[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH for-2.5] hw/timer/hpet.c: Avoid signed integer o
|
From: |
Michael S. Tsirkin |
|
Subject: |
Re: [Qemu-devel] [PATCH for-2.5] hw/timer/hpet.c: Avoid signed integer overflow which results in bugs on OSX |
|
Date: |
Tue, 10 Nov 2015 13:57:55 +0200 |
On Tue, Nov 10, 2015 at 10:04:40AM +0000, Peter Maydell wrote:
> On 9 November 2015 at 20:17, Michael S. Tsirkin <address@hidden> wrote:
> > On Mon, Nov 09, 2015 at 02:56:31PM +0000, Peter Maydell wrote:
> >> Signed integer overflow in C is undefined behaviour, and the compiler
> >> is at liberty to assume it can never happen and optimize accordingly.
> >> In particular, the subtractions in hpet_time_after() and
> >> hpet_time_after64()
> >> were causing OSX clang to optimize the code such that it was prone to
> >> hangs and complaints about the main loop stalling (presumably because
> >> we were spending all our time trying to service very high frequency
> >> HPET timer callbacks). The clang sanitizer confirms the UB:
> >>
> >> hw/timer/hpet.c:119:26: runtime error: signed integer overflow:
> >> -2146967296 - 2147003978 cannot be represented in type 'int'
> >>
> >> Fix this by doing the subtraction as an unsigned operation and then
> >> converting to signed for the comparison.
> >>
> >> Reported-by: Aaron Elkins <address@hidden>
> >> Signed-off-by: Peter Maydell <address@hidden>
> >
> > Agree, this makes no sense the way it's written.
> >
> > Reviewed-by: Michael S. Tsirkin <address@hidden>
> >
> > I'll pick this up in the next pull if Paolo doesn't
> > beat me to it.
>
> I went ahead and committed it to master yesterday; sorry
> if that was a bit hasty of me.
That's fine too.
> thanks
> -- PMM