selftests/bpf: Fixes for userspace ASAN#11094
Closed
kernel-patches-daemon-bpf[bot] wants to merge 15 commits intobpf_basefrom
Closed
selftests/bpf: Fixes for userspace ASAN#11094kernel-patches-daemon-bpf[bot] wants to merge 15 commits intobpf_basefrom
kernel-patches-daemon-bpf[bot] wants to merge 15 commits intobpf_basefrom
Conversation
Author
|
Upstream branch: 593fffb |
kernel-patches-daemon-bpf
bot
force-pushed
the
bpf_base
branch
from
26293ad to
fe9bc92
Compare
Author
|
Upstream branch: 3b39d73 |
kernel-patches-daemon-bpf
bot
force-pushed
the
series/1055044=>bpf
branch
from
f38b14e to
0896582
Compare
Author
|
Upstream branch: 3b39d73 |
kernel-patches-daemon-bpf
bot
force-pushed
the
series/1055044=>bpf
branch
from
0896582 to
29f9c18
Compare
Author
|
Upstream branch: 3b39d73 |
kernel-patches-daemon-bpf
bot
force-pushed
the
series/1055044=>bpf
branch
from
29f9c18 to
5d25654
Compare
kernel-patches-daemon-bpf
bot
force-pushed
the
bpf_base
branch
from
fe9bc92 to
74774d7
Compare
Author
|
Upstream branch: 1e5c009 |
kernel-patches-daemon-bpf
bot
force-pushed
the
series/1055044=>bpf
branch
from
5d25654 to
c5c26e8
Compare
kernel-patches-daemon-bpf
bot
force-pushed
the
bpf_base
branch
from
74774d7 to
ca416b5
Compare
Author
|
Upstream branch: 1e5c009 |
kernel-patches-daemon-bpf
bot
force-pushed
the
series/1055044=>bpf
branch
from
c5c26e8 to
6415e2c
Compare
kernel-patches-daemon-bpf
bot
force-pushed
the
bpf_base
branch
from
ca416b5 to
0b99ced
Compare
EXTRA_* and SAN_* build flags were not correctly propagated to bpftool
and resolve_btids when building selftests/bpf. This led to various
build errors on attempt to build with SAN_CFLAGS="-fsanitize=address",
for example.
Fix the makefiles to address this:
- Pass SAN_CFLAGS/SAN_LDFLAGS to bpftool and resolve_btfids build
- Propagate EXTRA_LDFLAGS to resolve_btfids link command
- Use pkg-config to detect zlib and zstd for resolve_btfids, similar
libelf handling
Also check for ASAN flag in selftests/bpf/Makefile for convenience.
Signed-off-by: Ihor Solodrai <ihor.solodrai@linux.dev>
Running resolve_btfids with ASAN reveals memory leaks in btf_id handling. - Change get_id() to use a local buffer - Make btf_id__add() strdup the name internally - Add btf_id__free_all() that frees all nodese of a tree - Call the cleanup function on exit for every tree Acked-by: Jiri Olsa <jolsa@kernel.org> Signed-off-by: Ihor Solodrai <ihor.solodrai@linux.dev>
Add a denylist file for tests that should be skipped when built with
userspace ASAN:
$ make ... SAN_CFLAGS="-fsanitize=address -fno-omit-frame-pointer"
Skip the following tests:
- *arena*: userspace ASAN does not understand BPF arena maps and gets
confused particularly when map_extra is non-zero
- non-zero map_extra leads to mmap with MAP_FIXED, and ASAN treats
this as an unknown memory region
- task_local_data: ASAN complains about "incorrect" aligned_alloc()
usage, but it's intentional in the test
- uprobe_multi_test: very slow with ASAN enabled
Signed-off-by: Ihor Solodrai <ihor.solodrai@linux.dev>
ASAN reported a memory leak in bpf_get_ksyms(): it allocates a struct ksyms internally and never frees it. Move struct ksyms to trace_helpers.h and return it from the bpf_get_ksyms(), giving ownership to the caller. Add filtered_syms and filtered_cnt fields to the ksyms to hold the filtered array of symbols, previously returned by bpf_get_ksyms(). Fixup the call sites: kprobe_multi_test and bench_trigger. Signed-off-by: Ihor Solodrai <ihor.solodrai@linux.dev>
Fix trivial memory leaks detected by userspace ASAN:
- htab_update: free value buffer in test_reenter_update cleanup
- test_xsk: inline pkt_stream_replace() in testapp_stats_rx_full()
and testapp_stats_fill_empty()
- testing_helpers: free buffer allocated by getline() in
parse_test_list_file
Signed-off-by: Ihor Solodrai <ihor.solodrai@linux.dev>
