[SEGFAULT: perf]
From: Andrew Watts
Date: Mon Jul 23 2012 - 09:52:25 EST
perf report on 3.4.6 segfaults when certain pointers are null. Attached is
a patch that applies cleanly @3.4.6 and addresses (A). I am not comfortable
suggesting fixes for (B) and (C).
~ Andy
===
(A) perf report with sort on comm/pid/parent/dso:
(gdb) run report --sort=comm
Program received signal SIGSEGV, Segmentation fault.
0x0805c00b in perf_evsel__add_hist_entry (evsel=0x81c56a8, al=0xbfffe9b0,
sample=0xbfffea84, machine=0x81c3fa8) at builtin-report.c:171
171 if (notes->src == NULL && symbol__alloc_hist(he->ms.sym) < 0)
#0 0x0805c00b in perf_evsel__add_hist_entry (evsel=0x81c56a8, al=0xbfffe9b0,
sample=0xbfffea84, machine=0x81c3fa8) at builtin-report.c:171
#1 0x0805c234 in process_sample_event (tool=0xbffff27c, event=0xb6db1f38,
sample=0xbfffea84, evsel=0x81c56a8, machine=0x81c3fa8)
at builtin-report.c:216
#2 0x080a3097 in perf_session_deliver_event (session=0x81c3f50, event=
0xb6db1f38, sample=0xbfffea84, tool=0xbffff27c, file_offset=339768)
at util/session.c:885
#3 0x080a24d1 in flush_sample_queue (s=0x81c3f50, tool=0xbffff27c)
at util/session.c:587
#4 0x080a40e3 in __perf_session__process_events (session=0x81c3f50,
data_offset=280, data_size=419640, file_size=419920, tool=0xbffff27c)
at util/session.c:1257
#5 0x080a41d3 in perf_session__process_events (self=0x81c3f50, tool=
0xbffff27c) at util/session.c:1273
(gdb) print he->ms.sym
$1 = (struct symbol *) 0x0
--
(B) perf report segfaults on sorts of symbol_from/symbol_to:
(gdb) run report --sort=symbol_from
Program received signal SIGSEGV, Segmentation fault.
0x080b8777 in sort__sym_from_cmp (left=0xbfffe878, right=0x84dfde0)
at util/sort.c:334
334 if (!from_l->sym && !from_r->sym
(gdb) bt
#0 0x080b8777 in sort__sym_from_cmp (left=0xbfffe878, right=0x84dfde0)
at util/sort.c:334
#1 0x080ba0b8 in hist_entry__cmp (left=0xbfffe878, right=0x84dfde0)
at util/hist.c:345
#2 0x080b9c31 in add_hist_entry (hists=0x81c571c, entry=0xbfffe878, al=
0xbfffe9b0, period=333940) at util/hist.c:254
#3 0x080ba04c in __hists__add_entry (self=0x81c571c, al=0xbfffe9b0,
sym_parent=0x0, period=333940) at util/hist.c:335
#4 0x0805bf50 in perf_evsel__add_hist_entry (evsel=0x81c56a8, al=0xbfffe9b0,
sample=0xbfffea84, machine=0x81c3fa8) at builtin-report.c:149
#5 0x0805c234 in process_sample_event (tool=0xbffff27c, event=0xb6db1840,
sample=0xbfffea84, evsel=0x81c56a8, machine=0x81c3fa8)
at builtin-report.c:216
(gdb) print left->branch_info
$2 = (struct branch_info *) 0x0
(gdb) print right->branch_info
$3 = (struct branch_info *) 0x0
--
(C) perf report segfaults with dso_from/dso_to:
(gdb) run report --sort=dso_to
Program received signal SIGSEGV, Segmentation fault.
sort__dso_to_cmp (left=0xbfffe878, right=0x82346f0) at util/sort.c:317
317 return _sort__dso_cmp(left->branch_info->to.map,
(gdb) bt
#0 sort__dso_to_cmp (left=0xbfffe878, right=0x82346f0) at util/sort.c:317
#1 0x080ba0c8 in hist_entry__cmp (left=0xbfffe878, right=0x82346f0)
at util/hist.c:345
#2 0x080b9c41 in add_hist_entry (hists=0x81c571c, entry=0xbfffe878, al=
0xbfffe9b0, period=333331) at util/hist.c:254
#3 0x080ba05c in __hists__add_entry (self=0x81c571c, al=0xbfffe9b0,
sym_parent=0x0, period=333331) at util/hist.c:335
#4 0x0805bf50 in perf_evsel__add_hist_entry (evsel=0x81c56a8, al=0xbfffe9b0,
sample=0xbfffea84, machine=0x81c3fa8) at builtin-report.c:149
#5 0x0805c242 in process_sample_event (tool=0xbffff27c, event=0xb6dbf800,
sample=0xbfffea84, evsel=0x81c56a8, machine=0x81c3fa8)
at builtin-report.c:216
(gdb) print left->branch_info
$4 = (struct branch_info *) 0x0
(gdb) print right->branch_info
$5 = (struct branch_info *) 0x0
===
--- builtin-report.c.orig 2012-07-22
+++ builtin-report.c 2012-07-22
@@ -162,7 +162,7 @@ static int perf_evsel__add_hist_entry(st
* so we don't allocated the extra space needed because the stdio
* code will not use it.
*/
- if (al->sym != NULL && use_browser > 0) {
+ if (al->sym != NULL && he->ms.sym != NULL && use_browser > 0) {
struct annotation *notes = symbol__annotation(he->ms.sym);
assert(evsel != NULL);