From: Igor Mammedov <imammedo@redhat.com>
To: qemu-devel@nongnu.org
Cc: mst@redhat.com, anisinha@redhat.com, pbonzini@redhat.com,
peter.maydell@linaro.org, shannon.zhaosl@gmail.com,
philmd@linaro.org, zhao1.liu@intel.com, rad@semihalf.com,
leif.lindholm@oss.qualcomm.com, qemu-arm@nongnu.org
Subject: [PATCH v2 21/21] sbsa_gwdt: limit compare_value to INT64_MAX
Date: Tue, 3 Mar 2026 10:25:32 +0100 [thread overview]
Message-ID: <20260303092532.2410177-22-imammedo@redhat.com> (raw)
In-Reply-To: <20260303092532.2410177-1-imammedo@redhat.com>
QEMU timer subsytem supports timeouts only upto INT64_MAX.
However WCV value geater than that will cause integer overflow
and timer will fire/expire immediately.
It looks like Windows tries to use SBSA watchdog when it's
exposed in GTDT ACPI table.
But instead of using WRR to refresh WCV with configured WOR,
it does direct load into WCV (probably as a means to
reschedule timer). While it's not against spec,
Windows does write following values:
sbsa_gwdt_control_write [0x8] <- 0xffffffff
sbsa_gwdt_control_write [0x0] <- 0x1
sbsa_gwdt_control_write [0x14] <- 0xffffffff
sbsa_gwdt_control_write [0x10] <- 0xa906ca28
sbsa_gwdt_control_write [0x14] <- 0xecb1
1st intermediate write into 0x14 (WCVU),
puts WCV into timer overflow range,
triggering TimeoutRefresh and WS0 and WS1 asseritons.
Clamp WCV to INT64_MAX to avoid timer API overflow.
It prevents unexpected Windows reboots by watchdog.
PS:
Arguably Windows SBSA GWDT driver is broken,
as it:
* sets WCV too far in the future so watchdog
would never trigger in practice,
* and typical watchdog flow for explict referesh
also broken due to:
1. small WOR value for explicit refresh (~4sec)
2. never triggering explicit refresh (WRR or other)
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
---
hw/watchdog/sbsa_gwdt.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/hw/watchdog/sbsa_gwdt.c b/hw/watchdog/sbsa_gwdt.c
index 7fec61b7b0..b1bce5008d 100644
--- a/hw/watchdog/sbsa_gwdt.c
+++ b/hw/watchdog/sbsa_gwdt.c
@@ -122,6 +122,8 @@ static void sbsa_gwdt_update_timer(SBSA_GWDTState *s, WdtRefreshType rtype)
}
timeout = (uint64_t)s->wcvu << 32 | s->wcvl;
+ /* clamp timeout to INT64_MAX to avoid timer overflow */
+ timeout &= INT64_MAX;
timer_mod(s->timer, timeout);
}
--
2.47.3
next prev parent reply other threads:[~2026-03-03 9:27 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-03 9:25 [PATCH v2 00/21] Introduce ACPI watchdog for Q35 and arm/virt boards Igor Mammedov
2026-03-03 9:25 ` [PATCH v2 01/21] acpi: add API to build WDAT instructions Igor Mammedov
2026-05-13 15:23 ` Zhao Liu
2026-03-03 9:25 ` [PATCH v2 02/21] x86: q35: add 'wdat' property Igor Mammedov
2026-05-13 14:58 ` Zhao Liu
2026-05-14 7:16 ` Ani Sinha
2026-03-03 9:25 ` [PATCH v2 03/21] x86: q35: generate WDAT ACPI table Igor Mammedov
2026-05-13 15:47 ` Zhao Liu
2026-05-13 15:28 ` Michael S. Tsirkin
2026-05-14 14:32 ` Igor Mammedov
2026-03-03 9:25 ` [PATCH v2 04/21] tests: acpi: x86/q35: whitelist new WDAT table Igor Mammedov
2026-05-13 15:48 ` Zhao Liu
2026-03-03 9:25 ` [PATCH v2 05/21] tests: acpi: x86/q35: add WDAT table test case Igor Mammedov
2026-05-13 15:49 ` Zhao Liu
2026-03-03 9:25 ` [PATCH v2 06/21] tests: acpi: x86/q35: update expected WDAT blob Igor Mammedov
2026-05-13 15:48 ` Zhao Liu
2026-03-03 9:25 ` [PATCH v2 07/21] arm: sbsa_gwdt: fixup default "clock-frequency" Igor Mammedov
2026-03-03 9:25 ` [PATCH v2 08/21] arm: add tracing events to sbsa_gwdt Igor Mammedov
2026-03-03 9:25 ` [PATCH v2 09/21] arm: virt: create sbsa_gwdt watchdog Igor Mammedov
2026-03-03 9:25 ` [PATCH v2 10/21] arm: sbsa_gwdt: add 'wdat' option Igor Mammedov
2026-03-03 9:25 ` [PATCH v2 11/21] arm: virt: add support for WDAT based watchdog Igor Mammedov
2026-03-03 9:25 ` [PATCH v2 12/21] tests: acpi: arm/virt: whitelist new WDAT table Igor Mammedov
2026-03-03 9:25 ` [PATCH v2 13/21] tests: acpi: arm/virt: add WDAT table test case Igor Mammedov
2026-03-03 9:25 ` [PATCH v2 14/21] tests: acpi: arm/virt: update expected WDAT blob Igor Mammedov
2026-03-03 9:25 ` [PATCH v2 15/21] tests: acpi: arm/virt: whitelist GTDT table Igor Mammedov
2026-03-03 9:25 ` [PATCH v2 16/21] tests: acpi: arm/virt: add GTDT watchdog table test case Igor Mammedov
2026-03-03 9:25 ` [PATCH v2 17/21] tests: acpi: arm/virt: update expected GTDT blob Igor Mammedov
2026-03-03 9:25 ` [PATCH v2 18/21] sbsa_gwdt: reduce code ident Igor Mammedov
2026-03-03 9:25 ` [PATCH v2 19/21] sbsa_gwdt: move all foo_REFRESH logic under REFRESH condition Igor Mammedov
2026-03-03 9:25 ` [PATCH v2 20/21] sbsa_gwdt: reschedule timer on direct WCV load Igor Mammedov
2026-03-03 9:25 ` Igor Mammedov [this message]
2026-04-28 14:12 ` [PATCH v2 00/21] Introduce ACPI watchdog for Q35 and arm/virt boards Igor Mammedov
2026-05-12 13:30 ` Igor Mammedov
2026-05-12 14:45 ` Ani Sinha
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260303092532.2410177-22-imammedo@redhat.com \
--to=imammedo@redhat.com \
--cc=anisinha@redhat.com \
--cc=leif.lindholm@oss.qualcomm.com \
--cc=mst@redhat.com \
--cc=pbonzini@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=philmd@linaro.org \
--cc=qemu-arm@nongnu.org \
--cc=qemu-devel@nongnu.org \
--cc=rad@semihalf.com \
--cc=shannon.zhaosl@gmail.com \
--cc=zhao1.liu@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.