From mboxrd@z Thu Jan 1 00:00:00 1970 From: Andrew Cooper Subject: Re: Xen hypercall API/ABI problems Date: Tue, 25 Jun 2013 14:10:16 +0100 Message-ID: <51C996B8.2000501@citrix.com> References: <51C1D199.6050409@citrix.com> <51C2E0F902000078000DF436@nat28.tlf.novell.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <51C2E0F902000078000DF436@nat28.tlf.novell.com> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org To: Jan Beulich Cc: "Tim (Xen.org)" , "Keir (Xen.org)" , Ian Campbell , Xen-devel List List-Id: xen-devel@lists.xenproject.org On 20/06/13 10:01, Jan Beulich wrote: >>>> On 19.06.13 at 17:43, Andrew Cooper wrote: >> In memory.c, there is a possible unsigned->signed conversion error from >> max_pages to rc. > That's of no concern as long as the maximum possible value can't > result in the value being negative. Plus it's problematic only when > the hypervisor is 32-bit (as otherwise it's a conversion from > "unsigned int" to "signed long". > > And for the list of items to be complete - there's a similar conversion > for d->tot_pages. In this case, 64bit domain on 64bit Xen is fine. This hypercall is ok as it really shouldn't be returning more than ((~0ULL)>>PAGE_SHIFT) I guess the question boils down this: Is it ok to retroactively apply -error semantics to hypercalls which were previously defined to never return an error? Already for the compat layer a wrong value is being returned. All we would be doing is changing from INT_MAX to -ERANGE which is differently wrong but more consistent. ~Andrew