Prevent overflow in std timer driver

This prevents the std time driver from overflowing when setting the next wakeup time. If an overflow occurs, default to sleeping up to 1 second. Fixes #438
author: Ulf Lilleengen <[email protected]> 2021-10-20 09:05:44 +0200
committer: Ulf Lilleengen <[email protected]> 2021-10-20 14:36:16 +0200
commit: 6c9420978b4e7a0b83d124b0e54255df4a64a9f3 (patch)
tree: e5d6a91b56105a7ffae6d32a58c05157c99b765b
parent: acce0f1d2589033ca3b2a712e6641d62ccfa1741 (diff)
1 files changed, 6 insertions, 2 deletions
diff --git a/embassy/src/time/driver_std.rs b/embassy/src/time/driver_std.rs
index 29911c4d2..c67884465 100644
--- a/embassy/src/time/driver_std.rs
+++ b/embassy/src/time/driver_std.rs
@@ -5,6 +5,7 @@ use std::mem::MaybeUninit;
 use std::sync::{Condvar, Mutex, Once};
 use std::time::Duration as StdDuration;
 use std::time::Instant as StdInstant;
+use std::time::SystemTime;
 use std::{ptr, thread};
 use crate::time::driver::{AlarmHandle, Driver};
@@ -63,6 +64,7 @@ impl TimeDriver {
    }
    fn alarm_thread() {
+        let zero = unsafe { DRIVER.zero_instant.read() };
        loop {
            let now = DRIVER.now();
@@ -86,8 +88,10 @@ impl TimeDriver {
                }
            }
-            let until =
+            // Ensure we don't overflow
-                unsafe { DRIVER.zero_instant.read() } + StdDuration::from_micros(next_alarm);
+            let until = zero
+                .checked_add(StdDuration::from_micros(next_alarm))
+                .unwrap_or(zero + StdDuration::from_secs(1));
            unsafe { DRIVER.signaler.as_ref() }.wait_until(until);
        }
author	Ulf Lilleengen <[email protected]>	2021-10-20 09:05:44 +0200
committer	Ulf Lilleengen <[email protected]>	2021-10-20 14:36:16 +0200
commit	6c9420978b4e7a0b83d124b0e54255df4a64a9f3 (patch)
tree	e5d6a91b56105a7ffae6d32a58c05157c99b765b
parent	acce0f1d2589033ca3b2a712e6641d62ccfa1741 (diff)