From: Phillip Lougher <phillip@lougher.demon.co.uk>
To: linux-kernel@vger.kernel.org
Subject: [PATCH] VFS readahead bug in 2.6.8-rc[1-3]
Date: Thu, 05 Aug 2004 18:50:41 +0100 [thread overview]
Message-ID: <41127371.1000603@lougher.demon.co.uk> (raw)
Hi,
There is a readahead bug in do_generic_mapping_read (filemap.c). This
bug appears to have been introduced in 2.6.8-rc1. Specifically the bug
is caused by an incorrect code change which causes VFS to call
readpage() for indexes beyond the end of files where the file length is
zero or a 4k multiple.
In Squashfs this causes a variety of almost immediate OOPes because
Squashfs trusts the VFS not to pass invalid index values. For other
filesystems it may also be causing subtle bugs. I have received
prune_dcache oopes similar to Gene Heskett's (which was also
pointer corruption), and so it may fix this and other reported
readahead bugs.
The patch is against 2.6.8-rc3.
Regards
Phillip Lougher
diff --new-file -ur linux-2.6.8-rc3-squashfs2.0-test/mm/filemap.c linux-2.6.8-rc3-squashfs2.0-patched/mm/filemap.c
--- linux-2.6.8-rc3-squashfs2.0-test/mm/filemap.c 2004-08-05 02:14:39.000000000 +0100
+++ linux-2.6.8-rc3-squashfs2.0-patched/mm/filemap.c 2004-08-05 18:15:00.000000000 +0100
@@ -674,6 +674,15 @@
unsigned long nr, ret;
cond_resched();
+
+ /* nr is the maximum number of bytes to copy from this page */
+ nr = PAGE_CACHE_SIZE;
+ if (index == end_index) {
+ nr = isize & ~PAGE_CACHE_MASK;
+ if (nr <= offset)
+ goto out;
+ }
+
page_cache_readahead(mapping, &ra, filp, index);
find_page:
@@ -685,15 +694,6 @@
if (!PageUptodate(page))
goto page_not_up_to_date;
page_ok:
- /* nr is the maximum number of bytes to copy from this page */
- nr = PAGE_CACHE_SIZE;
- if (index == end_index) {
- nr = isize & ~PAGE_CACHE_MASK;
- if (nr <= offset) {
- page_cache_release(page);
- goto out;
- }
- }
nr = nr - offset;
/* If users can be writing to this page using arbitrary
next reply other threads:[~2004-08-05 19:04 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-08-05 17:50 Phillip Lougher [this message]
2004-08-06 0:55 ` [PATCH] VFS readahead bug in 2.6.8-rc[1-3] Nick Piggin
2004-08-06 2:19 ` Nick Piggin
2004-08-06 16:58 ` Phillip Lougher
2004-08-06 18:58 ` Nick Piggin
2004-08-06 19:14 ` Phillip Lougher
2004-08-06 19:31 ` viro
2004-08-06 19:18 ` Phillip Lougher
2004-08-06 19:46 ` Andrew Morton
2004-08-16 7:55 ` [PATCH] " Ram Pai
2004-08-07 14:21 ` Pozsar Balazs
[not found] <Pine.LNX.4.44.0408052104420.2241-100000@dyn319181.beaverton.ibm.com>
[not found] ` <411322E8.4000503@yahoo.com.au>
2004-08-06 10:47 ` Ram
2004-08-06 17:05 ` Phillip Lougher
2004-08-06 18:02 ` Ram Pai
2004-08-06 19:09 ` Nick Piggin
2004-08-06 19:39 ` Phillip Lougher
2004-08-06 20:21 ` Nick Piggin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=41127371.1000603@lougher.demon.co.uk \
--to=phillip@lougher.demon.co.uk \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.