Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp3329361rwb; Sun, 20 Nov 2022 11:46:16 -0800 (PST) X-Google-Smtp-Source: AA0mqf7gqwA6ylLmVA4keC5xXB7ODubzsjxuKBevHu/KGHXNmfVAbnUrZ7MFdbxZpxX6L0jpaFyc X-Received: by 2002:a62:cd8f:0:b0:563:321a:9155 with SMTP id o137-20020a62cd8f000000b00563321a9155mr17261135pfg.46.1668973575775; Sun, 20 Nov 2022 11:46:15 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1668973575; cv=none; d=google.com; s=arc-20160816; b=gT/P+hvry/suLSz/oM7tJUQO43nX1yGB7IJVG3ju2m3wul9Ihc/JFcVmHz7NOLn2Ro Hy/j2pPTLQQkmVnvAgyBEDK1zxw0CZ/O9m0qW8i84LfImMRTOm6+qwKArcjFL/LdQ6sT we+EDZyqX0VZl7bgv0paVSujsYQ5KTd1O0wDx8TDSxdJreekoKEFhvMzkpoSoNB2YJW+ bjELePafcod+ChZLrIy22z3tTr6D9GVOehhDnIcuV28KZL7skItryVS+7DswtSHS8Yj6 BLihhW7/kZlEkhSEiW4kqI1urDsinwuFcgRQ8+VRf6D4l0WL99r59wVbefPPN+hZFU5J M02A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:subject:cc:to:from:date; bh=nalGF7Il+c2OvRrMYnC/XY7Y7znpZH48cPsYbHV0P2I=; b=WtkzqxbhfN6QJE/zZUBOeOTVCehYVhkKhG97aB0FujX/ruewt8fbZK6utibrho8lzr ckPd8C9bwbYev0jnrb22y/blB7LzxKXrNhulICBofkcaom82KIe+PXoFgLb90JcI2oAU Zl2YhZWVcON2rFw6zENMOScrktQ1VOfz5VGij9nYb5khbYvhL8DKD0JQbHPQEt+zXCaj kSvIR+uiHlyhB4/FfKRDBl2o4spk83KJrPsmJ+YoxGIH7VUH94in/LDDhSDWNGq6X9oy Ywccm61M4W7C9Q0KT6sbHYnzeVDda246H/54pLojrv8mHpFQi6Sxbdg1BMtyR2Br5QFN +dgQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id j18-20020a63ec12000000b0046effafcc4esi9964326pgh.797.2022.11.20.11.46.03; Sun, 20 Nov 2022 11:46:15 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229667AbiKTTi7 (ORCPT + 92 others); Sun, 20 Nov 2022 14:38:59 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44366 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229449AbiKTTi6 (ORCPT ); Sun, 20 Nov 2022 14:38:58 -0500 Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7177221245 for ; Sun, 20 Nov 2022 11:38:57 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 24DDEB80B4D for ; Sun, 20 Nov 2022 19:38:56 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 424CEC433D6; Sun, 20 Nov 2022 19:38:54 +0000 (UTC) Date: Sun, 20 Nov 2022 14:38:52 -0500 From: Steven Rostedt To: Yang Jihong Cc: , Subject: Re: [PATCH v2] tracing: Fix infinite loop in tracing_read_pipe on overflowed print_trace_line Message-ID: <20221120143852.7e84b50d@rorschach.local.home> In-Reply-To: <20221118102521.62362-1-yangjihong1@huawei.com> References: <20221118102521.62362-1-yangjihong1@huawei.com> X-Mailer: Claws Mail 3.17.8 (GTK+ 2.24.33; x86_64-pc-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-6.7 required=5.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,RCVD_IN_DNSWL_HI,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, 18 Nov 2022 18:25:21 +0800 Yang Jihong wrote: > print_trace_line may overflow seq_file buffer. If the event is not > consumed, the while loop keeps peeking this event, causing a infinite loop. > > Signed-off-by: Yang Jihong > --- > > Changes since v1: > - Print partial line to show the broken trace event when overflowed print_trace_line > > kernel/trace/trace.c | 27 ++++++++++++++++++++++++++- > 1 file changed, 26 insertions(+), 1 deletion(-) > > diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c > index 47a44b055a1d..81c36dc80212 100644 > --- a/kernel/trace/trace.c > +++ b/kernel/trace/trace.c > @@ -6786,7 +6786,32 @@ tracing_read_pipe(struct file *filp, char __user *ubuf, > > ret = print_trace_line(iter); > if (ret == TRACE_TYPE_PARTIAL_LINE) { > - /* don't print partial lines */ > + /* > + * If one trace_line of the tracer overflows seq_file > + * buffer, trace_seq_to_user returns -EBUSY. > + * In this case, we need to consume, otherwise, > + * while loop will peek this event next time, > + * resulting in an infinite loop. > + */ > + if (trace_seq_has_overflowed(&iter->seq)) { We need to only do this if save_len is zero. Because the reason that it returns TRACE_TYPE_PARTIAL_LINE is usually because it overflowed. This loops until the trace_seq is full, so it's OK to have it overflow. The case I believe you are fixing, is the case were one print_trace_line() actually fills the entire trace_seq in one shot. In which case, it will never print, and in that case, save_len will be zero. -- Steve > + /* > + * Print the partial line, > + * that way we can see the broken trace event. > + */ > + char dots[] = "...\n"; > + > + iter->seq.full = 0; > + if (seq_buf_buffer_left(&iter->seq.seq) < strlen(dots)) { > + iter->seq.seq.len = > + seq_buf_used(&iter->seq.seq) - strlen(dots); > + } > + trace_seq_puts(&iter->seq, dots); > + > + trace_consume(iter); > + break; > + } > + > + /* In other cases, don't print partial lines */ > iter->seq.seq.len = save_len; > break; > }