Faults in Linux: Saying yes to floating point values

As part of my project, while reading the reports, I came to know about bugs of type which were about using floating point values in Linux Kernel code.  There were many in the versions 2.4.x and 2.6.x. I was also required to list FPs (false positives) by Coccinelle. This post is be about, bug type of using floating point values in Linux Kernel.

You can view the complete report as a PDF here and as a HTML file here.


Why using float in linux kernel is a bug?

From the Robert Love’sLinux Kernel Development” :

When a user-space process uses floating-point instructions, the kernel manages the transition from integer to floating point mode. What the kernel has to do when using floating-point instructions varies by architecture, but the kernel normally catches a trap and then initiates the transition from integer to floating point mode.

Unlike user-space, the kernel does not have the luxury of seamless support for floating point because it cannot easily trap itself. Using a floating point inside the kernel requires manually saving and restoring the floating point registers, among other possible chores. The short answer is: Don’t do it! Except in the rare cases, no floating-point operations are in the kernel.

Have a look at this for more.

This is also a good read.

Types I studied?

There was only one type to study and that is the case that checks for floating point values in kernel code.

What did I found?

In case of bugs, most of them were for the functions _addf3_addsf3, _subdf3. They have parameter of double type and also returns double. Some were similar to this where typecasting to double in macro is being done.

In the FPs by Coccinelle, many were present on the lines where values like 1.6 * 1000 * 10 are being assigned. Have a look at this. range.throughput can be assigned 1600000, instead of assigning it 1.6 * 1000 * 1000, which in case wouldn’t be reported by Coccinelle.

Example Bug?

You can find other bugs in the report linked. Have a look at this, ( IPG_CONVERGE_TIME * HZ ), added to jiffies, but IPG_CONVERGE_TIME has value of 0.5 .

Example FP?

Look at this, ( double ) 1000000 is used, which causes no harm.



#floating-point, #floating-point-values, #floating-point-instructions, #linux-kernel