From: Eric Biggers <ebiggers@kernel.org>
To: Matthew Wilcox <willy@infradead.org>
Cc: cluster-devel@redhat.com, linux-mm@kvack.org,
John Hubbard <jhubbard@nvidia.com>,
linux-kernel@vger.kernel.org,
linux-f2fs-devel@lists.sourceforge.net,
linux-xfs@vger.kernel.org,
William Kucharski <william.kucharski@oracle.com>,
linux-btrfs@vger.kernel.org, linux-fsdevel@vger.kernel.org,
Andrew Morton <akpm@linux-foundation.org>,
linux-ext4@vger.kernel.org, linux-erofs@lists.ozlabs.org,
ocfs2-devel@oss.oracle.com
Subject: Re: [PATCH v9 12/25] mm: Move end_index check out of readahead loop
Date: Fri, 20 Mar 2020 11:00:17 -0700 [thread overview]
Message-ID: <20200320180017.GE851@sol.localdomain> (raw)
In-Reply-To: <20200320173040.GB4971@bombadil.infradead.org>
On Fri, Mar 20, 2020 at 10:30:40AM -0700, Matthew Wilcox wrote:
> On Fri, Mar 20, 2020 at 09:58:28AM -0700, Eric Biggers wrote:
> > On Fri, Mar 20, 2020 at 07:22:18AM -0700, Matthew Wilcox wrote:
> > > + /* Avoid wrapping to the beginning of the file */
> > > + if (index + nr_to_read < index)
> > > + nr_to_read = ULONG_MAX - index + 1;
> > > + /* Don't read past the page containing the last byte of the file */
> > > + if (index + nr_to_read >= end_index)
> > > + nr_to_read = end_index - index + 1;
> >
> > There seem to be a couple off-by-one errors here. Shouldn't it be:
> >
> > /* Avoid wrapping to the beginning of the file */
> > if (index + nr_to_read < index)
> > nr_to_read = ULONG_MAX - index;
>
> I think it's right. Imagine that index is ULONG_MAX. We should read one
> page (the one at ULONG_MAX). That would be ULONG_MAX - ULONG_MAX + 1.
>
> > /* Don't read past the page containing the last byte of the file */
> > if (index + nr_to_read > end_index)
> > nr_to_read = end_index - index + 1;
> >
> > I.e., 'ULONG_MAX - index' rather than 'ULONG_MAX - index + 1', so that
> > 'index + nr_to_read' is then ULONG_MAX rather than overflowed to 0.
> >
> > Then 'index + nr_to_read > end_index' rather 'index + nr_to_read >= end_index',
> > since otherwise nr_to_read can be increased by 1 rather than decreased or stay
> > the same as expected.
>
> Ooh, I missed the overflow case here. It should be:
>
> + if (index + nr_to_read - 1 > end_index)
> + nr_to_read = end_index - index + 1;
>
But then if someone passes index=0 and nr_to_read=0, this underflows and the
entire file gets read.
The page cache isn't actually supposed to contain a page at index ULONG_MAX,
since MAX_LFS_FILESIZE is at most ((loff_t)ULONG_MAX << PAGE_SHIFT), right? So
I don't think we need to worry about reading the page with index ULONG_MAX.
I.e. I think it's fine to limit nr_to_read to 'ULONG_MAX - index', if that makes
it easier to avoid an overflow or underflow in the next check.
