Re: [PATCH v6 5/6] perf test: Add inject ASLR test

The Linux Kernel Mailing List
 help / color / mirror / Atom feed

From: James Clark <james.clark@linaro.org>
To: Ian Rogers <irogers@google.com>
Cc: adrian.hunter@intel.com, jolsa@kernel.org,
	linux-kernel@vger.kernel.org, linux-perf-users@vger.kernel.org,
	mingo@redhat.com, peterz@infradead.org, acme@kernel.org,
	gmx@google.com, namhyung@kernel.org
Subject: Re: [PATCH v6 5/6] perf test: Add inject ASLR test
Date: Fri, 8 May 2026 14:29:53 +0100	[thread overview]
Message-ID: <dec2f42d-3c2a-424e-9d50-e52ebbee3d69@linaro.org> (raw)
In-Reply-To: <20260508082726.2795191-6-irogers@google.com>



On 08/05/2026 9:27 am, Ian Rogers wrote:
> Add a new shell test `inject_aslr.sh` to verify the `perf inject --aslr`
> feature. The test covers:
> - Basic address remapping for user space samples.
> - Pipe mode coverage for `perf record` piped into `perf inject --aslr`.
> - Callchain address remapping.
> - Consistency of `perf report` output before and after injection.
> - Pipe mode report consistency.
> - Dropping of samples that leak ASLR info (physical addresses).
> - Kernel address remapping (utilizing a dedicated kernel-intensive VFS dd workload
>    to guarantee continuous timer interrupts sampling flow inside kernel privilege states).
> - Kernel report consistency with address normalization.
> 
> The test suite is hardened with global 'set -o pipefail' assertions to catch
> pipeline failures, stream-consuming awk processors to handle SIGPIPE signals,
> and a dedicated pipe output scenario validating raw 'perf inject -o -' stdout
> streams.
> 
> Assisted-by: Gemini-CLI:Google Gemini 3
> Signed-off-by: Ian Rogers <irogers@google.com>
> ---
> v6: Refactor kernel-space sampling test cases to utilize a dedicated
>      system-call intensive VFS dd workload (kprog) instead of purely
>      userspace-bound tight loops, guaranteeing high-density kernel
>      privilege state sampling streams and eliminating intermittent
>      execution flakiness dropouts.
> 


Hi Ian,

V5 passed on X86, but now I get this test failing about 50% of the time 
with output like:


Test user register stripping
User registers stripping test [Failed - report parsing differs]
Showing first 20 lines of diff:
--- /tmp/perf-test-aslr.ssH9urcfri/report_regs1.clean   2026-05-08 
14:14:02.127298207 +0100
+++ /tmp/perf-test-aslr.ssH9urcfri/report_regs2.clean   2026-05-08 
14:14:02.129298219 +0100
@@ -30,8 +30,8 @@
       0.02%  perf          ld-linux-x86-64.so.2  [.] mmap64
       0.02%  perf-noploop  [kernel.kallsyms]     [k] kmem_cache_free
       0.02%  perf-noploop  [kernel.kallsyms]     [k] nohz_balancer_kick
-     0.02%  perf-noploop  [kernel.kallsyms]     [k] pvclock_gtod_notify
       0.02%  perf-noploop  [kernel.kallsyms]     [k] try_to_wake_up
+     0.02%  perf-noploop  [kvm]                 [k] pvclock_gtod_notify
       0.02%  perf-noploop  libc.so.6             [.] __cxa_finalize
       0.04%  perf          ld-linux-x86-64.so.2  [.] strcmp
       0.05%  perf          libLLVM-15.so.1       [.] 
llvm::StringMapImpl::LookupBucketFor(llvm::StringRef)
---- end ----

or:

Test user register stripping
User registers stripping test [Failed - report parsing differs]
Showing first 20 lines of diff:
--- /tmp/perf-test-aslr.NoDUUXtHyh/report_regs1.clean   2026-05-08 
14:05:31.109246491 +0100
+++ /tmp/perf-test-aslr.NoDUUXtHyh/report_regs2.clean   2026-05-08 
14:05:31.111246503 +0100
@@ -2,8 +2,8 @@
       0.01%  perf          [kernel.kallsyms]     [k] 
find_mergeable_anon_vma
       0.01%  perf          [kernel.kallsyms]     [k] finish_fault
       0.01%  perf          [kernel.kallsyms]     [k] 
pte_offset_map_rw_nolock
+     0.02%  perf          [amdgpu]              [k] amdgpu_device_rreg
       0.02%  perf          [kernel.kallsyms]     [k] 
__alloc_frozen_pages_noprof
-     0.02%  perf          [kernel.kallsyms]     [k] amdgpu_device_rreg
       0.02%  perf          [kernel.kallsyms]     [k] 
__build_id_parse.isra.0
       0.02%  perf          [kernel.kallsyms]     [k] filemap_get_entry
       0.02%  perf          [kernel.kallsyms]     [k] filemap_map_pages
---- end ----


