diff mbox series

[v2,1/2] linux: Normalize and return timeout on select (BZ #27651)

Message ID 20210409113639.1124756-1-adhemerval.zanella@linaro.org
State Superseded
Headers show
Series [v2,1/2] linux: Normalize and return timeout on select (BZ #27651) | expand

Commit Message

Adhemerval Zanella April 9, 2021, 11:36 a.m. UTC
The commit 2433d39b697, which added time64 support to select, changed
the function to use __NR_pselect6 (or __NR_pelect6_time64) on all
architectures.  However, on architectures where the symbol was
implemented with __NR_select the kernel normalizes the passed timeout
instead of return EINVAL.  For instance, the input timeval
{ 0, 5000000 } is interpreted as { 5, 0 }.

And as indicated by BZ #27651, this semantic seems to be expected
and changing it results in some performance issues (most likely
the program does not check the return code and keeps issuing
select with unormalized tv_usec argument).

To avoid a different semantic depending whether which syscall the
architecture used to issue, select now always normalize the timeout
input.  This is a slight change for some ABIs (for instance aarch64).

Checked on x86_64-linux-gnu and i686-linux-gnu.
---
 include/time.h                             |  5 +++
 misc/tst-select.c                          | 17 +++++++++
 sunrpc/svcauth_des.c                       |  1 -
 support/Makefile                           |  2 ++
 support/support.h                          |  8 +++++
 support/support_select_modify_timeout.c    | 29 ++++++++++++++++
 support/support_select_normalize_timeout.c | 29 ++++++++++++++++
 sysdeps/unix/sysv/linux/select.c           | 40 ++++++++++++++++++----
 8 files changed, 123 insertions(+), 8 deletions(-)
 create mode 100644 support/support_select_modify_timeout.c
 create mode 100644 support/support_select_normalize_timeout.c

Comments

Florian Weimer April 9, 2021, 12:38 p.m. UTC | #1
* Adhemerval Zanella via Libc-alpha:

> +/* Return true if select modify the timeout to reflect the amount of time
> +   no slept.  */
> +extern bool support_select_modify_timeout (void);
> +
> +/* Return true if select normalize the timeout input by taking in account
> +   tv_usec larger than 1000000.  */
> +extern bool support_select_normalize_timeout (void);

Maybe use support_select_modifies_timeout and
support_select_normalizes_timeout?

Please commit the support/ bits separately.

> diff --git a/sysdeps/unix/sysv/linux/select.c b/sysdeps/unix/sysv/linux/select.c
> index 415aa87d3c..d075270ff4 100644
> --- a/sysdeps/unix/sysv/linux/select.c
> +++ b/sysdeps/unix/sysv/linux/select.c
> @@ -33,12 +33,34 @@ int
>  __select64 (int nfds, fd_set *readfds, fd_set *writefds, fd_set *exceptfds,
>  	    struct __timeval64 *timeout)
>  {
> +  __time64_t s = timeout != NULL ? timeout->tv_sec : 0;
> +  int32_t us = timeout != NULL ? timeout->tv_usec : 0;
> +  int32_t ns;
> +
> +  if (s < 0 || us < 0)
> +    return INLINE_SYSCALL_ERROR_RETURN_VALUE (EINVAL);
> +
> +  /* Normalize the timeout, as legacy Linux __NR_select and __NR__newselect.
> +     Different than syscall, it also handle possible overflow.  */
> +  if (us / USEC_PER_SEC > INT64_MAX - s)
>      {
> +      s = INT64_MAX;
> +      ns = NSEC_PER_SEC - 1;
>      }
> +  else
> +    {
> +      s += us / USEC_PER_SEC;
> +      us = us % USEC_PER_SEC;
> +      ns = us * NSEC_PER_USEC;
> +    }
> +
> +  struct __timespec64 ts64, *pts64 = NULL;
> +   if (timeout != NULL)
> +     {
> +       ts64.tv_sec = s;
> +       ts64.tv_nsec = ns;
> +       pts64 = &ts64;
> +     }

The overflow handling is slightly inconsistent with the in_time_t_range
range check below.  Here we use silently saturating arithmetic, below
it's an error.

