From: Arnaldo Carvalho de Melo <acme@kernel.org>
To: Ihor Solodrai <ihor.solodrai@pm.me>
Cc: dwarves@vger.kernel.org, bpf@vger.kernel.org,
alan.maguire@oracle.com, eddyz87@gmail.com, andrii@kernel.org,
mykolal@fb.com, olsajiri@gmail.com
Subject: Re: [PATCH dwarves] btf_encoder: always initialize func_state to 0
Date: Fri, 10 Jan 2025 10:51:40 -0300 [thread overview]
Message-ID: <Z4El7MpHaaj2YX32@x1> (raw)
In-Reply-To: <20250110023138.659519-1-ihor.solodrai@pm.me>
On Fri, Jan 10, 2025 at 02:31:41AM +0000, Ihor Solodrai wrote:
> BPF CI caught a segfault on aarch64 and s390x [1] after recent merges
> into the master branch.
In the past the libbpf github actions was tracking the tmp.master (it would
be better to track "next") branch and I was looking at when it passed to
then move "next" to master, that would be great to have so that we
wouldn't be having these bugs in the git history, avoiding force pushes.
Anyhway, thanks for the fix, I'll add it and push it out.
- Arnaldo
> The segfault happened at free(func_state->annots) in
> btf_encoder__delete_saved_funcs().
>
> func_state->annots arrived there uninitialized because after patch [2]
> in some cases func_state may be allocated with a realloc, but was not
> zeroed out.
>
> Fix this bug by always memset-ing a func_state to zero in
> btf_encoder__alloc_func_state().
>
> [1] https://github.com/kernel-patches/bpf/actions/runs/12700574327
> [2] https://lore.kernel.org/dwarves/20250109185950.653110-11-ihor.solodrai@pm.me/
> ---
> btf_encoder.c | 7 +++++--
> 1 file changed, 5 insertions(+), 2 deletions(-)
>
> diff --git a/btf_encoder.c b/btf_encoder.c
> index 78efd70..511c1ea 100644
> --- a/btf_encoder.c
> +++ b/btf_encoder.c
> @@ -1083,7 +1083,7 @@ static bool funcs__match(struct btf_encoder_func_state *s1,
>
> static struct btf_encoder_func_state *btf_encoder__alloc_func_state(struct btf_encoder *encoder)
> {
> - struct btf_encoder_func_state *tmp;
> + struct btf_encoder_func_state *state, *tmp;
>
> if (encoder->func_states.cnt >= encoder->func_states.cap) {
>
> @@ -1100,7 +1100,10 @@ static struct btf_encoder_func_state *btf_encoder__alloc_func_state(struct btf_e
> encoder->func_states.array = tmp;
> }
>
> - return &encoder->func_states.array[encoder->func_states.cnt++];
> + state = &encoder->func_states.array[encoder->func_states.cnt++];
> + memset(state, 0, sizeof(*state));
> +
> + return state;
> }
>
> static int32_t btf_encoder__save_func(struct btf_encoder *encoder, struct function *fn, struct elf_function *func)
> --
> 2.47.1
>
next prev parent reply other threads:[~2025-01-10 13:51 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-01-10 2:31 [PATCH dwarves] btf_encoder: always initialize func_state to 0 Ihor Solodrai
2025-01-10 10:39 ` Alan Maguire
2025-01-10 13:48 ` Arnaldo Carvalho de Melo
2025-01-10 15:46 ` Ihor Solodrai
2025-01-10 13:51 ` Arnaldo Carvalho de Melo [this message]
2025-01-10 15:58 ` Ihor Solodrai
2025-01-10 22:13 ` Andrii Nakryiko
2025-01-15 21:06 ` Ihor Solodrai
2025-01-16 23:41 ` Andrii Nakryiko
2025-01-17 0:14 ` Ihor Solodrai
2025-01-10 13:55 ` Arnaldo Carvalho de Melo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Z4El7MpHaaj2YX32@x1 \
--to=acme@kernel.org \
--cc=alan.maguire@oracle.com \
--cc=andrii@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=dwarves@vger.kernel.org \
--cc=eddyz87@gmail.com \
--cc=ihor.solodrai@pm.me \
--cc=mykolal@fb.com \
--cc=olsajiri@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox