Date: Sat, 1 Feb 2003 15:14:39 -0800 From: Zachary Amsden <zach@mirapoint.com> To: freebsd-hackers@freebsd.org Subject: [4.1] Bug in calcru? Message-ID: <17f41996.4f9133b6.819db00@alpo.mirapoint.com>
next in thread | raw e-mail | index | archive | help
I believe that spl() protection is required here, in fact, that it should
be extended to cover the read of p->p_runtime as well. These are all 64
bit integers, so on IA32, the worst case is two consecutive off-by one
reads during overflow - i.e reading 0xffffffff 0x00000002 instead of
0x00000000 0x00000002. That is a rather significant difference, and since
the numbers used in computation here become part of a kassert() later, a
rather dangerous one. Alternatively, a 64 bit atomic read could be used.
On FreeBSD-current, this entire operation is protected by a mutex, which
looks safe to me, but in 4.1, this looks like a bug:
void
calcru(p, up, sp, ip)
struct proc *p;
struct timeval *up;
struct timeval *sp;
struct timeval *ip;
{
/* {user, system, interrupt, total} {ticks, usec}; previous tu: */
u_int64_t ut, uu, st, su, it, iu, tt, tu, ptu;
int s;
struct timeval tv;
/* XXX: why spl-protect ? worst case is an off-by-one report */
s = splstatclock();
ut = p->p_uticks;
st = p->p_sticks;
it = p->p_iticks;
splx(s);
tt = ut + st + it;
if (tt == 0) {
st = 1;
tt = 1;
}
tu = p->p_runtime;
"A plague upon all your houses" - last words of Waldo Semon
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?17f41996.4f9133b6.819db00>