From: Arnaldo Carvalho de Melo <acme@kernel.org>
To: Namhyung Kim <namhyung@kernel.org>
Cc: Ingo Molnar <mingo@kernel.org>,
Thomas Gleixner <tglx@linutronix.de>,
James Clark <james.clark@linaro.org>,
Jiri Olsa <jolsa@kernel.org>, Ian Rogers <irogers@google.com>,
Adrian Hunter <adrian.hunter@intel.com>,
Clark Williams <williams@redhat.com>,
linux-kernel@vger.kernel.org, linux-perf-users@vger.kernel.org,
Arnaldo Carvalho de Melo <acme@redhat.com>,
sashiko-bot <sashiko-bot@kernel.org>,
"Claude Opus 4.6" <noreply@anthropic.com>
Subject: [PATCH 03/15] perf symbols: Use fixed buffer in sysfs__read_build_id() for no-libelf build
Date: Thu, 11 Jun 2026 21:34:31 -0300 [thread overview]
Message-ID: <20260612003444.50723-4-acme@kernel.org> (raw)
In-Reply-To: <20260612003444.50723-1-acme@kernel.org>
From: Arnaldo Carvalho de Melo <acme@redhat.com>
sysfs__read_build_id() in the no-libelf build path uses fstat() to get
the file size and then allocates an exact-sized buffer. Sysfs pseudo-
files (/sys/kernel/notes) often report st_size=0 or a page-sized value
(4096) regardless of actual content. When st_size is 0, malloc(0)
returns a zero-sized allocation and read(fd, buf, 0) returns 0, which
matches the expected (ssize_t)buf_size check, then read_build_id() is
called with a zero-length buffer and never finds any notes.
Replace the fstat + malloc approach with a fixed BUFSIZ stack buffer and
a single read(), matching the strategy used by the libelf-based
sysfs__read_build_id() in symbol-elf.c. This also eliminates the
malloc/free overhead for what is always a small sysfs file.
Reported-by: sashiko-bot <sashiko-bot@kernel.org>
Fixes: b691f64360ecec49 ("perf symbols: Implement poor man's ELF parser")
Cc: Namhyung Kim <namhyung@kernel.org>
Assisted-by: Claude Opus 4.6 <noreply@anthropic.com>
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
---
tools/perf/util/symbol-minimal.c | 41 +++++++++++++++++++-------------
1 file changed, 24 insertions(+), 17 deletions(-)
diff --git a/tools/perf/util/symbol-minimal.c b/tools/perf/util/symbol-minimal.c
index 0a71d146395271a6..ea2de3d50d33cf33 100644
--- a/tools/perf/util/symbol-minimal.c
+++ b/tools/perf/util/symbol-minimal.c
@@ -220,29 +220,36 @@ int sysfs__read_build_id(const char *filename, struct build_id *bid)
{
int fd;
int ret = -1;
- struct stat stbuf;
- size_t buf_size;
- void *buf;
+ /*
+ * read_build_id() casts this buffer to a u32 note header pointer,
+ * so it must be aligned for u32 access.
+ *
+ * Accessing a char[] through a u32* is technically type-punning
+ * under C strict aliasing rules, but perf unconditionally builds
+ * with -fno-strict-aliasing (Makefile.config), so this is safe.
+ *
+ * This file is only compiled when libelf is not available — the
+ * common case uses the libelf-based path in symbol-elf.c instead.
+ */
+ char buf[BUFSIZ] __aligned(4);
+ ssize_t len;
fd = open(filename, O_RDONLY);
if (fd < 0)
return -1;
- if (fstat(fd, &stbuf) < 0)
- goto out;
-
- buf_size = stbuf.st_size;
- buf = malloc(buf_size);
- if (buf == NULL)
- goto out;
-
- if (read(fd, buf, buf_size) != (ssize_t) buf_size)
- goto out_free;
+ /*
+ * Use a fixed buffer and a single read() instead of fstat() + malloc(),
+ * because sysfs pseudo-files often report st_size=0 or 4096
+ * regardless of actual content size.
+ *
+ * BUFSIZ (8192) is more than sufficient: a sysfs build-id note is
+ * ~36 bytes (12-byte note header + 4-byte "GNU" name + 20-byte SHA1).
