                                                                                                                                                                                                                  
Program received signal SIGSEGV, Segmentation fault.                                                                                                                                                              
[Switching to Thread 139975795275488 (LWP 13155)]                                                                                                                                                                 
symbol__inc_addr_samples (sym=0x91eb90, map=<value optimized out>, evidx=0, addr=120416) at util/annotate.c:73                                                                                                    
73      util/annotate.c: No such file or directory.                                                                                                                                                               
        in util/annotate.c                                                                                                                                                                                        
(gdb) bt                                                                                                                                                                                                          
#0  symbol__inc_addr_samples (sym=0x91eb90, map=<value optimized out>, evidx=0, addr=120416) at util/annotate.c:73                                                                                                
#1  0x0000000000410b5d in process_sample_event (tool=<value optimized out>, event=0x7f4ea28e26b0, sample=0x7fffcc1ca8f0, evsel=0x823ea0, machine=0x822290) at builtin-report.c:127                                
#2  0x00000000004433ca in flush_sample_queue (s=0x822230, tool=0x7fffcc1cc340) at util/session.c:528                                                                                                              
#3  0x0000000000444d16 in __perf_session__process_events (session=0x822230, data_offset=<value optimized out>, data_size=<value optimized out>, file_size=<value optimized out>, tool=0x7fffcc1cc340)             
    at util/session.c:1175                                                                                                                                                                                        
#4  0x0000000000445217 in perf_session__process_events (self=0x822230, tool=0x7fffcc1cc340) at util/session.c:1191                                                                                                
#5  0x000000000041015b in cmd_report (argc=0, argv=0x7fffcc1cc830, prefix=<value optimized out>) at builtin-report.c:311                                                                                          
#6  0x00000000004051b9 in handle_internal_command (argc=4, argv=0x7fffcc1cc830) at perf.c:273                                                                                                                     
#7  0x0000000000405623 in main (argc=4, argv=0x479218) at perf.c:388                                                                                                                                              
                                                                                                                                                                                      
(gdb) p /x sym->start                                                                                                                                                                                          
$5 = 0xffffffff8100fb74                                                                                                                                                                                           
(gdb) p /x addr
$6 = 0x1d660
(gdb) p offset
$7 = 2130762476

54 int symbol__inc_addr_samples(struct symbol *sym, struct map *map,
55                              int evidx, u64 addr)
56 {
57         unsigned offset;
58         struct annotation *notes;
59         struct sym_hist *h;
60 
61         notes = symbol__annotation(sym);
62         if (notes->src == NULL)
63                 return -ENOMEM;
64 
65         pr_debug3("%s: addr=%#" PRIx64 "\n", __func__, map->unmap_ip(map, addr));
66 
67         if (addr >= sym->end)
68                 return 0;
69 
70         offset = addr - sym->start;
71         h = annotation__histogram(notes, evidx);
72         h->sum++;
73         h->addr[offset]++; <-- potential bad memory reference