| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20130819041413.GH29406@linux.vnet.ibm.com> Date: Sun, 18 Aug 2013 21:14:13 -0700 From: "Paul E. McKenney" <paulmck@...ux.vnet.ibm.com> To: Josh Triplett <josh@...htriplett.org> Cc: linux-kernel@...r.kernel.org, mingo@...e.hu, laijs@...fujitsu.com, dipankar@...ibm.com, akpm@...ux-foundation.org, mathieu.desnoyers@...ymtl.ca, niv@...ibm.com, tglx@...utronix.de, peterz@...radead.org, rostedt@...dmis.org, dhowells@...hat.com, edumazet@...gle.com, darren@...art.com, fweisbec@...il.com, sbw@....edu, John Stultz <john.stultz@...aro.org>, "David S. Miller" <davem@...emloft.net>, Arnd Bergmann <arnd@...db.de>, Ingo Molnar <mingo@...nel.org>, Linus Torvalds <torvalds@...ux-foundation.org>, Eric Dumazet <eric.dumazet@...il.com>, Kevin Easton <kevin@...rana.org> Subject: Re: [PATCH tip/core/rcu 11/11] jiffies: Avoid undefined behavior from signed overflow On Sun, Aug 18, 2013 at 06:20:32PM -0700, Josh Triplett wrote: > On Sun, Aug 18, 2013 at 05:41:20PM -0700, Paul E. McKenney wrote: > > On Sat, Aug 17, 2013 at 08:23:51PM -0700, Josh Triplett wrote: > > > On Sat, Aug 17, 2013 at 06:37:56PM -0700, Paul E. McKenney wrote: > > > > From: "Paul E. McKenney" <paulmck@...ux.vnet.ibm.com> > > > > > > > > According to the C standard 3.4.3p3, overflow of a signed integer results > > > > in undefined behavior. This commit therefore changes the definitions > > > > of time_after(), time_after_eq(), time_after64(), and time_after_eq64() > > > > to avoid this undefined behavior. The trick is that the subtraction > > > > is done using unsigned arithmetic, which according to 6.2.5p9 cannot > > > > overflow because it is defined as modulo arithmetic. This has the added > > > > (though admittedly quite small) benefit of shortening two lines of code > > > > by four characters each. > > > > > > > > Note that the C standard considers the cast from unsigned to > > > > signed to be implementation-defined, see 6.3.1.3p3. However, on a > > > > two-complement system, an implementation that defines anything other > > > > than a reinterpretation of the bits is free come to me, and I will be > > > > > > s/free come/free to come/ > > > > Good catch, fixed! > > Just realized when looking at this again that there's another typo: > "two-complement" should be "two's-complement". OK, fixed that as well. ;-) Thank you for all the reviews and comments! Thanx, Paul > > > > happy to act as a witness for its being committed to an insane asylum. > > > > > > With the typo above fixed: > > > Reviewed-by: Josh Triplett <josh@...htriplett.org> > > > > > > -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists