From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754370AbbINOfy (ORCPT ); Mon, 14 Sep 2015 10:35:54 -0400 Received: from mga01.intel.com ([192.55.52.88]:22744 "EHLO mga01.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752190AbbINOfx (ORCPT ); Mon, 14 Sep 2015 10:35:53 -0400 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.17,528,1437462000"; d="scan'208";a="804106164" Message-ID: <1442241221.8361.14.camel@linux.intel.com> Subject: Re: [PATCH] lib/string_helpers.c: fix infinite loop in string_get_size() From: Andy Shevchenko To: Vitaly Kuznetsov Cc: James Bottomley , "akpm@linux-foundation.org" , "linux@rasmusvillemoes.dk" , "linux-kernel@vger.kernel.org" , "kys@microsoft.com" Date: Mon, 14 Sep 2015 17:33:41 +0300 In-Reply-To: <87wpvtyxvx.fsf@vitty.brq.redhat.com> References: <1441371393-15030-1-git-send-email-vkuznets@redhat.com> <20150910160815.30d56ee48bbfdf5eed783c53@linux-foundation.org> <1441996263.6276.4.camel@Odin.com> <1442221595.8361.4.camel@linux.intel.com> <87wpvtyxvx.fsf@vitty.brq.redhat.com> Organization: Intel Finland Oy Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.16.3-1 Mime-Version: 1.0 Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, 2015-09-14 at 14:43 +0200, Vitaly Kuznetsov wrote: > Andy Shevchenko writes: > > > On Fri, 2015-09-11 at 18:31 +0000, James Bottomley wrote: > > > On Thu, 2015-09-10 at 16:08 -0700, Andrew Morton wrote: > > > > On Fri, 4 Sep 2015 14:56:33 +0200 Vitaly Kuznetsov < > > > > vkuznets@redhat.com> wrote: > > > > > > > > > string_get_size(1, 512, 0, ..., ...) call results in an > > > > > infinite > > > > > loop. The > > > > > problem is that if size == 0 when we start calculating sf_cap > > > > > > > > > > this loop > > > > > will never end. > > > > > > > > > > The caller causing the issue is sd_read_capacity(), the > > > > > problem > > > > > was noticed > > > > > on Hyper-V. > > > > > > > > When fixing bugs, please provide enough info for others to be > > > > able > > > > to > > > > understand which kernel version(s) need the fix. In this case: > > > > > > > > what > > > > end-user action triggers this bug? (iow, how does sdkp > > > > ->capacity > > > > become zero?) > > > > > > Any more details. The attached programme, which is cut straight > > > out > > > of > > > the algorithm in string_helpers.c and modified for a C > > > environment > > > slightly (only in do_div and the typedefs) produces this > > > > > > hello > > > STRING IS 512 B > > > > > > With your input, so I don't think the problem is where you think > > > it > > > is. > > > > > > James > > > > > > > Vitaly, it might make sense to extend test-string_helpers.c to what > > you > > are trying to do right. > > The issue is that string_get_size() enters an infinite loop on some > inputs so if we add a test for such inputs we'll hang our kernel... > I didn't see a problem to add this test case. Since test module is dedicated for that (tests). -- Andy Shevchenko Intel Finland Oy