From: Ingo Molnar Date: Fri, 16 Feb 2007 09:27:28 +0000 (-0800) Subject: [PATCH] Fix multiple conversion bugs in msecs_to_jiffies X-Git-Tag: v2.6.21-rc1~159 X-Git-Url: https://err.no/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=41cf54455da5e5dc847a9733d49ca23b5e7dd59e;p=linux-2.6 [PATCH] Fix multiple conversion bugs in msecs_to_jiffies Fix multiple conversion bugs in msecs_to_jiffies(). The main problem is that this condition: if (m > jiffies_to_msecs(MAX_JIFFY_OFFSET)) overflows if HZ is smaller than 1000! This change is user-visible: for HZ=250 SUS-compliant poll()-timeout value of -20 is mistakenly converted to 'immediate timeout'. (The new dyntick code also triggered this, that's how we noticed.) Signed-off-by: Ingo Molnar Signed-off-by: Thomas Gleixner Cc: john stultz Cc: Roman Zippel Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- diff --git a/kernel/time.c b/kernel/time.c index 4a86571715..c6c80ea5d0 100644 --- a/kernel/time.c +++ b/kernel/time.c @@ -500,15 +500,56 @@ unsigned int jiffies_to_usecs(const unsigned long j) } EXPORT_SYMBOL(jiffies_to_usecs); +/* + * When we convert to jiffies then we interpret incoming values + * the following way: + * + * - negative values mean 'infinite timeout' (MAX_JIFFY_OFFSET) + * + * - 'too large' values [that would result in larger than + * MAX_JIFFY_OFFSET values] mean 'infinite timeout' too. + * + * - all other values are converted to jiffies by either multiplying + * the input value by a factor or dividing it with a factor + * + * We must also be careful about 32-bit overflows. + */ unsigned long msecs_to_jiffies(const unsigned int m) { - if (m > jiffies_to_msecs(MAX_JIFFY_OFFSET)) + /* + * Negative value, means infinite timeout: + */ + if ((int)m < 0) return MAX_JIFFY_OFFSET; + #if HZ <= MSEC_PER_SEC && !(MSEC_PER_SEC % HZ) + /* + * HZ is equal to or smaller than 1000, and 1000 is a nice + * round multiple of HZ, divide with the factor between them, + * but round upwards: + */ return (m + (MSEC_PER_SEC / HZ) - 1) / (MSEC_PER_SEC / HZ); #elif HZ > MSEC_PER_SEC && !(HZ % MSEC_PER_SEC) + /* + * HZ is larger than 1000, and HZ is a nice round multiple of + * 1000 - simply multiply with the factor between them. + * + * But first make sure the multiplication result cannot + * overflow: + */ + if (m > jiffies_to_msecs(MAX_JIFFY_OFFSET)) + return MAX_JIFFY_OFFSET; + return m * (HZ / MSEC_PER_SEC); #else + /* + * Generic case - multiply, round and divide. But first + * check that if we are doing a net multiplication, that + * we wouldnt overflow: + */ + if (HZ > MSEC_PER_SEC && m > jiffies_to_msecs(MAX_JIFFY_OFFSET)) + return MAX_JIFFY_OFFSET; + return (m * HZ + MSEC_PER_SEC - 1) / MSEC_PER_SEC; #endif }