[PATCH] readahead: ->prev_page can overrun the ahead window

From: Oleg Nesterov
Date: Sun Feb 26 2006 - 14:51:27 EST

Next message: Oliver Joa: "Re: [PATCH] sata_promise: Port enumeration order - SATA 150 TX4,SATA 300 TX4"
Previous message: Oleg Nesterov: "[PATCH] readahead: fix initial window size calculation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

If get_next_ra_size() does not grow fast enough, ->prev_page can
overrun the ahead window. This means the caller will read the pages
from ->ahead_start + ->ahead_size to ->prev_page synchronously.

Signed-off-by: Oleg Nesterov <oleg@xxxxxxxxxx>

--- 2.6.16-rc3/mm/readahead.c~ 2006-02-27 00:11:13.070848680 +0300
+++ 2.6.16-rc3/mm/readahead.c 2006-02-27 00:53:17.881019192 +0300
@@ -52,13 +52,24 @@ static inline unsigned long get_min_read
return (VM_MIN_READAHEAD * 1024) / PAGE_CACHE_SIZE;
}

+static inline void reset_ahead_window(struct file_ra_state *ra)
+{
+ /*
+ * ... but preserve ahead_start + ahead_size value,
+ * see 'recheck:' label in page_cache_readahead().
+ * Note: We never use ->ahead_size as rvalue without
+ * checking ->ahead_start != 0 first.
+ */
+ ra->ahead_size += ra->ahead_start;
+ ra->ahead_start = 0;
+}
+
static inline void ra_off(struct file_ra_state *ra)
{
ra->start = 0;
ra->flags = 0;
ra->size = 0;
- ra->ahead_start = 0;
- ra->ahead_size = 0;
+ reset_ahead_window(ra);
return;
}

@@ -426,8 +437,7 @@ static int make_ahead_window(struct addr
* congestion. The ahead window will any way be closed
* in case we failed due to excessive page cache hits.
*/
- ra->ahead_start = 0;
- ra->ahead_size = 0;
+ reset_ahead_window(ra);
}

return ret;
@@ -520,11 +530,11 @@ page_cache_readahead(struct address_spac
* If we get here we are doing sequential IO and this was not the first
* occurence (ie we have an existing window)
*/
-
if (ra->ahead_start == 0) { /* no ahead window yet */
if (!make_ahead_window(mapping, filp, ra, 0))
- goto out;
+ goto recheck;
}
+
/*
* Already have an ahead window, check if we crossed into it.
* If so, shift windows and issue a new ahead window.
@@ -536,6 +546,10 @@ page_cache_readahead(struct address_spac
ra->start = ra->ahead_start;
ra->size = ra->ahead_size;
make_ahead_window(mapping, filp, ra, 0);
+recheck:
+ /* prev_page shouldn't overrun the ahead window */
+ ra->prev_page = min(ra->prev_page,
+ ra->ahead_start + ra->ahead_size - 1);
}

out:
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Oliver Joa: "Re: [PATCH] sata_promise: Port enumeration order - SATA 150 TX4,SATA 300 TX4"
Previous message: Oleg Nesterov: "[PATCH] readahead: fix initial window size calculation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]