archive/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2025-08-15 14:11:42 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
linux/kernel/bpf
History
Exact
Eduard Zingerman 1b30d44417 bpf: Fix memory leak of bpf_scc_info objects 
env->scc_info array contains references to bpf_scc_info objects
allocated lazily in verifier.c:scc_visit_alloc().
env->scc_cnt was supposed to track env->scc_info array size
in order to free referenced objects in verifier.c:free_states().
Fix initialization of env->scc_cnt that was omitted in
verifier.c:compute_scc().

To reproduce the bug:
- build with CONFIG_DEBUG_KMEMLEAK
- boot and load bpf program with loops, e.g.:
  ./veristat -q pyperf180.bpf.o
- initiate memleak scan and check results:
  echo scan > /sys/kernel/debug/kmemleak
  cat /sys/kernel/debug/kmemleak

Fixes: c9e31900b5 ("bpf: propagate read/precision marks over state graph backedges")
Reported-by: Jens Axboe <axboe@kernel.dk>
Closes: https://lore.kernel.org/bpf/CAADnVQKXUWg9uRCPD5ebRXwN4dmBCRUFFM7kN=GxymYz3zU25A@mail.gmail.com/T/
Suggested-by: Alexei Starovoitov <alexei.starovoitov@gmail.com>
Tested-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Eduard Zingerman <eddyz87@gmail.com>
Link: https://lore.kernel.org/r/20250801232330.1800436-1-eddyz87@gmail.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
2025-08-02 09:04:57 -07:00
..
preload umd: Remove usermode driver framework 2025-07-26 21:03:04 +02:00
arena.c bpf/arena: add bpf_arena_reserve_pages kfunc 2025-07-11 10:43:54 -07:00
arraymap.c bpf: add btf_type_is_i{32,64} helpers 2025-06-25 15:15:49 -07:00
bloom_filter.c bpf: Check bloom filter map value size 2024-03-27 09:56:17 -07:00
bpf_cgrp_storage.c bpf: Only fails the busy counter check in bpf_cgrp_storage_get if it creates storage 2025-03-18 19:05:46 -07:00
bpf_inode_storage.c bpf: Disable migration when destroying inode storage 2025-01-08 18:06:36 -08:00
bpf_iter.c bpf: Add attach_type field to bpf_link 2025-07-11 10:51:55 -07:00
bpf_local_storage.c bpf: add btf_type_is_i{32,64} helpers 2025-06-25 15:15:49 -07:00
bpf_lru_list.c bpf: Adjust free target to avoid global starvation of LRU map 2025-06-18 18:50:14 -07:00
bpf_lru_list.h bpf: Adjust free target to avoid global starvation of LRU map 2025-06-18 18:50:14 -07:00
bpf_lsm.c bpf: lsm: Add two more sleepable hooks 2025-02-13 19:35:31 -08:00
bpf_struct_ops.c bpf: Add attach_type field to bpf_link 2025-07-11 10:51:55 -07:00
bpf_task_storage.c bpf: Remove migrate_{disable|enable} from bpf_task_storage_lock helpers 2025-01-08 18:06:36 -08:00
btf.c bpf-next-6.17 2025-07-30 09:58:50 -07:00
btf_iter.c bpf: Remove custom build rule 2024-08-30 08:55:26 -07:00
btf_relocate.c bpf: Remove custom build rule 2024-08-30 08:55:26 -07:00
cgroup.c bpf-next-6.17 2025-07-30 09:58:50 -07:00
cgroup_iter.c bpf: Let verifier consider {task,cgroup} is trusted in bpf_iter_reg 2023-11-07 15:24:25 -08:00
core.c bpf: Fix oob access in cgroup local storage 2025-07-31 11:30:05 -07:00
cpumap.c net: Create separate gro_flush_normal function 2025-07-24 18:34:55 -07:00
cpumask.c bpf: fix missing kdoc string fields in cpumask.c 2025-03-15 11:48:57 -07:00
crypto.c bpf: crypto: make state and IV dynptr nullable 2024-06-13 16:33:04 -07:00
devmap.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2024-12-12 14:19:05 -08:00
disasm.c bpftool: Using the right format specifiers 2025-03-17 13:50:56 -07:00
