[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] linux-user: Don't assume 0 is not a valid host timer_t value
From: |
Daniel P . Berrangé |
Subject: |
Re: [PATCH] linux-user: Don't assume 0 is not a valid host timer_t value |
Date: |
Mon, 25 Jul 2022 12:13:24 +0100 |
User-agent: |
Mutt/2.2.6 (2022-06-05) |
On Mon, Jul 25, 2022 at 12:00:35PM +0100, Peter Maydell wrote:
> For handling guest POSIX timers, we currently use an array
> g_posix_timers[], whose entries are a host timer_t value, or 0 for
> "this slot is unused". When the guest calls the timer_create syscall
> we look through the array for a slot containing 0, and use that for
> the new timer.
>
> This scheme assumes that host timer_t values can never be zero. This
> is unfortunately not a valid assumption -- for some host libc
> versions, timer_t values are simply indexes starting at 0. When
> using this kind of host libc, the effect is that the first and second
> timers end up sharing a slot, and so when the guest tries to operate
> on the first timer it changes the second timer instead.
For sake of historical record, could you mention here which specific
libc impl / version highlights the problem.
>
> Rework the timer allocation code, so that:
> * the 'slot in use' indication uses a separate array from the
> host timer_t array
> * we grab the free slot atomically, to avoid races when multiple
> threads call timer_create simultaneously
> * releasing an allocated slot is abstracted out into a new
> free_host_timer_slot() function called in the correct places
>
> This fixes:
> * problems on hosts where timer_t 0 is valid
> * the FIXME in next_free_host_timer() about locking
> * bugs in the error paths in timer_create where we forgot to release
> the slot we grabbed, or forgot to free the host timer
>
> Reported-by: Jon Alduan <jon.alduan@gmail.com>
> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
> ---
> linux-user/syscall.c | 24 ++++++++++++++++--------
> 1 file changed, 16 insertions(+), 8 deletions(-)
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|