From: Colin Ian King <[email protected]>
The left shift amount is sop->sem_num % 64, which is up to 63, so
ensure we are shifting a ULL rather than a 32 bit value.
CoverityScan CID#1372862 "Bad bit shift operation"
Fixes: 7c24530cb4e3c0ae ("ipc/sem: optimize perform_atomic_semop()")
Signed-off-by: Colin Ian King <[email protected]>
---
ipc/sem.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ipc/sem.c b/ipc/sem.c
index ebd18a7..ca4aa23 100644
--- a/ipc/sem.c
+++ b/ipc/sem.c
@@ -1839,7 +1839,7 @@ SYSCALL_DEFINE4(semtimedop, int, semid, struct sembuf __user *, tsops,
max = 0;
for (sop = sops; sop < sops + nsops; sop++) {
- unsigned long mask = 1 << ((sop->sem_num) % BITS_PER_LONG);
+ unsigned long mask = 1ULL << ((sop->sem_num) % BITS_PER_LONG);
if (sop->sem_num >= max)
max = sop->sem_num;
--
2.9.3
Hi Colin,
On 10/28/2016 08:11 PM, Colin King wrote:
> From: Colin Ian King <[email protected]>
>
> The left shift amount is sop->sem_num % 64, which is up to 63, so
> ensure we are shifting a ULL rather than a 32 bit value.
Good catch, thanks.
> CoverityScan CID#1372862 "Bad bit shift operation"
>
> Fixes: 7c24530cb4e3c0ae ("ipc/sem: optimize perform_atomic_semop()")
> Signed-off-by: Colin Ian King <[email protected]>
> ---
> ipc/sem.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/ipc/sem.c b/ipc/sem.c
> index ebd18a7..ca4aa23 100644
> --- a/ipc/sem.c
> +++ b/ipc/sem.c
> @@ -1839,7 +1839,7 @@ SYSCALL_DEFINE4(semtimedop, int, semid, struct sembuf __user *, tsops,
>
> max = 0;
> for (sop = sops; sop < sops + nsops; sop++) {
> - unsigned long mask = 1 << ((sop->sem_num) % BITS_PER_LONG);
> + unsigned long mask = 1ULL << ((sop->sem_num) % BITS_PER_LONG);
>
Why 1ULL? Is 1UL not sufficient?
--
Manfred
On 28/10/16 20:21, Manfred Spraul wrote:
> Hi Colin,
>
> On 10/28/2016 08:11 PM, Colin King wrote:
>> From: Colin Ian King <[email protected]>
>>
>> The left shift amount is sop->sem_num % 64, which is up to 63, so
>> ensure we are shifting a ULL rather than a 32 bit value.
> Good catch, thanks.
>> CoverityScan CID#1372862 "Bad bit shift operation"
>>
>> Fixes: 7c24530cb4e3c0ae ("ipc/sem: optimize perform_atomic_semop()")
>> Signed-off-by: Colin Ian King <[email protected]>
>> ---
>> ipc/sem.c | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/ipc/sem.c b/ipc/sem.c
>> index ebd18a7..ca4aa23 100644
>> --- a/ipc/sem.c
>> +++ b/ipc/sem.c
>> @@ -1839,7 +1839,7 @@ SYSCALL_DEFINE4(semtimedop, int, semid, struct
>> sembuf __user *, tsops,
>> max = 0;
>> for (sop = sops; sop < sops + nsops; sop++) {
>> - unsigned long mask = 1 << ((sop->sem_num) % BITS_PER_LONG);
>> + unsigned long mask = 1ULL << ((sop->sem_num) % BITS_PER_LONG);
>>
> Why 1ULL? Is 1UL not sufficient?
For example, 1UL i386 is 32 bits, where as 1ULL is 64.
>
> --
> Manfred
On Fri, 28 Oct 2016, Colin King wrote:
Thanks.
On 10/28/2016 09:29 PM, Colin Ian King wrote:
> On 28/10/16 20:21, Manfred Spraul wrote:
>> Hi Colin,
>>
>> On 10/28/2016 08:11 PM, Colin King wrote:
>> [...]
>>> --- a/ipc/sem.c
>>> +++ b/ipc/sem.c
>>> @@ -1839,7 +1839,7 @@ SYSCALL_DEFINE4(semtimedop, int, semid, struct
>>> sembuf __user *, tsops,
>>> max = 0;
>>> for (sop = sops; sop < sops + nsops; sop++) {
>>> - unsigned long mask = 1 << ((sop->sem_num) % BITS_PER_LONG);
>>> + unsigned long mask = 1ULL << ((sop->sem_num) % BITS_PER_LONG);
>>>
>> Why 1ULL? Is 1UL not sufficient?
> For example, 1UL i386 is 32 bits, where as 1ULL is 64.
Exactly: on i386, 'unsigned long" is 32 bits. BITS_PER_LONG is 32.
Thus with 1UL, the code should be correct.
With 1ULL & -Wconversion, gcc would even report a warning:
> gcc -m32 -Wall -Wconversion -O1 test.c
> test.c: In function ‘main’:
> test.c:13:6: warning: conversion to ‘long unsigned int’ from ‘long
> long unsigned int’ may alter its value [-Wconversion]
> j= 1ULL << k;
> ^~~~
test.c:
> #include <stdio.h>
> #include <stdlib.h>
>
> int main(int argc, char **argv)
> {
> unsigned long j;
> int i;
>
> for (i=1;i<argc;i++) {
> long k;
>
> k=atoi(argv[i]);
> j= 1ULL << k;
> printf("%d: %lu %ld.\n", i, j, k);
> }
> return 0;
> }
>
--
Manfred
(still thinks "1UL" is what is required)