From: Dario Faggioli Date: Wed, 20 Jul 2016 09:50:12 +0000 (+0100) Subject: xen: credit2: fix two s_time_t handling issues in load balancing X-Git-Tag: archive/raspbian/4.8.0-1+rpi1~1^2~726 X-Git-Url: https://dgit.raspbian.org/%22http://www.example.com/cgi/%22/%22http:/www.example.com/cgi/%22?a=commitdiff_plain;h=b5b5876619bd8ec2e;p=xen.git xen: credit2: fix two s_time_t handling issues in load balancing both introduced in d205f8a7f48e2ec ("xen: credit2: rework load tracking logic"). First, in __update_runq_load(), the ASSERT() was actually useless. Let's instead check that the computed value of the load has not overflowed (and hence gone negative). While there, do that in __update_svc_load() as well. Second, in balance_load(), cpus_max needs being extended in order to be correctly shifted, and the result compared with an s_time_t value, without risking loosing info. Spotted by Coverity. Signed-off-by: Dario Faggioli Reported-by: Andrew Cooper Reviewed-by: George Dunlap --- diff --git a/xen/common/sched_credit2.c b/xen/common/sched_credit2.c index 3e1720c6fc..b92226c66e 100644 --- a/xen/common/sched_credit2.c +++ b/xen/common/sched_credit2.c @@ -730,7 +730,8 @@ __update_runq_load(const struct scheduler *ops, rqd->load += change; rqd->load_last_update = now; - ASSERT(rqd->avgload <= STIME_MAX && rqd->b_avgload <= STIME_MAX); + /* Overflow, capable of making the load look negative, must not occur. */ + ASSERT(rqd->avgload >= 0 && rqd->b_avgload >= 0); if ( unlikely(tb_init_done) ) { @@ -788,6 +789,9 @@ __update_svc_load(const struct scheduler *ops, } svc->load_last_update = now; + /* Overflow, capable of making the load look negative, must not occur. */ + ASSERT(svc->avgload >= 0); + if ( unlikely(tb_init_done) ) { struct { @@ -1841,7 +1845,7 @@ retry: * If we're under 100% capacaty, only shift if load difference * is > 1. otherwise, shift if under 12.5% */ - if ( load_max < (cpus_max << prv->load_precision_shift) ) + if ( load_max < ((s_time_t)cpus_max << prv->load_precision_shift) ) { if ( st.load_delta < (1ULL << (prv->load_precision_shift + opt_underload_balance_tolerance)) )