This is an automated email from the ASF dual-hosted git repository.
jerpelea pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/nuttx.git
The following commit(s) were added to refs/heads/master by this push:
new eb92f0f8c84 drivers/timers: avoid 32-bit overflow in arch_timer
current_usec
eb92f0f8c84 is described below
commit eb92f0f8c8448d2deecd423f3e0d27359b7994d6
Author: Max Kriegleder <[email protected]>
AuthorDate: Wed May 6 00:30:55 2026 +0200
drivers/timers: avoid 32-bit overflow in arch_timer current_usec
current_usec() returns a uint64_t, but it used TICK2USEC(timebase)
to convert scheduler ticks to microseconds. On 32-bit clock_t builds,
TICK2USEC() performs the multiplication in 32-bit arithmetic before the
result is widened.
With CONFIG_USEC_PER_TICK=10000, this wraps after about 71.6 minutes:
UINT32_MAX / 1000000 ~= 4294 seconds
After the wrap, up_timer_gettick() can report time near zero again. This
can leave absolute watchdog timeouts, such as those used by usleep() /
clock_nanosleep(), waiting for a tick value that will not be reached until
the 32-bit scheduler counter wraps.
Cast timebase to uint64_t before multiplying by USEC_PER_TICK so
current_usec() remains monotonic across the 32-bit microsecond boundary.
Signed-off-by: Max Kriegleder <[email protected]>
---
drivers/timers/arch_timer.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/timers/arch_timer.c b/drivers/timers/arch_timer.c
index 46d1144466e..be343dc154c 100644
--- a/drivers/timers/arch_timer.c
+++ b/drivers/timers/arch_timer.c
@@ -114,7 +114,8 @@ static uint64_t current_usec(void)
}
while (timebase != g_timer.timebase);
- return TICK2USEC(timebase) + (status.timeout - status.timeleft);
+ return TICK2USEC((uint64_t)timebase) +
+ (status.timeout - status.timeleft);
}
static void udelay_accurate(useconds_t microseconds)
