tools/lib/bpf/libbpf.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-)
`tname` is returned by `btf__name_by_offset()` as well as `var_name`,
and these addresses point to strings in the btf. Since their locations
may change while loading the bpf program, using `strdup()` ensures
`tname` is safely stored.
Signed-off-by: Soma Nakata <soma.nakata01@gmail.com>
---
tools/lib/bpf/libbpf.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/tools/lib/bpf/libbpf.c b/tools/lib/bpf/libbpf.c
index a3be6f8fac09..f4ad1b993ec5 100644
--- a/tools/lib/bpf/libbpf.c
+++ b/tools/lib/bpf/libbpf.c
@@ -496,7 +496,7 @@ struct bpf_program {
};
struct bpf_struct_ops {
- const char *tname;
+ char *tname;
const struct btf_type *type;
struct bpf_program **progs;
__u32 *kern_func_off;
@@ -1423,7 +1423,9 @@ static int init_struct_ops_maps(struct bpf_object *obj, const char *sec_name,
memcpy(st_ops->data,
data->d_buf + vsi->offset,
type->size);
- st_ops->tname = tname;
+ st_ops->tname = strdup(tname);
+ if (!st_ops->tname)
+ return -ENOMEM;
st_ops->type = type;
st_ops->type_id = type_id;
@@ -8984,6 +8986,7 @@ static void bpf_map__destroy(struct bpf_map *map)
map->mmaped = NULL;
if (map->st_ops) {
+ zfree(&map->st_ops->tname);
zfree(&map->st_ops->data);
zfree(&map->st_ops->progs);
zfree(&map->st_ops->kern_func_off);
--
2.46.0Le 21/08/2024 à 13:23, Soma Nakata a écrit :
> `tname` is returned by `btf__name_by_offset()` as well as `var_name`,
> and these addresses point to strings in the btf. Since their locations
> may change while loading the bpf program, using `strdup()` ensures
> `tname` is safely stored.
>
> Signed-off-by: Soma Nakata <soma.nakata01@gmail.com>
> ---
> tools/lib/bpf/libbpf.c | 7 +++++--
> 1 file changed, 5 insertions(+), 2 deletions(-)
>
> diff --git a/tools/lib/bpf/libbpf.c b/tools/lib/bpf/libbpf.c
> index a3be6f8fac09..f4ad1b993ec5 100644
> --- a/tools/lib/bpf/libbpf.c
> +++ b/tools/lib/bpf/libbpf.c
> @@ -496,7 +496,7 @@ struct bpf_program {
> };
>
> struct bpf_struct_ops {
> - const char *tname;
> + char *tname;
> const struct btf_type *type;
> struct bpf_program **progs;
> __u32 *kern_func_off;
> @@ -1423,7 +1423,9 @@ static int init_struct_ops_maps(struct bpf_object *obj, const char *sec_name,
> memcpy(st_ops->data,
> data->d_buf + vsi->offset,
> type->size);
> - st_ops->tname = tname;
> + st_ops->tname = strdup(tname);
> + if (!st_ops->tname)
> + return -ENOMEM;
Certainly a matter of taste, but I would personally move it just after
"st_ops->kern_func_off = malloc()" and add the NULL check with the
existing ones.
BTW, there are some memory leaks if 1 or more allocations fail in this
function.
Not sure if it is an issue or not, and what should be done in this case.
CJ
> st_ops->type = type;
> st_ops->type_id = type_id;
>
> @@ -8984,6 +8986,7 @@ static void bpf_map__destroy(struct bpf_map *map)
> map->mmaped = NULL;
>
> if (map->st_ops) {
> + zfree(&map->st_ops->tname);
> zfree(&map->st_ops->data);
> zfree(&map->st_ops->progs);
> zfree(&map->st_ops->kern_func_off);
On Wed, Aug 21, 2024 at 9:16 PM Christophe JAILLET
<christophe.jaillet@wanadoo.fr> wrote:
>
> Le 21/08/2024 à 13:23, Soma Nakata a écrit :
> > `tname` is returned by `btf__name_by_offset()` as well as `var_name`,
> > and these addresses point to strings in the btf. Since their locations
> > may change while loading the bpf program, using `strdup()` ensures
> > `tname` is safely stored.