And on Arm I get a hang/infinite loop every time in "Test kernel ASLR 
remapping". Looks like it could be related to the changes in V6 as I 
didn't see it on V5:

   #0  __read_once_size (size=4, res=0xffffe56c64a0, p=0xaaaaeaedbab8)
       at linux/tools/include/linux/compiler.h:180
   #1  atomic_read (v=0xaaaaeaedbab8) at 
linux/tools/include/asm-generic/atomic-gcc.h:26
   #2  0x0000aaaaaf65cd6c in refcount_read (r=0xaaaaeaedbab8)
       at linux/tools/include/linux/refcount.h:70
   #3  0x0000aaaaaf65d9dc in check_invariants (maps=0xaaaae7e3b480) at 
util/maps.c:114
   #4  0x0000aaaaaf65eef8 in maps__insert (maps=0xaaaae7e3b480, 
map=0xaaaaec2ccf10) at util/maps.c:536
   #5  0x0000aaaaaf62a028 in maps__split_kallsyms (kmaps=0xaaaae7e3b480, 
dso=0xaaaae7e3f910, delta=1879048192,
       initial_map=0xaaaae7e3fab0) at util/symbol.c:986
   #6  0x0000aaaaaf62b550 in __dso__load_kallsyms (dso=0xaaaae7e3f910, 
filename=0xaaaae7e55200 "/proc/kallsyms",
       map=0xaaaae7e3fab0, no_kcore=false) at util/symbol.c:1530
   #7  0x0000aaaaaf62b5bc in dso__load_kallsyms (dso=0xaaaae7e3f910, 
filename=0xaaaae7e55200 "/proc/kallsyms",
       map=0xaaaae7e3fab0) at util/symbol.c:1536
   #8  0x0000aaaaaf62cbc0 in dso__load_kernel_sym (dso=0xaaaae7e3f910, 
map=0xaaaae7e3fab0) at util/symbol.c:2125
   #9  0x0000aaaaaf62bc5c in dso__load (dso=0xaaaae7e3f910, 
map=0xaaaae7e3fab0) at util/symbol.c:1721
   #10 0x0000aaaaaf65b98c in map__load (map=0xaaaae7e3fab0) at 
util/map.c:351
   #11 0x0000aaaaaf5e43cc in thread__find_map (thread=0xaaaae7e443b0, 
cpumode=1 '\001', addr=18446603336494207932,
       al=0xffffe56c8c28) at util/event.c:744
   #12 0x0000aaaaaf5e4810 in machine__resolve (machine=0xaaaae7e3bee0, 
al=0xffffe56c8c28, sample=0xffffe56c8df0)
       at util/event.c:818
   #13 0x0000aaaaaf41d850 in process_sample_event (tool=0xffffe56c93d0, 
event=0xffffb1091ec8, sample=0xffffe56c8df0,
       evsel=0xaaaae7e3b580, machine=0xaaaae7e3bee0) at 
builtin-script.c:2686
   #14 0x0000aaaaaf6668f4 in evlist__deliver_sample 
(evlist=0xaaaae7e3c550, tool=0xffffe56c93d0, event=0xffffb1091ec8,
       sample=0xffffe56c8df0, evsel=0xaaaae7e3b580, 
machine=0xaaaae7e3bee0) at util/session.c:1335
   #15 0x0000aaaaaf667000 in machines__deliver_event 
(machines=0xaaaae7e3bee0, evlist=0xaaaae7e3c550, event=0xffffb1091ec8,
       sample=0xffffe56c8df0, tool=0xffffe56c93d0, file_offset=3784,
       file_path=0xaaaae7e3b540 
"/tmp/perf-test-aslr.J1XB8pvpFy/perf.data2.kernel.FA0Uvd") at 
util/session.c:1502
   #16 0x0000aaaaaf667538 in perf_session__deliver_event 
(session=0xaaaae7e3bca0, event=0xffffb1091ec8,
       tool=0xffffe56c93d0, file_offset=3784,
       file_path=0xaaaae7e3b540 
"/tmp/perf-test-aslr.J1XB8pvpFy/perf.data2.kernel.FA0Uvd") at 
util/session.c:1593
   #17 0x0000aaaaaf662bbc in ordered_events__deliver_event 
(oe=0xaaaae7e3c460, event=0xaaaae7e44740) at util/session.c:134
   #18 0x0000aaaaaf672c98 in do_flush (oe=0xaaaae7e3c460, 
show_progress=true) at util/ordered-events.c:245
   #19 0x0000aaaaaf673048 in __ordered_events__flush (oe=0xaaaae7e3c460, 
how=OE_FLUSH__FINAL, timestamp=0)
       at util/ordered-events.c:324
   #20 0x0000aaaaaf673154 in ordered_events__flush (oe=0xaaaae7e3c460, 
how=OE_FLUSH__FINAL) at util/ordered-events.c:342
   #21 0x0000aaaaaf669e54 in __perf_session__process_events 
(session=0xaaaae7e3bca0) at util/session.c:2508
   #22 0x0000aaaaaf66a790 in perf_session__process_events 
(session=0xaaaae7e3bca0) at util/session.c:2675
   #23 0x0000aaaaaf41f59c in __cmd_script (script=0xffffe56c93d0) at 
builtin-script.c:3241
   #24 0x0000aaaaaf4242b0 in cmd_script (argc=0, argv=0xffffe56cb370) at 
builtin-script.c:4586
   #25 0x0000aaaaaf4a03f8 in run_builtin (p=0xaaaaafa14e60 
<commands+480>, argc=3, argv=0xffffe56cb370) at perf.c:348
   #26 0x0000aaaaaf4a066c in handle_internal_command (argc=3, 
argv=0xffffe56cb370) at perf.c:398
   #27 0x0000aaaaaf4a0824 in run_argv (argcp=0xffffe56cb1ac, 
argv=0xffffe56cb1a0) at perf.c:442
   #28 0x0000aaaaaf4a0b4c in main (argc=3, argv=0xffffe56cb370) at 
perf.c:549

next prev parent reply	other threads:[~2026-05-08 13:30 UTC|newest]

Thread overview: 27+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <20260504072937.2103453-1-irogers@google.com>
2026-05-06  0:45 ` [PATCH v5 0/5] perf tools: Add inject --aslr feature and prerequisite robustness fixes Ian Rogers
2026-05-06  0:45   ` [PATCH v5 1/5] perf sched: Add missing mmap2 handler in timehist Ian Rogers
2026-05-06 13:22     ` Arnaldo Carvalho de Melo
2026-05-06 16:16       ` Ian Rogers
2026-05-06  0:45   ` [PATCH v5 2/5] perf tool: Fix missing schedstat delegates and dont_split_sample_group in delegate_tool Ian Rogers
2026-05-06  0:45   ` [PATCH v5 3/5] perf symbols: Fix map removal sequence inside dso__process_kernel_symbol() Ian Rogers
2026-05-06  0:45   ` [PATCH v5 4/5] perf inject/aslr: Add aslr tool to remap/obfuscate virtual addresses Ian Rogers
2026-05-06 18:52     ` Namhyung Kim
2026-05-06 20:01       ` Ian Rogers
2026-05-06  0:45   ` [PATCH v5 5/5] perf test: Add inject ASLR test Ian Rogers
2026-05-07 15:58     ` James Clark
2026-05-07 16:17       ` Ian Rogers
2026-05-08 10:42         ` James Clark
2026-05-08 10:49           ` James Clark
2026-05-08  8:27   ` [PATCH v6 0/6] perf tools: Add inject --aslr feature and prerequisite robustness fixes Ian Rogers
2026-05-08  8:27     ` [PATCH v6 1/6] perf sched: Add missing mmap2 handler in timehist Ian Rogers
2026-05-08  8:27     ` [PATCH v6 2/6] perf tool: Missing delegate_tool schedstat delegates and dont_split_sample_group Ian Rogers
2026-05-08  8:27     ` [PATCH v6 3/6] perf maps: Add maps__mutate_mapping Ian Rogers
2026-05-08 10:57       ` James Clark
2026-05-11  7:07       ` Namhyung Kim
2026-05-08  8:27     ` [PATCH v6 4/6] perf inject/aslr: Add aslr tool to remap/obfuscate virtual addresses Ian Rogers
2026-05-11  7:32       ` Namhyung Kim
2026-05-08  8:27     ` [PATCH v6 5/6] perf test: Add inject ASLR test Ian Rogers
2026-05-08 13:29       ` James Clark [this message]
2026-05-08 14:29         ` James Clark
2026-05-11  7:34       ` Namhyung Kim
2026-05-08  8:27     ` [PATCH v6 6/6] perf aslr: Strip sample registers Ian Rogers

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=dec2f42d-3c2a-424e-9d50-e52ebbee3d69@linaro.org \
    --to=james.clark@linaro.org \
    --cc=acme@kernel.org \
    --cc=adrian.hunter@intel.com \
    --cc=gmx@google.com \
    --cc=irogers@google.com \
    --cc=jolsa@kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-perf-users@vger.kernel.org \
    --cc=mingo@redhat.com \
    --cc=namhyung@kernel.org \
    --cc=peterz@infradead.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox