perf: possible bug in perf_event__read_size

[Vince Weaver]

so I'm trying to track down a weird bug where opening a massive amount of 
events (10000) in one group and then trying to read the values causes 
memory corruption.

But in any case I ran across this code in kernel/events/core.c

+static void perf_event__read_size(struct perf_event *event)
+{
+       int entry = sizeof(u64); /* value */
+       int size = 0;
+       int nr = 1;
+
+       if (event->attr.read_format & PERF_FORMAT_TOTAL_TIME_ENABLED)
+               size += sizeof(u64);
+
+       if (event->attr.read_format & PERF_FORMAT_TOTAL_TIME_RUNNING)
+               size += sizeof(u64);
+
+       if (event->attr.read_format & PERF_FORMAT_ID)
+               entry += sizeof(u64);
                ^^^^^
+
+       if (event->attr.read_format & PERF_FORMAT_GROUP) {
+               nr += event->group_leader->nr_siblings;
+               size += sizeof(u64);
+       }
+
+       size += entry * nr;
+       event->read_size = size;
+}

Shouldn't that be

       if (event->attr.read_format & PERF_FORMAT_ID)
               size += sizeof(u64);

otherwise we are allocating 16-bytes for each entry rather than 8-bytes
if PERF_FORMAT_ID is specified?  or am I missing something?

I tried to track down where this change originated but my git powers are 
not enough to get a git blame to work past a file rename.

Vince
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/