fix(container): Propagate engine initialization errors to the caller #1020

ekoops · 2025-10-23T10:34:35Z

This snippet introduces a memory leak, because C.Cstring("") allocates a C string on the heap, and the Go runtime will not garbage-collect it. We should add a call to defer C.free(...). but in order to be sure that this is called just after StartWorker(...) invocation, and regardless the fact that this function could panic, I would add a new wrapping function like the following:

func startWorker(...) unsafe.Pointer { errmsg := C.CString("") defer C.free(unsafe.Pointer(errmsg)) return StartWorker((*[0]byte)(C.echo_cb), cstr, &enabledSocks, &errmsg) }

The string buffer is deallocated on the C/C++ side of the plugin: https://github.com/falcosecurity/plugins/pull/1020/files#diff-66d6df581476d08b6c98945b62b26d631c6a61a3393e39f23334a2476eac0312R59. Pretty much in line with the preexisting code to free the enabled_engines string.

I have some concerns here. First of all, we have two callers to StartWorker():

the first is the main() function in main_exe.go in Go code

the second is my_plugin::start_async_events() method in C++ code

In main_exe.go:main(), we are indeed allocating a C string with errmsg := C.CString(""). This is our first allocation. We then pass its address to StartWorker() that, in some cases, replaces the pointed value:

if errs.Len() > 0 { *errmsg = C.CString(errs.String()) }

The memory backing the first allocation is leaked after this instruction. Moreover, after StartWorker() returns, nobody deallocates the second string (the one containing errs.String() we just saw): this is a second leak.

Now let's analyze the second code path: the one starting from my_plugin::start_async_events(). As err is initialized with nullptr, a call to StartWorker() will work fine as long as it doesn't panic: if it panics, who is gonna release its allocated string? Notice that panics are also problematic for the main_exe.go:main() path.

In order to simplify handling, and fixing all these issues, I would suggest to design a wrapper around StartWorker() that allocates the C string and (this is important), ensures this string is deallocated, wheter or not the call to StartWorker() panicked. This is also easier to maintain, as we are putting handling ownership in a single place.

Finally, I agree with you that enabled_engines should be better handled. Specifically, who ensures it is initialized when free((void *)enabled_engines); is executed?

WDYT? @rabbitstack

@ekoops I agree with your analysis and the sentiment about generally improving the error handling. I didn't want to be too disruptive and adopted the same approach as with the enabled_engines string :). That said, main_exe.go source can be ignored as it is solely used to verify the go-worker inner-workings during development without the need to spin up a full-fledged plugin running inside Falco.

Also, IMO, the leaks you identified are not critical, since StartWorker is invoked once during plugin lifetime. However, it is definitely worth the improvements you highlighted above.

@ekoops I currently have too many things on my plate, so I may ask @deepskyblue86 to take over if he's not overcommitted ;)

-Original file line number
+Diff line change
@@ Expand Up / @@ -70,9 +70,10 @@ func main() { @@
     	fmt.Println("Starting worker")
     	cstr := C.CString(initCfg)
     	enabledSocks := C.CString("")
-    	ptr := StartWorker((*[0]byte)(C.echo_cb), cstr, &enabledSocks)
+    	errmsg := C.CString("")
+    	ptr := StartWorker((*[0]byte)(C.echo_cb), cstr, &enabledSocks, &errmsg)
     	if ptr == nil {
-    		fmt.Println("Failed to start worker; nothing configured?")
+    		fmt.Println(fmt.Sprintf("Failed to start worker; nothing configured? %s", C.GoString(errmsg)))
     		os.Exit(1)
     	}
     	socks := C.GoString(enabledSocks)
@@ Expand Down @@

