From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([140.186.70.92]:39756) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QOWfC-0005br-HG for qemu-devel@nongnu.org; Mon, 23 May 2011 11:03:23 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1QOWfB-0006EC-8B for qemu-devel@nongnu.org; Mon, 23 May 2011 11:03:22 -0400 Received: from mail-yi0-f45.google.com ([209.85.218.45]:39194) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QOWfB-0006E4-4F for qemu-devel@nongnu.org; Mon, 23 May 2011 11:03:21 -0400 Received: by yib19 with SMTP id 19so2503690yib.4 for ; Mon, 23 May 2011 08:03:20 -0700 (PDT) Message-ID: <4DDA7736.9010904@codemonkey.ws> Date: Mon, 23 May 2011 10:03:18 -0500 From: Anthony Liguori MIME-Version: 1.0 References: <20110520180331.GA21837@amd.home.annexia.org> <4DD6AEB9.6060506@codemonkey.ws> <20110523130411.GR24143@redhat.com> <4DDA620F.1090308@codemonkey.ws> <20110523134021.GT24143@redhat.com> <4DDA6512.2040405@codemonkey.ws> <20110523141408.GV24143@redhat.com> In-Reply-To: <20110523141408.GV24143@redhat.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: [Qemu-devel] [PATCH] qemu: json: Fix parsing of integers >= 0x8000000000000000 List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: "Daniel P. Berrange" Cc: "Richard W.M. Jones" , qemu-devel@nongnu.org, Luiz Capitulino On 05/23/2011 09:14 AM, Daniel P. Berrange wrote: > On Mon, May 23, 2011 at 08:45:54AM -0500, Anthony Liguori wrote: >> On 05/23/2011 08:40 AM, Daniel P. Berrange wrote: >>> On Mon, May 23, 2011 at 08:33:03AM -0500, Anthony Liguori wrote: >>>> On 05/23/2011 08:04 AM, Daniel P. Berrange wrote: >>>>> On Fri, May 20, 2011 at 01:11:05PM -0500, Anthony Liguori wrote: >>>>>> On 05/20/2011 01:03 PM, Richard W.M. Jones wrote: >>>>>>> >>>>>>> There seem to be a few unsafe uses of strto* functions. This patch >>>>>>> just fixes the one that affects me :-) >>>>>> >>>>>> Sending an integer of this size is not valid JSON. >>>>>> >>>>>> Your patch won't accept negative numbers, correct? >>>>>> >>>>>> JSON only supports int64_t. >>>>> >>>>> That's not really true. JSON supports arbitrarily large numbers >>>>> & integers. >>>> >>>> Try the following snippet in your browser: >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> The actual value of the alert will surprise you :-) >>>> >>>> Integers in Javascript are actually represented as doubles >>>> internally which means that integer constants are only accurate up >>>> to 52 bits. >>>> >>>> So really, we should cap integers at 32-bit :-/ >>>> >>>> Have I mentioned recently that I really dislike JSON... >>> >>> NB, I am distinguishing between JSON the generic specification and >>> JSON as implemented in web browsers. JSON the specification has *no* >>> limitation on integers. Any limitation, like the one you demonstrate, >>> is inherantly just specific to the implementation. >> >> No, EMCA is very specific in how integers are handled in JavaScript. >> Every implementation of JavaScript is going to exhibit this >> behavior. >> >> The JSON specification lack of specificity here I think has to be >> interpreted as a deferral to the EMCA specification. > > The EMCA spec declares that integers upto 52-bits can be stored > without loosing precision. This doesn't forbid sending of 64-bit > integers via JSON. It merely implies that when parsed into a > EMCA-Script object you'll loose precision. So this doesn't mean that > QEMU has to throw away the extra precision when parsing JSON, nor > do client apps have to throw away precision when generating JSON > for QEMU. Both client& QEMU can use a full uint64 if desired. Thinking more carefully about this, I think the following rule is important: 1) Integers that would cause overflow should be treated as double precision floating point numbers. 2) A conforming implementation must support integer precision up to 52-bit signed integers. I think this is valid because the string: 9223372036854775808 Is a representation of: 9223372036854776e3 Both are equivalent representations of the same number. So we can send and accept arbitrarily large integers provided that we always fallback to representing integers as double precision floating points if the integer would otherwise truncate. I think this means we need to drop QFloat and QInt, add a QNumber, and then add _from_uint64/to_uint64 and _from_double/to_double. Regards, Anthony Liguori