From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1753341Ab2GWNwd (ORCPT <rfc822;w@1wt.eu>);
	Mon, 23 Jul 2012 09:52:33 -0400
Received: from nm11-vm0.bullet.mail.sp2.yahoo.com ([98.139.91.240]:45833 "HELO
	nm11-vm0.bullet.mail.sp2.yahoo.com" rhost-flags-OK-OK-OK-OK)
	by vger.kernel.org with SMTP id S1751216Ab2GWNwb (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Mon, 23 Jul 2012 09:52:31 -0400
X-Yahoo-Newman-Id: 305817.13236.bm@smtp103.mail.gq1.yahoo.com
X-Yahoo-Newman-Property: ymail-3
X-YMail-OSG: PkIH.LQVM1kzmKVZsvG6QDzP5yYE5dmvZkqbO_U2F7QIJHF
 zwD3eeu6.D9YFqTq6jP.0UqLCIYkX2sg1bj1CpWgajqjuXDo1UqV4Dtoxqtn
 VJSR7vpMZZ1AA2H1_fR9Ep.k7L6vQea5Q.1hiBvch5ILCPfXsvtGWEDaZ7UC
 gInLDubLWvz4tjZKqoUecfXML9ZhBYj5EOq69fccuYMLbgI8dGNdoOsLiQgJ
 KXxbw8Pk52bt8ZCKL.cHIwawwKoL0Mlqi1m4CUY_srHHwHAA1IvgxzGTUYD6
 upkPCgKD4Mmd0gjCpcvSNhYz61nFwvIWocqoXI1QT40WE4ywO9fqe8gXTRHs
 XfFt3IrUGxxvVtyBmJZVeo0n1p4vEINA4CL6dhKbK4K9OH4DXsKb8w3nTtUw
 qzkM-
X-Yahoo-SMTP: gvIQca6swBCF5pMq54eC.XuJ8SoqXA5fBgqzSmaH
Date: Mon, 23 Jul 2012 08:52:17 -0500
From: Andrew Watts <akwatts@ymail.com>
To: linux-kernel@vger.kernel.org
Subject: [SEGFAULT: perf]
Message-ID: <20120723135214.GA14465@ymail.com>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="CE+1k2dSO48ffgeK"
Content-Disposition: inline
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org


--CE+1k2dSO48ffgeK
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

perf report on 3.4.6 segfaults when certain pointers are null. Attached is
a patch that applies cleanly @3.4.6 and addresses (A). I am not comfortable
suggesting fixes for (B) and (C).

~ Andy

===

(A) perf report with sort on comm/pid/parent/dso:

(gdb) run report --sort=comm
Program received signal SIGSEGV, Segmentation fault.
0x0805c00b in perf_evsel__add_hist_entry (evsel=0x81c56a8, al=0xbfffe9b0,
sample=0xbfffea84, machine=0x81c3fa8) at builtin-report.c:171
171             if (notes->src == NULL && symbol__alloc_hist(he->ms.sym) < 0)
#0  0x0805c00b in perf_evsel__add_hist_entry (evsel=0x81c56a8, al=0xbfffe9b0,
    sample=0xbfffea84, machine=0x81c3fa8) at builtin-report.c:171
#1  0x0805c234 in process_sample_event (tool=0xbffff27c, event=0xb6db1f38,
    sample=0xbfffea84, evsel=0x81c56a8, machine=0x81c3fa8)
    at builtin-report.c:216
#2  0x080a3097 in perf_session_deliver_event (session=0x81c3f50, event=
    0xb6db1f38, sample=0xbfffea84, tool=0xbffff27c, file_offset=339768)
    at util/session.c:885
#3  0x080a24d1 in flush_sample_queue (s=0x81c3f50, tool=0xbffff27c)
    at util/session.c:587
#4  0x080a40e3 in __perf_session__process_events (session=0x81c3f50,
    data_offset=280, data_size=419640, file_size=419920, tool=0xbffff27c)
    at util/session.c:1257
#5  0x080a41d3 in perf_session__process_events (self=0x81c3f50, tool=
    0xbffff27c) at util/session.c:1273
(gdb) print he->ms.sym
$1 = (struct symbol *) 0x0

