On 4 Dec 2019, at 19:01, Yonghong Song wrote: <SNIP>
I’ve put my code on GitHub, maybe it’s just something stupid…Thanks for the test case. This indeed a kernel bug. The following change fixed the issue: -bash-4.4$ git diff diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c index a0482e1c4a77..034ef81f935b 100644 --- a/kernel/bpf/verifier.c +++ b/kernel/bpf/verifier.c @@ -9636,7 +9636,10 @@ static int check_attach_btf_id(struct bpf_verifier_env *env) ret = -EINVAL; goto out; } - addr = (long) tgt_prog->aux->func[subprog]->bpf_func; + if (subprog == 0) + addr = (long) tgt_prog->bpf_func; + else + addr = (long) tgt_prog->aux->func[subprog]->bpf_func; } else { addr = kallsyms_lookup_name(tname); if (!addr) { -bash-4.4$ The reason is for a bpf program without any additional subprogram (callees), tgt_prog->aux->func is not populated and is a NULL pointer, so the access tgt_prog->aux->func[0]->bpf_func will segfault. With the above change, your test works properly.
Thanks for the quick response, and as you mention the test passes with the patch above.
I will continue my experiments later this week, and let you know if I run into any other problems.
Cheers, Eelco
