Re: [PATCH bpf-next v2] bpf: Fix unaligned interpreter panic on JIT fallback path

[bot+bpf-ci]

> diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c
> index 649cce41e13f..5785c8cb4dbe 100644
> --- a/kernel/bpf/core.c
> +++ b/kernel/bpf/core.c
> @@ -2608,6 +2608,31 @@ static struct bpf_prog *bpf_prog_jit_compile(struct bpf_verifier_env *env, struc
>  	return prog;
>  }
>
> +/* Fix up helper call offsets for inlined helpers on JIT fallback path. */
> +static void bpf_fixup_fallback_inline_helpers(struct bpf_verifier_env *env, struct bpf_prog *fp)
> +{
> +	struct bpf_insn *insn = fp->insnsi;
> +	const struct bpf_func_proto *fn;
> +	int i;
> +
> +	if (!env || !env->ops->get_func_proto)
> +		return;
> +
> +	for (i = 0; i < fp->len; i++, insn++) {
> +		if (insn->code == (BPF_JMP | BPF_CALL) && insn->src_reg == 0) {

Would it be cleaner to use bpf_helper_call(insn) here instead of the
manual condition check?

The bpf_helper_call() helper from include/linux/bpf_verifier.h performs
the same check and is used throughout the codebase for consistency. It
improves readability and makes the intent more explicit.

> +			/* Filter out already-patched address offsets. */
> +			if (insn->imm >= __BPF_FUNC_MAX_ID)
> +				continue;
> +
> +			if (bpf_jit_inlines_helper_call(insn->imm)) {
> +				fn = env->ops->get_func_proto(insn->imm, env->prog);
> +				if (fn && fn->func)
> +					insn->imm = fn->func - __bpf_call_base;
> +			}
> +		}
> +	}
> +}

[ ... ]


---
AI reviewed your patch. Please fix the bug or email reply why it's not a bug.
See: https://github.com/kernel-patches/vmtest/blob/master/ci/claude/README.md

CI run summary: https://github.com/kernel-patches/bpf/actions/runs/27340034854