[Bug bpf/23875] New: 'stack smashing error' on foreach iteration

[Bug bpf/23875] New: 'stack smashing error' on foreach iteration

[me at serhei dot io]

https://sourceware.org/bugzilla/show_bug.cgi?id=23875

            Bug ID: 23875
           Summary: 'stack smashing error' on foreach iteration
           Product: systemtap
           Version: unspecified
            Status: NEW
          Severity: normal
          Priority: P2
         Component: bpf
          Assignee: systemtap at sourceware dot org
          Reporter: me at serhei dot io
  Target Milestone: ---

global t

probe kernel.function("vfs_read") {
  t["key"] = 6
  exit()
}

probe end {
  c = 0
  foreach (k in t)
    c++
  printf("%d\n", c)
}

Pass 1: parsed user script and 49 library scripts using
120048virt/21872res/8376shr/13356data kb, in 0usr/0sys/7real ms.
Pass 2: analyzed script: 2 probes, 2 functions, 0 embeds, 1 global using
175628virt/78164res/9264shr/68936data kb, in 590usr/20sys/602real ms.
Pass 4: compiled BPF into "stap_12352.bo" in 0usr/0sys/3real ms.
Pass 5: starting run.
1
*** stack smashing detected ***: <unknown> terminated
WARNING: /opt/systemtap/bin/stapbpf exited with signal: 6 (Aborted)
Pass 5: run completed in 0usr/0sys/113real ms.
Pass 5: run failed.  [man error::pass5]

-- 
You are receiving this mail because:
You are the assignee for the bug.

[Bug bpf/23875] support string map keys in foreach iteration

[me at serhei dot io]

https://sourceware.org/bugzilla/show_bug.cgi?id=23875

Serhei Makarov <me at serhei dot io> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Summary|'stack smashing error' on   |support string map keys in
                   |foreach iteration           |foreach iteration

--- Comment #1 from Serhei Makarov <me at serhei dot io> ---
The foreach loop functionality needs to be extended to support iteration of
string keys.

Current code assumes keys are int64_t, which is what causes the 'stack
smashing' error (attempt to copy 64-byte string into 8-byte stack variable).
There are other problems e.g. potential to infinite-loop, segfault and so
forth.

Wrote testcases to cover the known issues and (for the time being) added commit
0eaf4f196 to cleanly reject foreach loops with string keys in the translator.
Keeping the PR open to track work on foreach string key support.

-- 
You are receiving this mail because:
You are the assignee for the bug.

[Bug bpf/23875] support string map keys in foreach iteration

[me at serhei dot io]

https://sourceware.org/bugzilla/show_bug.cgi?id=23875

--- Comment #2 from Serhei Makarov <me at serhei dot io> ---
Have some code for this, but there are regressions I need to fix. The parts
that needed to be changed so far:

- in bpf-translate.cxx, visit_foreach_loop() needs to create correctly sized
stack slots for string keys
- in bpfinterp.cxx, create a separate map_str_keys vector and use the
appropriate vectors depending on type. Some unavoidable code duplication as the
string handling code is similar but not quite the same as the code for ints.

-- 
You are receiving this mail because:
You are the assignee for the bug.

[Bug bpf/23875] support string map keys in foreach iteration

[me at serhei dot io]

https://sourceware.org/bugzilla/show_bug.cgi?id=23875

Serhei Makarov <me at serhei dot io> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |FIXED

--- Comment #3 from Serhei Makarov <me at serhei dot io> ---
should be fixed in commit ceed4889 apart from issues to be fixed in PR23858

-- 
You are receiving this mail because:
You are the assignee for the bug.