From: David Sterba <dsterba@suse.cz>
To: Qu Wenruo <quwenruo.btrfs@gmx.com>
Cc: dsterba@suse.cz, Johannes Thumshirn <Johannes.Thumshirn@wdc.com>,
Geert Uytterhoeven <geert@linux-m68k.org>,
Chris Mason <clm@fb.com>, Josef Bacik <josef@toxicpanda.com>,
David Sterba <dsterba@suse.com>, Qu Wenru <wqu@suse.com>,
"linux-btrfs@vger.kernel.org" <linux-btrfs@vger.kernel.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH 1/4] btrfs: fix 64bit division in btrfs_insert_striped_mirrored_raid_extents
Date: Wed, 20 Sep 2023 17:34:03 +0200 [thread overview]
Message-ID: <20230920153403.GD2268@twin.jikos.cz> (raw)
In-Reply-To: <a364f344-b718-48ff-9e2a-484c5ded6e7f@gmx.com>
On Wed, Sep 20, 2023 at 07:20:49AM +0930, Qu Wenruo wrote:
> >>>>> What if the quotient does not fit in a signed 32-bit value?
> >>>>
> >>>> Then you've bought a lot of HDDs ;-)
> >>>>
> >>>> Jokes aside, yes this is theoretically correct. Dave can you fix
> >>>> max_stripes up to be u64 when applying?
> >>>
> >>> I think we can keep it int, or unsigned int if needed, we can't hit such
> >>> huge values for rw_devices. The 'theoretically' would fit for a machine
> >>> with infinite resources, otherwise the maximum number of devices I'd
> >>> expect is a few thousand.
> >>
> >> In fact, we already have an check in btrfs_validate_super(), if the
> >> num_devices is over 1<<31, we would reject the fs.
> >
> > No, it's just a warning in that case.
>
> We can make it a proper reject.
>
> >
> >> I think we should be safe to further reduce the threshold.
> >>
> >> U16_MAX sounds a valid and sane value to me.
> >> If no rejection I can send out a patch for this.
> >>
> >> And later change internal rw_devices/num_devices to u16.
> >
> > U16 does not make sense here, it's not a native int type on many
> > architectures and generates awkward assembly code. We use it in
> > justified cases where it's saving space in structures that are allocated
> > thousand times. The arbitrary limit 65536 is probably sane but not
> > much different than 1<<31, practically not hit and was useful to
> > note fuzzed superblocks.
>
> OK, we can make it unsigned int (mostly u32) for fs_info::*_devices, but
> still do extra limits on things like device add to limit it to U16_MAX.
>
> Would this be a better solution?
> At least it would still half the width while keep it native to most (if
> not all) archs.
I don't see much point changing it from u64, it copies the on-disk type,
we validate the value on input, then use it as an int type. There are
not even theoretical problems stemming from the type width. With the
validations in place we don't need to add any artificial limits to the
number of devices, like we don't add such limitations elsewhere if not
necessary.
next prev parent reply other threads:[~2023-09-20 15:40 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-09-18 14:14 [PATCH 0/4] btrfs: RAID stripe tree updates Johannes Thumshirn
2023-09-18 14:14 ` [PATCH 1/4] btrfs: fix 64bit division in btrfs_insert_striped_mirrored_raid_extents Johannes Thumshirn
2023-09-18 14:18 ` Geert Uytterhoeven
2023-09-18 15:03 ` Johannes Thumshirn
2023-09-18 16:24 ` David Sterba
2023-09-18 18:31 ` Geert Uytterhoeven
2023-09-18 21:07 ` David Sterba
2023-09-19 0:37 ` Qu Wenruo
2023-09-19 13:58 ` David Sterba
2023-09-19 21:50 ` Qu Wenruo
2023-09-20 15:34 ` David Sterba [this message]
2023-09-18 14:14 ` [PATCH 2/4] btrfs: break loop in case set_io_stripe fails Johannes Thumshirn
2023-09-18 14:14 ` [PATCH 3/4] btrfs: rename ordered_enmtry in btrfs_io_context Johannes Thumshirn
2023-09-18 14:14 ` [PATCH 4/4] btrfs: add tree-checker for RAID-stripe-tree Johannes Thumshirn
2023-09-19 0:30 ` Qu Wenruo
2023-09-18 16:39 ` [PATCH 0/4] btrfs: RAID stripe tree updates David Sterba
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230920153403.GD2268@twin.jikos.cz \
--to=dsterba@suse.cz \
--cc=Johannes.Thumshirn@wdc.com \
--cc=clm@fb.com \
--cc=dsterba@suse.com \
--cc=geert@linux-m68k.org \
--cc=josef@toxicpanda.com \
--cc=linux-btrfs@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=quwenruo.btrfs@gmx.com \
--cc=wqu@suse.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox