-
Notifications
You must be signed in to change notification settings - Fork 255
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
bottom-up call graph view #1
Labels
Milestone
Comments
To clarify: bottom-up means the first entry in the tree view is e.g. |
Note that such a view should have columns for the following data:
the inclusive/exclusive cost should for now be displayed as a percentage of the total number of samples |
implemented now |
milianw
added a commit
that referenced
this issue
Apr 15, 2022
This shows that we somehow don't properly resolve the inlined frame for the call to `foo` and instead only show `bar`. But this seems to affect all tools, including perf and addr2line and happens even in debug builds: ``` cpp-libs 73106 [005] 7235.260003: 120673 cycles: 15c2 std::generate_canonical<double, 53ul, std::linear_congruential_engine<unsigned long, 16807ul, 0ul, 2147483647ul> >+0x192 (inlined) 15c2 std::__detail::_Adaptor<std::linear_congruential_engine<unsigned long, 16807ul, 0ul, 2147483647ul>, double>::operator()+0x192 (inlined) 15c2 std::uniform_real_distribution<double>::operator()<std::linear_congruential_engine<unsigned long, 16807ul, 0ul, 2147483647ul> >+0x192 (inlined) 15c2 std::uniform_real_distribution<double>::operator()<std::linear_congruential_engine<unsigned long, 16807ul, 0ul, 2147483647ul> >+0x192 (inlined) 15c2 StaticLib::bar+0x192 (/home/milian/projects/kdab/hotspot/build-debug/tests/test-clients/cpp-libs/cpp-libs) 1391 main+0x61 (/home/milian/projects/kdab/hotspot/build-debug/tests/test-clients/cpp-libs/cpp-libs) 2d30f __libc_start_call_main+0x7f (/usr/lib/libc.so.6) 2d3c0 __libc_start_main_alias_2+0x80 (inlined) 10c4 _start+0x24 (/home/milian/projects/kdab/hotspot/build-debug/tests/test-clients/cpp-libs/cpp-libs) ``` The first chunk of that is seemingly correct: ``` eu-addr2line -C -f -i -e /home/milian/projects/kdab/hotspot/build-debug/tests/test-clients/cpp-libs/cpp-libs -a 15c2 0x00000000000015c2 double std::generate_canonical<double, 53ul, std::linear_congruential_engine<unsigned long, 16807ul, 0ul, 2147483647ul> >(std::linear_congruential_engine<unsigned long, 16807ul, 0ul, 2147483647ul>&) inlined at /usr/include/c++/11.2.0/bits/random.h:192:38 in StaticLib::bar(unsigned long) const /usr/include/c++/11.2.0/bits/random.tcc:3369:10 std::__detail::_Adaptor<std::linear_congruential_engine<unsigned long, 16807ul, 0ul, 2147483647ul>, double>::operator()() /usr/include/c++/11.2.0/bits/random.h:192:38 double std::uniform_real_distribution<double>::operator()<std::linear_congruential_engine<unsigned long, 16807ul, 0ul, 2147483647ul> >(std::linear_congruential_engine<unsigned long, 16807ul, 0ul, 2147483647ul>&, std::uniform_real_distribution<double>::param_type const&) /usr/include/c++/11.2.0/bits/random.h:1870:19 double std::uniform_real_distribution<double>::operator()<std::linear_congruential_engine<unsigned long, 16807ul, 0ul, 2147483647ul> >(std::linear_congruential_engine<unsigned long, 16807ul, 0ul, 2147483647ul>&) /usr/include/c++/11.2.0/bits/random.h:1861:34 StaticLib::bar(unsigned long) const /home/milian/projects/kdab/hotspot/tests/test-clients/cpp-libs/staticlib.cpp:26:18 ``` But then the call to `StaticLib::foo` is seemingly lost, i.e.: ``` $ objdump -S cpp-libs ... 1388: 48 89 44 24 20 mov %rax,0x20(%rsp) 138d: e8 3e 03 00 00 call 16d0 <StaticLib::foo() const> { return _M_insert(__f); } 1392: 48 8d 3d e7 1c 00 00 lea 0x1ce7(%rip),%rdi # 3080 <std::cout@GLIBCXX_3.4> 1399: e8 82 fc ff ff call 1020 <std::ostream& std::ostream::_M_insert<double>(double)@plt> { return __ostream_insert(__out, &__c, 1); } ``` The address offset 1391 from the background should be pointing to the `call` instruction at `138d` I guess. But there we only get: ``` $ eu-addr2line -C -f -i -e /home/milian/projects/kdab/hotspot/build-debug/tests/test-clients/cpp-libs/cpp-libs -a 1391 0x0000000000001391 main /home/milian/projects/kdab/hotspot/tests/test-clients/cpp-libs/main.cpp:22:32 ``` The output is the same also for offset `138d`. And even GDB gets it wrong in this case: ``` (gdb) b StaticLib::bar (gdb) c ... #0 StaticLib::bar (this=0x7fffffffc728, max=100000800) at /home/milian/projects/kdab/hotspot/tests/test-clients/cpp-libs/staticlib.cpp:25 #1 0x0000555555555392 in main () at /home/milian/projects/kdab/hotspot/tests/test-clients/cpp-libs/main.cpp:22 ```
milianw
added a commit
that referenced
this issue
Jun 25, 2022
Also fixes UBSAN warning: ``` /home/milian/projects/kdab/rnd/hotspot/tests/modeltests/tst_callgraphgenerator.cpp:95:39: runtime error: downcast of address 0x7ffc49b7e3d0 which does not point to an object of type 'QApplication' 0x7ffc49b7e3d0: note: object is of type 'QCoreApplication' 00 00 00 80 b0 16 f1 cb 9b 7f 00 00 c0 33 02 00 e0 60 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ^~~~~~~~~~~~~~~~~~~~~~~ vptr for 'QCoreApplication' #0 0x561bbb751a01 in TestCallgraphGenerator::callerCalleeResults(QString const&) /home/milian/projects/kdab/rnd/hotspot/tests/modeltests/tst_callgraphgenerator.cpp:95 #1 0x561bbb74f1d2 in TestCallgraphGenerator::testParent() /home/milian/projects/kdab/rnd/hotspot/tests/modeltests/tst_callgraphgenerator.cpp:42 #2 0x561bbb7408a2 in TestCallgraphGenerator::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) /home/milian/projects/kdab/rnd/hotspot/build-dev-asan/tests/modeltests/tst_callgraphgenerator_autogen/include/tst_callgraphgenerator.moc:79 #3 0x7f9bcbc9c23d in QMetaMethod::invoke(QObject*, Qt::ConnectionType, QGenericReturnArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument) const (/usr/lib/libQt5Core.so.5+0x29c23d) #4 0x7f9bce529a6b in QTest::qRun() (/usr/lib/libQt5Test.so.5+0x1ba6b) #5 0x7f9bce52ac40 in QTest::qExec(QObject*, int, char**) (/usr/lib/libQt5Test.so.5+0x1cc40) #6 0x561bbb7401fe in main /home/milian/projects/kdab/rnd/hotspot/tests/modeltests/tst_callgraphgenerator.cpp:130 #7 0x7f9bcaa2928f (/usr/lib/libc.so.6+0x2928f) #8 0x7f9bcaa29349 in __libc_start_main (/usr/lib/libc.so.6+0x29349) #9 0x561bbb6fb344 in _start (/home/milian/projects/kdab/rnd/hotspot/build-dev-asan/tests/modeltests/tst_callgraphgenerator+0x6c2344) ```
milianw
added a commit
that referenced
this issue
Jun 26, 2022
Also fixes UBSAN warning: ``` /home/milian/projects/kdab/rnd/hotspot/tests/modeltests/tst_callgraphgenerator.cpp:95:39: runtime error: downcast of address 0x7ffc49b7e3d0 which does not point to an object of type 'QApplication' 0x7ffc49b7e3d0: note: object is of type 'QCoreApplication' 00 00 00 80 b0 16 f1 cb 9b 7f 00 00 c0 33 02 00 e0 60 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ^~~~~~~~~~~~~~~~~~~~~~~ vptr for 'QCoreApplication' #0 0x561bbb751a01 in TestCallgraphGenerator::callerCalleeResults(QString const&) /home/milian/projects/kdab/rnd/hotspot/tests/modeltests/tst_callgraphgenerator.cpp:95 #1 0x561bbb74f1d2 in TestCallgraphGenerator::testParent() /home/milian/projects/kdab/rnd/hotspot/tests/modeltests/tst_callgraphgenerator.cpp:42 #2 0x561bbb7408a2 in TestCallgraphGenerator::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) /home/milian/projects/kdab/rnd/hotspot/build-dev-asan/tests/modeltests/tst_callgraphgenerator_autogen/include/tst_callgraphgenerator.moc:79 #3 0x7f9bcbc9c23d in QMetaMethod::invoke(QObject*, Qt::ConnectionType, QGenericReturnArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument) const (/usr/lib/libQt5Core.so.5+0x29c23d) #4 0x7f9bce529a6b in QTest::qRun() (/usr/lib/libQt5Test.so.5+0x1ba6b) #5 0x7f9bce52ac40 in QTest::qExec(QObject*, int, char**) (/usr/lib/libQt5Test.so.5+0x1cc40) #6 0x561bbb7401fe in main /home/milian/projects/kdab/rnd/hotspot/tests/modeltests/tst_callgraphgenerator.cpp:130 #7 0x7f9bcaa2928f (/usr/lib/libc.so.6+0x2928f) #8 0x7f9bcaa29349 in __libc_start_main (/usr/lib/libc.so.6+0x29349) #9 0x561bbb6fb344 in _start (/home/milian/projects/kdab/rnd/hotspot/build-dev-asan/tests/modeltests/tst_callgraphgenerator+0x6c2344) ```
