lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20260127020617.2804780-1-zli94@ncsu.edu>
Date: Mon, 26 Jan 2026 21:04:53 -0500
From: Zecheng Li <zli94@...u.edu>
To: Peter Zijlstra <peterz@...radead.org>,
	Ingo Molnar <mingo@...hat.com>,
	Arnaldo Carvalho de Melo <acme@...nel.org>,
	Namhyung Kim <namhyung@...nel.org>
Cc: Mark Rutland <mark.rutland@....com>,
	Alexander Shishkin <alexander.shishkin@...ux.intel.com>,
	Jiri Olsa <jolsa@...nel.org>,
	Ian Rogers <irogers@...gle.com>,
	Adrian Hunter <adrian.hunter@...el.com>,
	James Clark <james.clark@...aro.org>,
	Zecheng Li <zli94@...u.edu>,
	xliuprof@...gle.com,
	linux-perf-users@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: [PATCH v1 00/11] perf tools: Improvements to data type profiler

This patch series improves the coverage and correctness of data type
annotations in the perf tools.

Here's a breakdown of the patches:

Patches 1-4 improve variable type matching:
- Skip redundant check_variable for die_find_variable_by_reg since
  match_var_offset already performs sufficient checking
- Add die_get_pointer_type() to properly handle typedef'd pointer types
- Preserve typedefs in match_var_offset for consistent type handling
- Improve type comparison when variables are found in different scopes

Patch 5 handles array types in die_get_member_type, allowing proper
resolution of struct members that are arrays.

Patches 6-7 improve global variable handling:
- Allow collecting global variables without symbol names (DWARF provides
  the address directly via DW_OP_addr)
- Handle global variable access when a register holds a const value
  with negative offset

Patches 8-9 improve caller-saved register handling:
- Add invalidate_reg_state() helper for consistent register invalidation
- Always invalidate caller-saved registers for call instructions per ABI
  requirements, even when the call target is unknown

Patches 10-11 use DWARF location ranges to improve type tracking:
- Track DWARF location lifetime to preserve register state across calls
  when the debug info indicates the value is still valid
- Collect all variable location entries instead of just the first one

Tested with the Linux kernel vmlinux with sampled functions and five
programs from binutils (as, ld, nm, objdump, readelf) with all
functions. Coverage rate includes all memory assess instructions,
excluding stack memory accesses.

`lost` means coverage loss (only including annotated -> none);
`chg` means type name change. Net coverage gain is new_rate - prev_rate.

         -------- vmlinux --------   ------- binutils -------
  Patch  rate     lost     chg       rate     lost     chg
  ----------------------------------------------------------------
  base   88.78%   -        -         72.55%   -        -
  1      72.95%   15.63%   .71%      65.01%   8.59%    22.89%
  2      72.95%   0%       0%        65.16%   0%       0%
  3      88.88%   0%       .73%      74.73%   0%       23.72%
  4      88.88%   0%       .83%      74.73%   0%       .17%
  5      89.09%   .01%     .08%      74.75%   0%       .01%
  6      89.10%   0%       .02%      75.67%   0%       1.62%
  7      89.16%   0%       0%        75.67%   0%       0%
  8      89.16%   0%       0%        75.64%   .02%     0%
  9      89.07%   .08%     0%        75.59%   .05%     0%
  10     89.02%   .08%     .09%      75.85%   .03%     .03%
  11     89.95%   0%       .10%      76.94%   .26%     .07%

  Total: vmlinux  88.78% -> 89.95% (+1.17%)
         binutils 72.55% -> 76.94% (+4.39%)

Note: Patches 1-3 are designed to work together. Patch 1 causes a
temporary regression that patch 3 resolves while adding typedef support.

Zecheng Li (11):
  perf dwarf-aux: Skip check_variable for die_find_variable_by_reg
  perf dwarf-aux: Add die_get_pointer_type to get pointer types
  perf dwarf-aux: Preserve typedefs in match_var_offset
  perf annotate-data: Improve type comparison from different scopes
  perf dwarf-aux: Handle array types in die_get_member_type
  perf annotate-data: Collect global variables without name
  perf annotate-data: Handle global variable access with const register
  perf annotate-data: Add invalidate_reg_state() helper for x86
  perf annotate-data: Invalidate caller-saved regs for all calls
  perf annotate-data: Use DWARF location ranges to preserve reg state
  perf dwarf-aux: Collect all variable locations for insn tracking

 tools/perf/arch/x86/annotate/instructions.c |  69 +++++++---
 tools/perf/util/annotate-data.c             |  86 ++++++++----
 tools/perf/util/annotate-data.h             |   3 +
 tools/perf/util/dwarf-aux.c                 | 139 ++++++++++++++------
 tools/perf/util/dwarf-aux.h                 |   6 +-
 5 files changed, 211 insertions(+), 92 deletions(-)

-- 
2.52.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