On Sun, Aug 16, 2009 at 10:29:21PM +0200, Guillaume Knispel wrote:
>__estimate_accuracy() was prone to integer overflow, for example
>if *tv == {2147, 483648000} on a 32 bit computer (or even for delays
>as small as {429, 500000000} if the task is niced).
>
>Because the result was already forced between 0 and 100ms, the effect
>of the overflow was not too problematic, but the use of the hrtimer
>range feature was not optimal in overflow cases.
>
>This patch ensures that there can not be an integer overflow in this
>function.
>
>Signed-off-by: Guillaume Knispel <gknispel@xxxxxxxxxxxxxxxxx>
>---
> fs/select.c | 14 ++++++++++----
> 1 files changed, 10 insertions(+), 4 deletions(-)
>
>diff --git a/fs/select.c b/fs/select.c
>index 8084834..a201fc3 100644
>--- a/fs/select.c
>+++ b/fs/select.c
>@@ -41,22 +41,28 @@
> * better solutions..
> */
>
>+#define MAX_SLACK (100 * NSEC_PER_MSEC)
>+
> static long __estimate_accuracy(struct timespec *tv)
> {
> long slack;
> int divfactor = 1000;
>
>+ if (tv->tv_sec < 0)
>+ return 0;
>+
> if (task_nice(current) > 0)
> divfactor = divfactor / 5;
>
>+ if (tv->tv_sec > MAX_SLACK / (NSEC_PER_SEC/divfactor))
>+ return MAX_SLACK;
>+
Yes? Isn't MAX_SLACK also too big for 'long' on 32bit machine?
Try:
% printf "%d\n" "100*1000000000 > 0x7fffffff"
1
Am I missing something here?
Thanks.
> slack = tv->tv_nsec / divfactor;
> slack += tv->tv_sec * (NSEC_PER_SEC/divfactor);
>
>- if (slack > 100 * NSEC_PER_MSEC)
>- slack = 100 * NSEC_PER_MSEC;
>+ if (slack > MAX_SLACK)
>+ return MAX_SLACK;
>
>- if (slack < 0)
>- slack = 0;
> return slack;
> }
>
>--
>To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
>the body of a message to majordomo@xxxxxxxxxxxxxxx
>More majordomo info at http://vger.kernel.org/majordomo-info.html
>Please read the FAQ at http://www.tux.org/lkml/
--
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
