[PATCH] s390: next_timer_interrupt overflow in stop_hz_timer
Martin Schwidefsky [Sat, 20 May 2006 22:00:25 +0000 (15:00 -0700)]
The 32 bit unsigned substraction (next - jiffies) in stop_hz_timer can
overflow if jiffies gets advanced between next_timer_interrupt and the read
under the xtime lock.  The cast to a u64 then results in a large value
which causes the cpu to wait too long.  Fix this by casting next and
jiffies independently to u64 before subtracting them.

(Spotted by Zachary Amsden <zach@vmware.com>)

Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>

arch/s390/kernel/time.c

index 029f099..ce19ad4 100644 (file)
@@ -272,7 +272,7 @@ static inline void stop_hz_timer(void)
        next = next_timer_interrupt();
        do {
                seq = read_seqbegin_irqsave(&xtime_lock, flags);
-               timer = (__u64)(next - jiffies) + jiffies_64;
+               timer = (__u64 next) - (__u64 jiffies) + jiffies_64;
        } while (read_seqretry_irqrestore(&xtime_lock, seq, flags));
        todval = -1ULL;
        /* Be careful about overflows. */