From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:45201) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Zbqup-0000iG-Rt for qemu-devel@nongnu.org; Tue, 15 Sep 2015 10:09:03 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Zbqul-00058Q-Jg for qemu-devel@nongnu.org; Tue, 15 Sep 2015 10:08:59 -0400 Received: from mx1.redhat.com ([209.132.183.28]:57844) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Zbqul-00058I-EO for qemu-devel@nongnu.org; Tue, 15 Sep 2015 10:08:55 -0400 References: <1442253477-15422-1-git-send-email-armbru@redhat.com> <1442253477-15422-21-git-send-email-armbru@redhat.com> <20150915113722.GO23145@redhat.com> <87wpvr4y51.fsf@blackfin.pond.sub.org> From: Eric Blake Message-ID: <55F82674.3070608@redhat.com> Date: Tue, 15 Sep 2015 08:08:52 -0600 MIME-Version: 1.0 In-Reply-To: <87wpvr4y51.fsf@blackfin.pond.sub.org> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="bPSRHU2wWqQaO3nHmpthHtwmU1IhCWSna" Subject: Re: [Qemu-devel] [PATCH v7 20/26] qapi: Make output visitor return qnull() instead of NULL List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Markus Armbruster , "Daniel P. Berrange" Cc: qemu-devel@nongnu.org, mdroth@linux.vnet.ibm.com This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --bPSRHU2wWqQaO3nHmpthHtwmU1IhCWSna Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On 09/15/2015 07:20 AM, Markus Armbruster wrote: >>> >>> However, the patch isn't quite right: it messes up the reference >>> counting. After about SIZE_MAX visits, the reference counter >>> overflows, failing the assertion in qnull_destroy_obj(). Because >>> that's many orders of magnitude more visits of nulls than we expect, >>> we take this patch despite its flaws, to get the QMP introspection >>> stuff in without further delay. >>> >>> Naturally, we'll have to fix it for real before the release. >> >> Do we actually ever get near to SIZE_MAX visits ? With the rest of the series, qom-get can be used to trigger this code path. Since that is under user control, a user on a 32-bit platform could spin in a stupid loop of qom-get to eventually hit the assert. Not likely to happen. >> If not, then >> it would not seem critical to fix before release, as this is >> just the generator code >=20 > SIZE_MAX visits seem unlikely even when SIZE_MAX is only 2^32-1. It > would be fatal, though: QEMU would crash. >=20 > I'll reword to "we'll want to fix it". Yes, that improved wording is fine. And I think we already have some idea of what the fix involves (I posted some preliminary analysis, and Markus will do the actual deep dive); it's just that holding up this series for the fix isn't the way to handle it. --=20 Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org --bPSRHU2wWqQaO3nHmpthHtwmU1IhCWSna Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: Public key at http://people.redhat.com/eblake/eblake.gpg Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBCAAGBQJV+CZ0AAoJEKeha0olJ0Nqun8H/RtCnDcYa8Wt6egeJsW44Oqq LPtr78Hez13RdKVNW76KNsYDy/ciqPkQSqzKiSk+FJFqXNLSQgatxAIZrmvQOmUQ 7TTp+OS/rXfq6ha/hvOa8YmcvUMcWmCsnpyvCOsaFaLhbTCPtDuDH3kuuqVOcsOx b2Pntmh4T54taOHQJl9ak1DOUca1qoEqAWT69Da7qEFvv4Gypr1Vd4elDSJQm2l8 Jk41h6PPfZFx9+aMAAgjrhhZJ1ERPZ27QN38ho6dddpzrlRg1+D1vi8HWHykEkQo HixQTz7Q0ywHYUSKaN2hwatYutqUDXYLZm1+0RtPP/+ORN4NCZtUd62H5Wo0bRo= =xkr1 -----END PGP SIGNATURE----- --bPSRHU2wWqQaO3nHmpthHtwmU1IhCWSna--