milianw
added a commit
that referenced
this issue
Jun 26, 2022
Also fixes UBSAN warning: ``` /home/milian/projects/kdab/rnd/hotspot/tests/modeltests/tst_callgraphgenerator.cpp:95:39: runtime error: downcast of address 0x7ffc49b7e3d0 which does not point to an object of type 'QApplication' 0x7ffc49b7e3d0: note: object is of type 'QCoreApplication' 00 00 00 80 b0 16 f1 cb 9b 7f 00 00 c0 33 02 00 e0 60 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ^~~~~~~~~~~~~~~~~~~~~~~ vptr for 'QCoreApplication' #0 0x561bbb751a01 in TestCallgraphGenerator::callerCalleeResults(QString const&) /home/milian/projects/kdab/rnd/hotspot/tests/modeltests/tst_callgraphgenerator.cpp:95 #1 0x561bbb74f1d2 in TestCallgraphGenerator::testParent() /home/milian/projects/kdab/rnd/hotspot/tests/modeltests/tst_callgraphgenerator.cpp:42 #2 0x561bbb7408a2 in TestCallgraphGenerator::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) /home/milian/projects/kdab/rnd/hotspot/build-dev-asan/tests/modeltests/tst_callgraphgenerator_autogen/include/tst_callgraphgenerator.moc:79 #3 0x7f9bcbc9c23d in QMetaMethod::invoke(QObject*, Qt::ConnectionType, QGenericReturnArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument) const (/usr/lib/libQt5Core.so.5+0x29c23d) #4 0x7f9bce529a6b in QTest::qRun() (/usr/lib/libQt5Test.so.5+0x1ba6b) #5 0x7f9bce52ac40 in QTest::qExec(QObject*, int, char**) (/usr/lib/libQt5Test.so.5+0x1cc40) #6 0x561bbb7401fe in main /home/milian/projects/kdab/rnd/hotspot/tests/modeltests/tst_callgraphgenerator.cpp:130 #7 0x7f9bcaa2928f (/usr/lib/libc.so.6+0x2928f) #8 0x7f9bcaa29349 in __libc_start_main (/usr/lib/libc.so.6+0x29349) #9 0x561bbb6fb344 in _start (/home/milian/projects/kdab/rnd/hotspot/build-dev-asan/tests/modeltests/tst_callgraphgenerator+0x6c2344) ```
lievenhey
added a commit
that referenced
this issue
Jun 7, 2024
The crash is caused because the destructor is called in one thread while other threads still execute. This patch waits in the destructor till all threads terminate. Backtrace: ==91946==ERROR: AddressSanitizer: heap-use-after-free on address 0x513000001bb9 at pc 0x5555566c3173 bp 0x7fffca5fe900 sp 0x7fffca5fe8f0 READ of size 1 at 0x513000001bb9 thread T25 (GlobalQueue[06]) #0 0x5555566c3172 in std::__atomic_base<bool>::load(std::memory_order) const /usr/include/c++/14.1.1/bits/atomic_base.h:501 #1 0x5555566c3172 in std::atomic<bool>::operator bool() const /usr/include/c++/14.1.1/atomic:92 #2 0x55555667846a in operator() /home/lieven/KDAB/hotspot/src/parsers/perf/perfparser.cpp:1684 #3 0x5555566c10bc in call /usr/include/qt/QtCore/qobjectdefs_impl.h:146 #4 0x5555566b9353 in call<QtPrivate::List<QProcess::ProcessError>, void> /usr/include/qt/QtCore/qobjectdefs_impl.h:256 #5 0x5555566b1239 in impl /usr/include/qt/QtCore/qobjectdefs_impl.h:443 #6 0x7ffff46df99d (/usr/lib/libQt5Core.so.5+0x2df99d) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #7 0x7ffff4630793 in QProcess::errorOccurred(QProcess::ProcessError) (/usr/lib/libQt5Core.so.5+0x230793) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #8 0x7ffff462c846 (/usr/lib/libQt5Core.so.5+0x22c846) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #9 0x7ffff4630f6c (/usr/lib/libQt5Core.so.5+0x230f6c) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #10 0x7ffff46df961 (/usr/lib/libQt5Core.so.5+0x2df961) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #11 0x7ffff46e096d in QSocketNotifier::activated(QSocketDescriptor, QSocketNotifier::Type, QSocketNotifier::QPrivateSignal) (/usr/lib/libQt5Core.so.5+0x2e096d) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #12 0x7ffff46e0aa4 