From: Dylan Yudaken <[email protected]>
To: "[email protected]" <[email protected]>,
"[email protected]" <[email protected]>
Cc: "[email protected]" <[email protected]>
Subject: Re: [PATCH] io_uring: add overflow checks for poll refcounting
Date: Wed, 23 Mar 2022 20:19:40 +0000 [thread overview]
Message-ID: <[email protected]> (raw)
In-Reply-To: <[email protected]>
On Wed, 2022-03-23 at 19:48 +0000, Pavel Begunkov wrote:
> On 3/23/22 15:07, Dylan Yudaken wrote:
> > On Wed, 2022-03-23 at 11:14 +0000, Pavel Begunkov wrote:
> > >
> > ...
> > >
> > > -#define IO_POLL_CANCEL_FLAG BIT(31)
> > > -#define IO_POLL_REF_MASK GENMASK(30, 0)
> > > +/* keep the sign bit unused to improve overflow detection */
> > > +#define IO_POLL_CANCEL_FLAG BIT(30)
> > > +#define IO_POLL_REF_MASK GENMASK(29, 0)
> > > +
> > > +/* 2^16 is choosen arbitrary, would be funky to have more than
> > > that
> > > */
> > > +#define io_poll_ref_check_overflow(refs) ((unsigned int)refs >=
> > > 65536u)
> > > +#define io_poll_ref_check_underflow(refs) ((int)refs < 0)
> > >
> >
> > I believe if the cancel flag is set, then this will not catch an
> > underflow but the result will be the cancel flag unset. You could
> > fix
> > by also checking for overflow on the masked bits.
>
> Good point. I'm thinking now about using bit(0) for
> IO_POLL_CANCEL_FLAG
> and 1-31 for refs. We'd need to do +2 in io_poll_get_ownership() but
> the sign logic should work w/o extra weirdness.
>
I think that should work.
If you're checking all the time anyway, you could also use bit 32 for
cancel, bit 31 init as 0, and bit 30 init as 1. Overflow/underflow
happens when bit 30 changes but still doesnt do anything to the cancel
bit.
In this case the io_poll_put_ownership might want to check for too big
a decrement in `nr`.
I don't have a strong opinion, just that +2 is a weird behaviour for a
reference count.
prev parent reply other threads:[~2022-03-23 20:19 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-23 11:14 [PATCH] io_uring: add overflow checks for poll refcounting Pavel Begunkov
2022-03-23 12:33 ` Jens Axboe
2022-03-23 15:07 ` Dylan Yudaken
2022-03-23 19:48 ` Pavel Begunkov
2022-03-23 20:19 ` Dylan Yudaken [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5cbe36a1d91d96f4382d248f81e0f3fcfb2005ba.camel@fb.com \
[email protected] \
[email protected] \
[email protected] \
[email protected] \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox