During the review of PR #59, potential wrap-around issues were identified in kernel/timer.c.
The current implementation uses direct comparison for timer deadlines:
void _timer_tick_handler(void)
{
// omitted
if (now >= t->deadline_ticks) {
expired_timers[expired_count++] = t;
kcb->timer_list->head->next = node->next;
kcb->timer_list->length--;
return_timer_node(node);
// omitted
}And for Sorting timers:
/* Sorted insert with early termination for common cases */
static int32_t timer_sorted_insert(timer_t *timer)
{
// omitted
/* Find insertion point */
while (prev->next != kcb->timer_list->tail) {
timer_t *current_timer = (timer_t *) prev->next->data;
if (timer->deadline_ticks < current_timer->deadline_ticks)
break;
prev = prev->next;
}
// omitted
}When the system tick counter (mo_ticks()) wraps around:
- A timer set for a future time (small value after wrap) might be interpreted as expired immediately if compared against a large now value before the wrap.
- A timer set for a distant future (large value) might be ignored if now has wrapped to a small value.
- The
timer_sorted_insert logic will incorrectly order timers that span across the wrap-around point.
During the review of PR #59, potential wrap-around issues were identified in
kernel/timer.c.The current implementation uses direct comparison for timer deadlines:
And for Sorting timers:
When the system tick counter (
mo_ticks()) wraps around:timer_sorted_insertlogic will incorrectly order timers that span across the wrap-around point.