On 25/11/2014 19:21, Peter Maydell wrote:
> In qemu_poll_ns(), when we convert an int64_t nanosecond timeout into
> a struct timespec, we may accidentally run into overflow problems if
> the timeout is very long. This happens because the tv_sec field is a
> time_t, which is signed, so we might end up setting it to a negative
> value by mistake. This will result in what was intended to be a
> near-infinite timeout turning into an instantaneous timeout, and we'll
> busy loop. Cap the maximum timeout at INT32_MAX seconds (about 68 years)
> to avoid this problem.
> 
> This specifically manifested on ARM hosts as an extreme slowdown on
> guest shutdown (when the guest reprogrammed the PL031 RTC to not
> generate alarms using a very long timeout) but could happen on other
> hosts and guests too.
> 
> Reported-by: Christoffer Dall <christoffer.d...@linaro.org>
> Signed-off-by: Peter Maydell <peter.mayd...@linaro.org>
> ---
> It's not quite clear why this only causes problems in some KVM
> configurations -- presumably in the others we complete the guest
> shutdown reasonably quickly without the busy-waiting QEMU thread
> interfering, but in some setups, notably on TC2 host, we go into
> an extreme slowdown printing out the final bits of the guest shutdown
> to its serial port. Given that (and given that I think this is fairly
> safe) I'd like to get this into 2.2 if possible...

Yes, this is safe.  I also have two small patches that I'll send a pull
request for tomorrow.

Paolo


Reply via email to