Re: [PATCH] ds2760: fix integer overflow for time_to_empty_now
From: Anton Vorontsov
Date: Thu Jul 30 2009 - 10:26:24 EST
On Thu, Jul 30, 2009 at 04:12:59PM +0200, Daniel Mack wrote:
> On Thu, Jul 30, 2009 at 06:00:41PM +0400, Anton Vorontsov wrote:
> > On Fri, Jul 24, 2009 at 03:19:33PM +0200, Daniel Mack wrote:
> > > On the device we're currently developing, battery sizes of ~2.8Ah and
> > > current flow of ~600mA are typical.
> > >
> > > With that values, the life_sec computation overflows due to the
> > > multiplication by 3600.
> > >
> > > Signed-off-by: Daniel Mack <daniel@xxxxxxxx>
> > > Cc: Szabolcs Gyurko <szabolcs.gyurko@xxxxxx>
> > > Cc: Matt Reimer <mreimer@xxxxxxxx>
> > > Cc: Anton Vorontsov <cbou@xxxxxxx>
> > >
> > > Signed-off-by: Daniel Mack <daniel@xxxxxxxx>
> > > ---
> > > drivers/power/ds2760_battery.c | 4 ++--
> > > 1 files changed, 2 insertions(+), 2 deletions(-)
> > >
> > > diff --git a/drivers/power/ds2760_battery.c b/drivers/power/ds2760_battery.c
> > > index d545fee..5d30dc0 100644
> > > --- a/drivers/power/ds2760_battery.c
> > > +++ b/drivers/power/ds2760_battery.c
> > > @@ -212,8 +212,8 @@ static int ds2760_battery_read_status(struct ds2760_device_info *di)
> > > di->rem_capacity = 100;
> > >
> > > if (di->current_uA)
> > > - di->life_sec = -((di->accum_current_uAh - di->empty_uAh) *
> > > - 3600L) / di->current_uA;
> > > + di->life_sec = -((di->accum_current_uAh - di->empty_uAh) * 36L)
> > > + / (di->current_uA / 100L);
> >
> > Hm... "(di->current_uA / 100L)" might result to 0, so you'll get
> > div by zero. Removing the parenthesis will help.
>
> Hmm, no, then it gets the precedence wrong.
Ah.
> But checking for values >=
> 100 of current_uA helps. Thanks for spotting this.
Yeah, that'll be fine indeed.
> Daniel
>
>
> >From c60e23e2ba6667bec882338bfe3cb12304ee1ab6 Mon Sep 17 00:00:00 2001
> From: Daniel Mack <daniel@xxxxxxxx>
> Date: Fri, 24 Jul 2009 15:08:11 +0200
> Subject: [PATCH] ds2760: fix integer overflow for time_to_empty_now
>
> On the device we're currently developing, battery sizes of ~2.8Ah and
> current flow of ~600mA are typical.
>
> With that values, the life_sec computation overflows due to the
> multiplication by 3600.
>
> Signed-off-by: Daniel Mack <daniel@xxxxxxxx>
> Cc: Szabolcs Gyurko <szabolcs.gyurko@xxxxxx>
> Cc: Matt Reimer <mreimer@xxxxxxxx>
> Cc: Anton Vorontsov <cbou@xxxxxxx>
>
> Signed-off-by: Daniel Mack <daniel@xxxxxxxx>
> ---
> drivers/power/ds2760_battery.c | 6 +++---
> 1 files changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/drivers/power/ds2760_battery.c b/drivers/power/ds2760_battery.c
> index d545fee..2ef29dd 100644
> --- a/drivers/power/ds2760_battery.c
> +++ b/drivers/power/ds2760_battery.c
> @@ -211,9 +211,9 @@ static int ds2760_battery_read_status(struct ds2760_device_info *di)
> if (di->rem_capacity > 100)
> di->rem_capacity = 100;
>
> - if (di->current_uA)
> - di->life_sec = -((di->accum_current_uAh - di->empty_uAh) *
> - 3600L) / di->current_uA;
> + if (di->current_uA >= 100L)
> + di->life_sec = -((di->accum_current_uAh - di->empty_uAh) * 36L)
> + / (di->current_uA / 100L);
> else
> di->life_sec = 0;
>
> --
> 1.6.3.3
>
--
Anton Vorontsov
email: cbouatmailru@xxxxxxxxx
irc://irc.freenode.net/bd2
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/