From owner-freebsd-current@FreeBSD.ORG Fri May 7 06:50:26 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7D86F16A4CE for ; Fri, 7 May 2004 06:50:26 -0700 (PDT) Received: from webmail-outgoing.us4.outblaze.com (webmail-outgoing.us4.outblaze.com [205.158.62.67]) by mx1.FreeBSD.org (Postfix) with ESMTP id C8F5443D64 for ; Fri, 7 May 2004 06:50:25 -0700 (PDT) (envelope-from pdseniura@techie.com) Received: from wfilter.us4.outblaze.com (wfilter.us4.outblaze.com [205.158.62.180])A8A6918012E5 for ; Fri, 7 May 2004 13:50:25 +0000 (GMT) X-OB-Received: from unknown (205.158.62.178) by wfilter.us4.outblaze.com; 7 May 2004 13:48:20 -0000 Received: by ws1-14.us4.outblaze.com (Postfix, from userid 1001) id 1A6D779004C; Fri, 7 May 2004 13:50:24 +0000 (GMT) Content-Type: text/plain; charset="iso-8859-1" Content-Disposition: inline Content-Transfer-Encoding: 7bit MIME-Version: 1.0 X-Mailer: MIME-tools 5.41 (Entity 5.404) Received: from [192.149.244.9] by ws1-14.us4.outblaze.com with http for pdseniura@techie.com; Fri, 07 May 2004 07:50:24 -0600 From: "P.D. Seniura" To: "Bruce Evans" , "David Schultz" Date: Fri, 07 May 2004 07:50:24 -0600 X-Originating-Ip: 192.149.244.9 X-Originating-Server: ws1-14.us4.outblaze.com Message-Id: <20040507135024.1A6D779004C@ws1-14.us4.outblaze.com> cc: freebsd-current@freebsd.org cc: "P.D. Seniura" Subject: Re: low HZ value causes "Time Warp Bug" (re: this Puny Pentium2suddenly became 45% slower!) X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 May 2004 13:50:26 -0000 (forgive this fugly editor ;) Bruce Evans wrote: > On Thu, 6 May 2004, David Schultz wrote: > > > On Thu, May 06, 2004, P.D. Seniura wrote: > > > > > > > > It seems this bug happens when the HZ value goes below 16 > > > > > (either by compiling 'options HZ=' in kernel or setting > > > > > sysctl 'kern.hz=' in /boot/loader.conf). The computed > > > > > 'ticks' value becomes too large for 2-byte int producing > > > > > crazy overflowed numbers elsewhere. > > > > > > > > 16 is pretty low.. > > > > Then again it would be nice if it warned you or something similar when you > > > > tried it :) > > Nah, INT_MIN would be low. Values between INT_MIN and -1 might cause > even more interesting behaviour. The value of 0 would cause the not so > interesting behaviour of a panic for division by 0 in init_param1() if > not earlier. Nonexistent bounds checking for hz is just one of thousands > of cases of nonexistent bounds checking for tunables and sysctls. The > kernel trusts the (privileged) user not to set values that don't work. > > WHere is the 2-byte int that overflows? The kernel mostly uses > "int ticks = 1000000 / hz". It assumes at least 32-bit ints or that hz > 2. > This will work until hz becomes larger tha 1000000 or not nearly a divisor > of 1000000. That division is precisely what showed me where the overflow may lay. 1000000 / 16 = 62500 1000000 / 15 = 66666 (int fraction cut off) 66666 > 0xffff (2-byte int) 66666 & 0xffff = 1130 (base 10) 66666 & 0xffff0000 = 0x00010000 (leaks into another field?) Something is causing human clock timers to go crazy. ;) No biggee, just something I noticed. If I wanted "maximum oompf", I'd run single-user mode. ;) (hmmm there's that "mark of the beast" magic number and then some... ;) -- ___________________________________________________________ Sign-up for Ads Free at Mail.com http://promo.mail.com/adsfreejump.htm