in QSocketNotifier::event(QEvent*) (/usr/lib/libQt5Core.so.5+0x2e0aa4) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #13 0x7ffff5d56330 in QApplicationPrivate::notify_helper(QObject*, QEvent*) (/usr/lib/libQt5Widgets.so.5+0x156330) (BuildId: 254b52226c3f04da1b93d83e86adb3e3cffb6f76) #14 0x7ffff46ab967 in QCoreApplication::notifyInternal2(QObject*, QEvent*) (/usr/lib/libQt5Core.so.5+0x2ab967) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #15 0x7ffff46f8f0d (/usr/lib/libQt5Core.so.5+0x2f8f0d) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #16 0x7ffff2314a88 (/usr/lib/libglib-2.0.so.0+0x5ca88) (BuildId: 8880230af7e37f2edbd90b79170aead80dde617a) #17 0x7ffff23769b6 (/usr/lib/libglib-2.0.so.0+0xbe9b6) (BuildId: 8880230af7e37f2edbd90b79170aead80dde617a) #18 0x7ffff2313f94 in g_main_context_iteration (/usr/lib/libglib-2.0.so.0+0x5bf94) (BuildId: 8880230af7e37f2edbd90b79170aead80dde617a) #19 0x7ffff46fa27e in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (/usr/lib/libQt5Core.so.5+0x2fa27e) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #20 0x7ffff46a372b in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) (/usr/lib/libQt5Core.so.5+0x2a372b) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #21 0x55555667a9c9 in operator() /home/lieven/KDAB/hotspot/src/parsers/perf/perfparser.cpp:1703 #22 0x5555566c2f6f in run /usr/include/KF5/ThreadWeaver/threadweaver/lambda.h:30 #23 0x7ffff7f5f5ad in ThreadWeaver::Executor::run(QSharedPointer<ThreadWeaver::JobInterface> const&, ThreadWeaver::Thread*) (/usr/lib/libKF5ThreadWeaver.so.5+0x125ad) (BuildId: 200cb669eff8ffb9ace9b7b396df6403668 5aed2) #24 0x7ffff7f604f5 in ThreadWeaver::Job::execute(QSharedPointer<ThreadWeaver::JobInterface> const&, ThreadWeaver::Thread*) (/usr/lib/libKF5ThreadWeaver.so.5+0x134f5) (BuildId: 200cb669eff8ffb9ace9b7b396df64036685 aed2) #25 0x7ffff7f63f01 in ThreadWeaver::Thread::run() (/usr/lib/libKF5ThreadWeaver.so.5+0x16f01) (BuildId: 200cb669eff8ffb9ace9b7b396df64036685aed2) #26 0x7ffff44f258a (/usr/lib/libQt5Core.so.5+0xf258a) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #27 0x7ffff785cc79 in asan_thread_start /usr/src/debug/gcc/gcc/libsanitizer/asan/asan_interceptors.cpp:234 #28 0x7ffff36a6dec (/usr/lib/libc.so.6+0x92dec) (BuildId: 32a656aa5562eece8c59a585f5eacd6cf5e2307b) #29 0x7ffff372a0db (/usr/lib/libc.so.6+0x1160db) (BuildId: 32a656aa5562eece8c59a585f5eacd6cf5e2307b) 0x513000001bb9 is located 313 bytes inside of 336-byte region [0x513000001a80,0x513000001bd0) freed by thread T0 here: #0 0x7ffff78fe7e2 in operator delete(void*, unsigned long) /usr/src/debug/gcc/gcc/libsanitizer/asan/asan_new_delete.cpp:164 #1 0x555556670dca in PerfParser::~PerfParser() /home/lieven/KDAB/hotspot/src/parsers/perf/perfparser.cpp:1479 #2 0x7ffff46d5264 in QObjectPrivate::deleteChildren() (/usr/lib/libQt5Core.so.5+0x2d5264) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #3 0x7ffff5d7abf8 in QWidget::~QWidget() (/usr/lib/libQt5Widgets.so.5+0x17abf8) (BuildId: 254b52226c3f04da1b93d83e86adb3e3cffb6f76) #4 0x5555567be0a6 in MainWindow::~MainWindow() /home/lieven/KDAB/hotspot/src/mainwindow.cpp:272 #5 0x5555567be3d7 in MainWindow::~MainWindow() /home/lieven/KDAB/hotspot/src/mainwindow.cpp:272 #6 0x7ffff46d1a7b in QObject::event(QEvent*) (/usr/lib/libQt5Core.so.5+0x2d1a7b) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #7 0x7ffff6a9803d in KXmlGuiWindow::event(QEvent*) (/usr/lib/libKF5XmlGui.so.5+0x8b03d) (BuildId: 47e6c6148b6e322993e79bc55d54257f5f570e1c) previously allocated by thread T0 here: #0 0x7ffff78fd682 in operator new(unsigned long) /usr/src/debug/gcc/gcc/libsanitizer/asan/asan_new_delete.cpp:95 #1 0x5555567affca in MainWindow::MainWindow(QWidget*) /home/lieven/KDAB/hotspot/src/mainwindow.cpp:93 #2 0x5555566539da in main /home/lieven/KDAB/hotspot/src/main.cpp:220 #3 0x7ffff3639c87 (/usr/lib/libc.so.6+0x25c87) (BuildId: 32a656aa5562eece8c59a585f5eacd6cf5e2307b) #4 0x7ffff3639d4b in __libc_start_main (/usr/lib/libc.so.6+0x25d4b) (BuildId: 32a656aa5562eece8c59a585f5eacd6cf5e2307b) #5 0x5555565d5054 in _start (/home/lieven/KDAB/hotspot/build-dev-asan/bin/hotspot+0x1081054) (BuildId: a68032c20b67d2759bc6ace66427a8e3b02fa3e6) Thread T25 (GlobalQueue[06]) created by T21 (GlobalQueue[02]) here: #0 0x7ffff78f38fb in pthread_create /usr/src/debug/gcc/gcc/libsanitizer/asan/asan_interceptors.cpp:245 #1 0x7ffff44ee379 in QThread::start(QThread::Priority) (/usr/lib/libQt5Core.so.5+0xee379) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #2 0x7ffff7f6749c in ThreadWeaver::Weaver::adjustInventory(int) (/usr/lib/libKF5ThreadWeaver.so.5+0x1a49c) (BuildId: 200cb669eff8ffb9ace9b7b396df64036685aed2) Thread T21 (GlobalQueue[02]) created by T0 here: #0 0x7ffff78f38fb in pthread_create /usr/src/debug/gcc/gcc/libsanitizer/asan/asan_interceptors.cpp:245 #1 0x7ffff44ee379 in QThread::start(QThread::Priority) (/usr/lib/libQt5Core.so.5+0xee379) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #2 0x7ffff7f6749c in ThreadWeaver::Weaver::adjustInventory(int) (/usr/lib/libKF5ThreadWeaver.so.5+0x1a49c) (BuildId: 200cb669eff8ffb9ace9b7b396df64036685aed2) fixes: #654
lievenhey
added a commit
that referenced
this issue
Jun 7, 2024
The crash is caused because the destructor is called in one thread while other threads still execute. This patch waits in the destructor till all threads terminate. Backtrace: ==91946==ERROR: AddressSanitizer: heap-use-after-free on address 0x513000001bb9 at pc 0x5555566c3173 bp 0x7fffca5fe900 sp 0x7fffca5fe8f0 READ of size 1 at 0x513000001bb9 thread T25 (GlobalQueue[06]) #0 0x5555566c3172 in std::__atomic_base<bool>::load(std::memory_order) const /usr/include/c++/14.1.1/bits/atomic_base.h:501 #1 0x5555566c3172 in std::atomic<bool>::operator bool() const /usr/include/c++/14.1.1/atomic:92 #2 0x55555667846a in operator() /tmp/hotspot/src/parsers/perf/perfparser.cpp:1684 #3 0x5555566c10bc in call /usr/include/qt/QtCore/qobjectdefs_impl.h:146 #4 0x5555566b9353 in call<QtPrivate::List<QProcess::ProcessError>, void> /usr/include/qt/QtCore/qobjectdefs_impl.h:256 #5 0x5555566b1239 in impl /usr/include/qt/QtCore/qobjectdefs_impl.h:443 #6 0x7ffff46df99d (/usr/lib/libQt5Core.so.5+0x2df99d) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #7 0x7ffff4630793 in QProcess::errorOccurred(QProcess::ProcessError) (/usr/lib/libQt5Core.so.5+0x230793) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #8 0x7ffff462c846 (/usr/lib/libQt5Core.so.5+0x22c846) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #9 0x7ffff4630f6c (/usr/lib/libQt5Core.so.5+0x230f6c) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #10 0x7ffff46df961 (/usr/lib/libQt5Core.so.5+0x2df961) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #11 0x7ffff46e096d in QSocketNotifier::activated(QSocketDescriptor, QSocketNotifier::Type, QSocketNotifier::QPrivateSignal) (/usr/lib/libQt5Core.so.5+0x2e096d) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #12 0x7ffff46e0aa4 in QSocketNotifier::event(QEvent*) (/usr/lib/libQt5Core.so.5+0x2e0aa4) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #13 0x7ffff5d56330 in QApplicationPrivate::notify_helper(QObject*, QEvent*) (/usr/lib/libQt5Widgets.so.5+0x156330) (BuildId: 254b52226c3f04da1b93d83e86adb3e3cffb6f76) #14 0x7ffff46ab967 in QCoreApplication::notifyInternal2(QObject*, QEvent*) (/usr/lib/libQt5Core.so.5+0x2ab967) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #15 0x7ffff46f8f0d (/usr/lib/libQt5Core.so.5+0x2f8f0d) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #16 0x7ffff2314a88 (/usr/lib/libglib-2.0.so.0+0x5ca88) (BuildId: 8880230af7e37f2edbd90b79170aead80dde617a) #17 0x7ffff23769b6 (/usr/lib/libglib-2.0.so.0+0xbe9b6) (BuildId: 