From: Jiri Olsa <olsajiri@gmail.com>
To: Ihor Solodrai <ihor.solodrai@linux.dev>
Cc: "Alexei Starovoitov" <ast@kernel.org>,
"Andrii Nakryiko" <andrii@kernel.org>,
"Daniel Borkmann" <daniel@iogearbox.net>,
"Eduard Zingerman" <eddyz87@gmail.com>,
"Amery Hung" <ameryhung@gmail.com>,
"Mykyta Yatsenko" <yatsenko@meta.com>,
"Alexis Lothoré" <alexis.lothore@bootlin.com>,
bpf@vger.kernel.org, linux-kernel@vger.kernel.org,
kernel-team@meta.com
Subject: Re: [PATCH bpf-next v1 02/14] resolve_btfids: Fix memory leaks reported by ASAN
Date: Thu, 12 Feb 2026 12:28:21 +0100 [thread overview]
Message-ID: <aY25VcBtWd3O7-Gp@krava> (raw)
In-Reply-To: <20260212011356.3266753-3-ihor.solodrai@linux.dev>
On Wed, Feb 11, 2026 at 05:13:44PM -0800, Ihor Solodrai wrote:
> Running resolve_btfids with ASAN reveals memory leaks in btf_id
> handling.
>
> - Change get_id() to use a local buffer
> - Make btf_id__add() strdup the name internally
> - Add btf_id__free_all() that frees all nodese of a tree
> - Call the cleanup function on exit for every tree
>
> Signed-off-by: Ihor Solodrai <ihor.solodrai@linux.dev>
Acked-by: Jiri Olsa <jolsa@kernel.org>
one nit below
thanks,
jirka
> ---
> tools/bpf/resolve_btfids/main.c | 78 +++++++++++++++++++++------------
> 1 file changed, 51 insertions(+), 27 deletions(-)
>
> diff --git a/tools/bpf/resolve_btfids/main.c b/tools/bpf/resolve_btfids/main.c
> index ca7fcd03efb6..863fa0faaa31 100644
> --- a/tools/bpf/resolve_btfids/main.c
> +++ b/tools/bpf/resolve_btfids/main.c
> @@ -226,7 +226,7 @@ static struct btf_id *btf_id__find(struct rb_root *root, const char *name)
> }
>
> static struct btf_id *__btf_id__add(struct rb_root *root,
> - char *name,
> + const char *name,
> enum btf_id_kind kind,
> bool unique)
> {
> @@ -250,7 +250,11 @@ static struct btf_id *__btf_id__add(struct rb_root *root,
> id = zalloc(sizeof(*id));
> if (id) {
> pr_debug("adding symbol %s\n", name);
> - id->name = name;
> + id->name = strdup(name);
> + if (!id->name) {
> + free(id);
> + return NULL;
> + }
> id->kind = kind;
> rb_link_node(&id->rb_node, parent, p);
> rb_insert_color(&id->rb_node, root);
> @@ -258,17 +262,17 @@ static struct btf_id *__btf_id__add(struct rb_root *root,
> return id;
> }
>
> -static inline struct btf_id *btf_id__add(struct rb_root *root, char *name, enum btf_id_kind kind)
> +static inline struct btf_id *btf_id__add(struct rb_root *root, const char *name, enum btf_id_kind kind)
> {
> return __btf_id__add(root, name, kind, false);
> }
>
> -static inline struct btf_id *btf_id__add_unique(struct rb_root *root, char *name, enum btf_id_kind kind)
> +static inline struct btf_id *btf_id__add_unique(struct rb_root *root, const char *name, enum btf_id_kind kind)
> {
> return __btf_id__add(root, name, kind, true);
> }
>
> -static char *get_id(const char *prefix_end)
> +static int get_id(const char *prefix_end, char *buf, size_t buf_sz)
> {
> /*
> * __BTF_ID__func__vfs_truncate__0
