From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([140.186.70.92]:56589) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1R46bU-0001UG-4c for qemu-devel@nongnu.org; Thu, 15 Sep 2011 03:43:28 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1R46bQ-0008Ov-8f for qemu-devel@nongnu.org; Thu, 15 Sep 2011 03:43:24 -0400 Received: from mx1.redhat.com ([209.132.183.28]:51089) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1R46bP-0008Om-V1 for qemu-devel@nongnu.org; Thu, 15 Sep 2011 03:43:20 -0400 Message-ID: <4E71AC91.7000709@redhat.com> Date: Thu, 15 Sep 2011 10:43:13 +0300 From: Avi Kivity MIME-Version: 1.0 References: <1315983769-8287-1-git-send-email-david@gibson.dropbear.id.au> <4E70647D.10408@redhat.com> <20110915023431.GO9025@yookeroo.fritz.box> <4E71AB6B.7040900@redhat.com> In-Reply-To: <4E71AB6B.7040900@redhat.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: [Qemu-devel] [PATCH] Fix subtle integer overflow bug in memory API List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Paolo Bonzini Cc: agraf@suse.de, qemu-devel@nongnu.org On 09/15/2011 10:38 AM, Paolo Bonzini wrote: > On 09/15/2011 04:34 AM, David Gibson wrote: >> explicit "if (a + b)< a" tests in some places. > > Please wrap these in a macro, since the addition has to be done in an > unsigned type. Otherwise overflow is undefined. It doesn't help if the overflow is defined but produces an incorrect result. The fact is we need a 64+N bit datatype, where N is the nesting level of MemoryRegions (including aliases). Each nesting level can overflow a bit. Right now the only viable options seems to be #define 64 60, but I'll be happy to consider others. -- I have a truly marvellous patch that fixes the bug which this signature is too narrow to contain.