From patchwork Tue Mar 28 00:47:36 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eduard Zingerman X-Patchwork-Id: 13190272 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4BCA4C6FD1D for ; Tue, 28 Mar 2023 00:47:57 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229970AbjC1Arz (ORCPT ); Mon, 27 Mar 2023 20:47:55 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42944 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229471AbjC1Arx (ORCPT ); Mon, 27 Mar 2023 20:47:53 -0400 Received: from mail-ed1-x534.google.com (mail-ed1-x534.google.com [IPv6:2a00:1450:4864:20::534]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 370812137 for ; Mon, 27 Mar 2023 17:47:51 -0700 (PDT) Received: by mail-ed1-x534.google.com with SMTP id ek18so43206964edb.6 for ; Mon, 27 Mar 2023 17:47:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; t=1679964470; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=ZlMEQqkZ8WIbjo0f8wWnbRjk0VBkFmWqK5G+qlhpgUA=; b=qI/ZlfHQG2UomIP+gPzUyNKvlGkxOMgS8FF5B+2KHqYzSCeFint0BAVOlRkxLc63Vy s5Kg7vufxs1ALaZTA1B8PwGf3wd00UzuarsGjViyJhj37nOxo1EAi4DUgXnDB3x7Skrd GzbrLxMMVyoXpEcBRGsUrgptygcRHjuvBFVrNrKt/JB5tO6UKy0pp96Njv2ctssDwtdu DRFA5orkItQOB3iprnuri6eBa6m6UBBfhWVWf2d70UAJVj5cYoUBHaNDYya9FENsn0K3 5bD9MNxOiz5DHQMgzoSobJqclNGguCkygNumW4ybNgf+ug9/bjGiTkqqIMA05WxDsFjI uQ1g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1679964470; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=ZlMEQqkZ8WIbjo0f8wWnbRjk0VBkFmWqK5G+qlhpgUA=; b=yd65Rx4Zr15Cq0inGtorIM1bdcb+jg01WI1rRjtF6ftFrTt6GU8wny//YX2LKKJrxl 01afRx9AR9/mPKcdAf4y3ZF+jZ4eS/vZU4PFdfnDth7JTtryQPf1w+MgpK1E1n0+reyC p/3LCVwpDXenTUT3DZEYMxcAGWwtqVpjdJL6NhJln2jeTIbyBOrCkmO5p8OYeQ34u0/2 XkYYCuKvUKgKXTmaEesvn6mKpKI8xirtwqGhPWvptB+axXZsSuUa8+a5EFJG4NVob7EI /Hd1O53mqGRdIvfh/hJpvVcEGRCqjiXbwpa+THDtZ5fbglhJZ7dUKUDPgFjO28Ba81WN jQDA== X-Gm-Message-State: AAQBX9f6J6Ky/kXyv8AGChMD80Rmg1Mbd4mr2oN/mud0mXF6fATAQ96E 8poOvmYDHm1dzdu8hnLPq3bwHRE2Yz2QlA== X-Google-Smtp-Source: AKy350Y1eO0zj8UMUVD6wMGgk3iuocZzQ9Wjad15EgsSUnkyuPTp7aVGsasTlPy/B44+lFrjXFk71w== X-Received: by 2002:a17:907:7788:b0:932:c1e2:9984 with SMTP id ky8-20020a170907778800b00932c1e29984mr14014926ejc.58.1679964470074; Mon, 27 Mar 2023 17:47:50 -0700 (PDT) Received: from bigfoot.. (host-176-36-0-241.b024.la.net.ua. [176.36.0.241]) by smtp.gmail.com with ESMTPSA id xc1-20020a170907074100b0093de5b42856sm5560175ejb.119.2023.03.27.17.47.48 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 27 Mar 2023 17:47:49 -0700 (PDT) From: Eduard Zingerman To: bpf@vger.kernel.org, ast@kernel.org Cc: andrii@kernel.org, daniel@iogearbox.net, martin.lau@linux.dev, kernel-team@fb.com, yhs@fb.com, james.hilliard1@gmail.com, Eduard Zingerman Subject: [PATCH bpf-next 0/2] Fix double-free when linker processes empty sections Date: Tue, 28 Mar 2023 03:47:36 +0300 Message-Id: <20230328004738.381898-1-eddyz87@gmail.com> X-Mailer: git-send-email 2.40.0 MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: bpf@vger.kernel.org X-Patchwork-Delegate: bpf@iogearbox.net Fixes double-free error in linker.c:bpf_linker__free() caused by realloc(..., 0) call in linker.c:extend_sec() (such a call "frees" memory every second time :). The error is triggered when object files with empty sections of the same name are processed by linker. - The first patch extends progs/linked_funcs[12].c to trigger the error upon tests compilation; - The second patch contains detailed description of the error, fix and appropriate attributions. Eduard Zingerman (2): selftests/bpf: Test if bpftool linker handles empty sections libbpf: Fix double-free when linker processes empty sections tools/lib/bpf/linker.c | 14 +++++++++++++- tools/testing/selftests/bpf/progs/linked_funcs1.c | 3 +++ tools/testing/selftests/bpf/progs/linked_funcs2.c | 3 +++ 3 files changed, 19 insertions(+), 1 deletion(-)