The Close() macro uses the passed in expression three times, which leads to repeated execution in case it has side effects. That is, Close(i--) would decrement i three times. ASAN caught a stack-buffer-undeflow error at a point where this was overlooked. Fix it. Acked-by: Eduard Zingerman <eddyz87@gmail.com> Signed-off-by: Ihor Solodrai <ihor.solodrai@linux.dev>
ASAN detected a memory leak in veristat. The cleanup code handling ENUMERATOR value missed freeing strdup-ed svalue. Fix it. Acked-by: Mykyta Yatsenko <yatsenko@meta.com> Signed-off-by: Ihor Solodrai <ihor.solodrai@linux.dev>
ASAN reported a use-after-free in close_xsk(). The xsk->socket internally references xsk->umem via socket->ctx->umem, so the socket must be deleted before the umem. Fix the order of operations in close_xsk(). Acked-by: Mykyta Yatsenko <yatsenko@meta.com> Signed-off-by: Ihor Solodrai <ihor.solodrai@linux.dev>
ASAN reported a "joining already joined thread" error. The release_child() may be called multiple times for the same struct child. Fix with a memset(0) call at the end of release_child(). Acked-by: Mykyta Yatsenko <yatsenko@meta.com> Acked-by: Jiri Olsa <jolsa@kernel.org> Signed-off-by: Ihor Solodrai <ihor.solodrai@linux.dev>
ASAN reported a number of resource leaks: - Add missing *__destroy(skel) calls - Replace bpf_link__detach() with bpf_link__destroy() where appropriate - cgrp_local_storage: Add bpf_link__destroy() when bpf_iter_create fails - dynptr: Add missing bpf_object__close() Acked-by: Eduard Zingerman <eddyz87@gmail.com> Signed-off-by: Ihor Solodrai <ihor.solodrai@linux.dev>
ASAN reported a resource leak due to the bpf_object not being tracked in test_sysctl. Add obj field to struct sysctl_test to properly clean up bpf_object if a program was loaded from a file. Signed-off-by: Ihor Solodrai <ihor.solodrai@linux.dev>
Compiler cannot infer upper bound for labels.cnt and warns about potential buffer overflow in snprintf. Add an explicit bounds check (... && i < MAX_LOCAL_LABELS) in the loop condition to fix the warning. Acked-by: Eduard Zingerman <eddyz87@gmail.com> Signed-off-by: Ihor Solodrai <ihor.solodrai@linux.dev>
- kmem_cache_iter: remove unnecessary debug output
- lwt_seg6local: change the type of foobar to char[]
- the sizeof(foobar) returned the pointer size and not a string
length as intended
- verifier_log: increase prog_name buffer size in verif_log_subtest()
- compiler has a conservative estimate of fixed_log_sz value, making
ASAN complain on snprint() call
Acked-by: Eduard Zingerman <eddyz87@gmail.com>
Signed-off-by: Ihor Solodrai <ihor.solodrai@linux.dev>
The bpftool_maps_access and bpftool_metadata tests may fail on BPF CI with "command not found", depending on a workflow. This happens because detect_bpftool_path() only checks two hardcoded relative paths: - ./tools/sbin/bpftool - ../tools/sbin/bpftool Add support for a BPFTOOL environment variable that allows specifying the exact path to the bpftool binary. Also replace strncpy() with snprintf() for proper null-termination. Signed-off-by: Ihor Solodrai <ihor.solodrai@linux.dev> Acked-by: Mykyta Yatsenko <yatsenko@meta.com>
test_progs has custom SIGSEGV handler, which interferes with the address sanitizer [1]. Add an #ifndef to avoid this. [1] https://lore.kernel.org/bpf/73d832948b01dbc0ebc60d85574bdf8537f3a810.camel@gmail.com/ Signed-off-by: Ihor Solodrai <ihor.solodrai@linux.dev> Acked-by: Mykyta Yatsenko <yatsenko@meta.com>|
Author
|
Upstream branch: 8bf22c3 |
kernel-patches-daemon-bpf
bot
force-pushed
the
series/1055044=>bpf
branch
from
6415e2c to
3febc02
Compare
Author
|
At least one diff in series https://patchwork.kernel.org/project/netdevbpf/list/?series=1055044 expired. Closing PR. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Pull request for series with
subject: selftests/bpf: Fixes for userspace ASAN
version: 2
url: https://patchwork.kernel.org/project/netdevbpf/list/?series=1055044