Hello Linus,
The overflow issue was seen during async dio path
Please consider following code,
<code>
#define _GNU_SOURCE
#include <stdio.h>
#include <stdlib.h>
#include <libaio.h>
#include <err.h>
#include <string.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#define NR_BYTES 2*1024*1024*1024L
int main()
{
int fd;
int ret;
struct iocb iocb;
struct iocb *piocb = &iocb;
io_context_t io_ctx = NULL;
void *ptr;
struct io_event evout;
struct timespec ioq_timeout;
ioq_timeout.tv_sec = 0;
ioq_timeout.tv_nsec = 1000000000;
ret = posix_memalign(&ptr, 1<<12, NR_BYTES);
if (ret != 0) {
errx(1, "Allocating Memory.");
}
memset(ptr, 'a', NR_BYTES);
fd = open("temp.txt", O_CREAT|O_RDWR|O_DIRECT, 0744);
if (fd < 0) {
fprintf(stderr, "Error opening file\n");
goto out;
}
ret = io_setup(10, &io_ctx);
if (ret != 0) {
fprintf(stderr, "During io_setup\n");
goto out;
}
piocb->aio_fildes = fd;
piocb->u.c.buf = ptr;
piocb->u.c.nbytes = NR_BYTES;
piocb->u.c.offset = 0;
piocb->aio_lio_opcode = IO_CMD_PWRITE;
ret = io_submit(io_ctx, 1, &piocb);
if (ret != 1) {
fprintf(stderr, "During io_submit\n");
goto out;
}
ret = io_getevents(io_ctx, 1, 1, &evout, &ioq_timeout);
if (ret == 1) {
printf("%ld (0x%lx) bytes transferred\n", evout.res);
}
io_destroy(io_ctx);
out:
free(ptr);
return 0;
}
</code>
-2147483648 (0xffffffff80000000) bytes transferred
Well, in this case we can see the overflow.
Thanks and Regards
- Manish
----- Original Message -----
From: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
To: manish honap <manish_honap_vit@xxxxxxxxxxx>
Cc: "tytso@xxxxxxx" <tytso@xxxxxxx>; "adilger.kernel@xxxxxxxxx" <adilger.kernel@xxxxxxxxx>; "linux-fsdevel@xxxxxxxxxxxxxxx" <linux-fsdevel@xxxxxxxxxxxxxxx>
Sent: Monday, 21 May 2012 12:03 AM
Subject: Re: [PATCH 1/1] ext4, dio: Remove overflow for size >2G in aio-dio code.
On Sun, May 20, 2012 at 1:01 AM, manish honap
<manish_honap_vit@xxxxxxxxxxx> wrote:
>
> From: Manish Honap <manish_honap_vit@xxxxxxxxxxx>
>
> The direct-io.c::do_direct_io() returns int and this causes the results to
> overflow for sizes>=2g; the following patch removes this bug.
>
> Signed-off-by: Manish Honap <manish_honap_vit@xxxxxxxxxxx>
It should not be possible to do a write bigger than 2GB - the generic
VFS layer should stop it. Exactly because of overflow avoidance issues
(and because a single 2GB+ write would be insane and has serious DoS
issues anyway).
Can you actually *trigger* this issue some way? If so, we should fix
that instead.
Linus
--
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
