Skip to content

Commit

Permalink
bpftool: Fix control flow graph segfault during edge creation
Browse files Browse the repository at this point in the history 
If the last instruction of a control flow graph building block is a
BPF_CALL, an incorrect edge with e->dst set to NULL is created and
results in a segfault during graph output.

Ensure that BPF_CALL as last instruction of a building block is handled
correctly and only generates a single edge unlike actual BPF_JUMP*
instructions.

Signed-off-by: Christoph Werle <[email protected]>
Signed-off-by: Andrii Nakryiko <[email protected]>
Tested-by: Quentin Monnet <[email protected]>
Reviewed-by: Quentin Monnet <[email protected]>
Link: https://lore.kernel.org/bpf/[email protected]
  • Loading branch information
@troglodyt @qmonnet
troglodyt authored and qmonnet committed Jan 21, 2025
1 parent a689ab2 commit 731868d
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions src/cfg.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -302,6 +302,7 @@ static bool func_add_bb_edges(struct func_node *func)

insn = bb->tail;
if (!is_jmp_insn(insn->code) ||
BPF_OP(insn->code) == BPF_CALL ||
BPF_OP(insn->code) == BPF_EXIT) {
e->dst = bb_next(bb);
e->flags |= EDGE_FLAG_FALLTHROUGH;
Expand Down

0 comments on commit 731868d

Please sign in to comment.