From: "Darrick J. Wong" <darrick.wong@oracle.com>
To: Al Viro <viro@ZenIV.linux.org.uk>
Cc: Linus Torvalds <torvalds@linux-foundation.org>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
linux-fsdevel <linux-fsdevel@vger.kernel.org>
Subject: Re: [git pull] vfs.git pile 2
Date: Sun, 18 Dec 2016 15:40:31 -0800 [thread overview]
Message-ID: <20161218234031.GA7311@birch.djwong.org> (raw)
In-Reply-To: <20161218040559.GX1555@ZenIV.linux.org.uk>
On Sun, Dec 18, 2016 at 04:06:06AM +0000, Al Viro wrote:
> On Sat, Dec 17, 2016 at 07:34:45PM -0800, Linus Torvalds wrote:
> > > What else am I missing there?
> >
> > I absolutely *abhor* this part:
> >
> > *len = isize - pos_in;
> >
> > because the whole code then depends on the overflow checking a few
> > lines down, and it's not at all obvious. We have not tested that
> > "pos_in" is smaller than "isize", even though the comment above the
> > "isize == 0" test inplies we did some kind of "past the end check" (we
> > did not).
> >
> > The whole "depend on overflow checking" being nasty is particularly
> > true when that checking itself is damn subtle, and depends deeply on
> > the type of "*len" being unsigned and larger than "loff_t". Which in
> > turn is true, but it's all really nasty, and it's subtle. "loff_t" is
> > "long long", while "*len" is u64, and it's almost just luck that the
> > comparison does in fact end up unsigned.
>
> I agree, but that one is a straight move - exact same thing is there in
> xfs_reflink.c counterpart in the current mainline.
Ok, fair enough. I thought it was ok but then I've spent so much time
staring at the reflink code it's good to have a fresh set of eyes. :)
I'll add a if (pos_in > isize) return -EINVAL there to make it more
explicit.
> > So I think that code really needs a fair amount of loving.
>
> Indeed. Darrick, would you add a followup cleaning that up? It can be
> done after the move to fs/read_write.c - no need to reorder/rebase that
> thing. While we are at it, it might be better to turn the return value
> into -E.../0/1, 0 being "no error, but nothing to do" and 1 - the normal
> success case. That would get rid of using *len = 0 as signalling mechanism -
> the caller would simply do
> ret = vfs_..._inodes(.....);
> if (ret <= 0)
> goto out_unlock;
> /* returned positive, we have work to do */
Sounds good. I'll post a cleanup patch once it goes through the
xfstests wringer.
--D
next prev parent reply other threads:[~2016-12-18 23:40 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-12-16 22:12 [git pull] vfs.git pile 2 Al Viro
2016-12-18 2:49 ` Linus Torvalds
2016-12-18 3:26 ` Al Viro
2016-12-18 3:34 ` Linus Torvalds
2016-12-18 4:06 ` Al Viro
2016-12-18 23:40 ` Darrick J. Wong [this message]
-- strict thread matches above, loose matches on Subject: below --
2017-03-02 12:38 [git pull] vfs.git, " Al Viro
2014-12-15 23:51 [git pull] vfs.git " Al Viro
2014-12-16 13:33 ` Al Viro
2014-12-16 18:06 ` Al Viro
2013-05-04 20:23 Al Viro
2012-10-12 1:19 [git pull] vfs.git, " Al Viro
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20161218234031.GA7311@birch.djwong.org \
--to=darrick.wong@oracle.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=viro@ZenIV.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).