Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1wBugj-001Ubw-09 for pgsql-hackers@arkaria.postgresql.org; Sun, 12 Apr 2026 13:17:21 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.96) (envelope-from ) id 1wBugg-002IOg-1h for pgsql-hackers@arkaria.postgresql.org; Sun, 12 Apr 2026 13:17:19 +0000 Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1wBugg-002IOX-0Y for pgsql-hackers@lists.postgresql.org; Sun, 12 Apr 2026 13:17:19 +0000 Received: from mail-wm1-x334.google.com ([2a00:1450:4864:20::334]) by magus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.98.2) (envelope-from ) id 1wBuge-00000000fek-39XQ for pgsql-hackers@lists.postgresql.org; Sun, 12 Apr 2026 13:17:18 +0000 Received: by mail-wm1-x334.google.com with SMTP id 5b1f17b1804b1-488ba840146so33490825e9.1 for ; Sun, 12 Apr 2026 06:17:16 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1775999835; cv=none; d=google.com; s=arc-20240605; b=DskfVWLMUQ4hBYpKEvyfj61hA+CLksGimyUMMIwR2aVmnotvSd4Wrrx6C8F2L1UvHp WwqH1rmeKgr7wiqNHiIGZJq1ppgOLzr3XQ1LgWfC4pKIVUW/ca8+/3mGcn0UFxal5WqG WgYFx1ZtuYHyliNY8Ar7XLdqHS9EKVfrupECa9329PNMjPiulKuTTxLAbWFyB+z4XUJO MeLyoPZAF7OSjZlVxfyUs3d5NONBunYi9vyovKx/bpBFASNyAt5MRFamFal+/ge14mNM ivBIANcL1CP2mGxHMflcFWVx1EZhwzOZIdjwCVmGKKJr72VLAhzHUsZNcC7RIw0jdvkN zuuQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:dkim-signature; bh=1tXYnjnw3bTe6jNAYeTCZA6AdmNdNTZeVlhly8z9mxM=; fh=lK8Ey75qlt4w4S087HA2sQsiHJBeqk3Wvx6fjumIn6g=; b=YyfSDeRhODP5Z13LybYUF4LwIJNjRHHXp8bEcdZwtxD4od+bR2zFsgsUzH+1Fx9KfC 9H7MiX49cSekWUeLeVeEiaZAdyUI672M+9dc3oAIPEJ6dlwnWNHTiXbvWLnSYIc5sDVD BxWixBdjw0Wqst7IRjK19+1X4bwWgypxX58RbGMcE8NWa/U3jzxZi0nFSwS4PWSiM/Tv KN+lA6FpOnxawyKbU46IXrfSzejFWCeTl+5hCW5sUTmVLZsliXXTmSl+p3i8IZfdyODT kN4Dk5eV7eaJgBq9k9k6OsHxoj5OTUlfY6hM8JeFlZ80aMn3ogmzmD7QcBelX3/WW6wk OUTA==; darn=lists.postgresql.org ARC-Authentication-Results: i=1; mx.google.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20251104; t=1775999835; x=1776604635; darn=lists.postgresql.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=1tXYnjnw3bTe6jNAYeTCZA6AdmNdNTZeVlhly8z9mxM=; b=W6itWDUW9huoAM2ftjQ4zpOsFuLuJmFeHTEz+qPZ+lyyswCA5Ytm06NxqWIp3eC1yj tZgrspTwAdD6QvVQgC+2bpPrGvnPVlIsPVCCW+/dIc/H5ntvSjtoPHDa2hg1eZ3K+DJf JtnBD75GvNcRCTnPDXpkqFP9DDuwzEjSM1ZdU6t1y2BnW/I5Pu8v0frwn8Bh/4U0aZaF WI1OA2+qTpauPn4gtmgbx2OUhmFtbzMcZAxqN4tnmmS9fncDTS9bmMREwr1ZvkZVimRP TzlS1pRi72k5+5iES6h0wyCbbzys7yOnyrphPPYaF0uPbGUmprriJPAkq7EkVlLFYAyX 9c5Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1775999835; x=1776604635; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-gg:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=1tXYnjnw3bTe6jNAYeTCZA6AdmNdNTZeVlhly8z9mxM=; b=nmf4B417dZSnNM1UhTjha2m0/tFXcMQyT2ZDfgEBW44SnDKJPIV1ivZk0jUbELKfgB YbIMGrtxxGxFnOqoegHnv5ZlorFhWL6QxmTxd+/CGdnvtFlbLUfwKt6ZbkKDt6ATCES+ ntqRgFbUjncq1hjAB5cgO5m7fGpp0BaDDjsNtMRtUATuy1i/6ICRMO9KEJkTqu8QCAFp BsXSGd0r/YXC4O9j+MH39qiVgvX+xtX6ALC34maiBL0Qxjn+Q2srlWb7wcV8VzVn1aEk 9lpi9AFvN7/Alu67p5n4TCgr8SF28Uwdlh/IQ/sn7g2GdeNv3gUsXW246UhoBgoBzsKW algA== X-Gm-Message-State: AOJu0YwdvSi1A9xvxjy7veRvs6kz0sqKQOAlYdFkNevBS/Evfzp5W+ll +6KSOOARyQ7vred1jXpocx/zs9v/B/kL7oUpCEnnXqu59NZvAX5bhCEkIeR7+IMVlRJPsUE/Vvm 2hoGJ2EGoppS+xgvOlIJYDUgiHsddABI= X-Gm-Gg: AeBDiev4rhkh3jVXdtUFj/7iB78v1J3iVMNRPNKHVRdlcH2clv8IQ5uu9YEBbd8tLAi T5wy0aAivbctfAv2aucPRSDWiX9cUNMRieCzpdpMbALt3GVgf5umQnFVOKGrmMnftITu9hvcG+r j+4pL4n0sMMUzbuz9u/thW40EPnQevQkZyUHi69ciKZtaF/FoJLtkBA7gGoEVbV4IgVty8BMvom NB8q1F+8kgF4y/Bbb/BxZGqnA8MVCf6aRw2JXlD4c0FhguRGURZtY90mb5RqQkMwUrk9fzImx46 EdCR23SYw1VG6obo8T8/gbVV427idl/Fc4WgQF/CoV7CQKNhDaUpny5uJSrHSzlXlSEui+TQBg= = X-Received: by 2002:a05:600d:d:b0:488:9e43:9690 with SMTP id 5b1f17b1804b1-488d67dbf4amr101918355e9.10.1775999835003; Sun, 12 Apr 2026 06:17:15 -0700 (PDT) MIME-Version: 1.0 References: <3190647.1775103768@sss.pgh.pa.us> In-Reply-To: From: David Rowley Date: Mon, 13 Apr 2026 01:17:02 +1200 X-Gm-Features: AQROBzAdnTTdvuAwQ7d6ynQUGpC1QfxHVg4DqvddG94BRr_GL3BLcpSdOB8m-6U Message-ID: Subject: Re: Small and unlikely overflow hazard in bms_next_member() To: Tom Lane Cc: PostgreSQL Developers Content-Type: multipart/mixed; boundary="000000000000498f4f064f432f19" List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk --000000000000498f4f064f432f19 Content-Type: text/plain; charset="UTF-8" On Fri, 3 Apr 2026 at 15:08, David Rowley wrote: > IMO, if we can make bitmapset.c work with INT_MAX members and get a > performance increase, then we should do it. Re-thinking this after a week's holiday, it seems fine to use an unsigned 32-bit int rather than a 64-bit int to fix this bug. I'd previously been uncertain if there were any guarantees in C to what (unsigned int) -1 would return, but going by [1] at 6.3.1.3, it says: "Otherwise, if the new type is unsigned, the value is converted by