tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

bpftool: Fix control flow graph segfault during edge creation

If the last instruction of a control flow graph building block is a
BPF_CALL, an incorrect edge with e->dst set to NULL is created and
results in a segfault during graph output.

Ensure that BPF_CALL as last instruction of a building block is handled
correctly and only generates a single edge unlike actual BPF_JUMP*
instructions.

Signed-off-by: Christoph Werle <christoph.werle@longjmp.de>
Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Tested-by: Quentin Monnet <qmo@kernel.org>
Reviewed-by: Quentin Monnet <qmo@kernel.org>
Link: https://lore.kernel.org/bpf/20250108220937.1470029-1-christoph.werle@longjmp.de

authored by

Christoph Werle and committed by
Andrii Nakryiko defac894 a43796b5

+1
+1
tools/bpf/bpftool/cfg.c
··· 302 302 303 303 insn = bb->tail; 304 304 if (!is_jmp_insn(insn->code) || 305 + BPF_OP(insn->code) == BPF_CALL || 305 306 BPF_OP(insn->code) == BPF_EXIT) { 306 307 e->dst = bb_next(bb); 307 308 e->flags |= EDGE_FLAG_FALLTHROUGH;