From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1030261AbbDWQiF (ORCPT <rfc822;w@1wt.eu>);
	Thu, 23 Apr 2015 12:38:05 -0400
Received: from mail-ie0-f171.google.com ([209.85.223.171]:36591 "EHLO
	mail-ie0-f171.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S966478AbbDWQiC (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Thu, 23 Apr 2015 12:38:02 -0400
Message-ID: <55391FE6.2050102@kernel.dk>
Date: Thu, 23 Apr 2015 10:37:58 -0600
From: Jens Axboe <axboe@kernel.dk>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.6.0
MIME-Version: 1.0
To: Tejun Heo <tj@kernel.org>
CC: Jan Kara <jack@suse.cz>, linux-kernel@vger.kernel.org,
        Fengguang Wu <fengguang.wu@intel.com>
Subject: Re: [PATCH block/for-4.1-fixes] writeback: use |1 instead of +1 to
 protect against div by zero
References: <20150421204913.GE9455@htj.duckdns.org>
In-Reply-To: <20150421204913.GE9455@htj.duckdns.org>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 04/21/2015 02:49 PM, Tejun Heo wrote:
> mm/page-writeback.c has several places where 1 is added to the divisor
> to prevent division by zero exceptions; however, if the original
> divisor is equivalent to -1, adding 1 leads to division by zero.
>
> There are three places where +1 is used for this purpose - one in
> pos_ratio_polynom() and two in bdi_position_ratio().  The second one
> in bdi_position_ratio() actually triggered div-by-zero oops on a
> machine running a 3.10 kernel.  The divisor is
>
>    x_intercept - bdi_setpoint + 1 == span + 1
>
> span is confirmed to be (u32)-1.  It isn't clear how it ended up that
> but it could be from write bandwidth calculation underflow fixed by
> c72efb658f7c ("writeback: fix possible underflow in write bandwidth
> calculation").
>
> At any rate, +1 isn't a proper protection against div-by-zero.  This
> patch converts all +1 protections to |1.  Note that
> bdi_update_dirty_ratelimit() was already using |1 before this patch.

The |1 is a litle iffy imho, but I guess it gets the job done. Applied 
for 4.1.

-- 
Jens Axboe