[Bug 261781] VDSO time calculation integer overflow
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 261781] vdso: Time calculation integer overflow"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 261781] vdso: Time calculation integer overflow"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 261781] vdso: Time calculation integer overflow"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 261781] vdso: Time calculation integer overflow"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 261781] vdso: Time calculation integer overflow"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 261781] vdso: Time calculation integer overflow"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 261781] vdso: Time calculation integer overflow"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 07 Feb 2022 18:04:22 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=261781 Bug ID: 261781 Summary: VDSO time calculation integer overflow Product: Base System Version: CURRENT Hardware: arm OS: Any Status: New Severity: Affects Only Me Priority: --- Component: kern Assignee: bugs@FreeBSD.org Reporter: jarek@jpelczar.com I have been tinkering with clock subsystem for more or less tickless based approach. I am not sure whether calculation in "lib/libc/sys/__vdso_gettimeofday.c" for "binuptime" function is correct. Currently the code looks like this: scale = th->th_scale; #ifdef _LP64 scale_bits = ffsl(scale); #else scale_bits = ffsll(scale); #endif if (__predict_false(scale_bits + fls(delta) > 63)) { x = (scale >> 32) * delta; scale &= 0xffffffff; bt->sec += x >> 32; bintime_addx(bt, x << 32); } Example outputs from two time points (time is measured by ARM Generic Timer, but that's just 64bit counter masked to 32bits): th->th_boottime = 1640852968.ff886104742783f9 timecounter delta = 29015463 th->th_scale = 295147905178 th->th_offset_count = 539967626 bintime_addx(bt, scale * delta = 0x76D8EB0A9A877676) => 9.4522dbb32c111955 th->th_boottime = 1640852968.ff886104742783f9 timecounter delta = 64100295 th->th_scale = 295147905178 th->th_offset_count = 539967626 bintime_addx(bt, scale * delta) => 8.d4d7f89392515095 Multiplication of scale and delta will overflow 64 bits. I am not sure whether the scale_bits should rather be calculated by flsl/flsll to detect the overflow. -- You are receiving this mail because: You are the assignee for the bug.