[v1] perf tools: Some improvements on data type profiler

[PATCH v1 1/6] perf dwarf-aux: Use signed comparison in match_var_offset

Posted by Zecheng Li 2 months, 1 week ago

match_var_offset compares address offsets to determine if an access
falls within a variable's bounds. The offsets involved for those
relative to base registers from DW_OP_breg can be negative.

The current implementation uses unsigned types (u64) for these offsets,
which rejects almost all negative values.

This commit changes the local variables within match_var_offset to
signed types (s64) before performing comparisons. This ensures correct
behavior when addr_offset_ or addr_type_ are negative.

Signed-off-by: Zecheng Li <zecheng@google.com>
---
 tools/perf/util/dwarf-aux.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/tools/perf/util/dwarf-aux.c b/tools/perf/util/dwarf-aux.c
index 559c953ca172..bf906dff9ef0 100644
--- a/tools/perf/util/dwarf-aux.c
+++ b/tools/perf/util/dwarf-aux.c
@@ -1388,10 +1388,12 @@ struct find_var_data {
 #define DWARF_OP_DIRECT_REGS  32
 
 static bool match_var_offset(Dwarf_Die *die_mem, struct find_var_data *data,
-			     u64 addr_offset, u64 addr_type, bool is_pointer)
+			     u64 addr_offset_, u64 addr_type_, bool is_pointer)
 {
 	Dwarf_Die type_die;
 	Dwarf_Word size;
+	s64 addr_offset = (s64)addr_offset_;
+	s64 addr_type = (s64)addr_type_;
 
 	if (addr_offset == addr_type) {
 		/* Update offset relative to the start of the variable */
@@ -1414,7 +1416,7 @@ static bool match_var_offset(Dwarf_Die *die_mem, struct find_var_data *data,
 	if (dwarf_aggregate_size(&type_die, &size) < 0)
 		return false;
 
-	if (addr_offset >= addr_type + size)
+	if (addr_offset_ - addr_type_ >= size)
 		return false;
 
 	/* Update offset relative to the start of the variable */
-- 
2.50.1.470.g6ba607880d-goog

Re: [PATCH v1 1/6] perf dwarf-aux: Use signed comparison in match_var_offset

Posted by Ian Rogers 2 months, 1 week ago

On Fri, Jul 25, 2025 at 1:28 PM Zecheng Li <zecheng@google.com> wrote:
>
> match_var_offset compares address offsets to determine if an access
> falls within a variable's bounds. The offsets involved for those
> relative to base registers from DW_OP_breg can be negative.
>
> The current implementation uses unsigned types (u64) for these offsets,
> which rejects almost all negative values.
>
> This commit changes the local variables within match_var_offset to
> signed types (s64) before performing comparisons. This ensures correct
> behavior when addr_offset_ or addr_type_ are negative.
>
> Signed-off-by: Zecheng Li <zecheng@google.com>
> ---
>  tools/perf/util/dwarf-aux.c | 6 ++++--
>  1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/tools/perf/util/dwarf-aux.c b/tools/perf/util/dwarf-aux.c
> index 559c953ca172..bf906dff9ef0 100644
> --- a/tools/perf/util/dwarf-aux.c
> +++ b/tools/perf/util/dwarf-aux.c
> @@ -1388,10 +1388,12 @@ struct find_var_data {
>  #define DWARF_OP_DIRECT_REGS  32
>
>  static bool match_var_offset(Dwarf_Die *die_mem, struct find_var_data *data,
> -                            u64 addr_offset, u64 addr_type, bool is_pointer)
> +                            u64 addr_offset_, u64 addr_type_, bool is_pointer)
>  {
>         Dwarf_Die type_die;
>         Dwarf_Word size;
> +       s64 addr_offset = (s64)addr_offset_;
> +       s64 addr_type = (s64)addr_type_;

Would it be better to make the function take signed types? I'm
thinking if a 32-bit int is passed, with the signature as-is it is
unclear if sign-extension will happen.

