tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

nilfs2: avoid undefined behavior in nilfs_cnt32_ge macro

According to the C standard 3.4.3p3, the result of signed integer overflow
is undefined. The macro nilfs_cnt32_ge(), which compares two sequence
numbers, uses signed integer subtraction that can overflow, and therefore
the result of the calculation may differ from what is expected due to
undefined behavior in different environments.

Similar to an earlier change to the jiffies-related comparison macros in
commit 5a581b367b5d ("jiffies: Avoid undefined behavior from signed
overflow"), avoid this potential issue by changing the definition of the
macro to perform the subtraction as unsigned integers, then cast the
result to a signed integer for comparison.

Link: https://lkml.kernel.org/r/20130727225828.GA11864@linux.vnet.ibm.com
Link: https://lkml.kernel.org/r/20240702183512.6390-1-konishi.ryusuke@gmail.com
Fixes: 9ff05123e3bf ("nilfs2: segment constructor")
Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>

authored by

Ryusuke Konishi and committed by
Andrew Morton 0f3819e8 8547d115

+1 -1
+1 -1
fs/nilfs2/segment.c
··· 136 136 137 137 #define nilfs_cnt32_ge(a, b) \ 138 138 (typecheck(__u32, a) && typecheck(__u32, b) && \ 139 - ((__s32)(a) - (__s32)(b) >= 0)) 139 + ((__s32)((a) - (b)) >= 0)) 140 140 141 141 static int nilfs_prepare_segment_lock(struct super_block *sb, 142 142 struct nilfs_transaction_info *ti)