From: John Fastabend <john.fastabend@gmail.com>
To: "Jörn-Thorben Hinz" <jthinz@mailbox.tu-berlin.de>, bpf@vger.kernel.org
Cc: "Alexei Starovoitov" <ast@kernel.org>,
"Daniel Borkmann" <daniel@iogearbox.net>,
"Andrii Nakryiko" <andrii@kernel.org>,
"Jakub Sitnicki" <jakub@cloudflare.com>,
"Jörn-Thorben Hinz" <jthinz@mailbox.tu-berlin.de>
Subject: RE: [PATCH bpf-next] selftests/bpf: Fix rare segfault in sock_fields prog test
Date: Tue, 21 Jun 2022 12:54:27 -0700 [thread overview]
Message-ID: <62b221f3886d0_16274208b@john.notmuch> (raw)
In-Reply-To: <20220621070116.307221-1-jthinz@mailbox.tu-berlin.de>
Jörn-Thorben Hinz wrote:
> test_sock_fields__detach() got called with a null pointer here when one
> of the CHECKs or ASSERTs up to the test_sock_fields__open_and_load()
> call resulted in a jump to the "done" label.
>
> A skeletons *__detach() is not safe to call with a null pointer, though.
> This led to a segfault.
>
> Go the easy route and only call test_sock_fields__destroy() which is
> null-pointer safe and includes detaching.
>
> Came across this while looking[1] to introduce the usage of
> bpf_tcp_helpers.h (included in progs/test_sock_fields.c) together with
> vmlinux.h.
>
> [1] https://lore.kernel.org/bpf/629bc069dd807d7ac646f836e9dca28bbc1108e2.camel@mailbox.tu-berlin.de/
>
> Fixes: 8f50f16ff39d ("selftests/bpf: Extend verifier and bpf_sock tests for dst_port loads")
> Signed-off-by: Jörn-Thorben Hinz <jthinz@mailbox.tu-berlin.de>
> ---
> tools/testing/selftests/bpf/prog_tests/sock_fields.c | 1 -
> 1 file changed, 1 deletion(-)
>
> diff --git a/tools/testing/selftests/bpf/prog_tests/sock_fields.c b/tools/testing/selftests/bpf/prog_tests/sock_fields.c
> index 9d211b5c22c4..7d23166c77af 100644
> --- a/tools/testing/selftests/bpf/prog_tests/sock_fields.c
> +++ b/tools/testing/selftests/bpf/prog_tests/sock_fields.c
> @@ -394,7 +394,6 @@ void serial_test_sock_fields(void)
> test();
>
> done:
> - test_sock_fields__detach(skel);
> test_sock_fields__destroy(skel);
> if (child_cg_fd >= 0)
> close(child_cg_fd);
> --
> 2.30.2
>
But we should still call __detach(skel) after the !skel check
is done I assume. So rather than remove it should add a new label
and jump to that,
done:
test_sock_fields__detach();
done_no_skel:
test_sock_fields__destroy()
next prev parent reply other threads:[~2022-06-21 19:54 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-06-21 7:01 [PATCH bpf-next] selftests/bpf: Fix rare segfault in sock_fields prog test Jörn-Thorben Hinz
2022-06-21 17:00 ` Daniel Borkmann
2022-06-21 17:09 ` Jakub Sitnicki
2022-06-21 18:20 ` [External] " Jörn-Thorben Hinz
2022-06-21 19:54 ` John Fastabend [this message]
2022-06-21 20:29 ` Jörn-Thorben Hinz
2022-06-23 3:29 ` John Fastabend
2022-06-23 16:11 ` Martin KaFai Lau
2022-06-23 18:00 ` patchwork-bot+netdevbpf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=62b221f3886d0_16274208b@john.notmuch \
--to=john.fastabend@gmail.com \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=jakub@cloudflare.com \
--cc=jthinz@mailbox.tu-berlin.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.