[PATCH] s390: next_timer_interrupt overflow in stop_hz_timer

The 32 bit unsigned substraction (next - jiffies) in stop_hz_timer can
overflow if jiffies gets advanced between next_timer_interrupt and the read
under the xtime lock.  The cast to a u64 then results in a large value
which causes the cpu to wait too long.  Fix this by casting next and
jiffies independently to u64 before subtracting them.

(Spotted by Zachary Amsden <zach@vmware.com>)

Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>

diff --git a/arch/s390/kernel/time.c b/arch/s390/kernel/time.c
index 029f09901b851fbd561e18d3be858e805df2bcb8..ce19ad4e92ec26bc2e6bf4c7a2d019a97c414529 100644 (file)
--- a/arch/s390/kernel/time.c
+++ b/arch/s390/kernel/time.c
@@ -272,7 +272,7 @@ static inline void stop_hz_timer(void)
        next = next_timer_interrupt();
        do {
                seq = read_seqbegin_irqsave(&xtime_lock, flags);
-               timer = (__u64)(next - jiffies) + jiffies_64;
+               timer = (__u64 next) - (__u64 jiffies) + jiffies_64;
        } while (read_seqretry_irqrestore(&xtime_lock, seq, flags));
        todval = -1ULL;
        /* Be careful about overflows. */