- Eric
next prev parent reply other threads:[~2020-03-20 18:00 UTC|newest]
Thread overview: 46+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-03-20 14:22 [PATCH v9 00/25] Change readahead API Matthew Wilcox
2020-03-20 14:22 ` [PATCH v9 01/25] mm: Move readahead prototypes from mm.h Matthew Wilcox
2020-03-20 14:22 ` [PATCH v9 02/25] mm: Return void from various readahead functions Matthew Wilcox
2020-03-20 14:22 ` [PATCH v9 03/25] mm: Ignore return value of ->readpages Matthew Wilcox
2020-03-20 14:22 ` [PATCH v9 04/25] mm: Move readahead nr_pages check into read_pages Matthew Wilcox
2020-03-20 14:22 ` [PATCH v9 05/25] mm: Add new readahead_control API Matthew Wilcox
2020-03-20 14:22 ` [PATCH v9 06/25] mm: Use readahead_control to pass arguments Matthew Wilcox
2020-03-20 14:22 ` [PATCH v9 07/25] mm: Rename various 'offset' parameters to 'index' Matthew Wilcox
2020-03-20 14:22 ` [PATCH v9 08/25] mm: rename readahead loop variable to 'i' Matthew Wilcox
2020-03-20 14:22 ` [PATCH v9 09/25] mm: Remove 'page_offset' from readahead loop Matthew Wilcox
2020-03-20 14:22 ` [PATCH v9 10/25] mm: Put readahead pages in cache earlier Matthew Wilcox
2020-03-20 14:22 ` [PATCH v9 11/25] mm: Add readahead address space operation Matthew Wilcox
2020-03-20 14:22 ` [PATCH v9 12/25] mm: Move end_index check out of readahead loop Matthew Wilcox
2020-03-20 16:58 ` Eric Biggers
2020-03-20 17:30 ` Matthew Wilcox
2020-03-20 18:00 ` Eric Biggers [this message]
2020-03-20 18:11 ` Matthew Wilcox
2020-03-20 18:24 ` Eric Biggers
2020-03-22 16:28 ` Matthew Wilcox
2020-03-20 14:22 ` [PATCH v9 13/25] mm: Add page_cache_readahead_unbounded Matthew Wilcox
2020-03-20 17:27 ` Eric Biggers
2020-03-20 14:22 ` [PATCH v9 14/25] mm: Document why we don't set PageReadahead Matthew Wilcox
2020-03-20 14:22 ` [PATCH v9 15/25] mm: Use memalloc_nofs_save in readahead path Matthew Wilcox
2020-03-20 14:22 ` [PATCH v9 16/25] fs: Convert mpage_readpages to mpage_readahead Matthew Wilcox
2020-03-20 23:24 ` Namjae Jeon
2020-03-20 14:22 ` [PATCH v9 17/25] btrfs: Convert from readpages to readahead Matthew Wilcox
2020-03-20 14:22 ` [PATCH v9 18/25] erofs: Convert uncompressed files " Matthew Wilcox
2020-03-21 12:38 ` [f2fs-dev] " Chao Yu
2020-03-20 14:22 ` [PATCH v9 19/25] erofs: Convert compressed " Matthew Wilcox
2020-03-21 12:41 ` [f2fs-dev] " Chao Yu
2020-03-20 14:22 ` [PATCH v9 20/25] ext4: Convert " Matthew Wilcox
2020-03-20 17:37 ` Eric Biggers
2020-03-20 17:48 ` Matthew Wilcox
2020-03-20 18:40 ` Eric Biggers
2020-03-20 14:22 ` [PATCH v9 21/25] ext4: Pass the inode to ext4_mpage_readpages Matthew Wilcox
2020-03-20 18:44 ` Eric Biggers
2020-03-20 14:22 ` [PATCH v9 22/25] f2fs: Convert from readpages to readahead Matthew Wilcox
2020-03-20 18:51 ` Eric Biggers
2020-03-21 12:34 ` [f2fs-dev] " Chao Yu
2020-03-23 3:55 ` Jaegeuk Kim
2020-03-20 14:22 ` [PATCH v9 23/25] f2fs: Pass the inode to f2fs_mpage_readpages Matthew Wilcox
2020-03-20 18:52 ` Eric Biggers
2020-03-21 12:35 ` [f2fs-dev] " Chao Yu
2020-03-23 3:53 ` Jaegeuk Kim
2020-03-20 14:22 ` [PATCH v9 24/25] fuse: Convert from readpages to readahead Matthew Wilcox
2020-03-20 14:22 ` [PATCH v9 25/25] iomap: " Matthew Wilcox
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200320180017.GE851@sol.localdomain \
--to=ebiggers@kernel.org \
--cc=akpm@linux-foundation.org \
--cc=cluster-devel@redhat.com \
--cc=jhubbard@nvidia.com \
--cc=linux-btrfs@vger.kernel.org \
--cc=linux-erofs@lists.ozlabs.org \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-f2fs-devel@lists.sourceforge.net \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-xfs@vger.kernel.org \
--cc=ocfs2-devel@oss.oracle.com \
--cc=william.kucharski@oracle.com \
--cc=willy@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).