Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1757653AbcK2OZY (ORCPT ); Tue, 29 Nov 2016 09:25:24 -0500 Received: from Galois.linutronix.de ([146.0.238.70]:51307 "EHLO Galois.linutronix.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1757621AbcK2OZM (ORCPT ); Tue, 29 Nov 2016 09:25:12 -0500 Date: Tue, 29 Nov 2016 15:22:17 +0100 (CET) From: Thomas Gleixner To: John Stultz cc: lkml , Liav Rehana , Chris Metcalf , Richard Cochran , Ingo Molnar , Prarit Bhargava , Laurent Vivier , David Gibson , "Christopher S . Hall" , "4.6+" Subject: Re: [PATCH] timekeeping: Change type of nsec variable to unsigned in its calculation. In-Reply-To: <1479531216-25361-1-git-send-email-john.stultz@linaro.org> Message-ID: References: <1479531216-25361-1-git-send-email-john.stultz@linaro.org> User-Agent: Alpine 2.20 (DEB 67 2015-01-07) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1680 Lines: 38 On Fri, 18 Nov 2016, John Stultz wrote: > From: Liav Rehana > > During the calculation of the nsec variable in the inline function > timekeeping_delta_to_ns, it may undergo a sign extension if its msb > is set just before the shift. The sign extension may, in some cases, > gain it a value near the maximum value of the 64-bit range. This is > bad when it is later used in a division function, such as > __iter_div_u64_rem, where the amount of loops it will go through to > calculate the division will be too large. One can encounter such a > problem, for example, when trying to connect through ftp from an > outside host to the operation system. When the OS is too overloaded, > delta will get a high enough value for the msb of the sum > delta * tkr->mult + tkr->xtime_nsec to be set, and so after the > shift the nsec variable will gain a value similar to > 0xffffffffff000000. Using a variable with such a value in the > inline function __iter_div_u64_rem will take too long, making the > ftp connection attempt seem to get stuck. > The following commit fixes that chance of sign extension, while > maintaining the type of the nsec variable as signed for other > functions that use this variable, for possible legit negative > time intervals. > > Thomas/Ingo: This is for tip:timers/urgent. Certainly not! My objections against this still stand. See: http://lkml.kernel.org/r/alpine.DEB.2.20.1609261956160.4915@nanos http://lkml.kernel.org/r/alpine.DEB.2.20.1609270929170.4891@nanos If we have legitimate use cases with a negative delta, then this patch breaks them no matter what. See the basic C course section in the second link. Thanks, tglx