PATCH for 2.2-pre: poll timeout (was Re: Serious bug)

Chip Salzenberg (chip@perlsupport.com)
Sun, 10 Jan 1999 12:51:03 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Chip Salzenberg: "Re: C++ in kernel (was Re: exception in a device driver)"
Previous message: Chris Chiappa: "Re: [Off-Topic] Distribution 2.2-ready"
In reply to: Scooby Doo: "2.2.0-pre5(a): Bug With Ifac Aliases?"
Next in thread: Andrea Arcangeli: "Re: Serious bug in recent Linux kernels"

According to Jes Sorensen:
> schedule_timeout: wrong timeout value f3333335 from 00024c0e
>
> I looked up where address 00024c0e was, it turned out to be do_poll() in
> fs/select.c
> timeout = (timeout*HZ+999)/1000+1;
> which obviously overflows with a timeout like this. The resulting value
> in my case is 0xf3333335...

I agree with your analysis. I'm now running with the below patch.
(I decided to look into this because I use mutt. :-))

Index: fs/select.c
*************** asmlinkage int sys_poll(struct pollfd *
*** 335,339 ****
timeout = MAX_SCHEDULE_TIMEOUT;
else if (timeout)
! timeout = (timeout*HZ+999)/1000+1;

err = -ENOMEM;
--- 335,339 ----
timeout = MAX_SCHEDULE_TIMEOUT;
else if (timeout)
! timeout = ROUND_UP(timeout, 1000/HZ);

err = -ENOMEM;

-- Chip Salzenberg - a.k.a. - <chip@perlsupport.com> "When do you work?" "Whenever I'm not busy."

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/

Next message: Chip Salzenberg: "Re: C++ in kernel (was Re: exception in a device driver)"
Previous message: Chris Chiappa: "Re: [Off-Topic] Distribution 2.2-ready"
In reply to: Scooby Doo: "2.2.0-pre5(a): Bug With Ifac Aliases?"
Next in thread: Andrea Arcangeli: "Re: Serious bug in recent Linux kernels"