+ */
+ len = read(fd, buf, sizeof(buf));
+ if (len > 0)
+ ret = read_build_id(buf, len, bid, false);
- ret = read_build_id(buf, buf_size, bid, false);
-out_free:
- free(buf);
-out:
close(fd);
return ret;
}
--
2.54.0
next prev parent reply other threads:[~2026-06-12 0:35 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-06-12 0:34 [PATCHES v1 00/15] perf tools: Fix pre-existing bugs in symbols, dso, bpf, sched, c2c, hwmon, and cs-etm Arnaldo Carvalho de Melo
2026-06-12 0:34 ` [PATCH 01/15] perf symbols: Fix bswap copy-paste error for 32-bit ELF p_filesz Arnaldo Carvalho de Melo
2026-06-12 0:34 ` [PATCH 02/15] perf symbols: Validate p_filesz before use in filename__read_build_id() Arnaldo Carvalho de Melo
2026-06-12 0:34 ` Arnaldo Carvalho de Melo [this message]
2026-06-12 0:47 ` [PATCH 03/15] perf symbols: Use fixed buffer in sysfs__read_build_id() for no-libelf build sashiko-bot
2026-06-12 0:34 ` [PATCH 04/15] perf symbols: Break infinite loop on zero-filled notes in sysfs__read_build_id() Arnaldo Carvalho de Melo
2026-06-12 0:34 ` [PATCH 05/15] perf dso: Fix heap overflow in dso__get_filename() on decompressed path Arnaldo Carvalho de Melo
2026-06-12 0:34 ` [PATCH 06/15] perf dso: Set error code when open() fails on uncompressed fallback path Arnaldo Carvalho de Melo
2026-06-12 0:54 ` sashiko-bot
2026-06-12 0:34 ` [PATCH 07/15] perf tools: Use snprintf() for root_dir path construction Arnaldo Carvalho de Melo
2026-06-12 2:54 ` sashiko-bot
2026-06-12 0:34 ` [PATCH 08/15] perf hwmon: Fix fd check to accept fd 0 in hwmon_pmu__describe_items() Arnaldo Carvalho de Melo
2026-06-12 0:34 ` [PATCH 09/15] perf sched: Replace (void*)1 sentinel with proper runtime allocation Arnaldo Carvalho de Melo
2026-06-12 0:34 ` [PATCH 10/15] perf bpf: Validate func_info_rec_size and sub_id in synthesize_bpf_prog_name() Arnaldo Carvalho de Melo
2026-06-12 0:52 ` sashiko-bot
2026-06-12 0:34 ` [PATCH 11/15] perf bpf: Reject oversized BPF metadata events that truncate header.size Arnaldo Carvalho de Melo
2026-06-12 0:34 ` [PATCH 12/15] perf bpf: Bounds-check array offsets in bpil_offs_to_addr() Arnaldo Carvalho de Melo
2026-06-12 0:51 ` sashiko-bot
2026-06-12 0:34 ` [PATCH 13/15] perf c2c: Free format list entries when releasing c2c hist entries Arnaldo Carvalho de Melo
2026-06-12 0:58 ` sashiko-bot
2026-06-12 0:34 ` [PATCH 14/15] perf symbols: Add O_NONBLOCK to DSO open() calls for untrusted paths Arnaldo Carvalho de Melo
2026-06-12 4:57 ` sashiko-bot
2026-06-12 5:52 ` Ian Rogers
2026-06-12 0:34 ` [PATCH 15/15] perf cs-etm: Reject CPU IDs that would overflow signed comparison Arnaldo Carvalho de Melo
2026-06-12 1:00 ` sashiko-bot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260612003444.50723-4-acme@kernel.org \
--to=acme@kernel.org \
--cc=acme@redhat.com \
--cc=adrian.hunter@intel.com \
--cc=irogers@google.com \
--cc=james.clark@linaro.org \
--cc=jolsa@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-perf-users@vger.kernel.org \
--cc=mingo@kernel.org \
--cc=namhyung@kernel.org \
--cc=noreply@anthropic.com \
--cc=sashiko-bot@kernel.org \
--cc=tglx@linutronix.de \
--cc=williams@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.