[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH for-2.5] hw/timer/hpet.c: Avoid signed integer o
|
From: |
Peter Maydell |
|
Subject: |
Re: [Qemu-devel] [PATCH for-2.5] hw/timer/hpet.c: Avoid signed integer overflow which results in bugs on OSX |
|
Date: |
Tue, 10 Nov 2015 10:04:40 +0000 |
On 9 November 2015 at 20:17, Michael S. Tsirkin <address@hidden> wrote:
> On Mon, Nov 09, 2015 at 02:56:31PM +0000, Peter Maydell wrote:
>> Signed integer overflow in C is undefined behaviour, and the compiler
>> is at liberty to assume it can never happen and optimize accordingly.
>> In particular, the subtractions in hpet_time_after() and hpet_time_after64()
>> were causing OSX clang to optimize the code such that it was prone to
>> hangs and complaints about the main loop stalling (presumably because
>> we were spending all our time trying to service very high frequency
>> HPET timer callbacks). The clang sanitizer confirms the UB:
>>
>> hw/timer/hpet.c:119:26: runtime error: signed integer overflow: -2146967296
>> - 2147003978 cannot be represented in type 'int'
>>
>> Fix this by doing the subtraction as an unsigned operation and then
>> converting to signed for the comparison.
>>
>> Reported-by: Aaron Elkins <address@hidden>
>> Signed-off-by: Peter Maydell <address@hidden>
>
> Agree, this makes no sense the way it's written.
>
> Reviewed-by: Michael S. Tsirkin <address@hidden>
>
> I'll pick this up in the next pull if Paolo doesn't
> beat me to it.
I went ahead and committed it to master yesterday; sorry
if that was a bit hasty of me.
thanks
-- PMM