ian Rogers <irogers@google.com>
perf test: Add -j/--junit option for JUnit XML test reports
This commit adds a -j/--junit command line option to perf test to generate
JUnit XML format test reports. The report captures execution latency, failures,
and skip reasons.
> diff --git a/tools/perf/tests/builtin-test.c b/tools/perf/tests/builtin-test.c
> index 765724817776e..99f5afba10822 100644
> --- a/tools/perf/tests/builtin-test.c
> +++ b/tools/perf/tests/builtin-test.c
[ ... ]
> @@ -366,8 +372,34 @@ static unsigned int summary_tests_skipped;
> static unsigned int summary_tests_failed;
> static struct strbuf summary_failed_tests_buf = STRBUF_INIT;
>
> +static char *xml_escape(const char *str)
> +{
> + struct strbuf buf = STRBUF_INIT;
> + const char *p;
> + char *res;
> +
> + if (!str)
> + return strdup("");
> +
> + for (p = str; *p; p++) {
> + if (*p == '&')
> + strbuf_addstr(&buf, "&");
> + else if (*p == '<')
> + strbuf_addstr(&buf, "<");
> + else if (*p == '>')
> + strbuf_addstr(&buf, ">");
> + else if (*p == '"')
> + strbuf_addstr(&buf, """);
> + else if (*p >= 32 || *p == '\n' || *p == '\t')
On architectures where char is signed, will *p >= 32 evaluate to false for
non-ASCII characters (like UTF-8 sequences) since their most significant bit
is set?
Could this silently discard multi-byte characters from test logs, and should
the pointer value be cast to unsigned char before comparison to avoid this?
> + strbuf_addch(&buf, *p);
> + }
> + res = strbuf_detach(&buf, NULL);
> + return res ? res : strdup("");
> +}
[ ... ]
> @@ -999,6 +1078,29 @@ static void print_tests_summary(void)
> } else {
> color_fprintf(stderr, PERF_COLOR_GREEN, "Failed tests : 0\n");
> }
> +
> + if (junit_filename) {
> + FILE *fp;
> +
> + fp = fopen(junit_filename, "w");
If perf test -j is executed with elevated privileges in a shared directory like
/tmp, could fopen() with mode "w" be vulnerable to a symlink attack?
Would it be safer to use open() with O_CREAT | O_TRUNC | O_WRONLY | O_NOFOLLOW
to prevent arbitrarily overwriting system files?
> + if (fp) {
> + unsigned int total = summary_tests_passed + summary_subtests_passed +
> + summary_tests_skipped + summary_tests_failed;
> + fprintf(fp, "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n");
> + fprintf(fp, "<testsuites>\n");
> + fprintf(fp, " <testsuite name=\"perf-tests\" tests=\"%u\" failures=\"%u\" skipped=\"%u\">\n",
> + total, summary_tests_failed, summary_tests_skipped);
If a test suite is skipped via the user override (-s/--skip), __cmd_test()
increments summary_tests_skipped but skips calling print_test_result().
Will this cause a structural mismatch in the XML report between the reported
skipped count here and the actual number of <testcase> elements emitted?
> + fprintf(fp, "%s", junit_xml_buf.buf);
> + fprintf(fp, " </testsuite>\n");
> + fprintf(fp, "</testsuites>\n");
> + fclose(fp);
> + pr_info("Wrote junit XML output to %s\n", junit_filename);
> + } else {
> + pr_err("Failed to open %s for writing junit XML output: %s\n",
> + junit_filename, strerror(errno));
> + }
> + }
> + strbuf_release(&junit_xml_buf);
If the test harness catches a signal (such as Ctrl-C) and jumps to the err_out
label in __cmd_test(), it bypasses print_tests_summary().
Could this cause junit_xml_buf to leak and trigger LeakSanitizer failures?
> strbuf_release(&summary_failed_tests_buf);
> }
>
--
Sashiko AI review · https://sashiko.dev/#/patchset/20260513230450.529380-1-irogers@google.com?part=12
next prev parent reply other threads:[~2026-05-14 17:48 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-13 23:04 [PATCH v1 00/14] perf test: Harness improvements Ian Rogers
2026-05-13 23:04 ` [PATCH v1 01/14] perf jevents.py: Make generated C code more kernel style Ian Rogers
2026-05-13 23:04 ` [PATCH v1 02/14] perf pmu-events: Add API to get metric table name and iterate tables Ian Rogers
2026-05-14 11:42 ` sashiko-bot
2026-05-13 23:04 ` [PATCH v1 03/14] perf test: Drain pipe after child finishes to avoid losing output Ian Rogers
2026-05-13 23:04 ` [PATCH v1 04/14] perf test: Support dynamic test suites with setup callback and private data Ian Rogers
2026-05-14 12:10 ` sashiko-bot
2026-05-13 23:04 ` [PATCH v1 05/14] perf test pmu-events: A sub-test per metric table Ian Rogers
2026-05-13 23:04 ` [PATCH v1 06/14] perf test: Refactor parallel poll loop to drain all pipes simultaneously Ian Rogers
2026-05-14 14:27 ` sashiko-bot
2026-05-13 23:04 ` [PATCH v1 07/14] perf test: Show snippet failure output for verbose=1 Ian Rogers
2026-05-14 15:50 ` sashiko-bot
2026-05-13 23:04 ` [PATCH v1 08/14] perf test: Add summary reporting Ian Rogers
2026-05-14 16:10 ` sashiko-bot
2026-05-13 23:04 ` [PATCH v1 09/14] perf test: Fix subtest status alignment for multi-digit indexes Ian Rogers
2026-05-13 23:04 ` [PATCH v1 10/14] perf test: Skip shebang and SPDX comments in shell test descriptions Ian Rogers
2026-05-13 23:04 ` [PATCH v1 11/14] perf test: Split monolithic 'util' test suite into sub-tests Ian Rogers
2026-05-13 23:04 ` [PATCH v1 12/14] perf test: Add -j/--junit option for JUnit XML test reports Ian Rogers
2026-05-14 17:48 ` sashiko-bot [this message]
2026-05-13 23:04 ` [PATCH v1 13/14] perf test: Add shell test to validate JUnit XML reporting output Ian Rogers
2026-05-13 23:04 ` [PATCH v1 14/14] perf test: Remove /usr/bin/cc dependency from Intel PT shell test Ian Rogers
2026-05-14 18:28 ` sashiko-bot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260514174859.5F9ECC2BCB3@smtp.kernel.org \
--to=sashiko-bot@kernel.org \
--cc=irogers@google.com \
--cc=linux-perf-users@vger.kernel.org \
--cc=sashiko-reviews@lists.linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox