The expression dst->nr_samples + src->nr_samples may
have zero value on overflow. It is necessary to add
a check to avoid division by zero.
Found by Linux Verification Center (linuxtesting.org) with Svace.
Signed-off-by: Roman Smirnov <[email protected]>
Reviewed-by: Sergey Shtylyov <[email protected]>
---
block/blk-stat.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/block/blk-stat.c b/block/blk-stat.c
index 7ff76ae6c76a..e42c263e53fb 100644
--- a/block/blk-stat.c
+++ b/block/blk-stat.c
@@ -27,7 +27,7 @@ void blk_rq_stat_init(struct blk_rq_stat *stat)
/* src is a per-cpu stat, mean isn't initialized */
void blk_rq_stat_sum(struct blk_rq_stat *dst, struct blk_rq_stat *src)
{
- if (!src->nr_samples)
+ if (dst->nr_samples + src->nr_samples <= dst->nr_samples)
return;
dst->min = min(dst->min, src->min);
--
2.34.1
On Tue, 05 Mar 2024 16:45:09 +0300, Roman Smirnov wrote:
> The expression dst->nr_samples + src->nr_samples may
> have zero value on overflow. It is necessary to add
> a check to avoid division by zero.
>
> Found by Linux Verification Center (linuxtesting.org) with Svace.
>
>
> [...]
Applied, thanks!
[1/1] block: prevent division by zero in blk_rq_stat_sum()
commit: 93f52fbeaf4b676b21acfe42a5152620e6770d02
Best regards,
--
Jens Axboe