[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] Ping²: [PATCH v2] timers: limit heap size

  • To: JulienGrall <julien.grall@xxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Ian Jackson <ian.jackson@xxxxxxxxxx>, "George Dunlap" <George.Dunlap@xxxxxxxxxxxxx>, StefanoStabellini <sstabellini@xxxxxxxxxx>, Konrad Wilk <konrad.wilk@xxxxxxxxxx>, Tim Deegan <tim@xxxxxxx>, Wei Liu <wl@xxxxxxx>
  • From: Jan Beulich <JBeulich@xxxxxxxx>
  • Date: Mon, 15 Jul 2019 08:32:55 +0000
  • Accept-language: en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1;spf=pass smtp.mailfrom=suse.com;dmarc=pass action=none header.from=suse.com;dkim=pass header.d=suse.com;arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ZRiRiwtMFSMFNasbCZjEFDpG14IsIYSHgeRffXU+Plc=; b=UPdYX5ZaVDmAiMcbKkrr8TtfcT25C6BWDJzBJbdhTh3p78JRRb8xVL9KvvH8i1M5wzrfcBo4heLasYw2LDHSAPfstbXCExWj002/7NcBUUv4nAkXtUdfN8R0j5d2bC+nNOZ+sOybwxfe06wq2MeWrqt4/4GKDRoNNEfIr9pvt3NuRZNgxLNwsDe0BXPNcHFdhwQUWdMJ3YZ3B2OGrg20XfgmAPcmXUkm/G56CBvPSDVYG9WTLdN7TCRh4Nd2Tnoh2nKoYY5W7aJobSnLsHVWopwgj0ySyPP+Iqf/Z/6oXwTAiPVBhygn44IfyUtOVxkD4fiv4144lbu52BWPzK73MA==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Cvc/2FZ1UTB3zdnaUBSYKsWrESxZNr29fx5h/hoYFkgrm0dlg0uLwGsEpHvV287h5QEy6Z6RwcNhxSozAHXJnek4QWxlmygKn5PUwt25Gnm/vYy9IFG+1emwzf5FxuHabBB3xUg4Lxb/ZFpoImrh2rl7Vg4w6U9cyEkh6WJ3KwJDSgPV220Ln9Wl2zDov/jYgz9t47cfcKjP4cb746Hh/A0xu1Am/o0ZdrUFU2NAXhxn5qTtSAqLFjidavQzNs8GDZeyd2Ckm96S8LaFOj2WZwnt6RIMQGzIEr2jlx6c+gggv6DBzoFliBVVeC6PcePJA4mvyde5Pv4Awgu1aUtBfw==
  • Authentication-results: spf=none (sender IP is ) smtp.mailfrom=JBeulich@xxxxxxxx;
  • Cc: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Mon, 15 Jul 2019 08:49:54 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Thread-index: AQHVOufm+Uxu9Bu39061UMrLHYBS6g==
  • Thread-topic: Ping²: [PATCH v2] timers: limit heap size
On 05.07.2019 18:06, Jan Beulich wrote:
>>>> On 05.06.19 at 08:51,  wrote:
>> First and foremost make timer_softirq_action() avoid growing the heap
>> if its new size can't be stored without truncation. 64k entries is a
>> lot, and I don't think we're at risk of actually running into the issue,
>> but I also think it's better not to allow for hard to debug problems to
>> occur in the first place.
>>
>> Furthermore also adjust the code such the size/limit fields becoming
>> unsigned int would at least work from a mere sizing point of view. For
>> this also switch various uses of plain int to unsigned int.
>>
>> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
>> ---
>> v2: Log (once) when heap limit would have been exceeded.
>>
>> --- a/xen/common/timer.c
>> +++ b/xen/common/timer.c
>> @@ -63,9 +63,9 @@ static struct heap_metadata *heap_metada
>>   }
>>   
>>   /* Sink down element @pos of @heap. */
>> -static void down_heap(struct timer **heap, int pos)
>> +static void down_heap(struct timer **heap, unsigned int pos)
>>   {
>> -    int sz = heap_metadata(heap)->size, nxt;
>> +    unsigned int sz = heap_metadata(heap)->size, nxt;
>>       struct timer *t = heap[pos];
>>   
>>       while ( (nxt = (pos << 1)) <= sz )
>> @@ -84,7 +84,7 @@ static void down_heap(struct timer **hea
>>   }
>>   
>>   /* Float element @pos up @heap. */
>> -static void up_heap(struct timer **heap, int pos)
>> +static void up_heap(struct timer **heap, unsigned int pos)
>>   {
>>       struct timer *t = heap[pos];
>>   
>> @@ -103,8 +103,8 @@ static void up_heap(struct timer **heap,
>>   /* Delete @t from @heap. Return TRUE if new top of heap. */
>>   static int remove_from_heap(struct timer **heap, struct timer *t)
>>   {
>> -    int sz = heap_metadata(heap)->size;
>> -    int pos = t->heap_offset;
>> +    unsigned int sz = heap_metadata(heap)->size;
>> +    unsigned int pos = t->heap_offset;
>>   
>>       if ( unlikely(pos == sz) )
>>       {
>> @@ -130,7 +130,7 @@ static int remove_from_heap(struct timer
>>   /* Add new entry @t to @heap. Return TRUE if new top of heap. */
>>   static int add_to_heap(struct timer **heap, struct timer *t)
>>   {
>> -    int sz = heap_metadata(heap)->size;
>> +    unsigned int sz = heap_metadata(heap)->size;
>>   
>>       /* Fail if the heap is full. */
>>       if ( unlikely(sz == heap_metadata(heap)->limit) )
>> @@ -463,9 +463,17 @@ static void timer_softirq_action(void)
>>       if ( unlikely(ts->list != NULL) )
>>       {
>>           /* old_limit == (2^n)-1; new_limit == (2^(n+4))-1 */
>> -        int old_limit = heap_metadata(heap)->limit;
>> -        int new_limit = ((old_limit + 1) << 4) - 1;
>> -        struct timer **newheap = xmalloc_array(struct timer *, new_limit +
>> 1);
>> +        unsigned int old_limit = heap_metadata(heap)->limit;
>> +        unsigned int new_limit = ((old_limit + 1) << 4) - 1;
>> +        struct timer **newheap = NULL;
>> +
>> +        /* Don't grow the heap beyond what is representable in its
>> metadata. */
>> +        if ( new_limit == (typeof(heap_metadata(heap)->limit))new_limit &&
>> +             new_limit + 1 )
>> +            newheap = xmalloc_array(struct timer *, new_limit + 1);
>> +        else
>> +            printk_once(XENLOG_WARNING "CPU%u: timer heap limit reached\n",
>> +                        smp_processor_id());
>>           if ( newheap != NULL )
>>           {
>>               spin_lock_irq(&ts->lock);
>> @@ -544,7 +549,7 @@ static void dump_timerq(unsigned char ke
>>       struct timers *ts;
>>       unsigned long  flags;
>>       s_time_t       now = NOW();
>> -    int            i, j;
>> +    unsigned int   i, j;
>>   
>>       printk("Dumping timer queues:\n");
>>   
>> @@ -556,7 +561,7 @@ static void dump_timerq(unsigned char ke
>>           spin_lock_irqsave(&ts->lock, flags);
>>           for ( j = 1; j <= heap_metadata(ts->heap)->size; j++ )
>>               dump_timer(ts->heap[j], now);
>> -        for ( t = ts->list, j = 0; t != NULL; t = t->list_next, j++ )
>> +        for ( t = ts->list; t != NULL; t = t->list_next )
>>               dump_timer(t, now);
>>           spin_unlock_irqrestore(&ts->lock, flags);
>>       }
>>
>>
>>
>>
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@xxxxxxxxxxxxxxxxxxxx
> https://lists.xenproject.org/mailman/listinfo/xen-devel
> 

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.