git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Tengda Wu <wutengda@huaweicloud.com>
	Wed, 22 Jan 2025 02:28:38 +0000 (10:28 +0800)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Thu, 10 Apr 2025 12:39:19 +0000 (14:39 +0200)
commit	dcb5997ead6d999a76dac6e5f597e01d2f4aa7f3
tree	39af2f3a84dee4254e17205655ded838d49c3e47	tree
parent	25aa4fe297a54ae429ad8cba53e6087e4e31b40d	commit \| diff

selftests/bpf: Fix freplace_link segfault in tailcalls prog test

[ Upstream commit a63a631c9b5cb25a1c17dd2cb18c63df91e978b1 ]

There are two bpf_link__destroy(freplace_link) calls in
test_tailcall_bpf2bpf_freplace(). After the first bpf_link__destroy()
is called, if the following bpf_map_{update,delete}_elem() throws an
exception, it will jump to the "out" label and call bpf_link__destroy()
again, causing double free and eventually leading to a segfault.

Fix it by directly resetting freplace_link to NULL after the first
bpf_link__destroy() call.

Fixes: 021611d33e78 ("selftests/bpf: Add test to verify tailcall and freplace restrictions")
Signed-off-by: Tengda Wu <wutengda@huaweicloud.com>
Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Reviewed-by: Leon Hwang <leon.hwang@linux.dev>
Link: https://lore.kernel.org/bpf/20250122022838.1079157-1-wutengda@huaweicloud.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>