search

iovisor / bcc

BCC - Tools for BPF-based Linux IO analysis, networking, monitoring, and more
Apache License 2.0
20.61k stars 3.89k forks source link

Libbpf.c crash in method #2407

Open BenVB4 opened 5 years ago

BenVB4 commented 5 years ago

Regarding the function in libbpf.c: void bpf_program__unload(struct bpf_program *prog)

I received a crash on the expression:

    for (i = 0; i < prog->instances.nr; i++)
        zclose(prog->instances.fds[i]);

I believe prog->instances.nr is not the proper length of prog->instances.fds[], unless my implementation of this method is wrong.

yonghong-song commented 5 years ago

Are you talking about linux kernel linux/tools/lib/bpf/libbpf.c? Do you have a test case to reproduce the crash?

BenVB4 commented 4 years ago

Hello,

My apologies for the late response. It appears I missed this email. I am referencing: bcc/src/cc/libbpf. I believe I have found a few bugs, and could provide the right test cases/ inputs to trigger them. Would this be the right email to send the reports to?

Thanks again, Ben

On Tue, Jun 25, 2019 at 10:15 AM yonghong-song notifications@github.com wrote:

Are you talking about linux kernel linux/tools/lib/bpf/libbpf.c? Do you have a test case to reproduce the crash?

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/iovisor/bcc/issues/2407?email_source=notifications&email_token=AL43WYI5QJ3SGNW4HQC7CSDP4JHCTA5CNFSM4HWOEG4KYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGODYQ6NTA#issuecomment-505538252, or mute the thread https://github.com/notifications/unsubscribe-auth/AL43WYOJXZGLNLCQEI37JX3P4JHCTANCNFSM4HWOEG4A .

yonghong-song commented 4 years ago

@BenVB4 Yes. You can just add details to this issue. Thanks!

BenVB4 commented 4 years ago

Thanks, I'll be sending emails to this thread.

The first one: I believe there is an error with: libbpf_nla_dump_errormsg(); My test file and bug trigger are attached.

On Wed, Jan 1, 2020 at 11:23 PM yonghong-song notifications@github.com wrote:

@BenVB4 https://github.com/BenVB4 Yes. You can just add details to this issue. Thanks!

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/iovisor/bcc/issues/2407?email_source=notifications&email_token=AL43WYOFGXQIVH7E6ZYXEQTQ3WI6JA5CNFSM4HWOEG4KYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEH5Y4WY#issuecomment-570134107, or unsubscribe https://github.com/notifications/unsubscribe-auth/AL43WYILSLXLR3TUFCUIAG3Q3WI6JANCNFSM4HWOEG4A .

BenVB4 commented 4 years ago

Second one:

libbpf_nla_parse();

On Thu, Jan 9, 2020 at 4:14 PM Benjamin Nilsen bcnilsen@ucdavis.edu wrote:

Thanks, I'll be sending emails to this thread.

The first one: I believe there is an error with: libbpf_nla_dump_errormsg(); My test file and bug trigger are attached.

On Wed, Jan 1, 2020 at 11:23 PM yonghong-song notifications@github.com wrote:

@BenVB4 https://github.com/BenVB4 Yes. You can just add details to this issue. Thanks!

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/iovisor/bcc/issues/2407?email_source=notifications&email_token=AL43WYOFGXQIVH7E6ZYXEQTQ3WI6JA5CNFSM4HWOEG4KYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEH5Y4WY#issuecomment-570134107, or unsubscribe https://github.com/notifications/unsubscribe-auth/AL43WYILSLXLR3TUFCUIAG3Q3WI6JANCNFSM4HWOEG4A .

BenVB4 commented 4 years ago

Third one:

I believe there is a stack buffer overflow with the method bpf_object__open_buffer() when running the attached program with the input: ./LibbpfTest15.c (executable version) LibbpfTest15buginput LibbpfTest15buginput

On Thu, Jan 9, 2020 at 4:54 PM Benjamin Nilsen bcnilsen@ucdavis.edu wrote:

Second one:

libbpf_nla_parse();

On Thu, Jan 9, 2020 at 4:14 PM Benjamin Nilsen bcnilsen@ucdavis.edu wrote:

Thanks, I'll be sending emails to this thread.

The first one: I believe there is an error with: libbpf_nla_dump_errormsg(); My test file and bug trigger are attached.

On Wed, Jan 1, 2020 at 11:23 PM yonghong-song notifications@github.com wrote:

@BenVB4 https://github.com/BenVB4 Yes. You can just add details to this issue. Thanks!

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/iovisor/bcc/issues/2407?email_source=notifications&email_token=AL43WYOFGXQIVH7E6ZYXEQTQ3WI6JA5CNFSM4HWOEG4KYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEH5Y4WY#issuecomment-570134107, or unsubscribe https://github.com/notifications/unsubscribe-auth/AL43WYILSLXLR3TUFCUIAG3Q3WI6JANCNFSM4HWOEG4A .

yonghong-song commented 4 years ago

Looks like these are all libbpf related bugs. Have you tried latest libbpf (https://github.com/libbpf/libbpf)? Also, I did not see your attachments. Looks like the github does not really accept attachments in the comments. You may need to put them somewhere (e.g., inside your personal github) and share the link here.

BenVB4 commented 4 years ago

My apologies, I didn't realize it would not keep the attachments. I made a personal repo with all the src code and inputs here: https://github.com/BenVB4/Libbpf-bugs

yonghong-song commented 4 years ago

@BenVB4 Looks all these are libbpf tests. I guess that you try latest upstream libbpf. If the problem is still there, send the reproducer to bpf@vger.kernel.org. The bpf mailing list https://lore.kernel.org/bpf/. Thanks!