8880230af7e37f2edbd90b79170aead80dde617a) #18 0x7ffff2313f94 in g_main_context_iteration (/usr/lib/libglib-2.0.so.0+0x5bf94) (BuildId: 8880230af7e37f2edbd90b79170aead80dde617a) #19 0x7ffff46fa27e in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (/usr/lib/libQt5Core.so.5+0x2fa27e) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #20 0x7ffff46a372b in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) (/usr/lib/libQt5Core.so.5+0x2a372b) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #21 0x55555667a9c9 in operator() /tmp/hotspot/src/parsers/perf/perfparser.cpp:1703 #22 0x5555566c2f6f in run /usr/include/KF5/ThreadWeaver/threadweaver/lambda.h:30 #23 0x7ffff7f5f5ad in ThreadWeaver::Executor::run(QSharedPointer<ThreadWeaver::JobInterface> const&, ThreadWeaver::Thread*) (/usr/lib/libKF5ThreadWeaver.so.5+0x125ad) (BuildId: 200cb669eff8ffb9ace9b7b396df6403668 5aed2) #24 0x7ffff7f604f5 in ThreadWeaver::Job::execute(QSharedPointer<ThreadWeaver::JobInterface> const&, ThreadWeaver::Thread*) (/usr/lib/libKF5ThreadWeaver.so.5+0x134f5) (BuildId: 200cb669eff8ffb9ace9b7b396df64036685 aed2) #25 0x7ffff7f63f01 in ThreadWeaver::Thread::run() (/usr/lib/libKF5ThreadWeaver.so.5+0x16f01) (BuildId: 200cb669eff8ffb9ace9b7b396df64036685aed2) #26 0x7ffff44f258a (/usr/lib/libQt5Core.so.5+0xf258a) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #27 0x7ffff785cc79 in asan_thread_start /usr/src/debug/gcc/gcc/libsanitizer/asan/asan_interceptors.cpp:234 #28 0x7ffff36a6dec (/usr/lib/libc.so.6+0x92dec) (BuildId: 32a656aa5562eece8c59a585f5eacd6cf5e2307b) #29 0x7ffff372a0db (/usr/lib/libc.so.6+0x1160db) (BuildId: 32a656aa5562eece8c59a585f5eacd6cf5e2307b) 0x513000001bb9 is located 313 bytes inside of 336-byte region [0x513000001a80,0x513000001bd0) freed by thread T0 here: #0 0x7ffff78fe7e2 in operator delete(void*, unsigned long) /usr/src/debug/gcc/gcc/libsanitizer/asan/asan_new_delete.cpp:164 #1 0x555556670dca in PerfParser::~PerfParser() /tmp/hotspot/src/parsers/perf/perfparser.cpp:1479 #2 0x7ffff46d5264 in QObjectPrivate::deleteChildren() (/usr/lib/libQt5Core.so.5+0x2d5264) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #3 0x7ffff5d7abf8 in QWidget::~QWidget() (/usr/lib/libQt5Widgets.so.5+0x17abf8) (BuildId: 254b52226c3f04da1b93d83e86adb3e3cffb6f76) #4 0x5555567be0a6 in MainWindow::~MainWindow() /tmp/hotspot/src/mainwindow.cpp:272 #5 0x5555567be3d7 in MainWindow::~MainWindow() /tmp/hotspot/src/mainwindow.cpp:272 #6 0x7ffff46d1a7b in QObject::event(QEvent*) (/usr/lib/libQt5Core.so.5+0x2d1a7b) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #7 0x7ffff6a9803d in KXmlGuiWindow::event(QEvent*) (/usr/lib/libKF5XmlGui.so.5+0x8b03d) (BuildId: 47e6c6148b6e322993e79bc55d54257f5f570e1c) previously allocated by thread T0 here: #0 0x7ffff78fd682 in operator new(unsigned long) /usr/src/debug/gcc/gcc/libsanitizer/asan/asan_new_delete.cpp:95 #1 0x5555567affca in MainWindow::MainWindow(QWidget*) /tmp/hotspot/src/mainwindow.cpp:93 #2 0x5555566539da in main /tmp/hotspot/src/main.cpp:220 #3 0x7ffff3639c87 (/usr/lib/libc.so.6+0x25c87) (BuildId: 32a656aa5562eece8c59a585f5eacd6cf5e2307b) #4 0x7ffff3639d4b in __libc_start_main (/usr/lib/libc.so.6+0x25d4b) (BuildId: 32a656aa5562eece8c59a585f5eacd6cf5e2307b) #5 0x5555565d5054 in _start (/tmp/hotspot/build-dev-asan/bin/hotspot+0x1081054) (BuildId: a68032c20b67d2759bc6ace66427a8e3b02fa3e6) Thread T25 (GlobalQueue[06]) created by T21 (GlobalQueue[02]) here: #0 0x7ffff78f38fb in pthread_create /usr/src/debug/gcc/gcc/libsanitizer/asan/asan_interceptors.cpp:245 #1 0x7ffff44ee379 in QThread::start(QThread::Priority) (/usr/lib/libQt5Core.so.5+0xee379) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #2 0x7ffff7f6749c in ThreadWeaver::Weaver::adjustInventory(int) (/usr/lib/libKF5ThreadWeaver.so.5+0x1a49c) (BuildId: 200cb669eff8ffb9ace9b7b396df64036685aed2) Thread T21 (GlobalQueue[02]) created by T0 here: #0 0x7ffff78f38fb in pthread_create /usr/src/debug/gcc/gcc/libsanitizer/asan/asan_interceptors.cpp:245 #1 0x7ffff44ee379 in QThread::start(QThread::Priority) (/usr/lib/libQt5Core.so.5+0xee379) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #2 0x7ffff7f6749c in ThreadWeaver::Weaver::adjustInventory(int) (/usr/lib/libKF5ThreadWeaver.so.5+0x1a49c) (BuildId: 200cb669eff8ffb9ace9b7b396df64036685aed2) fixes: #654
