Re: [PATCH bpf-next v1 04/10] resolve_btfids: Support for KF_IMPLICIT_ARGS

Next message: Pranjal Shrivastava: "Re: [PATCH v6 4/4] iommu: debug-pagealloc: Check mapped/unmapped kernel memory"
Previous message: Pranjal Shrivastava: "Re: [PATCH v6 3/4] iommu: debug-pagealloc: Track IOMMU pages"
In reply to: Ihor Solodrai: "[PATCH bpf-next v1 04/10] resolve_btfids: Support for KF_IMPLICIT_ARGS"
Next in thread: Ihor Solodrai: "Re: [PATCH bpf-next v1 04/10] resolve_btfids: Support for KF_IMPLICIT_ARGS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: bot+bpf-ci

Date: Fri Jan 09 2026 - 14:15:50 EST

> diff --git a/tools/bpf/resolve_btfids/main.c b/tools/bpf/resolve_btfids/main.c
> index df39982f51df..b361e726fa36 100644
> --- a/tools/bpf/resolve_btfids/main.c
> +++ b/tools/bpf/resolve_btfids/main.c

[ ... ]

> +static s64 btf__collect_decl_tags(const struct btf *btf, s32 *decl_tags, u32 decl_tags_sz)
> +{
> + const u32 type_cnt = btf__type_cnt(btf);
> + const struct btf_type *t;
> + s64 nr_decl_tags = 0;
> +
> + for (u32 id = 1; id < type_cnt; id++) {
> + t = btf__type_by_id(btf, id);
> + if (!btf_is_decl_tag(t))
> + continue;
> + if (nr_decl_tags >= decl_tags_sz) {
> + pr_err("ERROR: resolve_btfids: too many decl tags in BTF - limit %s\n",
> + decl_tags_sz);
^^^^^^^^^^^^^^^^^

Should this be %u instead of %s? The decl_tags_sz parameter is a u32, but
the format specifier %s expects a string pointer. When the error path is
triggered (more than MAX_DECL_TAGS decl tags in BTF), this will cause
undefined behavior as printf tries to interpret the integer value as a
memory address to read a string from.

> + return -E2BIG;
> + }
> + decl_tags[nr_decl_tags++] = id;
> + }
> +
> + return nr_decl_tags;
> +}

[ ... ]

---
AI reviewed your patch. Please fix the bug or email reply why it's not a bug.
See: https://github.com/kernel-patches/vmtest/blob/master/ci/claude/README.md

CI run summary: https://github.com/kernel-patches/bpf/actions/runs/20862592244