From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:34628)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <agraf@suse.de>) id 1XKnI8-0003Oj-Ge
	for qemu-devel@nongnu.org; Fri, 22 Aug 2014 07:46:06 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <agraf@suse.de>) id 1XKnI2-0003F2-Ep
	for qemu-devel@nongnu.org; Fri, 22 Aug 2014 07:46:00 -0400
Received: from cantor2.suse.de ([195.135.220.15]:38355 helo=mx2.suse.de)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <agraf@suse.de>) id 1XKnI2-0003Ew-8r
	for qemu-devel@nongnu.org; Fri, 22 Aug 2014 07:45:54 -0400
Message-ID: <53F72D72.5050307@suse.de>
Date: Fri, 22 Aug 2014 13:45:54 +0200
From: Alexander Graf <agraf@suse.de>
MIME-Version: 1.0
References: <1408706366-43407-1-git-send-email-agraf@suse.de>
	<CAFEAcA9UAzsx5cuoukD24w+DU+udUGjh+0O2Ni2T_OOidAUsKA@mail.gmail.com>
	<53F72C90.3050000@suse.de>
	<CAFEAcA8y-pyDcNqvsEz+MsB6FXPdo87L5FpH0GZfCUGkFKn_RQ@mail.gmail.com>
In-Reply-To: <CAFEAcA8y-pyDcNqvsEz+MsB6FXPdo87L5FpH0GZfCUGkFKn_RQ@mail.gmail.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] [PATCH] linux-user: Simplify boundary checks on
 g_posix_timers range
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Peter Maydell <peter.maydell@linaro.org>
Cc: Riku Voipio <riku.voipio@iki.fi>, QEMU Developers <qemu-devel@nongnu.org>, =?UTF-8?B?QW5kcmVhcyBGw6RyYmVy?= <afaerber@suse.de>



On 22.08.14 13:44, Peter Maydell wrote:
> On 22 August 2014 12:42, Alexander Graf <agraf@suse.de> wrote:
>> On 22.08.14 13:33, Peter Maydell wrote:
>>> On 22 August 2014 12:19, Alexander Graf <agraf@suse.de> wrote:
>>>> We check whether the passed in counter value is negative on all calls
>>>> that involve g_posix_timers. However, we AND the value down to 16 bits
>>>> right before the check, so they can never be negative.
>>>
>>> ...but why exactly are we doing that AND with 0xffff ?? It seems
>>> unlikely that the kernel really allows random garbage in the top
>>> half of the timer ID arguments, so maybe we should drop the
>>> mask and keep the <0 bounds checks?
>>
>> Or we drop the AND and and the <0 check and treat arg1 as unsigned ;).
> 
> That probably just requires equally many changes to
> code that is currently correct because the arg* are
> signed but would need changes if they became unsigned.

Well, I do have a downstream patch that makes them unsigned, so I'd
rather like to make the code as stable to that as I can ;).


Alex