overflows while calculating volume->used_bytes
Vinit Agnihotri
vinit.agnihotri at gmail.com
Tue Jul 10 03:58:00 EDT 2007
Heres the modified patch.
Not special purpose as such. Its just my flash is a bit large :)
Signed-off-by: Vinit Agnihotri <vinit.agnihotri at gmail.com>
================================================================
diff -ruN linux-2.6.18.3-vanila/drivers/mtd/ubi/vmt.c
linux-2.6.18.3-mod/drivers/mtd/ubi/vmt.c
--- linux-2.6.18.3-vanila/drivers/mtd/ubi/vmt.c 2007-07-09
15:24:28.000000000 +0530
+++ linux-2.6.18.3-mod/drivers/mtd/ubi/vmt.c 2007-07-10 13:25:41.000000000 +0530
@@ -280,7 +280,7 @@
if (vol->vol_type == UBI_DYNAMIC_VOLUME) {
vol->used_ebs = vol->reserved_pebs;
vol->last_eb_bytes = vol->usable_leb_size;
- vol->used_bytes = vol->used_ebs * vol->usable_leb_size;
+ vol->used_bytes = (long long)vol->used_ebs * vol->usable_leb_size;
} else {
bytes = vol->used_bytes;
vol->last_eb_bytes = do_div(bytes, vol->usable_leb_size);
@@ -538,7 +538,7 @@
if (vol->vol_type == UBI_DYNAMIC_VOLUME) {
vol->used_ebs = reserved_pebs;
vol->last_eb_bytes = vol->usable_leb_size;
- vol->used_bytes = vol->used_ebs * vol->usable_leb_size;
+ vol->used_bytes = (long long)vol->used_ebs * vol->usable_leb_size;
}
paranoid_check_volumes(ubi);
@@ -739,7 +739,7 @@
goto fail;
}
- n = vol->used_ebs * vol->usable_leb_size;
+ n = (long long)vol->used_ebs * vol->usable_leb_size;
if (vol->vol_type == UBI_DYNAMIC_VOLUME) {
if (vol->corrupted != 0) {
ubi_err("corrupted dynamic volume");
diff -ruN linux-2.6.18.3-vanila/drivers/mtd/ubi/vtbl.c
linux-2.6.18.3-mod/drivers/mtd/ubi/vtbl.c
--- linux-2.6.18.3-vanila/drivers/mtd/ubi/vtbl.c 2007-07-09
15:26:52.000000000 +0530
+++ linux-2.6.18.3-mod/drivers/mtd/ubi/vtbl.c 2007-07-10
13:27:18.000000000 +0530
@@ -531,7 +531,7 @@
if (vol->vol_type == UBI_DYNAMIC_VOLUME) {
vol->used_ebs = vol->reserved_pebs;
vol->last_eb_bytes = vol->usable_leb_size;
- vol->used_bytes = vol->used_ebs * vol->usable_leb_size;
+ vol->used_bytes = (unsigned long)vol->used_ebs * vol->usable_leb_size;
continue;
}
@@ -561,7 +561,8 @@
}
vol->used_ebs = sv->used_ebs;
- vol->used_bytes = (vol->used_ebs - 1) * vol->usable_leb_size;
+ vol->used_bytes = (unsigned long)(vol->used_ebs - 1) *
+ vol->usable_leb_size;
vol->used_bytes += sv->last_data_size;
vol->last_eb_bytes = sv->last_data_size;
}
@@ -578,7 +579,8 @@
vol->usable_leb_size = ubi->leb_size;
vol->used_ebs = vol->reserved_pebs;
vol->last_eb_bytes = vol->reserved_pebs;
- vol->used_bytes = vol->used_ebs * (ubi->leb_size - vol->data_pad);
+ vol->used_bytes = (unsigned long)vol->used_ebs *
+ (ubi->leb_size - vol->data_pad);
vol->vol_id = UBI_LAYOUT_VOL_ID;
ubi_assert(!ubi->volumes[i]);
On 7/10/07, Vinit Agnihotri <vinit.agnihotri at gmail.com> wrote:
> Yeah its true
> What I thought was having (long long) to both operands will make patch
> compiler independent.
>
> But yeah I modify patch & send u right away.
>
> On 7/10/07, Artem Bityutskiy <dedekind at infradead.org> wrote:
> > Vinit,
> >
> > On Tue, 2007-07-10 at 11:07 +0530, Vinit Agnihotri wrote:
> > > I was experiencing overflows in multiplications for
> > > volume->used_bytes in vmt.c & vtbl.c, while creating & resizing large volumes.
> > >
> > > vol->used_bytes is long long however its 2 operands vol->used_ebs &
> > > vol->usable_leb_size
> > > are int. So their multiplication for larger values causes integer overflows.
> > > Typecasting them solves the problem.
> > >
> > > My machine & flash details:
> > >
> > > 64Bit dual-core AMD opteron, 1 GB RAM, linux 2.6.18.3.
> > > mtd size = 6GB, volume size= 5GB, peb_size = 4MB.
> > >
> > > heres patch which does the fix.
> >
> > Thanks for the patch. Just one note:
> >
> > you can add only one (long long) prefix before the first operand, no
> > need to add it to the second one and make the line too long so that
> > you need to split it.
> >
> > > + vol->used_bytes = (long long)vol->used_ebs *
> > > + (long long)vol->usable_leb_size;
> >
> > Like here it could be
> > + vol->used_bytes = (long long)vol->used_ebs * vol->usable_leb_size;
> >
> > Otherwise the patch looks good. Will you resend it or you are fine if I
> > amend it myself?
> >
> > --
> > Best regards,
> > Artem Bityutskiy (Битюцкий Артём)
> >
> >
>
>
> --
> I feel free now
>
--
I feel free now
More information about the linux-mtd
mailing list