Dear Maintainer,
I could reproduce using linux-perf-5.2 and it is
also visible in linux-perf-5.4 5.4.8-1,
by just pressing enter.
The crash happens because in line 3172
function hist_browser__selected_entry returns
browser->he_selection, which is at this time a
null pointer.
This null pointer gets dereferenced to
access the res_samples member.
Upstream seems to have fixed other occourences [1]
of browser->he_selection being null, but this is
already contained in 5.4 while a crash still happens.
Kind regards,
Bernhard
Program received signal SIGSEGV, Segmentation fault.
(rr) bt
#0 perf_evsel__hists_browse (evsel=0x55e794ebcb40,
nr_events=nr_events@entry=1, helpline=helpline@entry=0x55e794f7c040 "Tip:
System-wide collection from all CPUs: perf record -a",
left_exits=left_exits@entry=false, hbt=hbt@entry=0x0, min_pcnt=,
env=env@entry=0x55e794eb54f0, warn_lost_event=true,
annotation_opts=0x7ffcc3063dc8) at ui/browsers/hists.c:3170
#1 0x55e79385cce9 in perf_evlist__tui_browse_hists
(evlist=evlist@entry=0x55e794ebc0c0, help=help@entry=0x55e794f7c040 "Tip:
System-wide collection from all CPUs: perf record -a", hbt=hbt@entry=0x0,
min_pcnt=, env=env@entry=0x55e794eb54f0,
warn_lost_event=warn_lost_event@entry=true,
annotation_opts=annotation_opts@entry=0x7ffcc3063dc8) at
ui/browsers/hists.c:3422
#2 0x55e7936f1ece in report__browse_hists (rep=0x7ffcc3063c30) at
builtin-report.c:585
#3 __cmd_report (rep=0x7ffcc3063c30) at builtin-report.c:930
#4 cmd_report (argc=, argv=) at
builtin-report.c:1475
#5 0x55e79375b823 in run_builtin (p=0x55e793a9ef90 , argc=2,
argv=0x7ffcc30661f0) at perf.c:312
#6 0x55e7936d6a2c in handle_internal_command (argv=,
argc=) at perf.c:364
#7 run_argv (argcp=, argv=) at perf.c:408
#8 main (argc=2, argv=0x7ffcc30661f0) at perf.c:538
https://sources.debian.org/src/linux/5.4.8-1/tools/perf/ui/browsers/hists.c/#L2217
2217 static struct hist_entry *hist_browser__selected_entry(struct
hist_browser *browser)
2218 {
2219return browser->he_selection;
2220 }
https://sources.debian.org/src/linux/5.4.8-1/tools/perf/ui/browsers/hists.c/#L3170
3170nr_options += add_res_sample_opt(browser,
&actions[nr_options],
3171 &options[nr_options],
3172
hist_browser__selected_entry(browser)->res_samples,
3173 evsel, A_NORMAL);
[1]
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/tools/perf/ui/browsers/hists.c?id=ceb75476db1617a88cc29b09839acacb69aa076e
# Bullseye/testing amd64 qemu VM 2020-01-13
apt update
apt dist-upgrade
apt install systemd-coredump mc colorized-logs gdb rr linux-perf-5.4
linux-perf-5.4-dbgsym
perf record ls
perf report perf.data
# Press enter
###
# 5.2.17-1+b1
wget
https://snapshot.debian.org/archive/debian/20191006T205801Z/pool/main/l/linux/linux-perf-5.2_5.2.17-1%2Bb1_amd64.deb
wget
https://snapshot.debian.org/archive/debian/20191006T205801Z/pool/main/l/linux/linux-image-5.2.0-3-amd64-unsigned_5.2.17-1%2Bb1_amd64.deb
wget
https://snapshot.debian.org/archive/debian-debug/20191006T210740Z/pool/main/l/linux/linux-perf-5.2-dbgsym_5.2.17-1%2Bb1_amd64.deb
dpkg -i linux-image-5.2.0-3-amd64-unsigned_5.2.17-1+b1_amd64.deb
linux-perf-5.2_5.2.17-1+b1_amd64.deb
reboot
root@debian:~# uname -a
Linux debian 5.2.0-3-amd64 #1 SMP Debian 5.2.17-1 (2019-10-06) x86_64 GNU/Linux
root@debian:~# perf record ls
...
[ perf record: Woken up 1 times to write data ]
[ perf record: Captured and wrote 0,009 MB perf.data (2 samples) ]
root@debian:~# perf report perf.data
perf: Speicherzugriffsfehler
backtrace
perf_5.2(+0x322d14)[0x5631251b2d14]
/lib/x86_64-linux-gnu/libc.so.6(+0x3a0ff)[0x7f88ec6ee0ff]
perf_5.2(+0x32021e)[0x5631251b021e]
perf_5.2(+0x3211c8)[0x5631251b11c8]
perf_5.2(+0x1bb4f5)[0x56312504b4f5]
perf_5.2(+0x222072)[0x5631250b2072]
perf_5.2(+0x1a0a13)[0x563125030a13]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xea)[0x7f88ec6dabba]
perf_5.2(+0x1a0c69)[0x563125030c69]
root@debian:~# gdb -q --args perf_5.2 report perf.data
Reading symbols from perf_5.2...
(No debugging symbols found in perf_5.2)
(gdb) set width 0
(gdb) set pagination off
(gdb) run
...
rogram received signal SIGSEGV, Segmentation fault.
0x5587421e in ?? ()
(gdb) bt
#0 0x5587421e in ?? ()
#1 0x558751c9 in ?? ()
#2 0x5570f4f6 in ?? ()
#3 0x55776073 in ?? ()
#4 0x556f4a14 in ?? ()
#5 0x7758abbb in __libc_start_main (main=0x556f43b0, argc=3,
argv=0x7fffecf8, init=, fini=,
rtld_fini=, stack_end=0x7fffece8) at ../csu/libc-start.c:308
#6 0x556f4c6a in ?? ()
(gdb) generate-core /root/core-perf_5.2
warning: target file /proc/800/cmdline contained unexpected null characters
Saved corefile /root/core-perf_5.2
root@debian:~# dpkg