On Mon, Jun 05, 2017 at 06:32:50PM -0700, David Carrillo-Cisneros wrote: > On Thu, May 25, 2017 at 1:10 AM, Jiri Olsa <[email protected]> wrote: > > On Tue, May 23, 2017 at 12:48:53AM -0700, David Carrillo-Cisneros wrote: > > > > SNIP > > > >> +int perf_event__synthesize_features(struct perf_tool *tool, > >> + struct perf_session *session, > >> + struct perf_evlist *evlist, > >> + perf_event__handler_t process) > >> +{ > >> + struct perf_header *header = &session->header; > >> + struct feat_fd fdd; > >> + struct feature_event *fe; > >> + size_t sz, sz_hdr; > >> + int feat, ret; > >> + > >> + sz_hdr = sizeof(fe->header); > >> + sz = sizeof(union perf_event); > >> + /* get a nice alignment */ > >> + sz = PERF_ALIGN(sz, getpagesize()); > >> + > >> + memset(&fdd, 0, sizeof(fdd)); > >> + > >> + fdd.buf = malloc(sz); > >> + if (!fdd.buf) > >> + return -ENOMEM; > >> + > >> + fdd.size = sz - sz_hdr; > >> + > >> + for_each_set_bit(feat, header->adds_features, HEADER_FEAT_BITS) { > >> + if (!feat_ops[feat].has_record) { > >> + pr_debug("No record header feature for header > >> :%d\n", feat); > >> + continue; > >> + } > >> + > >> + fdd.offset = sizeof(*fe); > >> + > >> + ret = feat_ops[feat].write(&fdd, evlist); > >> + if (ret || fdd.offset <= (ssize_t)sizeof(*fe)) { > >> + pr_debug("Error writing feature\n"); > >> + continue; > >> + } > >> + > >> + /* fdd.buf may have changed due to realloc in do_write() */ > > > > right, so how's ensured the data never cross the maximum event size > > (0xffff) ? > > > > I think do_write should have some check on that > > do_write reallocates ff->buff when it's not large enough.
and what if it's bigger than 0xffff? jirka