> @@ -277,28 +281,28 @@ static char *get_id(const char *prefix_end)
> */
> int len = strlen(prefix_end);
> int pos = sizeof("__") - 1;
> - char *p, *id;
> + char *p;
>
> if (pos >= len)
> - return NULL;
> + return -1;
>
> - id = strdup(prefix_end + pos);
> - if (id) {
> - /*
> - * __BTF_ID__func__vfs_truncate__0
> - * id = ^
> - *
> - * cut the unique id part
> - */
> - p = strrchr(id, '_');
> - p--;
> - if (*p != '_') {
> - free(id);
> - return NULL;
> - }
> - *p = '\0';
> - }
> - return id;
> + if (len - pos >= buf_sz)
> + return -1;
> +
> + strcpy(buf, prefix_end + pos);
> + /*
> + * __BTF_ID__func__vfs_truncate__0
> + * buf = ^
> + *
> + * cut the unique id part
> + */
> + p = strrchr(buf, '_');
> + p--;
> + if (*p != '_')
> + return -1;
> + *p = '\0';
> +
> + return 0;
> }
>
> static struct btf_id *add_set(struct object *obj, char *name, enum btf_id_kind kind)
> @@ -335,10 +339,9 @@ static struct btf_id *add_set(struct object *obj, char *name, enum btf_id_kind k
>
> static struct btf_id *add_symbol(struct rb_root *root, char *name, size_t size)
> {
> - char *id;
> + char id[KSYM_NAME_LEN];
>
> - id = get_id(name + size);
> - if (!id) {
> + if (get_id(name + size, id, sizeof(id))) {
> pr_err("FAILED to parse symbol name: %s\n", name);
> return NULL;
> }
> @@ -346,6 +349,22 @@ static struct btf_id *add_symbol(struct rb_root *root, char *name, size_t size)
> return btf_id__add(root, id, BTF_ID_KIND_SYM);
> }
>
> +static void btf_id__free_all(struct rb_root *root)
> +{
> + struct rb_node *node, *next;
> + struct btf_id *id;
> +
> + node = rb_first(root);
> + while (node) {
> + next = rb_next(node);
> + id = rb_entry(node, struct btf_id, rb_node);
> + rb_erase(node, root);
> + free(id->name);
> + free(id);
> + node = next;
> + }
> +}
nit, I think we could do it with just single rb_node pointer, like:
next = rb_first(root);
while (next) {
id = rb_entry(next, struct btf_id, rb_node);
next = rb_next(&id->rb_node);
rb_erase(&id->rb_node, root);
free(id->name);
free(id);
}
jirka
> +
> static void bswap_32_data(void *data, u32 nr_bytes)
> {
> u32 cnt, i;
> @@ -1547,6 +1566,11 @@ int main(int argc, const char **argv)
> out:
> btf__free(obj.base_btf);
> btf__free(obj.btf);
> + btf_id__free_all(&obj.structs);
> + btf_id__free_all(&obj.unions);
> + btf_id__free_all(&obj.typedefs);
> + btf_id__free_all(&obj.funcs);
> + btf_id__free_all(&obj.sets);
> if (obj.efile.elf) {
> elf_end(obj.efile.elf);
> close(obj.efile.fd);
> --
> 2.53.0
>
>
next prev parent reply other threads:[~2026-02-12 11:28 UTC|newest]
Thread overview: 47+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-02-12 1:13 [PATCH bpf-next v1 00/14] selftests/bpf: Fixes for userspace ASAN Ihor Solodrai
2026-02-12 1:13 ` [PATCH bpf-next v1 01/14] selftests/bpf: Pass through build flags to bpftool and resolve_btfids Ihor Solodrai
2026-02-12 2:39 ` Alexei Starovoitov
2026-02-12 3:08 ` Ihor Solodrai
2026-02-13 0:08 ` Ihor Solodrai
2026-02-12 1:13 ` [PATCH bpf-next v1 02/14] resolve_btfids: Fix memory leaks reported by ASAN Ihor Solodrai
2026-02-12 11:28 ` Jiri Olsa [this message]
2026-02-12 1:13 ` [PATCH bpf-next v1 03/14] selftests/bpf: Add DENYLIST.asan Ihor Solodrai
2026-02-12 1:13 ` [PATCH bpf-next v1 04/14] selftests/bpf: Refactor bpf_get_ksyms() trace helper Ihor Solodrai
2026-02-12 11:29 ` Jiri Olsa
2026-02-17 20:42 ` Ihor Solodrai
2026-02-18 13:14 ` Jiri Olsa
2026-02-13 9:56 ` Alexis Lothoré
2026-02-12 1:13 ` [PATCH bpf-next v1 05/14] selftests/bpf: Fix memory leaks in tests Ihor Solodrai
2026-02-12 23:08 ` Eduard Zingerman
2026-02-12 1:13 ` [PATCH bpf-next v1 06/14] selftests/bpf: Fix cleanup in check_fd_array_cnt__fd_array_too_big() Ihor Solodrai
2026-02-12 23:17 ` Eduard Zingerman
2026-02-12 1:13 ` [PATCH bpf-next v1 07/14] veristat: Fix a memory leak for preset ENUMERATOR Ihor Solodrai
2026-02-12 13:37 ` Mykyta Yatsenko
2026-02-12 1:13 ` [PATCH bpf-next v1 08/14] selftests/bpf: Fix use-after-free in xdp_metadata test Ihor Solodrai
2026-02-12 13:40 ` Mykyta Yatsenko
2026-02-12 1:13 ` [PATCH bpf-next v1 09/14] selftests/bpf: Fix double thread join in uprobe_multi_test Ihor Solodrai
2026-02-12 11:29 ` Jiri Olsa
2026-02-12 14:49 ` Mykyta Yatsenko
2026-02-13 16:48 ` Jiri Olsa
2026-02-12 1:13 ` [PATCH bpf-next v1 10/14] selftests/bpf: Fix resource leaks caused by missing cleanups Ihor Solodrai
2026-02-13 0:45 ` Eduard Zingerman
2026-02-12 1:13 ` [PATCH bpf-next v1 11/14] selftests/bpf: Free bpf_object in test_sysctl Ihor Solodrai
2026-02-13 0:54 ` Eduard Zingerman
2026-02-12 1:13 ` [PATCH bpf-next v1 12/14] selftests/bpf: Fix array bounds warning in jit_disasm_helpers Ihor Solodrai
2026-02-13 1:02 ` Eduard Zingerman
2026-02-12 1:13 ` [PATCH bpf-next v1 13/14] selftests/bpf: Fix out-of-bounds array access bugs reported by ASAN Ihor Solodrai
2026-02-13 1:11 ` Eduard Zingerman
2026-02-17 23:27 ` Ihor Solodrai
2026-02-12 1:13 ` [PATCH bpf-next v1 14/14] selftests/bpf: Check BPFTOOL env var in detect_bpftool_path() Ihor Solodrai
2026-02-12 15:03 ` Mykyta Yatsenko
2026-02-13 10:36 ` Alexis Lothoré
2026-02-12 22:00 ` [PATCH bpf-next v1 00/14] selftests/bpf: Fixes for userspace ASAN Eduard Zingerman
2026-02-12 23:57 ` Ihor Solodrai
2026-02-13 0:23 ` Eduard Zingerman
2026-02-13 16:13 ` Ihor Solodrai
2026-02-13 18:06 ` Eduard Zingerman
2026-02-12 23:26 ` Eduard Zingerman
2026-02-13 17:56 ` Ihor Solodrai
2026-02-13 18:09 ` Eduard Zingerman
2026-02-13 18:29 ` Ihor Solodrai
2026-02-13 18:35 ` Eduard Zingerman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aY25VcBtWd3O7-Gp@krava \
--to=olsajiri@gmail.com \
--cc=alexis.lothore@bootlin.com \
--cc=ameryhung@gmail.com \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=eddyz87@gmail.com \
--cc=ihor.solodrai@linux.dev \
--cc=kernel-team@meta.com \
--cc=linux-kernel@vger.kernel.org \
--cc=yatsenko@meta.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.