[PATCH v2 0/6] perf DWARF: Fix libdw API contract violations and crashes
From: Ian Rogers
Date: Sat May 02 2026 - 11:57:32 EST
This patch series addresses a number of issues related to improper or
incomplete error handling when interacting with the `libdw` and
`libdwfl` APIs in the `perf` DWARF processing code.
The first patch fixes a real segmentation fault observed in `perf
kmem` (via `dwarf_child` and `dwarf_diename`) caused by
`dwarf_getfuncs` returning `-1` on error, which was not caught by the
previous `if (!dwarf_getfuncs(...))` check. This allowed uninitialized
stack memory to be returned and later dereferenced.
Following this discovery, a comprehensive audit of `libdw` API usage
was performed across `tools/perf/`. The remaining patches proactively
fix 28 additional instances of ignored return values or unchecked
pointers that could lead to similar uninitialized memory propagation,
crashes (e.g., via `strdup(NULL)` or `strcmp(NULL)`), or silent logic
failures.
v1:
https://lore.kernel.org/linux-perf-users/20260502064839.282422-1-irogers@xxxxxxxxxx/
Ian Rogers (6):
perf dwarf-aux: Fix libdw segmentation fault in cu_walk_functions_at
perf dwarf-aux: Fix libdw API contract violations
perf libdw: Fix libdw API contract violations
perf probe-finder: Fix libdw API contract violations
perf annotate-data: Fix libdw API contract violations
perf debuginfo: Fix libdw API contract violations
tools/perf/util/annotate-data.c | 17 ++++---
tools/perf/util/debuginfo.c | 5 +-
tools/perf/util/dwarf-aux.c | 41 ++++++++++------
tools/perf/util/libdw.c | 24 +++++++---
tools/perf/util/probe-finder.c | 84 ++++++++++++++++++++++-----------
5 files changed, 113 insertions(+), 58 deletions(-)
--
2.54.0.545.g6539524ca2-goog