Re: [PATCH v6 5/6] perf test: Add inject ASLR test

[James Clark]

On 08/05/2026 9:27 am, Ian Rogers wrote:
> Add a new shell test `inject_aslr.sh` to verify the `perf inject --aslr`
> feature. The test covers:
> - Basic address remapping for user space samples.
> - Pipe mode coverage for `perf record` piped into `perf inject --aslr`.
> - Callchain address remapping.
> - Consistency of `perf report` output before and after injection.
> - Pipe mode report consistency.
> - Dropping of samples that leak ASLR info (physical addresses).
> - Kernel address remapping (utilizing a dedicated kernel-intensive VFS dd workload
>    to guarantee continuous timer interrupts sampling flow inside kernel privilege states).
> - Kernel report consistency with address normalization.
>
> The test suite is hardened with global 'set -o pipefail' assertions to catch
> pipeline failures, stream-consuming awk processors to handle SIGPIPE signals,
> and a dedicated pipe output scenario validating raw 'perf inject -o -' stdout
> streams.
>
> Assisted-by: Gemini-CLI:Google Gemini 3
> Signed-off-by: Ian Rogers <irogers@xxxxxxxxxx>
> ---
> v6: Refactor kernel-space sampling test cases to utilize a dedicated
>      system-call intensive VFS dd workload (kprog) instead of purely
>      userspace-bound tight loops, guaranteeing high-density kernel
>      privilege state sampling streams and eliminating intermittent
>      execution flakiness dropouts.


Hi Ian,

V5 passed on X86, but now I get this test failing about 50% of the time 
with output like:


Test user register stripping
User registers stripping test [Failed - report parsing differs]
Showing first 20 lines of diff:
--- /tmp/perf-test-aslr.ssH9urcfri/report_regs1.clean   2026-05-08 
14:14:02.127298207 +0100
+++ /tmp/perf-test-aslr.ssH9urcfri/report_regs2.clean   2026-05-08 
14:14:02.129298219 +0100
@@ -30,8 +30,8 @@
      0.02%  perf          ld-linux-x86-64.so.2  [.] mmap64
      0.02%  perf-noploop  [kernel.kallsyms]     [k] kmem_cache_free
      0.02%  perf-noploop  [kernel.kallsyms]     [k] nohz_balancer_kick
-     0.02%  perf-noploop  [kernel.kallsyms]     [k] pvclock_gtod_notify
      0.02%  perf-noploop  [kernel.kallsyms]     [k] try_to_wake_up
+     0.02%  perf-noploop  [kvm]                 [k] pvclock_gtod_notify
      0.02%  perf-noploop  libc.so.6             [.] __cxa_finalize
      0.04%  perf          ld-linux-x86-64.so.2  [.] strcmp
      0.05%  perf          libLLVM-15.so.1       [.] 
llvm::StringMapImpl::LookupBucketFor(llvm::StringRef)
---- end ----

or:

Test user register stripping
User registers stripping test [Failed - report parsing differs]
Showing first 20 lines of diff:
--- /tmp/perf-test-aslr.NoDUUXtHyh/report_regs1.clean   2026-05-08 
14:05:31.109246491 +0100
+++ /tmp/perf-test-aslr.NoDUUXtHyh/report_regs2.clean   2026-05-08 
14:05:31.111246503 +0100
@@ -2,8 +2,8 @@
      0.01%  perf          [kernel.kallsyms]     [k] 
find_mergeable_anon_vma
      0.01%  perf          [kernel.kallsyms]     [k] finish_fault
      0.01%  perf          [kernel.kallsyms]     [k] 
pte_offset_map_rw_nolock
+     0.02%  perf          [amdgpu]              [k] amdgpu_device_rreg
      0.02%  perf          [kernel.kallsyms]     [k] 
__alloc_frozen_pages_noprof
-     0.02%  perf          [kernel.kallsyms]     [k] amdgpu_device_rreg
      0.02%  perf          [kernel.kallsyms]     [k] 
__build_id_parse.isra.0
      0.02%  perf          [kernel.kallsyms]     [k] filemap_get_entry
      0.02%  perf          [kernel.kallsyms]     [k] filemap_map_pages
---- end ----


And on Arm I get a hang/infinite loop every time in "Test kernel ASLR 
remapping". Looks like it could be related to the changes in V6 as I 
didn't see it on V5:

  #0  __read_once_size (size=4, res=0xffffe56c64a0, p=0xaaaaeaedbab8)
      at linux/tools/include/linux/compiler.h:180
  #1  atomic_read (v=0xaaaaeaedbab8) at 
linux/tools/include/asm-generic/atomic-gcc.h:26
  #2  0x0000aaaaaf65cd6c in refcount_read (r=0xaaaaeaedbab8)
      at linux/tools/include/linux/refcount.h:70
  #3  0x0000aaaaaf65d9dc in check_invariants (maps=0xaaaae7e3b480) at 
util/maps.c:114
  #4  0x0000aaaaaf65eef8 in maps__insert (maps=0xaaaae7e3b480, 
map=0xaaaaec2ccf10) at util/maps.c:536
  #5  0x0000aaaaaf62a028 in maps__split_kallsyms (kmaps=0xaaaae7e3b480, 
dso=0xaaaae7e3f910, delta=1879048192,
      initial_map=0xaaaae7e3fab0) at util/symbol.c:986
  #6  0x0000aaaaaf62b550 in __dso__load_kallsyms (dso=0xaaaae7e3f910, 
filename=0xaaaae7e55200 "/proc/kallsyms",
      map=0xaaaae7e3fab0, no_kcore=false) at util/symbol.c:1530
  #7  0x0000aaaaaf62b5bc in dso__load_kallsyms (dso=0xaaaae7e3f910, 
filename=0xaaaae7e55200 "/proc/kallsyms",
      map=0xaaaae7e3fab0) at util/symbol.c:1536
  #8  0x0000aaaaaf62cbc0 in dso__load_kernel_sym (dso=0xaaaae7e3f910, 
map=0xaaaae7e3fab0) at util/symbol.c:2125
  #9  0x0000aaaaaf62bc5c in dso__load (dso=0xaaaae7e3f910, 
map=0xaaaae7e3fab0) at util/symbol.c:1721
  #10 0x0000aaaaaf65b98c in map__load (map=0xaaaae7e3fab0) at 
util/map.c:351
  #11 0x0000aaaaaf5e43cc in thread__find_map (thread=0xaaaae7e443b0, 
cpumode=1 '\001', addr=18446603336494207932,
      al=0xffffe56c8c28) at util/event.c:744
  #12 0x0000aaaaaf5e4810 in machine__resolve (machine=0xaaaae7e3bee0, 
al=0xffffe56c8c28, sample=0xffffe56c8df0)
      at util/event.c:818
  #13 0x0000aaaaaf41d850 in process_sample_event (tool=0xffffe56c93d0, 
event=0xffffb1091ec8, sample=0xffffe56c8df0,
      evsel=0xaaaae7e3b580, machine=0xaaaae7e3bee0) at 
builtin-script.c:2686
  #14 0x0000aaaaaf6668f4 in evlist__deliver_sample 
(evlist=0xaaaae7e3c550, tool=0xffffe56c93d0, event=0xffffb1091ec8,
      sample=0xffffe56c8df0, evsel=0xaaaae7e3b580, 
machine=0xaaaae7e3bee0) at util/session.c:1335
  #15 0x0000aaaaaf667000 in machines__deliver_event 
(machines=0xaaaae7e3bee0, evlist=0xaaaae7e3c550, event=0xffffb1091ec8,
      sample=0xffffe56c8df0, tool=0xffffe56c93d0, file_offset=3784,
      file_path=0xaaaae7e3b540 
"/tmp/perf-test-aslr.J1XB8pvpFy/perf.data2.kernel.FA0Uvd") at 
util/session.c:1502
  #16 0x0000aaaaaf667538 in perf_session__deliver_event 
(session=0xaaaae7e3bca0, event=0xffffb1091ec8,
      tool=0xffffe56c93d0, file_offset=3784,
      file_path=0xaaaae7e3b540 
"/tmp/perf-test-aslr.J1XB8pvpFy/perf.data2.kernel.FA0Uvd") at 
util/session.c:1593
  #17 0x0000aaaaaf662bbc in ordered_events__deliver_event 
(oe=0xaaaae7e3c460, event=0xaaaae7e44740) at util/session.c:134
  #18 0x0000aaaaaf672c98 in do_flush (oe=0xaaaae7e3c460, 
show_progress=true) at util/ordered-events.c:245
  #19 0x0000aaaaaf673048 in __ordered_events__flush (oe=0xaaaae7e3c460, 
how=OE_FLUSH__FINAL, timestamp=0)
      at util/ordered-events.c:324
  #20 0x0000aaaaaf673154 in ordered_events__flush (oe=0xaaaae7e3c460, 
how=OE_FLUSH__FINAL) at util/ordered-events.c:342
  #21 0x0000aaaaaf669e54 in __perf_session__process_events 
(session=0xaaaae7e3bca0) at util/session.c:2508
  #22 0x0000aaaaaf66a790 in perf_session__process_events 
(session=0xaaaae7e3bca0) at util/session.c:2675
  #23 0x0000aaaaaf41f59c in __cmd_script (script=0xffffe56c93d0) at 
builtin-script.c:3241
  #24 0x0000aaaaaf4242b0 in cmd_script (argc=0, argv=0xffffe56cb370) at 
builtin-script.c:4586
  #25 0x0000aaaaaf4a03f8 in run_builtin (p=0xaaaaafa14e60 
<commands+480>, argc=3, argv=0xffffe56cb370) at perf.c:348
  #26 0x0000aaaaaf4a066c in handle_internal_command (argc=3, 
argv=0xffffe56cb370) at perf.c:398
  #27 0x0000aaaaaf4a0824 in run_argv (argcp=0xffffe56cb1ac, 
argv=0xffffe56cb1a0) at perf.c:442
  #28 0x0000aaaaaf4a0b4c in main (argc=3, argv=0xffffe56cb370) at 
perf.c:549