-Original file line number
+Diff line change
@@ Expand Up / @@ -11,13 +11,15 @@ import "C" @@
     import (
     	"context"
     	"encoding/json"
-    	"github.com/falcosecurity/plugin-sdk-go/pkg/ptr"
-    	"github.com/falcosecurity/plugins/plugins/container/go-worker/pkg/config"
-    	"github.com/falcosecurity/plugins/plugins/container/go-worker/pkg/container"
     	"runtime"
     	"runtime/cgo"
+    	"strings"
     	"sync"
     	"unsafe"
+    	"github.com/falcosecurity/plugin-sdk-go/pkg/ptr"
+    	"github.com/falcosecurity/plugins/plugins/container/go-worker/pkg/config"
+    	"github.com/falcosecurity/plugins/plugins/container/go-worker/pkg/container"
     )
     type PluginCtx struct {
@@ Expand All / @@ -29,7 +31,7 @@ type PluginCtx struct { @@
     }
     //export StartWorker
-    func StartWorker(cb C.async_cb, initCfg *C.cchar_t, enabledSocks **C.cchar_t) unsafe.Pointer {
+    func StartWorker(cb C.async_cb, initCfg *C.cchar_t, enabledSocks **C.cchar_t, errmsg **C.cchar_t) unsafe.Pointer {
     	var (
     		pluginCtx PluginCtx
     		ctx       context.Context
@@ Expand Down Expand Up @@
     		return nil
     	}
+    	var errs strings.Builder
     	containerEngines := make([]container.Engine, 0)
     	enabledEngines := make(map[string][]string)
     	for _, generator := range generators {
     		engine, err := generator(ctx)
     		if err != nil {
+    			errs.WriteString(err.Error())
+    			errs.WriteByte('\n')
     			continue
     		}
     		containerEngines = append(containerEngines, engine)
@@ Expand All @@
     		}
     	}
+    	if errs.Len() > 0 {
+    		*errmsg = C.CString(errs.String())
+    	}
     	pluginCtx.fetchCh = make(chan string, fetchChSize)
     	// Always append the dummy engine that is required to
@@ Expand Down @@

-Original file line number
+Diff line change
@@ Expand Up / @@ -43,11 +43,22 @@ bool my_plugin::start_async_events( @@
         m_logger.log("starting async go-worker",
                      falcosecurity::_internal::SS_PLUGIN_LOG_SEV_DEBUG);
         nlohmann::json j(m_cfg);
         const char *enabled_engines = nullptr;
+        const char *err = nullptr;
         m_async_ctx = StartWorker(generate_async_event<ASYNC_HANDLER_GO_WORKER>,
-                                  j.dump().c_str(), &enabled_engines);
+                                  j.dump().c_str(), &enabled_engines, &err);
         m_logger.log(fmt::format("attached engine sockets: {}", enabled_engines),
                      falcosecurity::_internal::SS_PLUGIN_LOG_SEV_DEBUG);
+        if(err)
+        {
+            m_logger.log(fmt::format("failed to start async go-worker: {}", err),
+                         falcosecurity::_internal::SS_PLUGIN_LOG_SEV_ERROR);
+            free((void *)err);
+        }
         free((void *)enabled_engines);
         // Merge back pre-existing containers to our cache
@@ Expand Down @@

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fix(container): Propagate engine initialization errors to the caller #1020

Uh oh!

Diff view

Diff view

There are no files selected for viewing

ekoops Oct 23, 2025

Uh oh!

rabbitstack Dec 19, 2025

Uh oh!

ekoops Dec 19, 2025

Uh oh!

rabbitstack Dec 19, 2025

Uh oh!

rabbitstack Jan 15, 2026

Uh oh!

Uh oh!

fix(container): Propagate engine initialization errors to the caller #1020

Are you sure you want to change the base?

Uh oh!

fix(container): Propagate engine initialization errors to the caller #1020

Uh oh!

Uh oh!

Diff view

Diff view

There are no files selected for viewing

ekoops Oct 23, 2025

Choose a reason for hiding this comment

Uh oh!

rabbitstack Dec 19, 2025

Choose a reason for hiding this comment

Uh oh!

ekoops Dec 19, 2025

Choose a reason for hiding this comment

Uh oh!

rabbitstack Dec 19, 2025

Choose a reason for hiding this comment

Uh oh!

rabbitstack Jan 15, 2026

Choose a reason for hiding this comment

Uh oh!

Uh oh!