Thanks,
Ian

>
>         if (addr_offset == addr_type) {
>                 /* Update offset relative to the start of the variable */
> @@ -1414,7 +1416,7 @@ static bool match_var_offset(Dwarf_Die *die_mem, struct find_var_data *data,
>         if (dwarf_aggregate_size(&type_die, &size) < 0)
>                 return false;
>
> -       if (addr_offset >= addr_type + size)
> +       if (addr_offset_ - addr_type_ >= size)
>                 return false;
>
>         /* Update offset relative to the start of the variable */
> --
> 2.50.1.470.g6ba607880d-goog
>

Re: [PATCH v1 1/6] perf dwarf-aux: Use signed comparison in match_var_offset

Posted by Namhyung Kim 2 months, 1 week ago

On Fri, Jul 25, 2025 at 05:58:05PM -0700, Ian Rogers wrote:
> On Fri, Jul 25, 2025 at 1:28 PM Zecheng Li <zecheng@google.com> wrote:
> >
> > match_var_offset compares address offsets to determine if an access
> > falls within a variable's bounds. The offsets involved for those
> > relative to base registers from DW_OP_breg can be negative.
> >
> > The current implementation uses unsigned types (u64) for these offsets,
> > which rejects almost all negative values.
> >
> > This commit changes the local variables within match_var_offset to
> > signed types (s64) before performing comparisons. This ensures correct
> > behavior when addr_offset_ or addr_type_ are negative.
> >
> > Signed-off-by: Zecheng Li <zecheng@google.com>
> > ---
> >  tools/perf/util/dwarf-aux.c | 6 ++++--
> >  1 file changed, 4 insertions(+), 2 deletions(-)
> >
> > diff --git a/tools/perf/util/dwarf-aux.c b/tools/perf/util/dwarf-aux.c
> > index 559c953ca172..bf906dff9ef0 100644
> > --- a/tools/perf/util/dwarf-aux.c
> > +++ b/tools/perf/util/dwarf-aux.c
> > @@ -1388,10 +1388,12 @@ struct find_var_data {
> >  #define DWARF_OP_DIRECT_REGS  32
> >
> >  static bool match_var_offset(Dwarf_Die *die_mem, struct find_var_data *data,
> > -                            u64 addr_offset, u64 addr_type, bool is_pointer)
> > +                            u64 addr_offset_, u64 addr_type_, bool is_pointer)
> >  {
> >         Dwarf_Die type_die;
> >         Dwarf_Word size;
> > +       s64 addr_offset = (s64)addr_offset_;
> > +       s64 addr_type = (s64)addr_type_;
> 
> Would it be better to make the function take signed types? I'm
> thinking if a 32-bit int is passed, with the signature as-is it is
> unclear if sign-extension will happen.

Hmm.. right.  The addr_offset often from 'int' type so negative value
can have the sign-extension problem.

Zecheng, can you please update the function signature to s64 and check
if the final offset is negative or bigger than the size?

Thanks,
Namhyung

> >
> >         if (addr_offset == addr_type) {
> >                 /* Update offset relative to the start of the variable */
> > @@ -1414,7 +1416,7 @@ static bool match_var_offset(Dwarf_Die *die_mem, struct find_var_data *data,
> >         if (dwarf_aggregate_size(&type_die, &size) < 0)
> >                 return false;
> >
> > -       if (addr_offset >= addr_type + size)
> > +       if (addr_offset_ - addr_type_ >= size)
> >                 return false;
> >
> >         /* Update offset relative to the start of the variable */
> > --
> > 2.50.1.470.g6ba607880d-goog
> >

[PATCH v1 1/6] perf dwarf-aux: Use signed comparison in match_var_offset
[PATCH v1 2/6] perf dwarf-aux: More accurate variable type match for breg
[PATCH v1 3/6] perf dwarf-aux: Better type matching for stack variables
[PATCH v1 4/6] perf annotate: Skip annotating data types to lea instructions
[PATCH v1 5/6] perf dwarf-aux: Find pointer type to a type
[PATCH v1 6/6] perf annotate: Track arithmetic instructions on pointers