disasm.h
dispatcher.c bpf: Add kernel symbol for struct_ops trampoline 2024-11-12 17:13:46 -08:00
dmabuf_iter.c bpf: Add open coded dmabuf iterator 2025-05-27 09:51:25 -07:00
hashtab.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf after rc4 2025-04-28 08:40:45 -07:00
helpers.c vfs-6.17-rc1.bpf 2025-07-28 14:42:31 -07:00
inode.c VFS: rename lookup_one_len family to lookup_noperm and remove permission check 2025-04-08 11:24:36 +02:00
Kconfig bpf: remove CONFIG_BPF_JIT dependency on CONFIG_MODULES of 2024-05-14 00:36:29 -07:00
kmem_cache_iter.c bpf: Add open coded version of kmem_cache iterator 2024-11-01 11:08:32 -07:00
link_iter.c bpf: Clean up individual BTF_ID code 2025-07-16 18:34:42 -07:00
local_storage.c bpf: add btf_type_is_i{32,64} helpers 2025-06-25 15:15:49 -07:00
log.c bpf: Introduce support for bpf_local_irq_{save,restore} 2024-12-04 08:38:29 -08:00
lpm_trie.c bpf: Convert lpm_trie.c to rqspinlock 2025-03-19 08:03:05 -07:00
Makefile bpf: Introduce BPF standard streams 2025-07-03 19:30:06 -07:00
map_in_map.c bpf: switch maps to CLASS(fd, ...) 2024-08-13 15:58:17 -07:00
map_in_map.h bpf: Add map and need_defer parameters to .map_fd_put_ptr() 2023-12-04 17:50:26 -08:00
map_iter.c bpf: treewide: Annotate BPF kfuncs in BTF 2024-01-31 20:40:56 -08:00
memalloc.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf 2024-11-13 12:52:51 -08:00
mmap_unlock_work.h
mprog.c bpf: Handle bpf_mprog_query with NULL entry 2023-10-06 17:11:20 -07:00
net_namespace.c bpf: Remove attach_type in bpf_netns_link 2025-07-11 11:01:04 -07:00
offload.c net: move misc netdev_lock flavors to a separate header 2025-03-08 09:06:50 -08:00
percpu_freelist.c bpf: Convert percpu_freelist.c to rqspinlock 2025-03-19 08:03:05 -07:00
percpu_freelist.h bpf: Convert percpu_freelist.c to rqspinlock 2025-03-19 08:03:05 -07:00
prog_iter.c bpf: Clean up individual BTF_ID code 2025-07-16 18:34:42 -07:00
queue_stack_maps.c bpf: Convert queue_stack map to rqspinlock 2025-04-10 12:51:10 -07:00
range_tree.c bpf: Disable migration before calling ops->map_free() 2025-01-08 18:06:36 -08:00
range_tree.h bpf: Introduce range_tree data structure and use it in bpf arena 2024-11-13 13:52:45 -08:00
relo_core.c bpf: Remove custom build rule 2024-08-30 08:55:26 -07:00
reuseport_array.c bpf: Use sockfd_put() helper 2024-08-30 08:57:47 -07:00
ringbuf.c bpf: Convert ringbuf map to rqspinlock 2025-04-11 10:28:26 -07:00
rqspinlock.c bpf: Report rqspinlock deadlocks/timeout to BPF stderr 2025-07-03 19:30:07 -07:00
rqspinlock.h rqspinlock: Protect waiters in queue from stalls 2025-03-19 08:03:05 -07:00
stackmap.c bpf: wire up sleepable bpf_get_stack() and bpf_get_task_stack() helpers 2024-09-11 09:58:31 -07:00
stream.c bpf: Fix improper int-to-ptr cast in dump_stack_cb 2025-07-07 08:30:15 -07:00
syscall.c bpf: Move bpf map owner out of common struct 2025-07-31 11:30:05 -07:00
sysfs_btf.c Driver core changes for 6.17-rc1 2025-07-29 12:15:39 -07:00
task_iter.c vfs-6.13.file 2024-11-18 10:30:29 -08:00
tcx.c bpf: Remove location field in tcx_link 2025-07-11 11:00:57 -07:00
tnum.c bpf: Add range tracking for BPF_NEG 2025-06-25 15:12:17 -07:00
token.c bpf: Add struct bpf_token_info 2025-07-16 18:38:05 -07:00
trampoline.c bpf: Add attach_type field to bpf_link 2025-07-11 10:51:55 -07:00
verifier.c bpf: Fix memory leak of bpf_scc_info objects 2025-08-02 09:04:57 -07:00