From patchwork Tue Nov 25 18:21:45 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 41505 Return-Path: X-Original-To: linaro@patches.linaro.org Delivered-To: linaro@patches.linaro.org Received: from mail-lb0-f200.google.com (mail-lb0-f200.google.com [209.85.217.200]) by ip-10-151-82-157.ec2.internal (Postfix) with ESMTPS id 063EF25E88 for ; Tue, 25 Nov 2014 18:21:51 +0000 (UTC) Received: by mail-lb0-f200.google.com with SMTP id f15sf801024lbj.3 for ; Tue, 25 Nov 2014 10:21:49 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:delivered-to:from:to:cc:subject :date:message-id:x-original-sender:x-original-authentication-results :precedence:mailing-list:list-id:list-post:list-help:list-archive :list-unsubscribe; bh=LPc2Zg8orVhdGVJCYUAm8Z+5PHgRFwBLYQPbgbwmTBs=; b=DxS7+spBPfKtgmgIDBFQPB3nyucfzdSC972DrIUEbSBcrKqmv7cV2K3UA3pk2dZhYk B7zcXl8Ds0mymuxQ50Pm2GV85ykizVIgKfQESMF4HQx2ytak1nRB+f0zjR41b6ww4Gee jLC3FP2WT+hHyRPNJiKZWtPH1LzvjhZjU5o7cztucI6Dce9g7yJwlaaOYfnIFPmJgSyH v9vtk7AtdVKO5uFl08djLDEdcO3U4s5j0MDMo+/o6lw4vVj8/EA/8GpuM4kg4fe8F1E7 pEfoyZEpSuv60E8Yw+L05lohZ5/DN7jlj7DxUtvz8ZAf3f8ljI0S+BX1r4v6gCEF+C4S E4nQ== X-Gm-Message-State: ALoCoQk2Im6HUNlQjK1GRXiW0C/36XLWqvzCErb/OSijy1378HORgpg8Kl9oesU4g6IDLUX1RoDy X-Received: by 10.152.29.226 with SMTP id n2mr731504lah.9.1416939709932; Tue, 25 Nov 2014 10:21:49 -0800 (PST) MIME-Version: 1.0 X-BeenThere: patchwork-forward@linaro.org Received: by 10.152.5.134 with SMTP id s6ls523588las.27.gmail; Tue, 25 Nov 2014 10:21:49 -0800 (PST) X-Received: by 10.152.43.103 with SMTP id v7mr5923906lal.29.1416939709611; Tue, 25 Nov 2014 10:21:49 -0800 (PST) Received: from mail-lb0-f181.google.com (mail-lb0-f181.google.com. [209.85.217.181]) by mx.google.com with ESMTPS id xs7si2154415lbb.34.2014.11.25.10.21.49 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 25 Nov 2014 10:21:49 -0800 (PST) Received-SPF: pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.217.181 as permitted sender) client-ip=209.85.217.181; Received: by mail-lb0-f181.google.com with SMTP id 10so1032445lbg.40 for ; Tue, 25 Nov 2014 10:21:49 -0800 (PST) X-Received: by 10.112.189.10 with SMTP id ge10mr28987039lbc.23.1416939709505; Tue, 25 Nov 2014 10:21:49 -0800 (PST) X-Forwarded-To: patchwork-forward@linaro.org X-Forwarded-For: patch@linaro.org patchwork-forward@linaro.org Delivered-To: patches@linaro.org Received: by 10.112.184.201 with SMTP id ew9csp486798lbc; Tue, 25 Nov 2014 10:21:49 -0800 (PST) X-Received: by 10.180.81.7 with SMTP id v7mr33436681wix.74.1416939707624; Tue, 25 Nov 2014 10:21:47 -0800 (PST) Received: from mnementh.archaic.org.uk (mnementh.archaic.org.uk. [2001:8b0:1d0::1]) by mx.google.com with ESMTPS id fe1si4265050wib.85.2014.11.25.10.21.46 for (version=TLSv1.2 cipher=RC4-SHA bits=128/128); Tue, 25 Nov 2014 10:21:47 -0800 (PST) Received-SPF: none (google.com: pm215@archaic.org.uk does not designate permitted sender hosts) client-ip=2001:8b0:1d0::1; Received: from pm215 by mnementh.archaic.org.uk with local (Exim 4.80) (envelope-from ) id 1XtKkD-0000Kz-4I; Tue, 25 Nov 2014 18:21:45 +0000 From: Peter Maydell To: qemu-devel@nongnu.org Cc: patches@linaro.org, Christoffer Dall , Anthony Liguori , Paolo Bonzini Subject: [PATCH for-2.2] qemu-timer: Avoid overflows when converting timeout to struct timespec Date: Tue, 25 Nov 2014 18:21:45 +0000 Message-Id: <1416939705-1272-1-git-send-email-peter.maydell@linaro.org> X-Mailer: git-send-email 1.7.10.4 X-Removed-Original-Auth: Dkim didn't pass. X-Original-Sender: peter.maydell@linaro.org X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.217.181 as permitted sender) smtp.mail=patch+caf_=patchwork-forward=linaro.org@linaro.org Precedence: list Mailing-list: list patchwork-forward@linaro.org; contact patchwork-forward+owners@linaro.org List-ID: X-Google-Group-Id: 836684582541 List-Post: , List-Help: , List-Archive: List-Unsubscribe: , In qemu_poll_ns(), when we convert an int64_t nanosecond timeout into a struct timespec, we may accidentally run into overflow problems if the timeout is very long. This happens because the tv_sec field is a time_t, which is signed, so we might end up setting it to a negative value by mistake. This will result in what was intended to be a near-infinite timeout turning into an instantaneous timeout, and we'll busy loop. Cap the maximum timeout at INT32_MAX seconds (about 68 years) to avoid this problem. This specifically manifested on ARM hosts as an extreme slowdown on guest shutdown (when the guest reprogrammed the PL031 RTC to not generate alarms using a very long timeout) but could happen on other hosts and guests too. Reported-by: Christoffer Dall Signed-off-by: Peter Maydell --- It's not quite clear why this only causes problems in some KVM configurations -- presumably in the others we complete the guest shutdown reasonably quickly without the busy-waiting QEMU thread interfering, but in some setups, notably on TC2 host, we go into an extreme slowdown printing out the final bits of the guest shutdown to its serial port. Given that (and given that I think this is fairly safe) I'd like to get this into 2.2 if possible... qemu-timer.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/qemu-timer.c b/qemu-timer.c index 00a5d35..c77de64 100644 --- a/qemu-timer.c +++ b/qemu-timer.c @@ -314,7 +314,14 @@ int qemu_poll_ns(GPollFD *fds, guint nfds, int64_t timeout) return ppoll((struct pollfd *)fds, nfds, NULL, NULL); } else { struct timespec ts; - ts.tv_sec = timeout / 1000000000LL; + int64_t tvsec = timeout / 1000000000LL; + /* Avoid possibly overflowing and specifying a negative number of + * seconds, which would turn a very long timeout into a busy-wait. + */ + if (tvsec > (int64_t)INT32_MAX) { + tvsec = INT32_MAX; + } + ts.tv_sec = tvsec; ts.tv_nsec = timeout % 1000000000LL; return ppoll((struct pollfd *)fds, nfds, &ts, NULL); }