Otherweise ->priv may contain garbage data. This triggers a bug where the BTF loader thinks that the private data has been set and wants to free it, crashing the program. The bug is not reproducible with all binaries. A test file is /usr/lib/libevdev.so.2.3.0 from https://archive.archlinux.org/packages/l/libevdev/libevdev-1.11.0-1-x86_64.pkg.tar.zst Stacktrace: Program terminated with signal SIGSEGV, Segmentation fault. #0 0x00007f0c4cacfc49 in btf__free (btf=0x20) at lib/bpf/src/btf.c:729 729 if (btf->fd >= 0) #1 0x00007f0c4cac2d20 in btf__cu_delete (cu=0x555d89203670) at btf_loader.c:536 #2 0x00007f0c4caaca44 in cu__delete (cu=0x555d89203670) at dwarves.c:630 #3 0x00007f0c4cac2f4d in cus__load_btf (cus=0x555d89203140, conf=0x555d8863f360 <conf_load>, filename=0x7fff8fb8327e "/usr/lib/libevdev.so.2.3.0") at btf_loader.c:595 #4 0x00007f0c4caafc18 in cus__load_file (cus=0x555d89203140, conf=0x555d8863f360 <conf_load>, filename=0x7fff8fb8327e "/usr/lib/libevdev.so.2.3.0") at dwarves.c:1993 #5 0x00007f0c4cab0988 in cus__load_files (cus=0x555d89203140, conf=0x555d8863f360 <conf_load>, filenames=0x7fff8fb815f0) at dwarves.c:2352 #6 0x0000555d88638d6d in main (argc=2, argv=0x7fff8fb815e8) at pahole.c:2842 Fixes: 7fb31d787d3deec191527ca010c74888f4acd765 btf_loader: Stop using libbtf.h and the btf_elf class Signed-off-by: Thomas Weißschuh <thomas@xxxxxxxx> --- dwarves.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/dwarves.c b/dwarves.c index 34f581d..ed0037d 100644 --- a/dwarves.c +++ b/dwarves.c @@ -576,6 +576,8 @@ struct cu *cu__new(const char *name, uint8_t addr_size, if (cu->filename == NULL) goto out_free_name; + cu->priv = NULL; + ptr_table__init(&cu->tags_table); ptr_table__init(&cu->types_table); ptr_table__init(&cu->functions_table); base-commit: 3ec54ee72ff7c5b169252972f69007b54e2f9211 -- 2.32.0