repeatedly adding or subtracting one more than the maximum value that can be represented in the new type until the value is in the range of the new type." So, it seems even on one's complement that -1 as an unsigned int will be UINT_MAX. When we add 1 to UINT_MAX, we're guaranteed to get 0, as it's unsigned maths and overflows are going to result in a value modulus the max value for the type. That leads me to the attached v2 patch. Compiler Explorer link showing the assembly at [2]. Testing the performance, it's better than master, so I got rid of the size_t wordnum stuff. We're post-freeze now, so fiddling with other optimisations seems a bit off the table as there appears to be no performance regression to compensate for now, per: drowley@amd3990x:~$ gcc test_bms_next3.c -O2 -o test_bms_next3 && ./test_bms_next3 Benchmarking 100000000 bms_next_member iterations... master: 1.18330 seconds Patched: 1.05493 seconds Benchmarking 100000000 bms_prev_member iterations... master: 2.94522 seconds Patched: 1.86130 seconds drowley@amd3990x:~$ clang test_bms_next3.c -O2 -o test_bms_next3 && ./test_bms_next3 Benchmarking 100000000 bms_next_member iterations... master: 1.07860 seconds Patched: 1.07896 seconds Benchmarking 100000000 bms_prev_member iterations... master: 2.76550 seconds Patched: 2.12369 seconds David [1] https://www.open-std.org/jtc1/sc22/wg14/www/docs/n1548.pdf [2] https://godbolt.org/z/xW96rxd3P --000000000000498f4f064f432f19 Content-Type: text/plain; charset="US-ASCII"; name="test_bms_next3.c" Content-Disposition: attachment; filename="test_bms_next3.c" Content-Transfer-Encoding: base64 Content-ID: X-Attachment-Id: f_mnvs8mz61 I2luY2x1ZGUgPHN0ZGlvLmg+CiNpbmNsdWRlIDxzdGRsaWIuaD4KI2luY2x1ZGUgPHN0ZGludC5o PgojaW5jbHVkZSA8c3RyaW5nLmg+CiNpbmNsdWRlIDx0aW1lLmg+CiNpbmNsdWRlIDxsaW1pdHMu aD4KCi8vI2RlZmluZSBOVUxMICgodm9pZCAqKSAwKQp0eXBlZGVmIHVpbnQzMl90IHVpbnQzMjsK dHlwZWRlZiBpbnQzMl90IGludDMyOwp0eXBlZGVmIHVpbnQ2NF90IHVpbnQ2NDsKdHlwZWRlZiBp bnQ2NF90IGludDY0OwojZGVmaW5lIEJJVFNfUEVSX0JJVE1BUFdPUkQgNjQKdHlwZWRlZiB1aW50 NjQgYml0bWFwd29yZDsJICAvKiBtdXN0IGJlIGFuIHVuc2lnbmVkIHR5cGUgKi8KdHlwZWRlZiBp bnQ2NCBzaWduZWRiaXRtYXB3b3JkOyAvKiBtdXN0IGJlIHRoZSBtYXRjaGluZyBzaWduZWQgdHlw ZSAqLwoKI2RlZmluZSBXT1JETlVNKHgpICAoKHgpIC8gQklUU19QRVJfQklUTUFQV09SRCkKI2Rl ZmluZSBCSVROVU0oeCkgICAoKHgpICUgQklUU19QRVJfQklUTUFQV09SRCkKCiNpZmRlZiBfX0dO VUNfXwojZGVmaW5lIGxpa2VseSh4KQlfX2J1aWx0aW5fZXhwZWN0KCh4KSAhPSAwLCAxKQojZGVm aW5lIHVubGlrZWx5KHgpIF9fYnVpbHRpbl9leHBlY3QoKHgpICE9IDAsIDApCiNlbHNlCiNkZWZp bmUgbGlrZWx5KHgpCSgoeCkgIT0gMCkKI2RlZmluZSB1bmxpa2VseSh4KSAoKHgpICE9IDApCiNl bmRpZgoKdHlwZWRlZiBzdHJ1Y3QgQml0bWFwc2V0CnsKCWludAkJIG53b3JkczsJCS8qIG51bWJl ciBvZiB3b3JkcyBpbiBhcnJheSAqLwoJYml0bWFwd29yZCAgd29yZHNbXTsJLyogcmVhbGx5IFtu d29yZHNdICovCn0gQml0bWFwc2V0OwoKc3RhdGljIGlubGluZSBpbnQKYm13X3JpZ2h0bW9zdF9v bmVfcG9zKHVpbnQ2NCB3b3JkKQp7CglyZXR1cm4gX19idWlsdGluX2N0emxsKHdvcmQpOwp9Cgpz dGF0aWMgaW5saW5lIGludApibXdfbGVmdG1vc3Rfb25lX3Bvcyh1aW50NjQgd29yZCkKewoJcmV0 dXJuIDYzIC0gX19idWlsdGluX2NsemxsKHdvcmQpOwp9CgppbnQKYm1zX25leHRfbWVtYmVyKGNv bnN0IEJpdG1hcHNldCAqYSwgaW50IHByZXZiaXQpCnsKCWludAkJIG53b3JkczsKCWJpdG1hcHdv cmQgIG1hc2s7CgoJaWYgKGEgPT0gTlVMTCkKCQlyZXR1cm4gLTI7CgoJbndvcmRzID0gYS0+bndv cmRzOwoJcHJldmJpdCsrOwoJbWFzayA9ICh+KGJpdG1hcHdvcmQpIDApIDw8IEJJVE5VTShwcmV2 Yml0KTsKCWZvciAoaW50IHdvcmRudW0gPSBXT1JETlVNKHByZXZiaXQpOyB3b3JkbnVtIDwgbndv cmRzOyB3b3JkbnVtKyspCgl7CgkJYml0bWFwd29yZCAgdyA9IGEtPndvcmRzW3dvcmRudW1dOwoK CQkvKiBpZ25vcmUgYml0cyBiZWZvcmUgcHJldmJpdCAqLwoJCXcgJj0gbWFzazsKCgkJaWYgKHcg IT0gMCkKCQl7CgkJCWludAkJIHJlc3VsdDsKCgkJCXJlc3VsdCA9IHdvcmRudW0gKiBCSVRTX1BF Ul9CSVRNQVBXT1JEOwoJCQlyZXN1bHQgKz0gYm13X3JpZ2h0bW9zdF9vbmVfcG9zKHcpOwoJCQly ZXR1cm4gcmVzdWx0OwoJCX0KCgkJLyogaW4gc3Vic2VxdWVudCB3b3JkcywgY29uc2lkZXIgYWxs IGJpdHMgKi8KCQltYXNrID0gKH4oYml0bWFwd29yZCkgMCk7Cgl9CglyZXR1cm4gLTI7Cn0KCmlu dApibXNfbmV4dF9tZW1iZXJfcGF0Y2hlZChjb25zdCBCaXRtYXBzZXQgKmEsIGludCBwcmV2Yml0 KQp7Cgl1bnNpZ25lZCBpbnQgY3VycmJpdCA9IHByZXZiaXQ7CglpbnQJCQlud29yZHM7CgliaXRt YXB3b3JkCW1hc2s7CgoJaWYgKGEgPT0gTlVMTCkKCQlyZXR1cm4gLTI7Cglud29yZHMgPSBhLT5u d29yZHM7CgoJLyogdXNlIGFuIHVuc2lnbmVkIGludCB0byBhdm9pZCB0aGUgcmlzayB0aGF0IGlu dCBvdmVyZmxvd3MgKi8KCWN1cnJiaXQrKzsKCW1hc2sgPSAofihiaXRtYXB3b3JkKSAwKSA8PCBC SVROVU0oY3VycmJpdCk7Cglmb3IgKGludCB3b3JkbnVtID0gV09SRE5VTShjdXJyYml0KTsgd29y ZG51bSA8IG53b3Jkczsgd29yZG51bSsrKQoJewoJCWJpdG1hcHdvcmQJdyA9IGEtPndvcmRzW3dv cmRudW1dOwoKCQkvKiBpZ25vcmUgYml0cyBiZWZvcmUgY3VycmJpdCAqLwoJCXcgJj0gbWFzazsK CgkJaWYgKHcgIT0gMCkKCQl7CgkJCWludAkJCXJlc3VsdDsKCgkJCXJlc3VsdCA9IHdvcmRudW0g KiBCSVRTX1BFUl9CSVRNQVBXT1JEOwoJCQlyZXN1bHQgKz0gYm13X3JpZ2h0bW9zdF9vbmVfcG9z KHcpOwoJCQlyZXR1cm4gcmVzdWx0OwoJCX0KCgkJLyogaW4gc3Vic2VxdWVudCB3b3JkcywgY29u c2lkZXIgYWxsIGJpdHMgKi8KCQltYXNrID0gKH4oYml0bWFwd29yZCkgMCk7Cgl9CglyZXR1cm4g LTI7Cn0KCmludApibXNfcHJldl9tZW1iZXIoY29uc3QgQml0bWFwc2V0ICphLCBpbnQgcHJldmJp