If an event was truncated at the end of a perf.data file larger than
MAP_SIZE, the event reading code ended up in an infinite loop. Break
this loop by making sure the mapping window is always shifting
towards the end of the file.
Fixes: bb1835a3b86c ("perf session: Fix decompression of PERF_RECORD_COMPRESSED
records")
Fixes: 57fc032ad643 ("perf session: Avoid infinite loop when seeing invalid
header.size")
Signed-off-by: Petr Malat <o...@malat.biz>
---
tools/perf/util/session.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/tools/perf/util/session.c b/tools/perf/util/session.c
index 5f7bc5ad620f..79b2e93c1639 100644
--- a/tools/perf/util/session.c
+++ b/tools/perf/util/session.c
@@ -1,6 +1,7 @@
// SPDX-License-Identifier: GPL-2.0
#include <errno.h>
#include <inttypes.h>
+#include <linux/err.h>
#include <linux/kernel.h>
#include <linux/zalloc.h>
#include <api/fs/fs.h>
@@ -2182,6 +2183,12 @@ reader__process_events(struct reader *rd, struct
perf_session *session,
}
page_offset = page_size * (head / page_size);
+ if (!page_offset) {
+ pr_err("%#" PRIx64 ": truncated event\n",
+ file_offset + head);
+ err = -EINVAL;
+ goto out;
+ }
file_offset += page_offset;
head -= page_offset;
goto remap;
--
2.20.1
