Re: [PATCH] ceph: fix type promotion bug on 32bit systems

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On 10/7/23 16:52, Dan Carpenter wrote:
In this code "ret" is type long and "src_objlen" is unsigned int.  The
problem is that on 32bit systems, when we do the comparison signed longs
are type promoted to unsigned int.  So negative error codes from
do_splice_direct() are treated as success instead of failure.

Fixes: 1b0c3b9f91f0 ("ceph: re-org copy_file_range and fix some error paths")
Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
---
32bit is so weird and ancient.  It's strange to think that unsigned int
has more positive bits than signed long.

  fs/ceph/file.c | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fs/ceph/file.c b/fs/ceph/file.c
index b1da02f5dbe3..b5f8038065d7 100644
--- a/fs/ceph/file.c
+++ b/fs/ceph/file.c
@@ -2969,7 +2969,7 @@ static ssize_t __ceph_copy_file_range(struct file *src_file, loff_t src_off,
  		ret = do_splice_direct(src_file, &src_off, dst_file,
  				       &dst_off, src_objlen, flags);
  		/* Abort on short copies or on error */
-		if (ret < src_objlen) {
+		if (ret < (long)src_objlen) {
  			dout("Failed partial copy (%zd)\n", ret);
  			goto out;
  		}

Good catch and makes sense to me.

I also ran a test in 64bit system, the output is the same too:

int x = -1
unsigned int y = 2
x > y

Reviewed-by: Xiubo Li <xiubli@xxxxxxxxxx>

Thanks

- Xiubo




[Index of Archives]     [Kernel Development]     [Kernel Announce]     [Kernel Newbies]     [Linux Networking Development]     [Share Photos]     [IDE]     [Security]     [Git]     [Netfilter]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Device Mapper]

  Powered by Linux