Bug 2218663 - [abrt] oci-seccomp-bpf-hook: runtime.raise(): oci-seccomp-bpf-hook killed by SIGABRT
Summary: [abrt] oci-seccomp-bpf-hook: runtime.raise(): oci-seccomp-bpf-hook killed by ...
Keywords:
Status: NEW
Alias: None
Product: Fedora
Classification: Fedora
Component: oci-seccomp-bpf-hook
Version: 38
Hardware: x86_64
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Jindrich Novy
QA Contact: Fedora Extras Quality Assurance
URL: https://retrace.fedoraproject.org/faf...
Whiteboard: abrt_hash:61d175b91fe33017f9297f584e3...
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2023-06-29 18:56 UTC by xspielinbox+redhat
Modified: 2023-06-29 18:56 UTC (History)
7 users (show)

Fixed In Version:
Doc Type: ---
Doc Text:
Clone Of:
Environment:
Last Closed:
Type: ---
Embargoed:

Attachments (Terms of Use)
File: proc_pid_status (1.40 KB, text/plain)
2023-06-29 18:56 UTC, xspielinbox+redhat 		no flags Details
File: maps (3.99 KB, text/plain)
2023-06-29 18:56 UTC, xspielinbox+redhat 		no flags Details
File: limits (1.29 KB, text/plain)
2023-06-29 18:56 UTC, xspielinbox+redhat 		no flags Details
File: open_fds (482 bytes, text/plain)
2023-06-29 18:56 UTC, xspielinbox+redhat 		no flags Details
File: mountinfo (3.91 KB, text/plain)
2023-06-29 18:56 UTC, xspielinbox+redhat 		no flags Details
File: os_info (734 bytes, text/plain)
2023-06-29 18:56 UTC, xspielinbox+redhat 		no flags Details
File: cpuinfo (2.85 KB, text/plain)
2023-06-29 18:56 UTC, xspielinbox+redhat 		no flags Details
File: core_backtrace (18.63 KB, text/plain)
2023-06-29 18:56 UTC, xspielinbox+redhat 		no flags Details
File: dso_list (474 bytes, text/plain)
2023-06-29 18:56 UTC, xspielinbox+redhat 		no flags Details
File: backtrace (29.43 KB, text/plain)
2023-06-29 18:56 UTC, xspielinbox+redhat 		no flags Details
File: environ (329 bytes, text/plain)
2023-06-29 18:56 UTC, xspielinbox+redhat 		no flags Details
View All

Description xspielinbox+redhat 2023-06-29 18:56:18 UTC 
Description of problem:
I used oci-seccomp-bpf-hook without root (podman run [...] --annotation io.containers.trace-syscall=of:/tmp/seccomp-custom.json [...]).
It then gave me the cryptic error "Error: OCI runtime error: crun: error executing hook `/usr/libexec/oci/hooks.d/oci-seccomp-bpf-hook` (exit code: 1)"
and crashed.

I know, that it does not work without administrative permission, but the error handling could be improved.
It should not crash with insufficient permission, but this should be handled "gracefully" and the error message should perhaps include something that would indicate, what the error could be, e.g. that it has some permissions problems.

Version-Release number of selected component:
oci-seccomp-bpf-hook-1.2.9-1.fc38

Additional info:
reporter:       libreport-2.17.10
type:           CCpp
reason:         oci-seccomp-bpf-hook killed by SIGABRT
journald_cursor: s=9a7a550263b44ce2aae567ae74362384;i=1de052;b=633cd69c786741e2b385c6d8365fddf7;m=56f3e723b;t=5ff48c544934e;x=3805e3d70f08887
executable:     /usr/libexec/oci/hooks.d/oci-seccomp-bpf-hook
cmdline:        oci-seccomp-bpf-hook -r 54024 -o /tmp/seccomp-custom.json -i
cgroup:         0::/user.slice/user-1000.slice/user/user.slice/libpod-conmon-10893be2bbe297589572c3d765953536d4c86aa67c45f9d3e214961ae3ddbfe5.scope
rootdir:        /
uid:            1000
kernel:         6.3.8-200.fc38.x86_64
package:        oci-seccomp-bpf-hook-1.2.9-1.fc38
runlevel:       N 5
backtrace_rating: 4
crash_function: runtime.raise

Truncated backtrace:
Thread no. 1 (22 frames)
 #0 runtime.raise at /usr/lib/golang/src/runtime/sys_linux_amd64.s:154
 #1 runtime.dieFromSignal at /usr/lib/golang/src/runtime/signal_unix.go:879
 #2 runtime.sigfwdgo at /usr/lib/golang/src/runtime/signal_unix.go:1092
 #3 runtime.sigtrampgo at /usr/lib/golang/src/runtime/signal_unix.go:432
 #4 runtime.sigtramp at /usr/lib/golang/src/runtime/sys_linux_amd64.s:354
 #6 runtime.raise at /usr/lib/golang/src/runtime/sys_linux_amd64.s:154
 #7 runtime.dieFromSignal at /usr/lib/golang/src/runtime/signal_unix.go:879
 #8 runtime.crash at /usr/lib/golang/src/runtime/signal_unix.go:971
 #9 runtime.fatalpanic at /usr/lib/golang/src/runtime/panic.go:1168
 #10 runtime.gopanic at /usr/lib/golang/src/runtime/panic.go:987
 #11 runtime.panicmem at /usr/lib/golang/src/runtime/panic.go:260
 #12 runtime.sigpanic at /usr/lib/golang/src/runtime/signal_unix.go:837
 #13 github.com/containers/oci-seccomp-bpf-hook/vendor/github.com/iovisor/gobpf/bcc.(*Module).Close.func1 at /usr/src/debug/oci-seccomp-bpf-hook-1.2.9-1.fc38.x86_64/_build/src/github.com/containers/oci-seccomp-bpf-hook/vendor/github.com/iovisor/gobpf/bcc/module.go:155
 #14 github.com/containers/oci-seccomp-bpf-hook/vendor/github.com/iovisor/gobpf/bcc.(*Module).Close at /usr/src/debug/oci-seccomp-bpf-hook-1.2.9-1.fc38.x86_64/_build/src/github.com/containers/oci-seccomp-bpf-hook/vendor/github.com/iovisor/gobpf/bcc/module.go:155
 #15 main.runBPFSource.func3 at /usr/src/debug/oci-seccomp-bpf-hook-1.2.9-1.fc38.x86_64/_build/src/github.com/containers/oci-seccomp-bpf-hook/oci-seccomp-bpf-hook.go:223
 #16 runtime.gopanic at /usr/lib/golang/src/runtime/panic.go:890
 #17 runtime.panicmem at /usr/lib/golang/src/runtime/panic.go:260
 #18 runtime.sigpanic at /usr/lib/golang/src/runtime/signal_unix.go:837
 #19 github.com/containers/oci-seccomp-bpf-hook/vendor/github.com/iovisor/gobpf/bcc.(*Module).Load at /usr/src/debug/oci-seccomp-bpf-hook-1.2.9-1.fc38.x86_64/_build/src/github.com/containers/oci-seccomp-bpf-hook/vendor/github.com/iovisor/gobpf/bcc/module.go:224
 #20 github.com/containers/oci-seccomp-bpf-hook/vendor/github.com/iovisor/gobpf/bcc.(*Module).LoadTracepoint at /usr/src/debug/oci-seccomp-bpf-hook-1.2.9-1.fc38.x86_64/_build/src/github.com/containers/oci-seccomp-bpf-hook/vendor/github.com/iovisor/gobpf/bcc/module.go:205
 #21 main.runBPFSource at /usr/src/debug/oci-seccomp-bpf-hook-1.2.9-1.fc38.x86_64/_build/src/github.com/containers/oci-seccomp-bpf-hook/oci-seccomp-bpf-hook.go:226
 #22 main.main at /usr/src/debug/oci-seccomp-bpf-hook-1.2.9-1.fc38.x86_64/_build/src/github.com/containers/oci-seccomp-bpf-hook/oci-seccomp-bpf-hook.go:84
Comment 1 xspielinbox+redhat 2023-06-29 18:56:21 UTC 
Created attachment 1973238 [details]
File: proc_pid_status
Comment 2 xspielinbox+redhat 2023-06-29 18:56:23 UTC 
Created attachment 1973239 [details]
File: maps
Comment 3 xspielinbox+redhat 2023-06-29 18:56:24 UTC 
Created attachment 1973240 [details]
File: limits
Comment 4 xspielinbox+redhat 2023-06-29 18:56:26 UTC 
Created attachment 1973241 [details]
File: open_fds
Comment 5 xspielinbox+redhat 2023-06-29 18:56:28 UTC 
Created attachment 1973242 [details]
File: mountinfo
Comment 6 xspielinbox+redhat 2023-06-29 18:56:29 UTC 
Created attachment 1973243 [details]
File: os_info
Comment 7 xspielinbox+redhat 2023-06-29 18:56:31 UTC 
Created attachment 1973244 [details]
File: cpuinfo
Comment 8 xspielinbox+redhat 2023-06-29 18:56:33 UTC 
Created attachment 1973245 [details]
File: core_backtrace
Comment 9 xspielinbox+redhat 2023-06-29 18:56:34 UTC 
Created attachment 1973246 [details]
File: dso_list
Comment 10 xspielinbox+redhat 2023-06-29 18:56:36 UTC 
Created attachment 1973247 [details]
File: backtrace
Comment 11 xspielinbox+redhat 2023-06-29 18:56:38 UTC 
Created attachment 1973248 [details]
File: environ
Note You need to log in before you can comment on or make changes to this bug.