On Thu, 3 Jul 2025, John Garry wrote:
> > > -/* Check stacking of first bottom device */
> > > -static bool blk_stack_atomic_writes_head(struct queue_limits *t,
> > > - struct queue_limits *b)
> > > +static void blk_stack_atomic_writes_chunk_sectors(struct queue_limits *t)
> > > {
> > > - if (b->atomic_write_hw_boundary &&
> > > - !blk_stack_atomic_writes_boundary_head(t, b))
> > > - return false;
> > > + unsigned int chunk_bytes = t->chunk_sectors << SECTOR_SHIFT;
> >
> > What about integer overflow?
>
> I suppose theoretically it could happen, and I'm happy to change.
>
> However there seems to be precedent in assuming it won't:
>
> - in stripe_op_hints(), we hold chunk_size in an unsigned int
> - in raid0_set_limits(), we hold mddev->chunk_sectors << 9 in lim.io_min,
> which is an unsigned int type.
>
> Please let me know your thoughts on also changing these sort of instances. Is
> it realistic to expect chunk_bytes > UINT_MAX?
>
> Thanks,
> John
dm-stripe can be created with a stripe size that is more than 0xffffffff
bytes.
Though, the integer overflow already exists in the existing dm-stripe
target:
static void stripe_io_hints(struct dm_target *ti,
struct queue_limits *limits)
{
struct stripe_c *sc = ti->private;
unsigned int chunk_size = sc->chunk_size << SECTOR_SHIFT;
limits->io_min = chunk_size;
limits->io_opt = chunk_size * sc->stripes;
}
What should we set there as io_min and io_opt if sc->chunk_size <<
SECTOR_SHIFT overflows? Should we set nothing?
Mikulas
