If an event was truncated at the end of a perf.data file larger than MAP_SIZE, the event reading code ended up in an infinite loop. Break this loop by making sure the mapping window is always shifting towards the end of the file.
Fixes: bb1835a3b86c ("perf session: Fix decompression of PERF_RECORD_COMPRESSED records") Fixes: 57fc032ad643 ("perf session: Avoid infinite loop when seeing invalid header.size") Signed-off-by: Petr Malat <o...@malat.biz> --- tools/perf/util/session.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/tools/perf/util/session.c b/tools/perf/util/session.c index 5f7bc5ad620f..79b2e93c1639 100644 --- a/tools/perf/util/session.c +++ b/tools/perf/util/session.c @@ -1,6 +1,7 @@ // SPDX-License-Identifier: GPL-2.0 #include <errno.h> #include <inttypes.h> +#include <linux/err.h> #include <linux/kernel.h> #include <linux/zalloc.h> #include <api/fs/fs.h> @@ -2182,6 +2183,12 @@ reader__process_events(struct reader *rd, struct perf_session *session, } page_offset = page_size * (head / page_size); + if (!page_offset) { + pr_err("%#" PRIx64 ": truncated event\n", + file_offset + head); + err = -EINVAL; + goto out; + } file_offset += page_offset; head -= page_offset; goto remap; -- 2.20.1