Thanks,
Florian
Adhemerval Zanella April 9, 2021, 12:46 p.m. UTC | #2
On 09/04/2021 09:38, Florian Weimer wrote:
> * Adhemerval Zanella via Libc-alpha:
> 
>> +/* Return true if select modify the timeout to reflect the amount of time
>> +   no slept.  */
>> +extern bool support_select_modify_timeout (void);
>> +
>> +/* Return true if select normalize the timeout input by taking in account
>> +   tv_usec larger than 1000000.  */
>> +extern bool support_select_normalize_timeout (void);
> 
> Maybe use support_select_modifies_timeout and
> support_select_normalizes_timeout?
> 
> Please commit the support/ bits separately.
> 
>> diff --git a/sysdeps/unix/sysv/linux/select.c b/sysdeps/unix/sysv/linux/select.c
>> index 415aa87d3c..d075270ff4 100644
>> --- a/sysdeps/unix/sysv/linux/select.c
>> +++ b/sysdeps/unix/sysv/linux/select.c
>> @@ -33,12 +33,34 @@ int
>>  __select64 (int nfds, fd_set *readfds, fd_set *writefds, fd_set *exceptfds,
>>  	    struct __timeval64 *timeout)
>>  {
>> +  __time64_t s = timeout != NULL ? timeout->tv_sec : 0;
>> +  int32_t us = timeout != NULL ? timeout->tv_usec : 0;
>> +  int32_t ns;
>> +
>> +  if (s < 0 || us < 0)
>> +    return INLINE_SYSCALL_ERROR_RETURN_VALUE (EINVAL);
>> +
>> +  /* Normalize the timeout, as legacy Linux __NR_select and __NR__newselect.
>> +     Different than syscall, it also handle possible overflow.  */
>> +  if (us / USEC_PER_SEC > INT64_MAX - s)
>>      {
>> +      s = INT64_MAX;
>> +      ns = NSEC_PER_SEC - 1;
>>      }
>> +  else
>> +    {
>> +      s += us / USEC_PER_SEC;
>> +      us = us % USEC_PER_SEC;
>> +      ns = us * NSEC_PER_USEC;
>> +    }
>> +
>> +  struct __timespec64 ts64, *pts64 = NULL;
>> +   if (timeout != NULL)
>> +     {
>> +       ts64.tv_sec = s;
>> +       ts64.tv_nsec = ns;
>> +       pts64 = &ts64;
>> +     }
> 
> The overflow handling is slightly inconsistent with the in_time_t_range
> range check below.  Here we use silently saturating arithmetic, below
> it's an error.

In fact on the in_time_t below it needs to check for the normalized 
tv_sec on ts64.tv_sec instead of the input timeout.  I will fix it
and send a newer version without the libsupport bits.
diff mbox series

Patch

diff --git a/include/time.h b/include/time.h
index caf2af5e74..e0636132a6 100644
--- a/include/time.h
+++ b/include/time.h
@@ -502,6 +502,11 @@  time_now (void)
   __clock_gettime (TIME_CLOCK_GETTIME_CLOCKID, &ts);
   return ts.tv_sec;
 }
+
+#define NSEC_PER_SEC    1000000000L  /* Nanoseconds per second.  */
+#define USEC_PER_SEC    1000000L     /* Microseconds per second.  */
+#define NSEC_PER_USEC   1000L        /* Nanoseconds per microsecond.  */
+
 #endif
 
 #endif
diff --git a/misc/tst-select.c b/misc/tst-select.c
index 5ad057cd51..dc7717a7a6 100644
--- a/misc/tst-select.c
+++ b/misc/tst-select.c
@@ -19,6 +19,7 @@ 
 #include <errno.h>
 #include <support/capture_subprocess.h>
 #include <support/check.h>
+#include <support/support.h>
 #include <support/timespec.h>
 #include <support/xunistd.h>
 #include <support/xtime.h>
@@ -47,6 +48,12 @@  do_test_child (void *clousure)
   int r = select (args->fds[0][0] + 1, &rfds, NULL, NULL, &args->tmo);
   TEST_COMPARE (r, 0);
 
+  if (support_select_modify_timeout ())
+    {
+      TEST_COMPARE (args->tmo.tv_sec, 0);
+      TEST_COMPARE (args->tmo.tv_usec, 0);
+    }
+
   TEST_TIMESPEC_NOW_OR_AFTER (CLOCK_REALTIME, ts);
 
   xwrite (args->fds[1][1], "foo", 3);
@@ -69,6 +76,16 @@  do_test (void)
 				      sc_allow_none);
   }
 
+  if (support_select_normalize_timeout ())
+    {
+      /* This is handled as 1 second instead of failing with EINVAL.  */
+      args.tmo = (struct timeval) { .tv_sec = 0, .tv_usec = 1000000 };
+      struct support_capture_subprocess result;
+      result = support_capture_subprocess (do_test_child, &args);
+      support_capture_subprocess_check (&result, "tst-select-child", 0,
+					sc_allow_none);
+    }
+
   /* Same as before, but simulating polling.  */
   args.tmo = (struct timeval) { .tv_sec = 0, .tv_usec = 0 };
   {
diff --git a/sunrpc/svcauth_des.c b/sunrpc/svcauth_des.c
index 7607abc818..25a85c9097 100644
--- a/sunrpc/svcauth_des.c
+++ b/sunrpc/svcauth_des.c
@@ -58,7 +58,6 @@ 
 
 #define debug(msg)		/*printf("svcauth_des: %s\n", msg) */
 
-#define USEC_PER_SEC ((uint32_t) 1000000L)
 #define BEFORE(t1, t2) timercmp(t1, t2, <)
 
