From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1751927AbcAEJQi (ORCPT <rfc822;w@1wt.eu>);
	Tue, 5 Jan 2016 04:16:38 -0500
Received: from szxga03-in.huawei.com ([119.145.14.66]:17178 "EHLO
	szxga03-in.huawei.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1751798AbcAEJQc (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Tue, 5 Jan 2016 04:16:32 -0500
To: <peterz@infradead.org>, "mingo@redhat.com" <mingo@redhat.com>,
        "Arnaldo Carvalho de Melo" <acme@kernel.org>,
        Jiri Olsa <jolsa@redhat.com>, <rabin.vincent@axis.com>,
        <namhyung@kernel.org>, Wang Nan <wangnan0@huawei.com>
CC: <linux-kernel@vger.kernel.org>
From: He Kuang <hekuang@huawei.com>
Subject: [bug] wrong result of android callchain
Message-ID: <568B897D.1000209@huawei.com>
Date: Tue, 5 Jan 2016 17:14:37 +0800
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101
 Thunderbird/38.0
MIME-Version: 1.0
Content-Type: text/plain; charset="gbk"; format=flowed
Content-Transfer-Encoding: 7bit
X-Originating-IP: [10.110.54.65]
X-CFilter-Loop: Reflected
X-Mirapoint-Virus-RAPID-Raw: score=unknown(0),
	refid=str=0001.0A090204.568B8990.008E,ss=1,re=0.000,recu=0.000,reip=0.000,cl=1,cld=1,fgs=0,
	ip=0.0.0.0,
	so=2013-05-26 15:14:31,
	dmn=2013-03-21 17:37:32
X-Mirapoint-Loop-Id: 82e9d15fed62e8d12d525191740665b7
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

I found a wrong result of aarch64 callchain when using perf script on
a android phone.

Here's the callchain record fragment from the output of perf script:

   init   369 [002]   339.970607: raw_syscalls:sys_enter: NR 22 (b, 7fd9e360a0, 10, ffffffff, 0, 8)
                      ...
                    230ac [unknown] (/system/lib64/libsurfaceflinger.so)
                     11a0 main (/system/bin/surfaceflinger)
                    1c3fc __libc_init (/system/lib64/libc.so)
                      fd0 _start (/system/bin/surfaceflinger)
                     29ec __dl__start (/system/bin/linker64)

The fault occured in the '[unknown]' line, from objdump result of
/system/bin/surfaceflinger, we can see the branch instruction before
0x11a0:

  # objdump /system/bin/surfaceflinger
     1198:       f9400fe0        ldr     x0, [sp,#24]
     119c:       97ffff05        bl      db0 <_ZN7android14SurfaceFlinger3runEv@plt>
     11a0:       f9400be8        ldr     x8, [sp,#16]
     11a4:       b40000c8        cbz     x8, 11bc <main+0x150>

The function '_ZN7android14SurfaceFlinger3runEv' is located at 0x3a094
~ 0x3a0ac in libsurfaceflinger.so, but perf misparsed that value to
0x230ac:

  # objdump libsurfaceflinger.so
   000000000003a094 <_ZN7android14SurfaceFlinger3runEv>:
     3a094:       a9be4ff4        stp     x20, x19, [sp,#-32]!
     3a098:       a9017bfd        stp     x29, x30, [sp,#16]
     3a09c:       910043fd        add     x29, sp, #0x10
     3a0a0:       910c0013        add     x19, x0, #0x300
     3a0a4:       aa1303e0        mov     x0, x19
     3a0a8:       97fff12f        bl      36564 <_ZN7android12MessageQueue11waitMessageEv>
     3a0ac:       17fffffe        b       3a0a4 <_ZN7android14SurfaceFlinger3runEv+0x10>

There's a difference of 0x17000 between those two offsets, it seems
that this value is the VirtAddr of this dynamic library.

  # readelf -a libsurfaceflinger.so
   Program Headers:
     Type           Offset             VirtAddr           PhysAddr
                    FileSiz            MemSiz              Flags  Align
     LOAD           0x0000000000000000 0x0000000000017000 0x0000000000017000
                    0x0000000000057258 0x0000000000057258  R E    1000