| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aRdkp7ztSM1JNZME@linux.ibm.com>
Date: Fri, 14 Nov 2025 22:49:35 +0530
From: Saket Kumar Bhaskar <skb99@...ux.ibm.com>
To: bot+bpf-ci@...nel.org
Cc: bpf@...r.kernel.org, linux-kselftest@...r.kernel.org,
linux-kernel@...r.kernel.org, hbathini@...ux.ibm.com,
sachinpb@...ux.ibm.com, venkat88@...ux.ibm.com, andrii@...nel.org,
eddyz87@...il.com, ast@...nel.org, daniel@...earbox.net,
martin.lau@...ux.dev, song@...nel.org, yonghong.song@...ux.dev,
john.fastabend@...il.com, kpsingh@...nel.org, sdf@...ichev.me,
haoluo@...gle.com, jolsa@...nel.org, shuah@...nel.org,
martin.lau@...nel.org, clm@...a.com, ihor.solodrai@...ux.dev
Subject: Re: [PATCH bpf-next v2] selftests/bpf: Fix
htab_update/reenter_update selftest failure
On Fri, Nov 14, 2025 at 03:50:44PM +0000, bot+bpf-ci@...nel.org wrote:
> > diff --git a/tools/testing/selftests/bpf/prog_tests/htab_update.c b/tools/testing/selftests/bpf/prog_tests/htab_update.c
> > index 2bc85f481..96b65c1a3 100644
> > --- a/tools/testing/selftests/bpf/prog_tests/htab_update.c
> > +++ b/tools/testing/selftests/bpf/prog_tests/htab_update.c
> > @@ -15,17 +15,17 @@ struct htab_update_ctx {
> > static void test_reenter_update(void)
> > {
> > struct htab_update *skel;
> > - unsigned int key, value;
> > + void *value = NULL;
> > + unsigned int key, value_size;
> ^^^
>
> Is key supposed to be initialized? The old code had 'unsigned int key = 0,
> value = 0;' but the new code drops the initialization. Later uses of key
> at the bpf_map_update_elem() calls will pass uninitialized stack memory.
>
> > int err;
> >
> > skel = htab_update__open();
> > if (!ASSERT_OK_PTR(skel, "htab_update__open"))
> > return;
>
> [ ... ]
>
> > @@ -33,14 +33,32 @@ static void test_reenter_update(void)
> > if (!ASSERT_OK(err, "htab_update__attach"))
> > goto out;
> >
> > - /* Will trigger the reentrancy of bpf_map_update_elem() */
> > - key = 0;
> > - value = 0;
> > - err = bpf_map_update_elem(bpf_map__fd(skel->maps.htab), &key, &value, 0);
> > - if (!ASSERT_OK(err, "add element"))
> > + value_size = bpf_map__value_size(skel->maps.htab);
> > +
> > + value = calloc(1, value_size);
> > + if (!ASSERT_OK_PTR(value, "calloc value"))
> > + goto out;
> > + /*
> > + * First update: plain insert. This should NOT trigger the re-entrancy
> > + * path, because there is no old element to free yet.
> > + */
> > + err = bpf_map_update_elem(bpf_map__fd(skel->maps.htab), &key, &value, BPF_ANY);
> > + if (!ASSERT_OK(err, "first update (insert)"))
> > + goto out;
> > +
> > + /*
> > + * Second update: replace existing element with same key and trigger
> > + * the reentrancy of bpf_map_update_elem().
> > + * check_and_free_fields() calls bpf_obj_free_fields() on the old
> > + * value, which is where fentry program runs and performs a nested
> > + * bpf_map_update_elem(), triggering -EDEADLK.
> > + */
> > + memset(&value, 0, sizeof(value));
> ^^^^^^^
>
> Does this memset zero the allocated memory? It looks like this zeros the
> pointer variable itself (8 bytes) rather than the memory it points to.
> Should this be 'memset(value, 0, value_size)' instead?
>
> > + err = bpf_map_update_elem(bpf_map__fd(skel->maps.htab), &key, &value, BPF_ANY);
> > + if (!ASSERT_OK(err, "second update (replace)"))
> > goto out;
> >
> > - ASSERT_EQ(skel->bss->update_err, -EBUSY, "no reentrancy");
> > + ASSERT_EQ(skel->bss->update_err, -EDEADLK, "no reentrancy");
> > out:
> > htab_update__destroy(skel);
> > }
>
>
> ---
> AI reviewed your patch. Please fix the bug or email reply why it's not a bug.
> See: https://github.com/kernel-patches/vmtest/blob/master/ci/claude/README.md
>
> CI run summary: https://github.com/kernel-patches/bpf/actions/runs/19369517166
Will fix these.
Powered by blists - more mailing lists