Re: [PATCH 1/2] powerpc64/bpf: Implement JIT support for private stack

Mon, 16 Feb 2026 02:51:01 -0800 

> diff --git a/arch/powerpc/net/bpf_jit_comp.c b/arch/powerpc/net/bpf_jit_comp.c
> --- a/arch/powerpc/net/bpf_jit_comp.c
> +++ b/arch/powerpc/net/bpf_jit_comp.c

[ ... ]

> @@ -140,6 +173,8 @@ struct bpf_prog *bpf_int_jit_compile(struct bpf_prog *fp)
>       struct codegen_context cgctx;
>       int pass;
>       int flen;
> +     int priv_stack_alloc_size;
> +     void __percpu *priv_stack_ptr = NULL;
>       struct bpf_binary_header *fhdr = NULL;
>       struct bpf_binary_header *hdr = NULL;
>       struct bpf_prog *org_fp = fp;

[ ... ]

>       }
>
> +     if (!priv_stack_ptr && fp->aux->jits_use_priv_stack) {

On extra_pass (when jit_data->addrs is non-NULL), the local
priv_stack_ptr is still NULL because it was initialized to NULL above
and is never loaded from fp->aux->priv_stack_ptr. This means the
allocation will happen again on extra_pass, leaking the per-CPU
memory allocated during the first pass and overwriting
fp->aux->priv_stack_ptr with the new allocation.

Both the x86 and arm64 implementations load the existing pointer
before this check:

arch/x86/net/bpf_jit_comp.c:bpf_int_jit_compile() {
    ...
    priv_stack_ptr = prog->aux->priv_stack_ptr;
    if (!priv_stack_ptr && prog->aux->jits_use_priv_stack) {
    ...
}

arch/arm64/net/bpf_jit_comp.c:bpf_int_jit_compile() {
    ...
    priv_stack_ptr = prog->aux->priv_stack_ptr;
    if (!priv_stack_ptr && prog->aux->jits_use_priv_stack) {
    ...
}

Is this missing a similar assignment before the check?

> +             priv_stack_alloc_size = round_up(fp->aux->stack_depth, 16) +
> +                                                     2 * PRIV_STACK_GUARD_SZ;
> +             priv_stack_ptr = __alloc_percpu_gfp(priv_stack_alloc_size, 16, 
> GFP_KERNEL);
> +             if (!priv_stack_ptr) {
> +                     fp = org_fp;
> +                     goto out_priv_stack;
> +             }
> +
> +             priv_stack_init_guard(priv_stack_ptr, priv_stack_alloc_size);
> +             fp->aux->priv_stack_ptr = priv_stack_ptr;
> +     }


---
AI reviewed your patch. Please fix the bug or email reply why it's not a bug.
See: https://github.com/kernel-patches/vmtest/blob/master/ci/claude/README.md

CI run summary: https://github.com/kernel-patches/bpf/actions/runs/22059200816

AI-authorship-score: low
AI-authorship-explanation: The code shows human copy-and-adapt patterns from 
existing x86/arm64 implementations, with a characteristic human omission bug 
and copied pre-existing typo, inconsistent with typical AI code generation.
issues-found: 1
issue-severity-score: medium
issue-severity-explanation: Per-CPU memory leak on extra_pass in 
bpf_int_jit_compile due to missing load of existing priv_stack_ptr from fp->aux 
before allocation check, affecting programs with subprogs using private stack 
on powerpc64.

Reply via email to