--

(B) perf report segfaults on sorts of symbol_from/symbol_to:

(gdb) run report --sort=symbol_from
Program received signal SIGSEGV, Segmentation fault.
0x080b8777 in sort__sym_from_cmp (left=0xbfffe878, right=0x84dfde0)
at util/sort.c:334
334             if (!from_l->sym && !from_r->sym
(gdb) bt
#0  0x080b8777 in sort__sym_from_cmp (left=0xbfffe878, right=0x84dfde0)
    at util/sort.c:334
#1  0x080ba0b8 in hist_entry__cmp (left=0xbfffe878, right=0x84dfde0)
    at util/hist.c:345
#2  0x080b9c31 in add_hist_entry (hists=0x81c571c, entry=0xbfffe878, al=
    0xbfffe9b0, period=333940) at util/hist.c:254
#3  0x080ba04c in __hists__add_entry (self=0x81c571c, al=0xbfffe9b0,
    sym_parent=0x0, period=333940) at util/hist.c:335
#4  0x0805bf50 in perf_evsel__add_hist_entry (evsel=0x81c56a8, al=0xbfffe9b0,
    sample=0xbfffea84, machine=0x81c3fa8) at builtin-report.c:149
#5  0x0805c234 in process_sample_event (tool=0xbffff27c, event=0xb6db1840,
    sample=0xbfffea84, evsel=0x81c56a8, machine=0x81c3fa8)
    at builtin-report.c:216
(gdb) print left->branch_info
$2 = (struct branch_info *) 0x0
(gdb) print right->branch_info
$3 = (struct branch_info *) 0x0

--

(C) perf report segfaults with dso_from/dso_to:

(gdb) run report --sort=dso_to
Program received signal SIGSEGV, Segmentation fault.
sort__dso_to_cmp (left=0xbfffe878, right=0x82346f0) at util/sort.c:317
317             return _sort__dso_cmp(left->branch_info->to.map,
(gdb) bt
#0  sort__dso_to_cmp (left=0xbfffe878, right=0x82346f0) at util/sort.c:317
#1  0x080ba0c8 in hist_entry__cmp (left=0xbfffe878, right=0x82346f0)
    at util/hist.c:345
#2  0x080b9c41 in add_hist_entry (hists=0x81c571c, entry=0xbfffe878, al=
    0xbfffe9b0, period=333331) at util/hist.c:254
#3  0x080ba05c in __hists__add_entry (self=0x81c571c, al=0xbfffe9b0,
    sym_parent=0x0, period=333331) at util/hist.c:335
#4  0x0805bf50 in perf_evsel__add_hist_entry (evsel=0x81c56a8, al=0xbfffe9b0,
    sample=0xbfffea84, machine=0x81c3fa8) at builtin-report.c:149
#5  0x0805c242 in process_sample_event (tool=0xbffff27c, event=0xb6dbf800,
    sample=0xbfffea84, evsel=0x81c56a8, machine=0x81c3fa8)
    at builtin-report.c:216
(gdb) print left->branch_info
$4 = (struct branch_info *) 0x0
(gdb) print right->branch_info
$5 = (struct branch_info *) 0x0

===


--CE+1k2dSO48ffgeK
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="perf1.diff"

--- builtin-report.c.orig		2012-07-22
+++ builtin-report.c			2012-07-22
@@ -162,7 +162,7 @@ static int perf_evsel__add_hist_entry(st
 	 * so we don't allocated the extra space needed because the stdio
 	 * code will not use it.
 	 */
-	if (al->sym != NULL && use_browser > 0) {
+	if (al->sym != NULL && he->ms.sym != NULL && use_browser > 0) {
 		struct annotation *notes = symbol__annotation(he->ms.sym);
 
 		assert(evsel != NULL);

--CE+1k2dSO48ffgeK--