01 Sep, 2016
1 commit
-
I ran into this:
================================================================================
UBSAN: Undefined behaviour in kernel/time/time.c:783:2
signed integer overflow:
5273 + 9223372036854771711 cannot be represented in type 'long int'
CPU: 0 PID: 17363 Comm: trinity-c0 Not tainted 4.8.0-rc1+ #88
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.9.3-0-ge2fc41e-prebuilt.qemu-project.org
04/01/2014
0000000000000000 ffff88011457f8f0 ffffffff82344f50 0000000041b58ab3
ffffffff84f98080 ffffffff82344ea4 ffff88011457f918 ffff88011457f8c8
ffff88011457f8e0 7fffffffffffefff ffff88011457f6d8 dffffc0000000000
Call Trace:
[] dump_stack+0xac/0xfc
[] ? _atomic_dec_and_lock+0xc4/0xc4
[] ubsan_epilogue+0xd/0x8a
[] handle_overflow+0x202/0x23d
[] ? val_to_string.constprop.6+0x11e/0x11e
[] ? debug_smp_processor_id+0x17/0x20
[] ? __sigqueue_free.part.13+0x51/0x70
[] ? rcu_is_watching+0x110/0x110
[] __ubsan_handle_add_overflow+0xe/0x10
[] timespec64_add_safe+0x298/0x340
[] ? timespec_add_safe+0x330/0x330
[] ? wait_noreap_copyout+0x1d0/0x1d0
[] poll_select_set_timeout+0xf8/0x170
[] ? poll_schedule_timeout+0x2b0/0x2b0
[] ? __might_sleep+0x5b/0x260
[] __sys_recvmmsg+0x107/0x790
[] ? SyS_recvmsg+0x20/0x20
[] ? hrtimer_start_range_ns+0x3b8/0x1380
[] ? _raw_spin_unlock_irqrestore+0x3b/0x60
[] ? do_setitimer+0x39a/0x8e0
[] ? __might_sleep+0x5b/0x260
[] ? __sys_recvmmsg+0x790/0x790
[] SyS_recvmmsg+0xd9/0x160
[] ? __sys_recvmmsg+0x790/0x790
[] ? __this_cpu_preempt_check+0x13/0x20
[] ? __context_tracking_exit.part.3+0x30/0x1b0
[] ? __sys_recvmmsg+0x790/0x790
[] do_syscall_64+0x1b3/0x4b0
[] entry_SYSCALL64_slow_path+0x25/0x25
================================================================================Line 783 is this:
783 set_normalized_timespec64(&res, lhs.tv_sec + rhs.tv_sec,
784 lhs.tv_nsec + rhs.tv_nsec);In other words, since lhs.tv_sec and rhs.tv_sec are both time64_t, this
is a signed addition which will cause undefined behaviour on overflow.Note that this is not currently a huge concern since the kernel should be
built with -fno-strict-overflow by default, but could be a problem in the
future, a problem with older compilers, or other compilers than gcc.The easiest way to avoid the overflow is to cast one of the arguments to
unsigned (so the addition will be done using unsigned arithmetic).Cc: Thomas Gleixner
Cc: Ingo Molnar
Cc: Richard Cochran
Cc: Prarit Bhargava
Signed-off-by: Vegard Nossum
Signed-off-by: John Stultz
20 May, 2016
2 commits
-
All references to timespec_add_safe() now use timespec64_add_safe().
The plan is to replace struct timespec references with struct timespec64
throughout the kernel as timespec is not y2038 safe.Drop timespec_add_safe() and use timespec64_add_safe() for all
architectures.Link: http://lkml.kernel.org/r/1461947989-21926-4-git-send-email-deepa.kernel@gmail.com
Signed-off-by: Deepa Dinamani
Acked-by: John Stultz
Cc: Thomas Gleixner
Cc: Arnd Bergmann
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
timespec64_add_safe() has been defined in time64.h for 64 bit systems.
But, 32 bit systems only have an extern function prototype defined.
Provide a definition for the above function.The function will be necessary as part of y2038 changes. struct
timespec is not y2038 safe. All references to timespec will be replaced
by struct timespec64. The function is meant to be a replacement for
timespec_add_safe().The implementation is similar to timespec_add_safe().
Link: http://lkml.kernel.org/r/1461947989-21926-2-git-send-email-deepa.kernel@gmail.com
Signed-off-by: Deepa Dinamani
Acked-by: John Stultz
Cc: Thomas Gleixner
Cc: Arnd Bergmann
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
23 Apr, 2016
1 commit
-
The do_sys_settimeofday() function uses a timespec, which is not year
2038 safe on 32bit systems.Thus this patch introduces do_sys_settimeofday64(), which allows us to
transition users of do_sys_settimeofday() to using 64bit time types.Cc: Prarit Bhargava
Cc: Richard Cochran
Cc: Thomas Gleixner
Cc: Ingo Molnar
Signed-off-by: Baolin Wang
[jstultz: Include errno-base.h to avoid build issue on some arches]
Signed-off-by: John Stultz
29 Feb, 2016
1 commit
-
Handle the following ISO 8601 features in mktime64():
(1) Leap seconds.
Leap seconds are indicated by the seconds parameter being the value
60. Handle this by treating it the same as 00 of the following
minute.It has been pointed out that a minute may contain two leap seconds.
However, pending discussion of what that looks like and how to handle
it, I'm not going to concern myself with it.(2) Alternate encodings of midnight.
Two different encodings of midnight are permitted - 00:00:00 and
24:00:00 - the first is midnight today and the second is midnight
tomorrow and is exactly equivalent to the first with tomorrow's date.As it happens, we don't actually need to change mktime64() to handle either
of these - just comment them as valid parameters.These facility will be used by the X.509 parser. Doing it in mktime64()
makes the policy common to the whole kernel and easier to find.Signed-off-by: David Howells
Acked-by: Arnd Bergmann
cc: John Stultz
cc: Rudolf Polzer
cc: One Thousand Gnomes
02 Sep, 2015
1 commit
-
Pull timer updates from Thomas Gleixner:
"Rather large, but nothing exiting:- new range check for settimeofday() to prevent that boot time
becomes negative.
- fix for file time rounding
- a few simplifications of the hrtimer code
- fix for the proc/timerlist code so the output of clock realtime
timers is accurate
- more y2038 work
- tree wide conversion of clockevent drivers to the new callbacks"* 'timers-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: (88 commits)
hrtimer: Handle failure of tick_init_highres() gracefully
hrtimer: Unconfuse switch_hrtimer_base() a bit
hrtimer: Simplify get_target_base() by returning current base
hrtimer: Drop return code of hrtimer_switch_to_hres()
time: Introduce timespec64_to_jiffies()/jiffies_to_timespec64()
time: Introduce current_kernel_time64()
time: Introduce struct itimerspec64
time: Add the common weak version of update_persistent_clock()
time: Always make sure wall_to_monotonic isn't positive
time: Fix nanosecond file time rounding in timespec_trunc()
timer_list: Add the base offset so remaining nsecs are accurate for non monotonic timers
cris/time: Migrate to new 'set-state' interface
kernel: broadcast-hrtimer: Migrate to new 'set-state' interface
xtensa/time: Migrate to new 'set-state' interface
unicore/time: Migrate to new 'set-state' interface
um/time: Migrate to new 'set-state' interface
sparc/time: Migrate to new 'set-state' interface
sh/localtimer: Migrate to new 'set-state' interface
score/time: Migrate to new 'set-state' interface
s390/time: Migrate to new 'set-state' interface
...
18 Aug, 2015
2 commits
-
The conversion between struct timespec and jiffies is not year 2038
safe on 32bit systems. Introduce timespec64_to_jiffies() and
jiffies_to_timespec64() functions which use struct timespec64 to
make it ready for 2038 issue.Cc: Prarit Bhargava
Cc: Richard Cochran
Cc: Ingo Molnar
Cc: Thomas Gleixner
Signed-off-by: Baolin Wang
Signed-off-by: John Stultz -
timespec_trunc() avoids rounding if granularity 1 second.
Cc: Prarit Bhargava
Cc: Richard Cochran
Cc: Ingo Molnar
Cc: Thomas Gleixner
Signed-off-by: Karsten Blees
Signed-off-by: John Stultz
29 Jul, 2015
1 commit
-
HZ never goes much further 1000 and a bit. And if we ever reach one tick
per microsecond, we might be having a problem.Lets stop maintaining this special case, just leave a paranoid check.
Reviewed-by: Rik van Riel
Cc: Christoph Lameter
Cc: Ingo Molnar
Cc; John Stultz
Cc: Peter Zijlstra
Cc: Preeti U Murthy
Cc: Rik van Riel
Cc: Thomas Gleixner
Cc: Viresh Kumar
Signed-off-by: Frederic Weisbecker
10 Jun, 2015
1 commit
-
Refactor the usecs_to_jiffies conditional code part in time.c and
jiffies.h putting it into conditional functions rather than #ifdefs
to improve readability. This is analogous to the msecs_to_jiffies()
cleanup in commit ca42aaf0c861 ("time: Refactor msecs_to_jiffies")Signed-off-by: Nicholas Mc Guire
Cc: Masahiro Yamada
Cc: Sam Ravnborg
Cc: Joe Perches
Cc: John Stultz
Cc: Andrew Hunter
Cc: Paul Turner
Cc: Michal Marek
Link: http://lkml.kernel.org/r/1432832996-12129-1-git-send-email-hofrat@osadl.org
Signed-off-by: Thomas Gleixner
23 May, 2015
1 commit
-
Invalid values may overflow later, leading to undefined behaviour when
multiplied by 60 to get the amount of seconds.Cc: Thomas Gleixner
Cc: Ingo Molnar
Signed-off-by: Sasha Levin
Signed-off-by: John Stultz
19 May, 2015
2 commits
-
Refactor the msecs_to_jiffies conditional code part in time.c and
jiffies.h putting it into conditional functions rather than #ifdefs
to improve readability.[ tglx: Verified that there is no binary code change ]
Signed-off-by: Nicholas Mc Guire
Cc: Masahiro Yamada
Cc: Sam Ravnborg
Cc: Joe Perches
Cc: John Stultz
Cc: Andrew Hunter
Cc: Paul Turner
Cc: Michal Marek
Link: http://lkml.kernel.org/r/1431951554-5563-2-git-send-email-hofrat@osadl.org
Signed-off-by: Thomas Gleixner -
kernel/time/timeconst.h is moved to include/generated/ and generated
by the top level Kbuild. This allows using timeconst.h in an earlier
build stage.Signed-off-by: Nicholas Mc Guire
Cc: Masahiro Yamada
Cc: Sam Ravnborg
Cc: Joe Perches
Cc: John Stultz
Cc: Andrew Hunter
Cc: Paul Turner
Cc: Michal Marek
Link: http://lkml.kernel.org/r/1431951554-5563-1-git-send-email-hofrat@osadl.org
Signed-off-by: Thomas Gleixner
26 Jan, 2015
1 commit
-
Pull timer fixes from Thomas Gleixner:
"A set of small fixes:- regression fix for exynos_mct clocksource
- trivial build fix for kona clocksource
- functional one liner fix for the sh_tmu clocksource
- two validation fixes to prevent (root only) data corruption in the
kernel via settimeofday and adjtimex. Tagged for stable"* 'timers-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
time: adjtimex: Validate the ADJ_FREQUENCY values
time: settimeofday: Validate the values of tv from user
clocksource: sh_tmu: Set cpu_possible_mask to fix SMP broadcast
clocksource: kona: fix __iomem annotation
clocksource: exynos_mct: Fix bitmask regression for exynos4_mct_write
22 Jan, 2015
1 commit
-
…ultz/linux into timers/urgent
Pull urgent fixes from John Stultz:
Two urgent fixes for user triggerable time related overflow issues
08 Jan, 2015
1 commit
-
An unvalidated user input is multiplied by a constant, which can result in
an undefined behaviour for large values. While this is validated later,
we should avoid triggering undefined behaviour.Cc: Thomas Gleixner
Cc: Ingo Molnar
Cc: stable
Signed-off-by: Sasha Levin
[jstultz: include trivial milisecond->microsecond correction noticed
by Andy]
Signed-off-by: John Stultz
16 Dec, 2014
1 commit
-
Pull drm updates from Dave Airlie:
"Highlights:- AMD KFD driver merge
This is the AMD HSA interface for exposing a lowlevel interface for
GPGPU use. They have an open source userspace built on top of this
interface, and the code looks as good as it was going to get out of
tree.- Initial atomic modesetting work
The need for an atomic modesetting interface to allow userspace to
try and send a complete set of modesetting state to the driver has
arisen, and been suffering from neglect this past year. No more,
the start of the common code and changes for msm driver to use it
are in this tree. Ongoing work to get the userspace ioctl finished
and the code clean will probably wait until next kernel.- DisplayID 1.3 and tiled monitor exposed to userspace.
Tiled monitor property is now exposed for userspace to make use of.
- Rockchip drm driver merged.
- imx gpu driver moved out of staging
Other stuff:
- core:
panel - MIPI DSI + new panels.
expose suggested x/y properties for virtual GPUs- i915:
Initial Skylake (SKL) support
gen3/4 reset work
start of dri1/ums removal
infoframe tracking
fixes for lots of things.- nouveau:
tegra k1 voltage support
GM204 modesetting support
GT21x memory reclocking work- radeon:
CI dpm fixes
GPUVM improvements
Initial DPM fan control- rcar-du:
HDMI support added
removed some support for old boards
slave encoder driver for Analog Devices adv7511- exynos:
Exynos4415 SoC support- msm:
a4xx gpu support
atomic helper conversion- tegra:
iommu support
universal plane support
ganged-mode DSI support- sti:
HDMI i2c improvements- vmwgfx:
some late fixes.- qxl:
use suggested x/y properties"* 'drm-next' of git://people.freedesktop.org/~airlied/linux: (969 commits)
drm: sti: fix module compilation issue
drm/i915: save/restore GMBUS freq across suspend/resume on gen4
drm: sti: correctly cleanup CRTC and planes
drm: sti: add HQVDP plane
drm: sti: add cursor plane
drm: sti: enable auxiliary CRTC
drm: sti: fix delay in VTG programming
drm: sti: prepare sti_tvout to support auxiliary crtc
drm: sti: use drm_crtc_vblank_{on/off} instead of drm_vblank_{on/off}
drm: sti: fix hdmi avi infoframe
drm: sti: remove event lock while disabling vblank
drm: sti: simplify gdp code
drm: sti: clear all mixer control
drm: sti: remove gpio for HDMI hot plug detection
drm: sti: allow to change hdmi ddc i2c adapter
drm/doc: Document drm_add_modes_noedid() usage
drm/i915: Remove '& 0xffff' from the mask given to WA_REG()
drm/i915: Invert the mask and val arguments in wa_add() and WA_REG()
drm: Zero out DRM object memory upon cleanup
drm/i915/bdw: Fix the write setting up the WIZ hashing mode
...
05 Dec, 2014
1 commit
-
We've lost the +1 required for correct timeouts in
commit 5ed0bdf21a85d78e04f89f15ccf227562177cbd9
Author: Thomas Gleixner
Date: Wed Jul 16 21:05:06 2014 +0000drm: i915: Use nsec based interfaces
Use ktime_get_raw_ns() and get rid of the back and forth timespec
conversions.Signed-off-by: Thomas Gleixner
Acked-by: Daniel Vetter
Signed-off-by: John StultzSo fix this up by reinstating our handrolled _timeout function. While
at it bother with handling MAX_JIFFIES.v2: Convert to usecs (we don't care about the accuracy anyway) first
to avoid overflow issues Dave Gordon spotted.v3: Drop the explicit MAX_JIFFY_OFFSET check, usecs_to_jiffies should
take care of that already. It might be a bit too enthusiastic about it
though.v4: Chris has a much nicer color, so use his implementation.
This requires to export nsec_to_jiffies from time.c.
Cc: Chris Wilson
Cc: Dave Gordon
Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=82749
Cc: Thomas Gleixner
Cc: John Stultz
Signed-off-by: Daniel Vetter
Acked-by: John Stultz
Signed-off-by: Jani Nikula
22 Nov, 2014
1 commit
-
As part of addressing "y2038 problem" for in-kernel uses, this
patch adds safe mktime64() using time64_t.After this patch, mktime() is deprecated and all its call sites
will be fixed using mktime64(), after that it can be removed.Signed-off-by: pang.xunlei
Signed-off-by: John Stultz
13 Sep, 2014
1 commit
-
timeval_to_jiffies tried to round a timeval up to an integral number
of jiffies, but the logic for doing so was incorrect: intervals
corresponding to exactly N jiffies would become N+1. This manifested
itself particularly repeatedly stopping/starting an itimer:setitimer(ITIMER_PROF, &val, NULL);
setitimer(ITIMER_PROF, NULL, &val);would add a full tick to val, _even if it was exactly representable in
terms of jiffies_ (say, the result of a previous rounding.) Doing
this repeatedly would cause unbounded growth in val. So fix the math.Here's what was wrong with the conversion: we essentially computed
(eliding seconds)jiffies = usec * (NSEC_PER_USEC/TICK_NSEC)
by using scaling arithmetic, which took the best approximation of
NSEC_PER_USEC/TICK_NSEC with denominator of 2^USEC_JIFFIE_SC =
x/(2^USEC_JIFFIE_SC), and computed:jiffies = (usec * x) >> USEC_JIFFIE_SC
and rounded this calculation up in the intermediate form (since we
can't necessarily exactly represent TICK_NSEC in usec.) But the
scaling arithmetic is a (very slight) *over*approximation of the true
value; that is, instead of dividing by (1 usec/ 1 jiffie), we
effectively divided by (1 usec/1 jiffie)-epsilon (rounding
down). This would normally be fine, but we want to round timeouts up,
and we did so by adding 2^USEC_JIFFIE_SC - 1 before the shift; this
would be fine if our division was exact, but dividing this by the
slightly smaller factor was equivalent to adding just _over_ 1 to the
final result (instead of just _under_ 1, as desired.)In particular, with HZ=1000, we consistently computed that 10000 usec
was 11 jiffies; the same was true for any exact multiple of
TICK_NSEC.We could possibly still round in the intermediate form, adding
something less than 2^USEC_JIFFIE_SC - 1, but easier still is to
convert usec->nsec, round in nanoseconds, and then convert using
time*spec*_to_jiffies. This adds one constant multiplication, and is
not observably slower in microbenchmarks on recent x86 hardware.Tested: the following program:
int main() {
struct itimerval zero = {{0, 0}, {0, 0}};
/* Initially set to 10 ms. */
struct itimerval initial = zero;
initial.it_interval.tv_usec = 10000;
setitimer(ITIMER_PROF, &initial, NULL);
/* Save and restore several times. */
for (size_t i = 0; i < 10; ++i) {
struct itimerval prev;
setitimer(ITIMER_PROF, &zero, &prev);
/* on old kernels, this goes up by TICK_USEC every iteration */
printf("previous value: %ld %ld %ld %ld\n",
prev.it_interval.tv_sec, prev.it_interval.tv_usec,
prev.it_value.tv_sec, prev.it_value.tv_usec);
setitimer(ITIMER_PROF, &prev, NULL);
}
return 0;
}Cc: stable@vger.kernel.org
Cc: Thomas Gleixner
Cc: Ingo Molnar
Cc: Paul Turner
Cc: Richard Cochran
Cc: Prarit Bhargava
Reviewed-by: Paul Turner
Reported-by: Aaron Jacobs
Signed-off-by: Andrew Hunter
[jstultz: Tweaked to apply to 3.17-rc]
Signed-off-by: John Stultz
24 Jul, 2014
3 commits
-
Required for moving drivers to the nanosecond based interfaces.
Signed-off-by: Thomas Gleixner
Signed-off-by: John Stultz -
Right now we have time related prototypes in 3 different header
files. Move it to a single timekeeping header file and move the core
internal stuff into a core private header.Signed-off-by: Thomas Gleixner
Signed-off-by: John Stultz -
Helper and conversion functions for timespec64.
Signed-off-by: John Stultz
Signed-off-by: Thomas Gleixner
Signed-off-by: John Stultz
23 Jun, 2014
1 commit
-
Except for Kconfig.HZ. That needs a separate treatment.
Signed-off-by: Thomas Gleixner