Received: by 2002:ac0:98c7:0:0:0:0:0 with SMTP id g7-v6csp2463411imd; Fri, 2 Nov 2018 11:51:14 -0700 (PDT) X-Google-Smtp-Source: AJdET5cv4Vigz7KYeqspuk5sPn4agpAJn3CXE5vksNy8ZHgGizSN3DtJoVRRuqke8gInuSp3h3lz X-Received: by 2002:a62:d405:: with SMTP id a5-v6mr12711688pfh.174.1541184674511; Fri, 02 Nov 2018 11:51:14 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1541184674; cv=none; d=google.com; s=arc-20160816; b=efH1349BYIeK9KuCbc0zf7+/baU9iX8EmugR/FQqcBSOtsCxIoZJN+sK8Y4PgOlvPs hPaxS/pT0GS5XTN0dcU810KBv2FI8A5uQE+NSZDhSApuePTY0cNlup2uM+NpMjyyux68 9GSoKD0jUk3RN0m/1bSx5Slj8cdvs7X4dPgOeeXQu/+ELstDMUBbU1y/i1YfzJRYBpIW 2UxAapJPt/3a7OzznPk4qOeA2AZdRcp5gcQRGxqjk9WUUMlaQlvVZCNFHBRP1MIwjAAf l2jqrrOAINizITxBTWLBNs4DF2lCWxJVkDpnQO1eNyoa74JxMi4IHeBwjA1/DfcKrTMn atpg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=YSI0NNFu1pN1esfW9tquFD18XXGp8TW6Y19dFjFV8mQ=; b=oslckMTkSsiVFstp4Mkx6HgSt80+HCdzWTlhS4qO1acRwCci0ayJehMDCt8o6gXWi4 uo1NM+11XhvKYitrtsUZ9lHrlgDtYqNW7cKv/D1q0D3U1avsC385tZUahjK6AZGpahrE 6WcIhWRy9jmwvQigx4eq1seW3ipmbj68ZIWAA3TRSc1ZTaP1+D/L0Lhtol1YYhB1aMuI 45lJhhm2hEEclZyPn/YZSuiKoZvpAwCWI7qPgEpWgKhODmuHnT5HlrutPNv0hWzVJfz7 z5BavB5prfPac4RX0GonfSolHU3ikdvmvFBA5lGXbHq7OPbMbwVZA+PIYGWQwMQaiuXn wRvA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=D8MG5K6b; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x5si111214pga.440.2018.11.02.11.50.59; Fri, 02 Nov 2018 11:51:14 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=D8MG5K6b; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730846AbeKCD6x (ORCPT + 99 others); Fri, 2 Nov 2018 23:58:53 -0400 Received: from mail.kernel.org ([198.145.29.99]:54674 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730851AbeKCD6x (ORCPT ); Fri, 2 Nov 2018 23:58:53 -0400 Received: from localhost (5356596B.cm-6-7b.dynamic.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id A77102082D; Fri, 2 Nov 2018 18:50:37 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1541184638; bh=+ZKNUCFXSuCzkfNrkVUR7mijOe2zT+1K8u7VY+O6pfg=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=D8MG5K6bcLnP+KLuozxJucI5LXZFpx9x5SMJ6iyFReMRQlpdVod3meWctLif9QvTB hTgLNEbXzangejNe4FPfo6Ufj4lP4qXbAtmoEuuvORyrvMdQP7A5Y6j5UTtHmGnKTt HlM8YIS4VmWrzEJlpdVD85+QinFcDIeVZzW7yD/8= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Meelis Roos , Arnd Bergmann , "Martin K. Petersen" , Sasha Levin Subject: [PATCH 4.14 056/143] scsi: aacraid: address UBSAN warning regression Date: Fri, 2 Nov 2018 19:34:01 +0100 Message-Id: <20181102182901.543973107@linuxfoundation.org> X-Mailer: git-send-email 2.19.1 In-Reply-To: <20181102182857.064326086@linuxfoundation.org> References: <20181102182857.064326086@linuxfoundation.org> User-Agent: quilt/0.65 X-stable: review MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.14-stable review patch. If anyone has any objections, please let me know. ------------------ [ Upstream commit d18539754d97876503275efc7d00a1901bb0cfad ] As reported by Meelis Roos, my previous patch causes an incorrect calculation of the timeout, through an undefined signed integer overflow: [ 12.228155] UBSAN: Undefined behaviour in drivers/scsi/aacraid/commsup.c:2514:49 [ 12.228229] signed integer overflow: [ 12.228283] 964297611 * 250 cannot be represented in type 'long int' The problem is that doing a multiplication with HZ first and then dividing by USEC_PER_SEC worked correctly for 32-bit microseconds, but not for 32-bit nanoseconds, which would require up to 41 bits. This reworks the calculation to first convert the nanoseconds into jiffies, which should give us the same result as before and not overflow. Unfortunately I did not understand the exact intention of the algorithm, in particular the part where we add half a second, so it's possible that there is still a preexisting problem in this function. I added a comment that this would be handled more nicely using usleep_range(), which generally works better for waking up at a particular time than the current schedule_timeout() based implementation. I did not feel comfortable trying to implement that without being sure what the intent is here though. Fixes: 820f18865912 ("scsi: aacraid: use timespec64 instead of timeval") Tested-by: Meelis Roos Signed-off-by: Arnd Bergmann Signed-off-by: Martin K. Petersen Signed-off-by: Sasha Levin --- drivers/scsi/aacraid/commsup.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/drivers/scsi/aacraid/commsup.c b/drivers/scsi/aacraid/commsup.c index 998788a967be..3e38bae6ecde 100644 --- a/drivers/scsi/aacraid/commsup.c +++ b/drivers/scsi/aacraid/commsup.c @@ -2506,8 +2506,8 @@ int aac_command_thread(void *data) /* Synchronize our watches */ if (((NSEC_PER_SEC - (NSEC_PER_SEC / HZ)) > now.tv_nsec) && (now.tv_nsec > (NSEC_PER_SEC / HZ))) - difference = (((NSEC_PER_SEC - now.tv_nsec) * HZ) - + NSEC_PER_SEC / 2) / NSEC_PER_SEC; + difference = HZ + HZ / 2 - + now.tv_nsec / (NSEC_PER_SEC / HZ); else { if (now.tv_nsec > NSEC_PER_SEC / 2) ++now.tv_sec; @@ -2531,6 +2531,10 @@ int aac_command_thread(void *data) if (kthread_should_stop()) break; + /* + * we probably want usleep_range() here instead of the + * jiffies computation + */ schedule_timeout(difference); if (kthread_should_stop()) -- 2.17.1