 /*
diff --git a/support/Makefile b/support/Makefile
index 900e17f94f..1e2fc97ee6 100644
--- a/support/Makefile
+++ b/support/Makefile
@@ -68,6 +68,8 @@  libsupport-routines = \
   support_quote_string \
   support_record_failure \
   support_run_diff \
+  support_select_modify_timeout \
+  support_select_normalize_timeout \
   support_set_small_thread_stack_size \
   support_shared_allocate \
   support_small_stack_thread_attribute \
diff --git a/support/support.h b/support/support.h
index e023d00857..f983783d64 100644
--- a/support/support.h
+++ b/support/support.h
@@ -144,6 +144,14 @@  static __inline bool support_path_support_time64 (const char *path)
 /* Return true if stat supports nanoseconds resolution.  */
 extern bool support_stat_nanoseconds (const char *path);
 
+/* Return true if select modify the timeout to reflect the amount of time
+   no slept.  */
+extern bool support_select_modify_timeout (void);
+
+/* Return true if select normalize the timeout input by taking in account
+   tv_usec larger than 1000000.  */
+extern bool support_select_normalize_timeout (void);
+
 __END_DECLS
 
 #endif /* SUPPORT_H */
diff --git a/support/support_select_modify_timeout.c b/support/support_select_modify_timeout.c
new file mode 100644
index 0000000000..d70a5a5068
--- /dev/null
+++ b/support/support_select_modify_timeout.c
@@ -0,0 +1,29 @@ 
+/* Return whether select modify the timeout.
+   Copyright (C) 2021 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <https://www.gnu.org/licenses/>.  */
+
+#include <stdbool.h>
+
+bool
+support_select_modify_timeout (void)
+{
+#ifdef __linux__
+  return true;
+#else
+  return false;
+#endif
+}
diff --git a/support/support_select_normalize_timeout.c b/support/support_select_normalize_timeout.c
new file mode 100644
index 0000000000..447e3ec3e3
--- /dev/null
+++ b/support/support_select_normalize_timeout.c
@@ -0,0 +1,29 @@ 
+/* Return whether select normalize the timeout.
+   Copyright (C) 2021 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <https://www.gnu.org/licenses/>.  */
+
+#include <stdbool.h>
+
+bool
+support_select_normalize_timeout (void)
+{
+#ifdef __linux__
+  return true;
+#else
+  return false;
+#endif
+}
diff --git a/sysdeps/unix/sysv/linux/select.c b/sysdeps/unix/sysv/linux/select.c
index 415aa87d3c..d075270ff4 100644
--- a/sysdeps/unix/sysv/linux/select.c
+++ b/sysdeps/unix/sysv/linux/select.c
@@ -33,12 +33,34 @@  int
 __select64 (int nfds, fd_set *readfds, fd_set *writefds, fd_set *exceptfds,
 	    struct __timeval64 *timeout)
 {
-  struct __timespec64 ts64, *pts64 = NULL;
-  if (timeout != NULL)
+  __time64_t s = timeout != NULL ? timeout->tv_sec : 0;
+  int32_t us = timeout != NULL ? timeout->tv_usec : 0;
+  int32_t ns;
+
+  if (s < 0 || us < 0)
+    return INLINE_SYSCALL_ERROR_RETURN_VALUE (EINVAL);
+
+  /* Normalize the timeout, as legacy Linux __NR_select and __NR__newselect.
+     Different than syscall, it also handle possible overflow.  */
+  if (us / USEC_PER_SEC > INT64_MAX - s)
     {
-      ts64 = timeval64_to_timespec64 (*timeout);
-      pts64 = &ts64;
+      s = INT64_MAX;
+      ns = NSEC_PER_SEC - 1;
     }
+  else
+    {
+      s += us / USEC_PER_SEC;
+      us = us % USEC_PER_SEC;
+      ns = us * NSEC_PER_USEC;
+    }
+
+  struct __timespec64 ts64, *pts64 = NULL;
+   if (timeout != NULL)
+     {
+       ts64.tv_sec = s;
+       ts64.tv_nsec = ns;
+       pts64 = &ts64;
+     }
 
 #ifndef __NR_pselect6_time64
 # define __NR_pselect6_time64 __NR_pselect6
@@ -52,10 +74,13 @@  __select64 (int nfds, fd_set *readfds, fd_set *writefds, fd_set *exceptfds,
          (though the pselect() glibc call suppresses this behavior).
          Since select() on Linux has the same behavior as the pselect6
          syscall, we update the timeout here.  */
-      if (r == 0 || errno != ENOSYS)
+      if (r >= 0 || errno != ENOSYS)
 	{
 	  if (timeout != NULL)
-	    TIMEVAL_TO_TIMESPEC (timeout, &ts64);
+	    {
+	      timeout->tv_sec = ts64.tv_sec;
+	      timeout->tv_usec = ts64.tv_nsec / NSEC_PER_USEC;
+	    }
 	  return r;
 	}
 
@@ -71,7 +96,8 @@  __select64 (int nfds, fd_set *readfds, fd_set *writefds, fd_set *exceptfds,
 	  __set_errno (EINVAL);
 	  return -1;
 	}
-      ts32 = valid_timespec64_to_timespec (ts64);
+      ts32.tv_sec = s;
+      ts32.tv_nsec = ns;
       pts32 = &ts32;
     }
 # ifndef __ASSUME_PSELECT