From: Alex Elder <aelder@sgi.com>
To: Dave Chinner <david@fromorbit.com>
Cc: xfs@oss.sgi.com
Subject: Re: [PATCH] xfs: prevent 32bit overflow in space reservation
Date: Thu, 02 Sep 2010 10:51:19 -0500 [thread overview]
Message-ID: <1283442679.5727.35.camel@doink> (raw)
In-Reply-To: <1283404663-28105-1-git-send-email-david@fromorbit.com>
On Thu, 2010-09-02 at 15:17 +1000, Dave Chinner wrote:
> From: Dave Chinner <dchinner@redhat.com>
>
> If we attempt to preallocate more than 2^32 blocks of space in a
> single syscall, the transaction block reservation will overflow
> leading to a hangs in the superblock block accounting code. This
> is trivially reproduced with xfs_io. Fix the problem by capping the
> allocation reservation to the maximum number of blocks a single
> xfs_bmapi() call can allocate (2^21 blocks).
This looks OK, but I have two comments, below.
> Signed-off-by: Dave Chinner <dchinner@redhat.com>
> ---
> fs/xfs/xfs_vnodeops.c | 12 +++++++++---
> 1 files changed, 9 insertions(+), 3 deletions(-)
>
> diff --git a/fs/xfs/xfs_vnodeops.c b/fs/xfs/xfs_vnodeops.c
> index 66d585c..91dd9c8 100644
> --- a/fs/xfs/xfs_vnodeops.c
> +++ b/fs/xfs/xfs_vnodeops.c
> @@ -2299,15 +2299,21 @@ xfs_alloc_file_space(
> e = allocatesize_fsb;
> }
>
> + /*
> + * we can't allocate more than @nimaps extents at a time,
> + * so prevent a 32bit overflow on the transaction reserve
> + * by trying to reserve > 16TB worth of blocks for the
> + * preallocation.
> +
This comment could use rewording. How about something like:
A 32-bit block count limits the amount of space that can
be reserved in a transaction, so we need to limit the
number of blocks reserved to avoid overflow. We can't
allocate more than @nimaps extents (whose size won't
exceed 32 bits) at a time anyway, so use that to enforce
the limit.
> */
> + resblks = min_t(xfs_fileoff_t, (e - s), (MAXEXTLEN * nimaps));
I guess it's clear that MAXEXTLEN fits in 32 bits because of
sizeof (xfs_extlen_t). And inspection shows that nimaps is
just 1, so this does the 32-bit limiting. But that just
seems indirect. (Actually, now that I've written this I
updated the above comment and it's better...)
-Alex
> if (unlikely(rt)) {
> - resrtextents = qblocks = (uint)(e - s);
> + resrtextents = qblocks = resblks;
> resrtextents /= mp->m_sb.sb_rextsize;
> resblks = XFS_DIOSTRAT_SPACE_RES(mp, 0);
> quota_flag = XFS_QMOPT_RES_RTBLKS;
> } else {
> resrtextents = 0;
> - resblks = qblocks = \
> - XFS_DIOSTRAT_SPACE_RES(mp, (uint)(e - s));
> + resblks = qblocks = XFS_DIOSTRAT_SPACE_RES(mp, resblks);
> quota_flag = XFS_QMOPT_RES_REGBLKS;
> }
>
_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs
next prev parent reply other threads:[~2010-09-02 15:50 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-09-02 5:17 [PATCH] xfs: prevent 32bit overflow in space reservation Dave Chinner
2010-09-02 12:16 ` Christoph Hellwig
2010-09-02 15:51 ` Alex Elder [this message]
2010-09-03 0:01 ` Dave Chinner
2010-09-03 13:48 ` Alex Elder
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1283442679.5727.35.camel@doink \
--to=aelder@sgi.com \
--cc=david@fromorbit.com \
--cc=xfs@oss.sgi.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox