Commits on Source (2)
-
Eric S. Raymond authored66e48681
-
Eric S. Raymond authored
Daniel Franke explains: This whole module is a big mess of undefined behavior. If you're going to store time as a count of nanoseconds, then of course you're going to overflow a 32-bit integer quickly. 'long' is 32 bits on most 32-bit ABIs. You want all your working variables to be int64_t. The correct way to express an int64_t literal is #include <stdint.h> INT64_C(9999999999999) But even a 64-bit integer risks overflow, because CLOCK_MONOTONIC has an unspecified starting point. (tv_sec * NANOSECONDS) may not fit in an int64_t. Since you only care about time differences and not absolute times, you can get around this by normalizing your starting point to tv_sec = 0. So declare time_t s; and then have your initialization be: clock_gettime(CLOCK_MONOTONIC, &ts); s = ts.tv_sec; t = ts.tv_nsec; and change the u assignment to read: u = (tr.tv_sec - s) * NANOSECONDS + ts.tv_nsec; In the printf statements, use the macro PRId64 to give you the correct printf conversion specifier for an int64_t. The col() function needs to be rewritten to make sure that casting its return type to int won't overflow. All the comments about forcing pages into memory are bizarre. Of course the code that follows has to be there because otherwise gtod will be used uninitialized. But no memory is being locked so there's no guarantee that those pages will still be there by the time they're used, especially given all the intervening context switches to call clock_gettime(). clock_gettime()'s return value needs to be checked. Time to shoot this sick dog. It wasn't doing us any good, anyway; totally undocumented. If we need this kind of clock sanity checking, better to write a decent one from scratch.647a1642
util/hist.c
deleted
100644 → 0