> >
> > Signed-off-by: Soma Nakata <soma.nakata01@gmail.com>
> > ---
> > tools/lib/bpf/libbpf.c | 7 +++++--
> > 1 file changed, 5 insertions(+), 2 deletions(-)
> >
> > diff --git a/tools/lib/bpf/libbpf.c b/tools/lib/bpf/libbpf.c
> > index a3be6f8fac09..f4ad1b993ec5 100644
> > --- a/tools/lib/bpf/libbpf.c
> > +++ b/tools/lib/bpf/libbpf.c
> > @@ -496,7 +496,7 @@ struct bpf_program {
> > };
> >
> > struct bpf_struct_ops {
> > - const char *tname;
> > + char *tname;
> > const struct btf_type *type;
> > struct bpf_program **progs;
> > __u32 *kern_func_off;
> > @@ -1423,7 +1423,9 @@ static int init_struct_ops_maps(struct bpf_object *obj, const char *sec_name,
> > memcpy(st_ops->data,
> > data->d_buf + vsi->offset,
> > type->size);
> > - st_ops->tname = tname;
> > + st_ops->tname = strdup(tname);
> > + if (!st_ops->tname)
> > + return -ENOMEM;
>
> Certainly a matter of taste, but I would personally move it just after
> "st_ops->kern_func_off = malloc()" and add the NULL check with the
> existing ones.
>
> BTW, there are some memory leaks if 1 or more allocations fail in this
> function.
> Not sure if it is an issue or not, and what should be done in this case.
You mean the line below?
if (!st_ops->data || !st_ops->progs || !st_ops->kern_func_off)
seems it says the size of them are in descending order or something.
But regardless, this looks like a memory leak.
I will send another patch on this.
thanks,
>
> CJ
>
>
> > st_ops->type = type;
> > st_ops->type_id = type_id;
> >
> > @@ -8984,6 +8986,7 @@ static void bpf_map__destroy(struct bpf_map *map)
> > map->mmaped = NULL;
> >
> > if (map->st_ops) {
> > + zfree(&map->st_ops->tname);
> > zfree(&map->st_ops->data);
> > zfree(&map->st_ops->progs);
> > zfree(&map->st_ops->kern_func_off);
>
Le 21/08/2024 à 15:30, Soma Nakata a écrit :
> On Wed, Aug 21, 2024 at 9:16 PM Christophe JAILLET
> <christophe.jaillet@wanadoo.fr> wrote:
>>
>> Le 21/08/2024 à 13:23, Soma Nakata a écrit :
>>> `tname` is returned by `btf__name_by_offset()` as well as `var_name`,
>>> and these addresses point to strings in the btf. Since their locations
>>> may change while loading the bpf program, using `strdup()` ensures
>>> `tname` is safely stored.
>>>
>>> Signed-off-by: Soma Nakata <soma.nakata01@gmail.com>
>>> ---
>>> tools/lib/bpf/libbpf.c | 7 +++++--
>>> 1 file changed, 5 insertions(+), 2 deletions(-)
>>>
>>> diff --git a/tools/lib/bpf/libbpf.c b/tools/lib/bpf/libbpf.c
>>> index a3be6f8fac09..f4ad1b993ec5 100644
>>> --- a/tools/lib/bpf/libbpf.c
>>> +++ b/tools/lib/bpf/libbpf.c
>>> @@ -496,7 +496,7 @@ struct bpf_program {
>>> };
>>>
>>> struct bpf_struct_ops {
>>> - const char *tname;
>>> + char *tname;
>>> const struct btf_type *type;
>>> struct bpf_program **progs;
>>> __u32 *kern_func_off;
>>> @@ -1423,7 +1423,9 @@ static int init_struct_ops_maps(struct bpf_object *obj, const char *sec_name,
>>> memcpy(st_ops->data,
>>> data->d_buf + vsi->offset,
>>> type->size);
>>> - st_ops->tname = tname;
>>> + st_ops->tname = strdup(tname);
>>> + if (!st_ops->tname)
>>> + return -ENOMEM;
>>
>> Certainly a matter of taste, but I would personally move it just after
>> "st_ops->kern_func_off = malloc()" and add the NULL check with the
>> existing ones.
>>
>> BTW, there are some memory leaks if 1 or more allocations fail in this
>> function.
>> Not sure if it is an issue or not, and what should be done in this case.
>
> You mean the line below?
> if (!st_ops->data || !st_ops->progs || !st_ops->kern_func_off)
Yes.
> seems it says the size of them are in descending order or something.
> But regardless, this looks like a memory leak.
> I will send another patch on this.
>
> thanks,
>
>>
>> CJ
>>
>>
>>> st_ops->type = type;
>>> st_ops->type_id = type_id;
>>>
>>> @@ -8984,6 +8986,7 @@ static void bpf_map__destroy(struct bpf_map *map)
>>> map->mmaped = NULL;
>>>
>>> if (map->st_ops) {
>>> + zfree(&map->st_ops->tname);
>>> zfree(&map->st_ops->data);
>>> zfree(&map->st_ops->progs);
>>> zfree(&map->st_ops->kern_func_off);
>>
>
>
© 2016 - 2026 Red Hat, Inc.