dCkKewoJaW50CQkJdXNoaWZ0Yml0czsKCWJpdG1hcHdvcmQJbWFzazsKCgkvKgoJICogSWYgc2V0 IGlzIE5VTEwgb3IgaWYgdGhlcmUgYXJlIG5vIG1vcmUgYml0cyB0byB0aGUgcmlnaHQgdGhlbiB3 ZSd2ZQoJICogbm90aGluZyB0byBkby4KCSAqLwoJaWYgKGEgPT0gTlVMTCB8fCBwcmV2Yml0ID09 IDApCgkJcmV0dXJuIC0yOwoKCS8qIHRyYW5zZm9ybSAtMSB0byB0aGUgaGlnaGVzdCBwb3NzaWJs ZSBiaXQgd2UgY291bGQgaGF2ZSBzZXQgKi8KCWlmIChwcmV2Yml0ID09IC0xKQoJCXByZXZiaXQg PSBhLT5ud29yZHMgKiBCSVRTX1BFUl9CSVRNQVBXT1JEIC0gMTsKCWVsc2UKCQlwcmV2Yml0LS07 CgoJdXNoaWZ0Yml0cyA9IEJJVFNfUEVSX0JJVE1BUFdPUkQgLSAoQklUTlVNKHByZXZiaXQpICsg MSk7CgltYXNrID0gKH4oYml0bWFwd29yZCkgMCkgPj4gdXNoaWZ0Yml0czsKCWZvciAoaW50IHdv cmRudW0gPSBXT1JETlVNKHByZXZiaXQpOyB3b3JkbnVtID49IDA7IHdvcmRudW0tLSkKCXsKCQli aXRtYXB3b3JkCXcgPSBhLT53b3Jkc1t3b3JkbnVtXTsKCgkJLyogbWFzayBvdXQgYml0cyBsZWZ0 IG9mIHByZXZiaXQgKi8KCQl3ICY9IG1hc2s7CgoJCWlmICh3ICE9IDApCgkJewoJCQlpbnQJCQly ZXN1bHQ7CgoJCQlyZXN1bHQgPSB3b3JkbnVtICogQklUU19QRVJfQklUTUFQV09SRDsKCQkJcmVz dWx0ICs9IGJtd19sZWZ0bW9zdF9vbmVfcG9zKHcpOwoJCQlyZXR1cm4gcmVzdWx0OwoJCX0KCgkJ LyogaW4gc3Vic2VxdWVudCB3b3JkcywgY29uc2lkZXIgYWxsIGJpdHMgKi8KCQltYXNrID0gKH4o Yml0bWFwd29yZCkgMCk7Cgl9CglyZXR1cm4gLTI7Cn0KCmludApibXNfcHJldl9tZW1iZXJfcGF0 Y2hlZChjb25zdCBCaXRtYXBzZXQgKmEsIGludCBwcmV2Yml0KQp7Cgl1bnNpZ25lZCBpbnQgY3Vy cmJpdDsKCWludAkJCXVzaGlmdGJpdHM7CgliaXRtYXB3b3JkCW1hc2s7CgoKCS8qCgkgKiBJZiBz ZXQgaXMgTlVMTCBvciBpZiB0aGVyZSBhcmUgbm8gbW9yZSBiaXRzIHRvIHRoZSByaWdodCB0aGVu IHdlJ3ZlCgkgKiBub3RoaW5nIHRvIGRvLgoJICovCglpZiAoYSA9PSBOVUxMIHx8IHByZXZiaXQg PT0gMCkKCQlyZXR1cm4gLTI7CgoJLyoKCSAqIFRyYW5zZm9ybSAtMSB0byB0aGUgaGlnaGVzdCBw b3NzaWJsZSBiaXQgd2UgY291bGQgaGF2ZSBzZXQuICBXZSBkbyB0aGlzCgkgKiBpbiB1bnNpZ25l ZCBtYXRoIHRvIGF2b2lkIHRoZSByaXNrIG9mIG92ZXJmbG93aW5nIGEgc2lnbmVkIGludC4KCSAq LwoJaWYgKHByZXZiaXQgPCAwKQoJCWN1cnJiaXQgPSAodW5zaWduZWQgaW50KSBhLT5ud29yZHMg KiBCSVRTX1BFUl9CSVRNQVBXT1JEIC0gMTsKCWVsc2UKCQljdXJyYml0ID0gcHJldmJpdCAtIDE7 CgoJdXNoaWZ0Yml0cyA9IEJJVFNfUEVSX0JJVE1BUFdPUkQgLSAoQklUTlVNKGN1cnJiaXQpICsg MSk7CgltYXNrID0gKH4oYml0bWFwd29yZCkgMCkgPj4gdXNoaWZ0Yml0czsKCWZvciAoaW50IHdv cmRudW0gPSBXT1JETlVNKGN1cnJiaXQpOyB3b3JkbnVtID49IDA7IHdvcmRudW0tLSkKCXsKCQli aXRtYXB3b3JkCXcgPSBhLT53b3Jkc1t3b3JkbnVtXTsKCgkJLyogbWFzayBvdXQgYml0cyBsZWZ0 IG9mIGN1cnJiaXQgKi8KCQl3ICY9IG1hc2s7CgoJCWlmICh3ICE9IDApCgkJewoJCQlpbnQJCQly ZXN1bHQ7CgoJCQlyZXN1bHQgPSB3b3JkbnVtICogQklUU19QRVJfQklUTUFQV09SRDsKCQkJcmVz dWx0ICs9IGJtd19sZWZ0bW9zdF9vbmVfcG9zKHcpOwoJCQlyZXR1cm4gcmVzdWx0OwoJCX0KCgkJ LyogaW4gc3Vic2VxdWVudCB3b3JkcywgY29uc2lkZXIgYWxsIGJpdHMgKi8KCQltYXNrID0gKH4o Yml0bWFwd29yZCkgMCk7Cgl9CglyZXR1cm4gLTI7Cn0KCgpkb3VibGUgZ2V0X3RpbWUoKSB7Cglz dHJ1Y3QgdGltZXNwZWMgdHM7CgljbG9ja19nZXR0aW1lKENMT0NLX1BST0NFU1NfQ1BVVElNRV9J RCwgJnRzKTsKCXJldHVybiB0cy50dl9zZWMgKyB0cy50dl9uc2VjICogMWUtOTsKfQoKQml0bWFw c2V0ICpibXM7CgoKaW50IG1haW4oKSB7CglpbnQgd29yZHNfdG9fYWxsb2MgPSAxOyAvLyBMYXJn ZSBzZXQgdG8gYnlwYXNzIENQVSBjYWNoZSBzbGlnaHRseQoJYm1zID0gbWFsbG9jKHNpemVvZihC aXRtYXBzZXQpICsgd29yZHNfdG9fYWxsb2MgKiBzaXplb2YoYml0bWFwd29yZCkpOwoJYm1zLT5u d29yZHMgPSB3b3Jkc190b19hbGxvYzsKCW1lbXNldChibXMtPndvcmRzLCAwLCB3b3Jkc190b19h bGxvYyAqIHNpemVvZihiaXRtYXB3b3JkKSk7Cglkb3VibGUgc3RhcnQsIGVuZDsKCWludDY0IGNv dW50ID0gMDsKCgkvKiBTZXQgYSBiaXQgZmFyIGludG8gdGhlIHNldCB0byBmb3JjZSBhIGxvbmcg c2NhbiAqLwoJYm1zLT53b3Jkc1t3b3Jkc190b19hbGxvYyAtIDFdIHw9IDB4YWY0OwoKCWludCBp dGVyYXRpb25zID0gMTAwMDAwMDAwOwoKCglwcmludGYoIkJlbmNobWFya2luZyAlZCBibXNfbmV4 dF9tZW1iZXIgaXRlcmF0aW9ucy4uLlxuIiwgaXRlcmF0aW9ucyk7CgoJLyogbWFzdGVyICovCglz dGFydCA9IGdldF90aW1lKCk7Cglmb3IgKGludCBpID0gMDsgaSA8IGl0ZXJhdGlvbnM7IGkrKykK CXsKCQlpbnQgaiA9IC0xOwoJCXdoaWxlICgoaiA9IGJtc19uZXh0X21lbWJlcihibXMsIGopKSA+ PSAwKQoJCQljb3VudCsrOwoJfQoJZW5kID0gZ2V0X3RpbWUoKTsKCXByaW50ZigibWFzdGVyOiAl LjVmIHNlY29uZHNcbiIsIGVuZCAtIHN0YXJ0KTsKCgkvLyBUZXN0IERhdmlkCglzdGFydCA9IGdl dF90aW1lKCk7Cglmb3IgKGludCBpID0gMDsgaSA8IGl0ZXJhdGlvbnM7IGkrKykKCXsKCQlpbnQg aiA9IC0xOwoJCXdoaWxlICgoaiA9IGJtc19uZXh0X21lbWJlcl9wYXRjaGVkKGJtcywgaikpID49 IDApCgkJCWNvdW50Kys7Cgl9CgoJZW5kID0gZ2V0X3RpbWUoKTsKCXByaW50ZigiUGF0Y2hlZDog JS41ZiBzZWNvbmRzXG4iLCBlbmQgLSBzdGFydCk7CgoJcHJpbnRmKCJcbkJlbmNobWFya2luZyAl ZCBibXNfcHJldl9tZW1iZXIgaXRlcmF0aW9ucy4uLlxuIiwgaXRlcmF0aW9ucyk7CgoJLyogbWFz dGVyICovCglzdGFydCA9IGdldF90aW1lKCk7Cglmb3IgKGludCBpID0gMDsgaSA8IGl0ZXJhdGlv bnM7IGkrKykKCXsKCQlpbnQgaiA9IC0xOwoJCXdoaWxlICgoaiA9IGJtc19wcmV2X21lbWJlcihi bXMsIGopKSA+PSAwKQoJCQljb3VudCsrOwoJfQoJZW5kID0gZ2V0X3RpbWUoKTsKCXByaW50Zigi bWFzdGVyOiAlLjVmIHNlY29uZHNcbiIsIGVuZCAtIHN0YXJ0KTsKCgkvLyBUZXN0IERhdmlkCglz dGFydCA9IGdldF90aW1lKCk7Cglmb3IgKGludCBpID0gMDsgaSA8IGl0ZXJhdGlvbnM7IGkrKykK CXsKCQlpbnQgaiA9IC0xOwoJCXdoaWxlICgoaiA9IGJtc19wcmV2X21lbWJlcl9wYXRjaGVkKGJt cywgaikpID49IDApCgkJCWNvdW50Kys7Cgl9CgoJZW5kID0gZ2V0X3RpbWUoKTsKCXByaW50Zigi UGF0Y2hlZDogJS41ZiBzZWNvbmRzXG4iLCBlbmQgLSBzdGFydCk7CgoJcHJpbnRmKCIlbGRcbiIs IGNvdW50KTsKCWZyZWUoYm1zKTsKCXJldHVybiAwOwp9 --000000000000498f4f064f432f19 Content-Type: application/octet-stream; name="v2-0001-Fix-unlikely-overflow-bug-in-bms_next_member.patch" Content-Disposition: attachment; filename="v2-0001-Fix-unlikely-overflow-bug-in-bms_next_member.patch" Content-Transfer-Encoding: base64 Content-ID: X-Attachment-Id: f_mnvrcsyy0 RnJvbSBkMWM2NDRiYTRkZTA1NjI0ZmM1YTYzYjNkNWY0MDI2YzcxZWQ0YWE1IE1vbiBTZXAgMTcg MDA6MDA6MDAgMjAwMQpGcm9tOiBEYXZpZCBSb3dsZXkgPGRncm93bGV5QGdtYWlsLmNvbT4KRGF0 ZTogU2F0LCA0IEFwciAyMDI2IDE2OjQxOjIzICsxMzAwClN1YmplY3Q6IFtQQVRDSCB2Ml0gRml4 IHVubGlrZWx5IG92ZXJmbG93IGJ1ZyBpbiBibXNfbmV4dF9tZW1iZXIoKQoKLi4uIGFuZCBibXNf cHJldl9tZW1iZXIoKS4KCkJvdGggb2YgdGhlc2UgZnVuY3Rpb25zIHdvbid0IHdvcmsgY29ycmVj dGx5IHdoZW4gZ2l2ZW4gYSBwcmV2Yml0IG9mCklOVF9NQVguICBIZXJlIHdlIGZpeCB0aGF0IGJ5 IHVzaW5nIGFuIHVuc2lnbmVkIGludCB0byBjYWxjdWxhdGUgd2hpY2gKbWVtYmVyIHRvIGxvb2sg Zm9yIG5leHQuCgpJbiBwcmFjdGlzZSwgQml0bWFwc2V0cyB3aWxsIG5ldmVyIGhhdmUgc3VjaCBh IGxhcmdlIG1lbWJlciwgc28gbm8KYmFja3BhdGNoLgoKQXV0aG9yOiBEYXZpZCBSb3dsZXkgPGRn cm93bGV5bWxAZ21haWwuY29tPgpSZXZpZXdlZC1ieTogQ2hhbyBMaSA8bGkuZXZhbi5jaGFvQGdt YWlsLmNvbT4KRGlzY3Vzc2lvbjogaHR0cHM6Ly9wb3N0Z3IuZXMvbS9DQUFwSER2cTBUJTNEaUow U2Y1VE5FOXl5V3dmT2VWam1yQnQwd1N5d0RuR0Q5WTRZSlFCQSU0MG1haWwuZ21haWwuY29tCi0t LQogc3JjL2JhY2tlbmQvbm9kZXMvYml0bWFwc2V0LmMgfCAzMyArKysrKysrKysrKysrKysrKysr LS0tLS0tLS0tLS0tLS0KIDEgZmlsZSBjaGFuZ2VkLCAxOSBpbnNlcnRpb25zKCspLCAxNCBkZWxl dGlvbnMoLSkKCmRpZmYgLS1naXQgYS9zcmMvYmFja2VuZC9ub2Rlcy9iaXRtYXBzZXQuYyBiL3Ny Yy9iYWNrZW5kL25vZGVzL2JpdG1hcHNldC5jCmluZGV4IDc4NmYzNDNiM2M5Li45NTcxNzI2NDhj MyAxMDA2NDQKLS0tIGEvc3JjL2JhY2tlbmQvbm9kZXMvYml0bWFwc2V0LmMKKysrIGIvc3JjL2Jh Y2tlbmQvbm9kZXMvYml0bWFwc2V0LmMKQEAgLTEyODksNiArMTI4OSw3IEBAIGJtc19qb2luKEJp dG1hcHNldCAqYSwgQml0bWFwc2V0ICpiKQogaW50CiBibXNfbmV4dF9tZW1iZXIoY29uc3QgQml0 bWFwc2V0ICphLCBpbnQgcHJldmJpdCkKIHsKKwl1bnNpZ25lZCBpbnQgY3VycmJpdCA9IHByZXZi aXQ7CiAJaW50CQkJbndvcmRzOwogCWJpdG1hcHdvcmQJbWFzazsKIApAQCAtMTI5NywxMyArMTI5 OCwxNSBAQCBibXNfbmV4dF9tZW1iZXIoY29uc3QgQml0bWFwc2V0ICphLCBpbnQgcHJldmJpdCkK IAlpZiAoYSA9PSBOVUxMKQogCQlyZXR1cm4gLTI7CiAJbndvcmRzID0gYS0+bndvcmRzOwotCXBy ZXZiaXQrKzsKLQltYXNrID0gKH4oYml0bWFwd29yZCkgMCkgPDwgQklUTlVNKHByZXZiaXQpOwot CWZvciAoaW50IHdvcmRudW0gPSBXT1JETlVNKHByZXZiaXQpOyB3b3JkbnVtIDwgbndvcmRzOyB3 b3JkbnVtKyspCisKKwkvKiB1c2UgYW4gdW5zaWduZWQgaW50IHRvIGF2b2lkIHRoZSByaXNrIHRo YXQgaW50IG92ZXJmbG93cyAqLworCWN1cnJiaXQrKzsKKwltYXNrID0gKH4oYml0bWFwd29yZCkg MCkgPDwgQklUTlVNKGN1cnJiaXQpOworCWZvciAoaW50IHdvcmRudW0gPSBXT1JETlVNKGN1cnJi aXQpOyB3b3JkbnVtIDwgbndvcmRzOyB3b3JkbnVtKyspCiAJewogCQliaXRtYXB3b3JkCXcgPSBh LT53b3Jkc1t3b3JkbnVtXTsKIAotCQkvKiBpZ25vcmUgYml0cyBiZWZvcmUgcHJldmJpdCAqLwor CQkvKiBpZ25vcmUgYml0cyBiZWZvcmUgY3VycmJpdCAqLwogCQl3ICY9IG1hc2s7CiAKIAkJaWYg KHcgIT0gMCkKQEAgLTEzNDUsMTAgKzEzNDgsMTAgQEAgYm1zX25leHRfbWVtYmVyKGNvbnN0IEJp dG1hcHNldCAqYSwgaW50IHByZXZiaXQpCiAgKiBJdCBtYWtlcyBubyBkaWZmZXJlbmNlIGluIHNp bXBsZSBsb29wIHVzYWdlLCBidXQgY29tcGxleCBpdGVyYXRpb24gbG9naWMKICAqIG1pZ2h0IG5l ZWQgc3VjaCBhbiBhYmlsaXR5LgogICovCi0KIGludAogYm1zX3ByZXZfbWVtYmVyKGNvbnN0IEJp dG1hcHNldCAqYSwgaW50IHByZXZiaXQpCiB7CisJdW5zaWduZWQgaW50IGN1cnJiaXQ7CiAJaW50 CQkJdXNoaWZ0Yml0czsKIAliaXRtYXB3b3JkCW1hc2s7CiAKQEAgLTEzNjIsMjIgKzEzNjUsMjQg QEAgYm1zX3ByZXZfbWVtYmVyKGNvbnN0IEJpdG1hcHNldCAqYSwgaW50IHByZXZiaXQpCiAJCXJl dHVybiAtMjsKIAogCS8qIFZhbGlkYXRlIGNhbGxlcnMgZGlkbid0IGdpdmUgdXMgc29tZXRoaW5n IG91dCBvZiByYW5nZSAqLwotCUFzc2VydChwcmV2Yml0IDw9IGEtPm53b3JkcyAqIEJJVFNfUEVS X0JJVE1BUFdPUkQpOwotCUFzc2VydChwcmV2Yml0ID49IC0xKTsKKwlBc3NlcnQocHJldmJpdCA8 IDAgfHwgcHJldmJpdCA8PSAodW5zaWduZWQgaW50KSAoYS0+bndvcmRzICogQklUU19QRVJfQklU TUFQV09SRCkpOwogCi0JLyogdHJhbnNmb3JtIC0xIHRvIHRoZSBoaWdoZXN0IHBvc3NpYmxlIGJp dCB3ZSBjb3VsZCBoYXZlIHNldCAqLwotCWlmIChwcmV2Yml0ID09IC0xKQotCQlwcmV2Yml0ID0g YS0+bndvcmRzICogQklUU19QRVJfQklUTUFQV09SRCAtIDE7CisJLyoKKwkgKiBUcmFuc2Zvcm0g LTEgdG8gdGhlIGhpZ2hlc3QgcG9zc2libGUgYml0IHdlIGNvdWxkIGhhdmUgc2V0LiAgV2UgZG8g dGhpcworCSAqIGluIHVuc2lnbmVkIG1hdGggdG8gYXZvaWQgdGhlIHJpc2sgb2Ygb3ZlcmZsb3dp bmcgYSBzaWduZWQgaW50LgorCSAqLworCWlmIChwcmV2Yml0IDwgMCkKKwkJY3VycmJpdCA9ICh1 bnNpZ25lZCBpbnQpIGEtPm53b3JkcyAqIEJJVFNfUEVSX0JJVE1BUFdPUkQgLSAxOwogCWVsc2UK LQkJcHJldmJpdC0tOworCQljdXJyYml0ID0gcHJldmJpdCAtIDE7CiAKLQl1c2hpZnRiaXRzID0g QklUU19QRVJfQklUTUFQV09SRCAtIChCSVROVU0ocHJldmJpdCkgKyAxKTsKKwl1c2hpZnRiaXRz ID0gQklUU19QRVJfQklUTUFQV09SRCAtIChCSVROVU0oY3VycmJpdCkgKyAxKTsKIAltYXNrID0g KH4oYml0bWFwd29yZCkgMCkgPj4gdXNoaWZ0Yml0czsKLQlmb3IgKGludCB3b3JkbnVtID0gV09S RE5VTShwcmV2Yml0KTsgd29yZG51bSA+PSAwOyB3b3JkbnVtLS0pCisJZm9yIChpbnQgd29yZG51 bSA9IFdPUkROVU0oY3VycmJpdCk7IHdvcmRudW0gPj0gMDsgd29yZG51bS0tKQogCXsKIAkJYml0 bWFwd29yZAl3ID0gYS0+d29yZHNbd29yZG51bV07CiAKLQkJLyogbWFzayBvdXQgYml0cyBsZWZ0 IG9mIHByZXZiaXQgKi8KKwkJLyogbWFzayBvdXQgYml0cyBsZWZ0IG9mIGN1cnJiaXQgKi8KIAkJ dyAmPSBtYXNrOwogCiAJCWlmICh3ICE9IDApCi0tIAoyLjUxLjAKCg== --000000000000498f4f064f432f19--