From: Xiubo Li <xiubli@xxxxxxxxxx> If hits the EOF it will revise the return value to the i_size instead of the real length read, but it will advance the offset of iovc, then for the next try it may be incorrectly skipped. This will just skip advancing the iovc's offset more than i_size. URL: https://patchwork.kernel.org/project/ceph-devel/list/?series=819323 Reported-by: Frank Hsiao 蕭法宣 <frankhsiao@xxxxxxxx> Signed-off-by: Xiubo Li <xiubli@xxxxxxxxxx> --- fs/ceph/file.c | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) diff --git a/fs/ceph/file.c b/fs/ceph/file.c index 71d29571712d..2b2b07a0a61b 100644 --- a/fs/ceph/file.c +++ b/fs/ceph/file.c @@ -1195,7 +1195,7 @@ ssize_t __ceph_sync_read(struct inode *inode, loff_t *ki_pos, } idx = 0; - left = ret > 0 ? ret : 0; + left = ret > 0 ? umin(ret, i_size) : 0; while (left > 0) { size_t plen, copied; @@ -1224,15 +1224,13 @@ ssize_t __ceph_sync_read(struct inode *inode, loff_t *ki_pos, } if (ret > 0) { - if (off > *ki_pos) { - if (off >= i_size) { - *retry_op = CHECK_EOF; - ret = i_size - *ki_pos; - *ki_pos = i_size; - } else { - ret = off - *ki_pos; - *ki_pos = off; - } + if (off >= i_size) { + *retry_op = CHECK_EOF; + ret = i_size - *ki_pos; + *ki_pos = i_size; + } else { + ret = off - *ki_pos; + *ki_pos = off; } if (last_objver) -- 2.43.0
