From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-0.6 required=3.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3D0E4C4332D for ; Fri, 20 Mar 2020 18:11:41 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 0046020775 for ; Fri, 20 Mar 2020 18:11:40 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (2048-bit key) header.d=infradead.org header.i=@infradead.org header.b="eyNztVgX" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 0046020775 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=infradead.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 77B986B0003; Fri, 20 Mar 2020 14:11:40 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 72BEF6B0008; Fri, 20 Mar 2020 14:11:40 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 643F66B000A; Fri, 20 Mar 2020 14:11:40 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 4A72F6B0003 for ; Fri, 20 Mar 2020 14:11:40 -0400 (EDT) Received: from smtpin13.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay05.hostedemail.com (Postfix) with ESMTP id C22B8181AC9C6 for ; Fri, 20 Mar 2020 18:11:39 +0000 (UTC) X-FDA: 76616533518.13.clock72_82cdedf784f2d X-HE-Tag: clock72_82cdedf784f2d X-Filterd-Recvd-Size: 4756 Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) by imf19.hostedemail.com (Postfix) with ESMTP for ; Fri, 20 Mar 2020 18:11:38 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=bombadil.20170209; h=In-Reply-To:Content-Type:MIME-Version :References:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description; bh=p6kUQaVzyG/7aafQEj2oYoGKarn6agZvQF5qHrKX8Tc=; b=eyNztVgX76i16/jeYqqPpZu4sX sXc8vs25jMw4vVAYXjoA8DgM2uzIMN5yBWkGawjo5WX9KQRuVqhyOMcR+1OXjTrnmUOvKFLlajWTh C/zG1s50fN4WqpS6HehSEJni5oQ1WzUhIAStAK+kmIlg6EMycQupwu059cgWaJPn310ClNl6D4VPx 0e3/G4ggInF9NSQVBazYXx0s2qIlmusdCkBUh0+eyUkvYj7N4d9XynyqouwQZVf7LWrCI1BgqP8Cs UrxUi+eztNgKF6XQIzB1awOkum9npNrbgagQQwgGAqvgh6c/Ea6GWk8cbheHh79L9/ElbL5oi8/X6 G99RY7Ig==; Received: from willy by bombadil.infradead.org with local (Exim 4.92.3 #3 (Red Hat Linux)) id 1jFM7I-0001VF-Jx; Fri, 20 Mar 2020 18:11:32 +0000 Date: Fri, 20 Mar 2020 11:11:32 -0700 From: Matthew Wilcox To: Eric Biggers Cc: Andrew Morton , linux-xfs@vger.kernel.org, William Kucharski , John Hubbard , linux-kernel@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, cluster-devel@redhat.com, linux-mm@kvack.org, ocfs2-devel@oss.oracle.com, linux-fsdevel@vger.kernel.org, linux-ext4@vger.kernel.org, linux-erofs@lists.ozlabs.org, linux-btrfs@vger.kernel.org Subject: Re: [PATCH v9 12/25] mm: Move end_index check out of readahead loop Message-ID: <20200320181132.GD4971@bombadil.infradead.org> References: <20200320142231.2402-1-willy@infradead.org> <20200320142231.2402-13-willy@infradead.org> <20200320165828.GB851@sol.localdomain> <20200320173040.GB4971@bombadil.infradead.org> <20200320180017.GE851@sol.localdomain> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20200320180017.GE851@sol.localdomain> X-Bogosity: Ham, tests=bogofilter, spamicity=0.000001, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Fri, Mar 20, 2020 at 11:00:17AM -0700, Eric Biggers wrote: > On Fri, Mar 20, 2020 at 10:30:40AM -0700, Matthew Wilcox wrote: > > On Fri, Mar 20, 2020 at 09:58:28AM -0700, Eric Biggers wrote: > > > On Fri, Mar 20, 2020 at 07:22:18AM -0700, Matthew Wilcox wrote: > > > > + /* Avoid wrapping to the beginning of the file */ > > > > + if (index + nr_to_read < index) > > > > + nr_to_read = ULONG_MAX - index + 1; > > > > + /* Don't read past the page containing the last byte of the file */ > > > > + if (index + nr_to_read >= end_index) > > > > + nr_to_read = end_index - index + 1; > > > > > > There seem to be a couple off-by-one errors here. Shouldn't it be: > > > > > > /* Avoid wrapping to the beginning of the file */ > > > if (index + nr_to_read < index) > > > nr_to_read = ULONG_MAX - index; > > > > I think it's right. Imagine that index is ULONG_MAX. We should read one > > page (the one at ULONG_MAX). That would be ULONG_MAX - ULONG_MAX + 1. > > > > > /* Don't read past the page containing the last byte of the file */ > > > if (index + nr_to_read > end_index) > > > nr_to_read = end_index - index + 1; > > > > > > I.e., 'ULONG_MAX - index' rather than 'ULONG_MAX - index + 1', so that > > > 'index + nr_to_read' is then ULONG_MAX rather than overflowed to 0. > > > > > > Then 'index + nr_to_read > end_index' rather 'index + nr_to_read >= end_index', > > > since otherwise nr_to_read can be increased by 1 rather than decreased or stay > > > the same as expected. > > > > Ooh, I missed the overflow case here. It should be: > > > > + if (index + nr_to_read - 1 > end_index) > > + nr_to_read = end_index - index + 1; > > > > But then if someone passes index=0 and nr_to_read=0, this underflows and the > entire file gets read. nr_to_read == 0 doesn't make sense ... I thought we filtered that out earlier, but I can't find anywhere that does that right now. I'd rather return early from __do_page_cache_readahead() to fix that. > The page cache isn't actually supposed to contain a page at index ULONG_MAX, > since MAX_LFS_FILESIZE is at most ((loff_t)ULONG_MAX << PAGE_SHIFT), right? So > I don't think we need to worry about reading the page with index ULONG_MAX. > I.e. I think it's fine to limit nr_to_read to 'ULONG_MAX - index', if that makes > it easier to avoid an overflow or underflow in the next check. I think we can get a page at ULONG_MAX on 32-bit systems? I mean, we can buy hard drives which are larger than 16TiB these days: https://www.pcmag.com/news/seagate-will-ship-18tb-and-20tb-hard-drives-in-2020 (even ignoring RAID devices)