Quoting Chris Wilson (2017-08-05 20:19:24)
> The wait-ioctl is optionally supplied a timeout with nanosecond
> precision in a s64 field. We use nsecs_to_jiffies64() to convert that
> into the jiffies consumed by the scheduler, but internally
> nsecs_to_jiffies64() does not guard against overflow (as it's purpose is
> for use by the scheduler and not drivers!). So we must guard against the
> overflow ourselves, and in the process note that we may then return
> much earlier than the timeout selected by the user, so don't report
> ETIME unless we do hit the timeout. (Woe betold us though if the user
> waits for a year (32bit) and the request is still not complete!)
>
> Reported-by: Jason Ekstrand <jason.ekstrand@xxxxxxxxx>
> Signed-off-by: Chris Wilson <chris@xxxxxxxxxxxxxxxxxx>
> Cc: Joonas Lahtinen <joonas.lahtinen@xxxxxxxxxxxxxxx>
> Cc: Daniel Vetter <daniel.vetter@xxxxxxxx>
> ---
> drivers/gpu/drm/i915/i915_drv.h | 6 ++++++
> drivers/gpu/drm/i915/i915_gem.c | 4 ++++
> 2 files changed, 10 insertions(+)
>
> diff --git a/drivers/gpu/drm/i915/i915_drv.h b/drivers/gpu/drm/i915/i915_drv.h
> index 2638967211a9..184f4d11de79 100644
> --- a/drivers/gpu/drm/i915/i915_drv.h
> +++ b/drivers/gpu/drm/i915/i915_drv.h
> @@ -4144,6 +4144,12 @@ static inline unsigned long msecs_to_jiffies_timeout(const unsigned int m)
>
> static inline unsigned long nsecs_to_jiffies_timeout(const u64 n)
> {
> +#if NSEC_PER_SEC % HZ
> + /* nsecs_to_jiffies64() does not guard against overflow */
> + if (n >= (u64)MAX_JIFFY_OFFSET * NSEC_PER_SEC / HZ)
> + return MAX_JIFFY_OFFSET;
This still overflows, we need n / NSEC_PER_SEC >= MAX_JIFFY_OFFSET / HZ
as MAX_JIFFY_OFFSET is ~LONG_MAX/2
Hmm, so div_u64(n, NSEC_PER_SEC) >= MAX_JIFFY_OFFSET / HZ ?
_______________________________________________
Intel-gfx mailing list
Intel-gfx@xxxxxxxxxxxxxxxxxxxxx
https://lists.freedesktop.org/mailman/listinfo/intel-gfx
