From: David Sterba <dsterba@suse.cz>
To: Cengiz Can <cengiz@kernel.wtf>
Cc: dsterba@suse.cz, linux-btrfs@vger.kernel.org,
Chris Mason <clm@fb.com>, Josef Bacik <josef@toxicpanda.com>,
David Sterba <dsterba@suse.com>
Subject: Re: [PATCH] fs: btrfs: prevent unintentional int overflow
Date: Tue, 7 Jan 2020 17:01:24 +0100 [thread overview]
Message-ID: <20200107160124.GY3929@twin.jikos.cz> (raw)
In-Reply-To: <16f809ac7e8.2bfa.85c738e3968116fc5c0dc2de74002084@kernel.wtf>
On Tue, Jan 07, 2020 at 06:23:45PM +0300, Cengiz Can wrote:
> On January 6, 2020 18:53:40 David Sterba <dsterba@suse.cz> wrote:
>
> > The overflow can't happen in practice. Taking generous maximum value for
> > an item and sectorsize (64K) and doing the math will reach nowhere the
> > overflow limit for 32bit type:
> >
> > 64K / 4 * 64K = 1G
>
> I didn't know that. Thanks for sharing.
>
> > I'm not sure if this is worth adding the cast, or mark the coverity
> > issue as not important.
>
> If the cast is adding any overhead (which I don't think it does) I would
> kindly request adding it for the sake of completeness.
It's not a runtime overhead but typecasts should not be needed in
general and when there's one it should be there for a reason. Sometimes
it's apparent and does not need a comment to explain why but otherwise I
see it as "overhead" when reading the code. Lots of calculations done in
btrfs fit perfectly to 32bit, eg. the b-tree node or page-related ones.
Where it matters is eg. conversion from/to bio::bi_sector to/from btrfs
logical addresses that are u64, where the interface type is unsigned
long and not a fixed width.
The size constraints of the variables used in the reported expression
are known to developers so I tend to think the typecast is not
necessary. Maybe the static checker tool could be improved to know the
invariants, that are eg. verified in fs/btrfs/disk-io.c:validate_super.
next prev parent reply other threads:[~2020-01-07 16:01 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-01-03 18:47 [PATCH] fs: btrfs: prevent unintentional int overflow Cengiz Can
2020-01-06 15:53 ` David Sterba
2020-01-07 15:23 ` Cengiz Can
2020-01-07 16:01 ` David Sterba [this message]
2020-01-07 19:44 ` Cengiz Can
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200107160124.GY3929@twin.jikos.cz \
--to=dsterba@suse.cz \
--cc=cengiz@kernel.wtf \
--cc=clm@fb.com \
--cc=dsterba@suse.com \
--cc=josef@toxicpanda.com \
--cc=linux-btrfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox