kernel: fix handling of very large timeouts

When a very large timeout, like INT64_MAX passed by
task_wdt_init(), is passed to z_add_timeout(), it
could become a very small negative number when
added to the timeout list. This would prevent any
new timeout from being added correctly.
Signed-off-by: Mike J. Chen <[email protected]>

Author: mjchen0

kernel/timeout.c

@@ -132,7 +132,21 @@ k_ticks_t z_add_timeout(struct _timeout *to, _timeout_func_t fn, k_timeout_t tim
 		}
 
 		for (t = first(); t != NULL; t = next(t)) {
-			if (t->dticks > to->dticks) {
+			/* if timeout.ticks was a large positive number,
+			 * like INT64_MAX, the adding of 1 and elapsed()
+			 * above will likely flip it to a very small negative
+			 * number. since our insertion comparison
+			 * is to insert new timeouts in ascending order,
+			 * that negative dticks on the list will never
+			 * get replaced and new timeouts never get scheduled.
+			 * we could limit the dticks to always be positive,
+			 * or we could do unsigned comparisons here, which
+			 * would give us more range.
+			 */
+			if ((IS_ENABLED(CONFIG_TIMEOUT_64BIT) &&
+			     ((uint64_t)t->dticks > (uint64_t)to->dticks)) ||
+			    (!IS_ENABLED(CONFIG_TIMEOUT_64BIT) &&
+			     ((uint32_t)t->dticks > (uint32_t)to->dticks))) {
 				t->dticks -= to->dticks;
 				sys_dlist_insert(&t->node, &to->node);
 				break;