From: Jon Alduan <jon.alduan@gmail.com>
To: Laurent Vivier <laurent@vivier.eu>
Cc: qemu-devel@nongnu.org, Peter Maydell <peter.maydell@linaro.org>
Subject: Re: [PULL 26/38] linux-user: Don't assume 0 is not a valid host timer_t value
Date: Wed, 28 Sep 2022 10:23:12 +0200 [thread overview]
Message-ID: <CAL7npF_74nKB+quM7QsWWi9s=S4cFA_dKQLGqryKuCf=3vgf4A@mail.gmail.com> (raw)
In-Reply-To: <20220928081517.734954-27-laurent@vivier.eu>
[-- Attachment #1: Type: text/plain, Size: 4551 bytes --]
Hello Laurent, hello Peter,
I see the Maximum number of active timers ist still 32. I hope it is not
too late, but for my application this is not enough. Could this define be
bigger i.e. 32*4?
Thanks for your support! I really appreciate it!
Jon
Laurent Vivier <laurent@vivier.eu> igorleak hau idatzi zuen (2022 ira. 28,
az. 10:15):
> From: Peter Maydell <peter.maydell@linaro.org>
>
> For handling guest POSIX timers, we currently use an array
> g_posix_timers[], whose entries are a host timer_t value, or 0 for
> "this slot is unused". When the guest calls the timer_create syscall
> we look through the array for a slot containing 0, and use that for
> the new timer.
>
> This scheme assumes that host timer_t values can never be zero. This
> is unfortunately not a valid assumption -- for some host libc
> versions, timer_t values are simply indexes starting at 0. When
> using this kind of host libc, the effect is that the first and second
> timers end up sharing a slot, and so when the guest tries to operate
> on the first timer it changes the second timer instead.
>
> Rework the timer allocation code, so that:
> * the 'slot in use' indication uses a separate array from the
> host timer_t array
> * we grab the free slot atomically, to avoid races when multiple
> threads call timer_create simultaneously
> * releasing an allocated slot is abstracted out into a new
> free_host_timer_slot() function called in the correct places
>
> This fixes:
> * problems on hosts where timer_t 0 is valid
> * the FIXME in next_free_host_timer() about locking
> * bugs in the error paths in timer_create where we forgot to release
> the slot we grabbed, or forgot to free the host timer
>
> Reported-by: Jon Alduan <jon.alduan@gmail.com>
> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
> Message-Id: <20220725110035.1273441-1-peter.maydell@linaro.org>
> Signed-off-by: Laurent Vivier <laurent@vivier.eu>
> ---
> linux-user/syscall.c | 24 ++++++++++++++++--------
> 1 file changed, 16 insertions(+), 8 deletions(-)
>
> diff --git a/linux-user/syscall.c b/linux-user/syscall.c
> index 54b29f3b406a..e0e0f058121f 100644
> --- a/linux-user/syscall.c
> +++ b/linux-user/syscall.c
> @@ -525,20 +525,25 @@ _syscall4(int, sys_prlimit64, pid_t, pid, int,
> resource,
>
> #if defined(TARGET_NR_timer_create)
> /* Maximum of 32 active POSIX timers allowed at any one time. */
> -static timer_t g_posix_timers[32] = { 0, } ;
> +#define GUEST_TIMER_MAX 32
> +static timer_t g_posix_timers[GUEST_TIMER_MAX];
> +static int g_posix_timer_allocated[GUEST_TIMER_MAX];
>
> static inline int next_free_host_timer(void)
> {
> - int k ;
> - /* FIXME: Does finding the next free slot require a lock? */
> - for (k = 0; k < ARRAY_SIZE(g_posix_timers); k++) {
> - if (g_posix_timers[k] == 0) {
> - g_posix_timers[k] = (timer_t) 1;
> + int k;
> + for (k = 0; k < ARRAY_SIZE(g_posix_timer_allocated); k++) {
> + if (qatomic_xchg(g_posix_timer_allocated + k, 1) == 0) {
> return k;
> }
> }
> return -1;
> }
> +
> +static inline void free_host_timer_slot(int id)
> +{
> + qatomic_store_release(g_posix_timer_allocated + id, 0);
> +}
> #endif
>
> static inline int host_to_target_errno(int host_errno)
> @@ -12896,15 +12901,18 @@ static abi_long do_syscall1(CPUArchState
> *cpu_env, int num, abi_long arg1,
> phost_sevp = &host_sevp;
> ret = target_to_host_sigevent(phost_sevp, arg2);
> if (ret != 0) {
> + free_host_timer_slot(timer_index);
> return ret;
> }
> }
>
> ret = get_errno(timer_create(clkid, phost_sevp, phtimer));
> if (ret) {
> - phtimer = NULL;
> + free_host_timer_slot(timer_index);
> } else {
> if (put_user(TIMER_MAGIC | timer_index, arg3,
> target_timer_t)) {
> + timer_delete(*phtimer);
> + free_host_timer_slot(timer_index);
> return -TARGET_EFAULT;
> }
> }
> @@ -13040,7 +13048,7 @@ static abi_long do_syscall1(CPUArchState *cpu_env,
> int num, abi_long arg1,
> } else {
> timer_t htimer = g_posix_timers[timerid];
> ret = get_errno(timer_delete(htimer));
> - g_posix_timers[timerid] = 0;
> + free_host_timer_slot(timerid);
> }
> return ret;
> }
> --
> 2.37.3
>
>
[-- Attachment #2: Type: text/html, Size: 6003 bytes --]
next prev parent reply other threads:[~2022-09-28 11:40 UTC|newest]
Thread overview: 43+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-09-28 8:14 [PULL 00/38] Linux user for 7.2 patches Laurent Vivier
2022-09-28 8:14 ` [PULL 01/38] linux-user: use 'max' instead of 'qemu32' / 'qemu64' by default Laurent Vivier
2022-09-28 8:14 ` [PULL 02/38] linux-user: fix readlinkat handling with magic exe symlink Laurent Vivier
2022-09-28 8:14 ` [PULL 03/38] linux-user: Add missing signals in strace output Laurent Vivier
2022-09-28 8:14 ` [PULL 04/38] linux-user: Add missing clock_gettime64() syscall strace Laurent Vivier
2022-09-28 8:14 ` [PULL 05/38] linux-user: Add pidfd_open(), pidfd_send_signal() and pidfd_getfd() syscalls Laurent Vivier
2022-09-28 8:14 ` [PULL 06/38] linux-user: Log failing executable in EXCP_DUMP() Laurent Vivier
2022-09-28 8:14 ` [PULL 07/38] linux-user/hppa: Use EXCP_DUMP() to show enhanced debug info Laurent Vivier
2022-09-28 8:14 ` [PULL 08/38] linux-user/hppa: Dump IIR on register dump Laurent Vivier
2022-09-28 8:14 ` [PULL 09/38] linux-user: Fix strace of chmod() if mode == 0 Laurent Vivier
2022-09-28 8:14 ` [PULL 10/38] linux-user/hppa: Set TASK_UNMAPPED_BASE to 0xfa000000 for hppa arch Laurent Vivier
2022-09-28 8:14 ` [PULL 11/38] linux-user: Add strace for clock_nanosleep() Laurent Vivier
2022-09-28 8:14 ` [PULL 12/38] linux-user: Show timespec on strace for futex() Laurent Vivier
2022-09-28 8:14 ` [PULL 13/38] linux-user: Provide MADV_* definitions Laurent Vivier
2022-09-28 8:14 ` [PULL 14/38] linux-user: Fix madvise(MADV_DONTNEED) on alpha Laurent Vivier
2022-09-28 8:14 ` [PULL 15/38] linux-user: Implement stracing madvise() Laurent Vivier
2022-09-28 8:14 ` [PULL 16/38] linux-user: Passthrough MADV_DONTNEED for certain file mappings Laurent Vivier
2022-09-28 8:14 ` [PULL 17/38] tests/tcg/linux-test: Add linux-madvise test Laurent Vivier
2022-09-28 8:14 ` [PULL 18/38] linux-user: Fix TARGET_PROT_SEM for XTENSA Laurent Vivier
2022-09-28 8:14 ` [PULL 19/38] linux-user: Add proper strace format strings for getdents()/getdents64() Laurent Vivier
2022-09-28 8:14 ` [PULL 20/38] linux-user/hppa: Add signal trampoline for hppa target Laurent Vivier
2022-09-28 8:15 ` [PULL 21/38] linux-user/hppa: Drop stack guard page on " Laurent Vivier
2022-09-28 8:15 ` [PULL 22/38] linux-user/hppa: Increase guest stack size to 80MB for " Laurent Vivier
2022-09-28 8:15 ` [PULL 23/38] linux-user/hppa: Allow PROT_GROWSUP and PROT_GROWSDOWN in mprotect() Laurent Vivier
2022-09-28 8:15 ` [PULL 24/38] linux-user/hppa: Fix setup_sigcontext() Laurent Vivier
2022-09-28 8:15 ` [PULL 25/38] linux-user: fix bug about missing signum convert of sigqueue Laurent Vivier
2022-09-28 8:15 ` [PULL 26/38] linux-user: Don't assume 0 is not a valid host timer_t value Laurent Vivier
2022-09-28 8:23 ` Jon Alduan [this message]
2022-09-28 12:13 ` Peter Maydell
2022-09-28 8:15 ` [PULL 27/38] linux-user/s390x: Save/restore fpc when handling a signal Laurent Vivier
2022-09-28 8:15 ` [PULL 28/38] linux-user: Introduce stubs for ELF AT_BASE_PLATFORM Laurent Vivier
2022-09-28 8:15 ` [PULL 29/38] linux-user: Set ELF_BASE_PLATFORM for MIPS Laurent Vivier
2022-09-28 8:15 ` [PULL 30/38] linux-user: Combine do_futex and do_futex_time64 Laurent Vivier
2022-09-28 8:15 ` [PULL 31/38] linux-user: Sink call to do_safe_futex Laurent Vivier
2022-09-28 8:15 ` [PULL 32/38] linux-user: Implement FUTEX_WAKE_BITSET Laurent Vivier
2022-09-28 8:15 ` [PULL 33/38] linux-user: Convert signal number for FUTEX_FD Laurent Vivier
2022-09-28 8:15 ` [PULL 34/38] linux-user: Implement PI futexes Laurent Vivier
2022-09-28 8:15 ` [PULL 35/38] linux-user: Update print_futex_op Laurent Vivier
2022-09-28 8:15 ` [PULL 36/38] linux-user: Lock log around strace Laurent Vivier
2022-09-28 8:15 ` [PULL 37/38] linux-user: Log tid for strace Laurent Vivier
2022-09-28 8:15 ` [PULL 38/38] linux-user: Add parameters of getrandom() syscall " Laurent Vivier
2022-09-28 20:04 ` [PULL 00/38] Linux user for 7.2 patches Stefan Hajnoczi
2022-09-28 20:23 ` Laurent Vivier
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAL7npF_74nKB+quM7QsWWi9s=S4cFA_dKQLGqryKuCf=3vgf4A@mail.gmail.com' \
--to=jon.alduan@gmail.com \
--cc=laurent@vivier.eu \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).