milianw
pushed a commit
that referenced
this issue
Jun 17, 2024
The crash is caused because the destructor is called in one thread while other threads still execute. This patch waits in the destructor till all threads terminate. Backtrace: ==91946==ERROR: AddressSanitizer: heap-use-after-free on address 0x513000001bb9 at pc 0x5555566c3173 bp 0x7fffca5fe900 sp 0x7fffca5fe8f0 READ of size 1 at 0x513000001bb9 thread T25 (GlobalQueue[06]) #0 0x5555566c3172 in std::__atomic_base<bool>::load(std::memory_order) const /usr/include/c++/14.1.1/bits/atomic_base.h:501 #1 0x5555566c3172 in std::atomic<bool>::operator bool() const /usr/include/c++/14.1.1/atomic:92 #2 0x55555667846a in operator() /tmp/hotspot/src/parsers/perf/perfparser.cpp:1684 #3 0x5555566c10bc in call /usr/include/qt/QtCore/qobjectdefs_impl.h:146 #4 0x5555566b9353 in call<QtPrivate::List<QProcess::ProcessError>, void> /usr/include/qt/QtCore/qobjectdefs_impl.h:256 #5 0x5555566b1239 in impl /usr/include/qt/QtCore/qobjectdefs_impl.h:443 #6 0x7ffff46df99d (/usr/lib/libQt5Core.so.5+0x2df99d) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #7 0x7ffff4630793 in QProcess::errorOccurred(QProcess::ProcessError) (/usr/lib/libQt5Core.so.5+0x230793) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #8 0x7ffff462c846 (/usr/lib/libQt5Core.so.5+0x22c846) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #9 0x7ffff4630f6c (/usr/lib/libQt5Core.so.5+0x230f6c) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #10 0x7ffff46df961 (/usr/lib/libQt5Core.so.5+0x2df961) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #11 0x7ffff46e096d in QSocketNotifier::activated(QSocketDescriptor, QSocketNotifier::Type, QSocketNotifier::QPrivateSignal) (/usr/lib/libQt5Core.so.5+0x2e096d) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #12 0x7ffff46e0aa4 in QSocketNotifier::event(QEvent*) (/usr/lib/libQt5Core.so.5+0x2e0aa4) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #13 0x7ffff5d56330 in QApplicationPrivate::notify_helper(QObject*, QEvent*) (/usr/lib/libQt5Widgets.so.5+0x156330) (BuildId: 254b52226c3f04da1b93d83e86adb3e3cffb6f76) #14 0x7ffff46ab967 in QCoreApplication::notifyInternal2(QObject*, QEvent*) (/usr/lib/libQt5Core.so.5+0x2ab967) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #15 0x7ffff46f8f0d (/usr/lib/libQt5Core.so.5+0x2f8f0d) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #16 0x7ffff2314a88 (/usr/lib/libglib-2.0.so.0+0x5ca88) (BuildId: 8880230af7e37f2edbd90b79170aead80dde617a) #17 0x7ffff23769b6 (/usr/lib/libglib-2.0.so.0+0xbe9b6) (BuildId: 8880230af7e37f2edbd90b79170aead80dde617a) #18 0x7ffff2313f94 in g_main_context_iteration (/usr/lib/libglib-2.0.so.0+0x5bf94) (BuildId: 8880230af7e37f2edbd90b79170aead80dde617a) #19 0x7ffff46fa27e in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (/usr/lib/libQt5Core.so.5+0x2fa27e) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #20 0x7ffff46a372b in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) (/usr/lib/libQt5Core.so.5+0x2a372b) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #21 0x55555667a9c9 in operator() /tmp/hotspot/src/parsers/perf/perfparser.cpp:1703 #22 0x5555566c2f6f in run /usr/include/KF5/ThreadWeaver/threadweaver/lambda.h:30 #23 0x7ffff7f5f5ad in ThreadWeaver::Executor::run(QSharedPointer<ThreadWeaver::JobInterface> const&, ThreadWeaver::Thread*) (/usr/lib/libKF5ThreadWeaver.so.5+0x125ad) (BuildId: 200cb669eff8ffb9ace9b7b396df6403668 5aed2) #24 0x7ffff7f604f5 in ThreadWeaver::Job::execute(QSharedPointer<ThreadWeaver::JobInterface> const&, ThreadWeaver::Thread*) (/usr/lib/libKF5ThreadWeaver.so.5+0x134f5) (BuildId: 200cb669eff8ffb9ace9b7b396df64036685 aed2) #25 0x7ffff7f63f01 in ThreadWeaver::Thread::run() (/usr/lib/libKF5ThreadWeaver.so.5+0x16f01) (BuildId: 200cb669eff8ffb9ace9b7b396df64036685aed2) #26 0x7ffff44f258a (/usr/lib/libQt5Core.so.5+0xf258a) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #27 0x7ffff785cc79 in asan_thread_start /usr/src/debug/gcc/gcc/libsanitizer/asan/asan_interceptors.cpp:234 #28 0x7ffff36a6dec (/usr/lib/libc.so.6+0x92dec) (BuildId: 32a656aa5562eece8c59a585f5eacd6cf5e2307b) #29 0x7ffff372a0db (/usr/lib/libc.so.6+0x1160db) (BuildId: 32a656aa5562eece8c59a585f5eacd6cf5e2307b) 0x513000001bb9 is located 313 bytes inside of 336-byte region [0x513000001a80,0x513000001bd0) freed by thread T0 here: #0 0x7ffff78fe7e2 in operator delete(void*, unsigned long) /usr/src/debug/gcc/gcc/libsanitizer/asan/asan_new_delete.cpp:164 #1 0x555556670dca in PerfParser::~PerfParser() /tmp/hotspot/src/parsers/perf/perfparser.cpp:1479 #2 0x7ffff46d5264 in QObjectPrivate::deleteChildren() (/usr/lib/libQt5Core.so.5+0x2d5264) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #3 0x7ffff5d7abf8 in QWidget::~QWidget() (/usr/lib/libQt5Widgets.so.5+0x17abf8) (BuildId: 254b52226c3f04da1b93d83e86adb3e3cffb6f76) #4 0x5555567be0a6 in MainWindow::~MainWindow() /tmp/hotspot/src/mainwindow.cpp:272 #5 0x5555567be3d7 in MainWindow::~MainWindow() /tmp/hotspot/src/mainwindow.cpp:272 #6 0x7ffff46d1a7b in QObject::event(QEvent*) (/usr/lib/libQt5Core.so.5+0x2d1a7b) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #7 0x7ffff6a9803d in KXmlGuiWindow::event(QEvent*) (/usr/lib/libKF5XmlGui.so.5+0x8b03d) (BuildId: 47e6c6148b6e322993e79bc55d54257f5f570e1c) previously allocated by thread T0 here: #0 0x7ffff78fd682 in operator new(unsigned long) /usr/src/debug/gcc/gcc/libsanitizer/asan/asan_new_delete.cpp:95 #1 0x5555567affca in MainWindow::MainWindow(QWidget*) /tmp/hotspot/src/mainwindow.cpp:93 #2 0x5555566539da in main /tmp/hotspot/src/main.cpp:220 #3 0x7ffff3639c87 (/usr/lib/libc.so.6+0x25c87) (BuildId: 32a656aa5562eece8c59a585f5eacd6cf5e2307b) #4 0x7ffff3639d4b in __libc_start_main (/usr/lib/libc.so.6+0x25d4b) (BuildId: 32a656aa5562eece8c59a585f5eacd6cf5e2307b) #5 0x5555565d5054 in _start (/tmp/hotspot/build-dev-asan/bin/hotspot+0x1081054) (BuildId: a68032c20b67d2759bc6ace66427a8e3b02fa3e6) Thread T25 (GlobalQueue[06]) created by T21 (GlobalQueue[02]) here: #0 0x7ffff78f38fb in pthread_create /usr/src/debug/gcc/gcc/libsanitizer/asan/asan_interceptors.cpp:245 #1 0x7ffff44ee379 in QThread::start(QThread::Priority) (/usr/lib/libQt5Core.so.5+0xee379) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #2 0x7ffff7f6749c in ThreadWeaver::Weaver::adjustInventory(int) (/usr/lib/libKF5ThreadWeaver.so.5+0x1a49c) (BuildId: 200cb669eff8ffb9ace9b7b396df64036685aed2) Thread T21 (GlobalQueue[02]) created by T0 here: #0 0x7ffff78f38fb in pthread_create /usr/src/debug/gcc/gcc/libsanitizer/asan/asan_interceptors.cpp:245 #1 0x7ffff44ee379 in QThread::start(QThread::Priority) (/usr/lib/libQt5Core.so.5+0xee379) (BuildId: 5ae775b980e5842fcce9c0a035de95718227fa6e) #2 0x7ffff7f6749c in ThreadWeaver::Weaver::adjustInventory(int) (/usr/lib/libKF5ThreadWeaver.so.5+0x1a49c) (BuildId: 200cb669eff8ffb9ace9b7b396df64036685aed2) fixes: #654
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add an aggregated statistics view of all samples within a perf.data file and display its call graphs in a bottom-up manner.
For inspiration, have a look at heaptrack or VTune, which both have such a view.
The text was updated successfully, but these errors were encountered: