Re: setitimer(2): increase interval upper bound to UINT_MAX seconds

Fri, 18 Jun 2021 00:30:29 -0700 

On Thu, Jun 17, 2021 at 08:41:39PM -0500, Scott Cheloha wrote:
> On Fri, Jun 11, 2021 at 12:17:02PM -0500, Scott Cheloha wrote:
> > Hi,
> > 
> > setitimer(2) has a one hundred million second upper bound for timers.
> > Any timer interval larger than this is considered invalid and we set
> > EINVAL.
> > 
> > There is no longer any reason to use this particular limit.  Kclock
> > timeouts support the full range of a timespec, so we can trivially
> > increase the upper bound without any practical risk of overflow.
> > 
> > This patch increases the upper bound to UINT_MAX seconds.
> > 
> > Why UINT_MAX?  UINT_MAX is the largest possible input to alarm(3).  We
> > could then simplify the alarm(3) manpage and the libc alarm.c code in
> > a subsequent patch.  POSIX says alarm(3) "is always successful".  Our
> > implementation can fail.  It would be nicer/simpler if ours were free
> > of failure modes.
> > 
> > ok?
> 
> 1 week bump.
> 
> Updated patch: make the maximum value ("max") static and const.

OK claudio@

I wonder if we need a max at all? I guess there is an upper limit to not
overflow the time_t when calculating the absolute timeout but that is
probably close to LLONG_MAX / 2.

I think a simplified version of alarm(3) that never fails would be nice.
 
> Index: kern_time.c
> ===================================================================
> RCS file: /cvs/src/sys/kern/kern_time.c,v
> retrieving revision 1.153
> diff -u -p -r1.153 kern_time.c
> --- kern_time.c       11 Jun 2021 16:36:34 -0000      1.153
> +++ kern_time.c       18 Jun 2021 01:40:42 -0000
> @@ -709,15 +709,16 @@ out:
>  int
>  itimerfix(struct itimerval *itv)
>  {
> +     static const struct timeval max = { .tv_sec = UINT_MAX, .tv_usec = 0 };
>       struct timeval min_interval = { .tv_sec = 0, .tv_usec = tick };
>  
>       if (itv->it_value.tv_sec < 0 || !timerisvalid(&itv->it_value))
>               return EINVAL;
> -     if (itv->it_value.tv_sec > 100000000)
> +     if (timercmp(&itv->it_value, &max, >))
>               return EINVAL;
>       if (itv->it_interval.tv_sec < 0 || !timerisvalid(&itv->it_interval))
>               return EINVAL;
> -     if (itv->it_interval.tv_sec > 100000000)
> +     if (timercmp(&itv->it_interval, &max, >))
>               return EINVAL;
>  
>       if (!timerisset(&itv->it_value))
> 

-- 
:wq Claudio

Reply via email to