From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
To: Peter Maydell <peter.maydell@linaro.org>
Cc: qemu-devel@nongnu.org, qemu-block@nongnu.org,
Juan Quintela <quintela@redhat.com>, Fam Zheng <fam@euphon.net>,
Stefan Hajnoczi <stefanha@redhat.com>
Subject: Re: [PATCH 2/2] migration: Define BLK_MIG_BLOCK_SIZE as unsigned long long
Date: Thu, 21 Jul 2022 14:06:40 +0100 [thread overview]
Message-ID: <YtlPYPgjK3Uhcx4/@work-vm> (raw)
In-Reply-To: <CAFEAcA9ooYEjhNYg5mWLDjHhq32_rYsWFrf7X+L8OLBJYiiM0w@mail.gmail.com>
* Peter Maydell (peter.maydell@linaro.org) wrote:
> On Thu, 21 Jul 2022 at 13:07, Dr. David Alan Gilbert
> <dgilbert@redhat.com> wrote:
> >
> > * Peter Maydell (peter.maydell@linaro.org) wrote:
> > > When we use BLK_MIG_BLOCK_SIZE in expressions like
> > > block_mig_state.submitted * BLK_MIG_BLOCK_SIZE, this multiplication
> > > is done as 32 bits, because both operands are 32 bits. Coverity
> > > complains about possible overflows because we then accumulate that
> > > into a 64 bit variable.
> > >
> > > Define BLK_MIG_BLOCK_SIZE as unsigned long long using the ULL suffix.
> > > The only two current uses of it with this problem are both in
> > > block_save_pending(), so we could just cast to uint64_t there, but
> > > using the ULL suffix is simpler and ensures that we don't
> > > accidentally introduce new variants of the same issue in future.
> > >
> > > Resolves: Coverity CID 1487136, 1487175
> > > Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
> > > ---
> > > I haven't tried to analyse the code to see if the multiplications
> > > could ever actually end up overflowing, but I would assume
> > > probably not.
> > >
> > > migration/block.c | 2 +-
> > > 1 file changed, 1 insertion(+), 1 deletion(-)
> > >
> > > diff --git a/migration/block.c b/migration/block.c
> > > index 9e5aae58982..3577c815a94 100644
> > > --- a/migration/block.c
> > > +++ b/migration/block.c
> > > @@ -28,7 +28,7 @@
> > > #include "sysemu/block-backend.h"
> > > #include "trace.h"
> > >
> > > -#define BLK_MIG_BLOCK_SIZE (1 << 20)
> > > +#define BLK_MIG_BLOCK_SIZE (1ULL << 20)
> >
> > Is it a problem that this is passed to bdrv_create_dirty_bitmap that
> > takes a uint32_t ?
>
> Shouldn't be -- the constant value still fits within 32 bits.
Hmm OK, lets keep an eye out for build problems on any odd combos
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
> -- PMM
>
--
Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK
next prev parent reply other threads:[~2022-07-21 13:10 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-07-21 11:52 [PATCH 0/2] migration: fix coverity nits Peter Maydell
2022-07-21 11:52 ` [PATCH 1/2] migration: Assert that migrate_multifd_compression() returns an in-range value Peter Maydell
2022-07-21 12:02 ` Dr. David Alan Gilbert
2022-07-22 11:00 ` Juan Quintela
2022-07-21 11:52 ` [PATCH 2/2] migration: Define BLK_MIG_BLOCK_SIZE as unsigned long long Peter Maydell
2022-07-21 12:07 ` Dr. David Alan Gilbert
2022-07-21 12:44 ` Peter Maydell
2022-07-21 13:06 ` Dr. David Alan Gilbert [this message]
2022-07-22 12:47 ` Juan Quintela
2022-08-01 10:38 ` [PATCH 0/2] migration: fix coverity nits Peter Maydell
2022-08-02 13:49 ` Dr. David Alan Gilbert
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YtlPYPgjK3Uhcx4/@work-vm \
--to=dgilbert@redhat.com \
--cc=fam@euphon.net \
--cc=peter.maydell@linaro.org \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
--cc=quintela@redhat.com \
--cc=stefanha@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).