qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH for-2.2] qemu-timer: Avoid overflows when conver


From: Christoffer Dall
Subject: Re: [Qemu-devel] [PATCH for-2.2] qemu-timer: Avoid overflows when converting timeout to struct timespec
Date: Tue, 25 Nov 2014 21:29:49 +0100
User-agent: Mutt/1.5.21 (2010-09-15)

On Tue, Nov 25, 2014 at 06:21:45PM +0000, Peter Maydell wrote:
> In qemu_poll_ns(), when we convert an int64_t nanosecond timeout into
> a struct timespec, we may accidentally run into overflow problems if
> the timeout is very long. This happens because the tv_sec field is a
> time_t, which is signed, so we might end up setting it to a negative
> value by mistake. This will result in what was intended to be a
> near-infinite timeout turning into an instantaneous timeout, and we'll
> busy loop. Cap the maximum timeout at INT32_MAX seconds (about 68 years)
> to avoid this problem.
> 
> This specifically manifested on ARM hosts as an extreme slowdown on
> guest shutdown (when the guest reprogrammed the PL031 RTC to not
> generate alarms using a very long timeout) but could happen on other
> hosts and guests too.
> 
> Reported-by: Christoffer Dall <address@hidden>
> Signed-off-by: Peter Maydell <address@hidden>
> ---
> It's not quite clear why this only causes problems in some KVM
> configurations -- presumably in the others we complete the guest
> shutdown reasonably quickly without the busy-waiting QEMU thread
> interfering, but in some setups, notably on TC2 host, we go into
> an extreme slowdown printing out the final bits of the guest shutdown
> to its serial port. Given that (and given that I think this is fairly
> safe) I'd like to get this into 2.2 if possible...
> 
It's visibly a cleaner shutdown on my cubieboard2 (ubuntu kernel config)
than without this patch.

I've been running a VM on TC2 in a loop with shutdown for a couple of
hours and it just works now, so this patch definitely solves the issue
I was seeing.

I'm wondering if the timespec struct field is an unsigned long and
that's why we werent' seeing the overflow on arm64?

In any case, huge thanks for chasing this down.

-Christoffer



reply via email to

[Prev in Thread] Current Thread [Next in Thread]