bpf: Fix tail_call_reachable leak - kernel/linux.git - Linux kernel stable tree (mirror)

diff options

author	Yonghong Song <yonghong.song@linux.dev>	2026-04-23 06:34:35 +0300
committer	Alexei Starovoitov <ast@kernel.org>	2026-04-23 17:54:50 +0300
commit	54c27ea6dadbe932a955bf40b7837947c5c202e1 (patch)
tree	fe6b5e980dee34463ca447db003bd89e2e6a72fc /include/linux/debugobjects.h
parent	a7088176d8299ff74276a89dbdef3c5ce8748eeb (diff)
download	linux-54c27ea6dadbe932a955bf40b7837947c5c202e1.tar.xz

bpf: Fix tail_call_reachable leak

In check_max_stack_depth_subprog(), the local variable tail_call_reachable is set when entering a callee that has a tail call, but never reset when popping back to the parent. This causes the flag to leak across sibling subprogs in the DFS traversal. This results in unnecessary JIT overhead: the JIT emits tail call counter preservation code for subprogs that can never be reached via a tail call path. Fix this by resetting tail_call_reachable to the parent's actual per-subprog flag when popping a frame. If the parent was already marked tail_call_reachable by a previous sibling's traversal, the local variable stays true. Otherwise it resets to false, so subsequent siblings start with a clean state. Acked-by: Kumar Kartikeya Dwivedi <memxor@gmail.com> Signed-off-by: Yonghong Song <yonghong.song@linux.dev> Link: https://lore.kernel.org/r/20260423033435.2538013-1-yonghong.song@linux.dev Signed-off-by: Alexei Starovoitov <ast@kernel.org>

Diffstat (limited to 'include/linux/debugobjects.h')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: