On 20/04/2026 16:39, Alexei Starovoitov wrote:

On Mon Apr 20, 2026 at 1:02 AM PDT, Alan Maguire wrote:

quoted

-       return sizeof(struct btf_type) + l[kind].info_sz + vlen * l[kind].elem_sz;
+       type_size = sizeof(struct btf_type) + l[kind].info_sz + vlen * l[kind].elem_sz;
+       if ((size_t)type_size > (size_t)(end_type - (const void *)t)) {
+               pr_debug("Overflow in type size %d for kind %u\n",
+                        type_size, kind);
+               return -EINVAL;
+       }
+       return type_size;
 }

Given that this problem exists separate from the extended vlen series, might make more
sense to send a separate patch targeting the bpf tree for this issue.

Make sense to me. Use check_add_overflow() when you do.
Are you still planning to respin the set ? or is it good to go?

I think it's good to go; I'll send an official bpf-targeted patch for the above with Fixes: tag.
Thanks!