Re: [PATCH bpf-next v2 5/5] selftests/bpf: Use bpf_dynptr_slice() to read file dynptr in leak test
From: bot+bpf-ci@kernel.org
Date: 2026-06-05 19:08:54
Also in:
bpf
quoted hunk ↗ jump to hunk
diff --git a/tools/testing/selftests/bpf/progs/file_reader_fail.c b/tools/testing/selftests/bpf/progs/file_reader_fail.c index d5fae5e4cf9a..3bb9e2612f8f 100644 --- a/tools/testing/selftests/bpf/progs/file_reader_fail.c +++ b/tools/testing/selftests/bpf/progs/file_reader_fail.c@@ -87,7 +87,8 @@ int use_file_dynptr_slice_after_put_file(void *ctx) struct task_struct *task = bpf_get_current_task_btf(); struct file *file = bpf_get_task_exe_file(task); struct bpf_dynptr dynptr; - char *data; + char buf[1]; + const char *data; if (!file) return 0;@@ -95,15 +96,14 @@ int use_file_dynptr_slice_after_put_file(void *ctx) if (bpf_dynptr_from_file(file, 0, &dynptr)) goto out; - data = bpf_dynptr_data(&dynptr, 0, 1); + data = bpf_dynptr_slice(&dynptr, 0, buf, sizeof(buf));
A note from the earlier review on v1: an automated review bot suggested
initializing the stack buffer here, e.g.
char buf[1] = {0};
worrying that the uninitialized 'buf' passed to bpf_dynptr_slice() could
make the verifier reject the program early with an invalid stack read,
which would bypass the intended reference-leak check.
This looks like a false positive, since the buf argument to
bpf_dynptr_slice() is a destination the helper writes into, so
uninitialized stack memory should be valid there, and the v1 patch
already carried an Acked-by from Eduard Zingerman.
Was this comment considered, and is the test still failing for the
intended reference-leak reason rather than an early verifier rejection?
---
AI reviewed your patch. Please fix the bug or email reply why it's not a bug.
See: https://github.com/kernel-patches/vmtest/blob/master/ci/claude/README.md
CI run summary: https://github.com/kernel-patches/bpf/actions/runs/27034008594