bfd: Use dynamic expansion to support large groups/users

When dumping a process with a massive number of supplementary groups,
the `Groups:` line in `/proc/<pid>/status` easily exceeds the hardcoded
`BUFSIZE` (4096 bytes). This causes `breadchr()` to abort with
"The bfd buffer is too small"

Instead of globally increasing `BUFSIZE`—which unnecessarily inflates
the memory footprint for all routine checkpoint operations—this patch
introduces a dynamic expansion mechanism

When `breadchr()` reaches the buffer limit, it dynamically maps an
independent, doubled VMA to handle the long text line (capped at 2MB
to prevent OOM). This oversized buffer is then safely unmapped during
`buf_put()` to avoid polluting the fixed-size zero-copy batched
memory pool

Fixes: #2898

Signed-off-by: dong sunchao <dongsunchao@gmail.com>

Author: DongSunchao

criu/bfd.c

@@ -25,8 +25,11 @@
  */
 #define BUFSIZE (PAGE_SIZE)
 
+#define BFD_MAX_DYNAMIC_SIZE (2 * 1024 * 1024)
+
 struct bfd_buf {
 	char *mem;
+	size_t size;
 	struct list_head l;
 };
 
@@ -61,6 +64,7 @@ static int buf_get(struct xbuf *xb)
 			}
 
 			b->mem = mem + i * BUFSIZE;
+			b->size = BUFSIZE;
 			list_add_tail(&b->l, &bufs);
 		}
 	}
@@ -77,11 +81,20 @@ static int buf_get(struct xbuf *xb)
 
 static void buf_put(struct xbuf *xb)
 {
-	/*
-	 * Don't unmap buffer back, it will get reused
-	 * by next bfdopen call
-	 */
-	list_add(&xb->buf->l, &bufs);
+	struct bfd_buf *b = xb->buf;
+
+	if (b->size > BUFSIZE) {
+		/* This buffer was remapped to fit a long line, unmap it back */
+		munmap(b->mem, b->size);
+		xfree(b);
+	} else {
+		/*
+		 * Don't unmap standard buffer back, it will get reused
+		 * by next bfdopen call
+		 */
+		list_add(&b->l, &bufs);
+	}
+
 	xb->buf = NULL;
 	xb->mem = NULL;
 	xb->data = NULL;
@@ -140,11 +153,13 @@ static int brefill(struct bfd *f)
 {
 	int ret;
 	struct xbuf *b = &f->b;
+	struct bfd_buf *b_buf = b->buf;
+	size_t cap = b_buf ? b_buf->size : BUFSIZE;
 
 	memmove(b->mem, b->data, b->sz);
 	b->data = b->mem;
 
-	ret = read_all(f->fd, b->mem + b->sz, BUFSIZE - b->sz);
+	ret = read_all(f->fd, b->mem + b->sz, cap - b->sz);
 	if (ret < 0) {
 		pr_perror("Error reading file");
 		return -1;
@@ -172,12 +187,70 @@ char *breadline(struct bfd *f)
 	return breadchr(f, '\n');
 }
 
+static int grow_bfd_buffer(struct xbuf *b, struct bfd_buf **p_b_buf, size_t cap)
+{
+	struct bfd_buf *b_buf = *p_b_buf;
+	struct bfd_buf *new_buf;
+	void *new_mem;
+	size_t new_cap = cap * 2;
+
+	if (new_cap > BFD_MAX_DYNAMIC_SIZE) {
+		pr_err("Line too long to fit in BFD_MAX_DYNAMIC_SIZE\n");
+		return -EIO;
+	}
+
+	new_buf = xmalloc(sizeof(*new_buf));
+	if (!new_buf) {
+		pr_perror("Unable to allocate buffer for bfd");
+		return -ENOMEM;
+	}
+
+	new_mem = mmap(NULL, new_cap, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS, 0, 0);
+	if (new_mem == MAP_FAILED) {
+		pr_perror("Unable to allocate memory for bfd buffer");
+		xfree(new_buf);
+		return -ENOMEM;
+	}
+
+	memcpy(new_mem, b->data, b->sz);
+
+	if (b_buf) {
+		if (b_buf->size > BUFSIZE) {
+			/* This buffer was remapped to fit a long line, unmap it back */
+			munmap(b_buf->mem, b_buf->size);
+			xfree(b_buf);
+		} else {
+			/*
+             * Don't unmap standard buffer back, it will get reused
+             * by next bfdopen call
+             */
+			list_add(&b_buf->l, &bufs);
+		}
+	}
+
+	/* Update pointers with the newly allocated buffer */
+	*p_b_buf = new_buf;
+	b->buf = new_buf;
+
+	new_buf->mem = new_mem;
+	new_buf->size = new_cap;
+
+	b->mem = new_mem;
+	b->data = new_mem;
+
+	return 0;
+}
+
 char *breadchr(struct bfd *f, char c)
 {
 	struct xbuf *b = &f->b;
+	struct bfd_buf *b_buf = b->buf;
 	bool refilled = false;
 	char *n;
+	size_t cap;
 	unsigned int ss = 0;
+	int fill_ret;
+	char *final_str;
 
 again:
 	n = strnchr(b->data + ss, b->sz - ss, c);
@@ -195,40 +268,41 @@ char *breadchr(struct bfd *f, char c)
 		if (!b->sz)
 			return NULL;
 
-		if (b->sz == BUFSIZE) {
-			pr_err("The bfd buffer is too small\n");
-			return ERR_PTR(-EIO);
+		cap = b_buf ? b_buf->size : BUFSIZE;
+		if (b->sz == cap) {
+			int err = grow_bfd_buffer(b, &b_buf, cap);
+			if (err)
+				return ERR_PTR(err);
 		}
-		/*
-		 * Last bytes may lack the \n at the
-		 * end, need to report this as full
-		 * line anyway
-		 */
-		b->data[b->sz] = '\0';
-
-		/*
-		 * The b->data still points to old data,
-		 * but we say that no bytes left there
-		 * so next call to breadline will not
-		 * "find" these bytes again.
-		 */
-		b->sz = 0;
-		return b->data;
 	}
 
-	/*
-	 * small optimization -- we've scanned b->sz
-	 * symbols already, no need to re-scan them after
-	 * the buffer refill.
-	 */
 	ss = b->sz;
 
-	/* no full line in the buffer -- refill one */
-	if (brefill(f) < 0)
+	fill_ret = brefill(f);
+	if (fill_ret < 0)
 		return ERR_PTR(-EIO);
 
-	refilled = true;
+	if (fill_ret == 0) {
+		if (!b->sz)
+			return NULL;
+
+		cap = b_buf ? b_buf->size : BUFSIZE;
+		if (b->sz == cap) {
+			int err = grow_bfd_buffer(b, &b_buf, cap);
+			if (err)
+				return ERR_PTR(err);
+		}
+
+		final_str = b->data;
+		final_str[b->sz] = '\0';
 
+		b->data += b->sz;
+		b->sz = 0;
+
+		return final_str;
+	}
+
+	refilled = true;
 	goto again;
 }
 
@@ -251,15 +325,17 @@ static int bflush(struct bfd *bfd)
 static int __bwrite(struct bfd *bfd, const void *buf, int size)
 {
 	struct xbuf *b = &bfd->b;
+	struct bfd_buf *b_buf = b->buf;
+	size_t cap = b_buf ? b_buf->size : BUFSIZE;
 
-	if (b->sz + size > BUFSIZE) {
+	if (b->sz + size > cap) {
 		int ret;
 		ret = bflush(bfd);
 		if (ret < 0)
 			return ret;
 	}
 
-	if (size > BUFSIZE)
+	if (size > cap)
 		return write_all(bfd->fd, buf, size);
 
 	memcpy(b->data + b->sz, buf, size);