From: Edwin Torok <edvin.torok@citrix.com>
To: Andrew Cooper <Andrew.Cooper3@citrix.com>,
"xen-devel@lists.xenproject.org" <xen-devel@lists.xenproject.org>
Cc: "jbeulich@suse.com" <jbeulich@suse.com>,
"julien@xen.org" <julien@xen.org>,
"jgross@suse.com" <jgross@suse.com>, "wl@xen.org" <wl@xen.org>,
"iwj@xenproject.org" <iwj@xenproject.org>,
"sstabellini@kernel.org" <sstabellini@kernel.org>,
"dave@recoil.org" <dave@recoil.org>,
George Dunlap <George.Dunlap@citrix.com>,
Christian Lindig <christian.lindig@citrix.com>
Subject: Re: [PATCH v2 00/17] live update and gnttab patches
Date: Wed, 12 May 2021 15:04:25 +0000 [thread overview]
Message-ID: <a61829312384fa5cf3cd170dc97a12a55eed4598.camel@citrix.com> (raw)
In-Reply-To: <bbd8ccf8-6bb4-7cc0-515d-1f14cd4404b7@citrix.com>
On Wed, 2021-05-12 at 13:51 +0100, Andrew Cooper wrote:
> On 12/05/2021 11:10, Edwin Torok wrote:
> > On Tue, 2021-05-11 at 21:05 +0100, Andrew Cooper wrote:
> > >
> > diff --git a/tools/ocaml/xenstored/disk.ml
> > b/tools/ocaml/xenstored/disk.ml
> > index 59794324e1..b7678af87f 100644
> > --- a/tools/ocaml/xenstored/disk.ml
> > +++ b/tools/ocaml/xenstored/disk.ml
> > @@ -176,7 +176,7 @@ let write store =
> > output_byte ch i
> >
> > let w32 ch v =
> > - assert (v >= 0 && v <= 0xFFFF_FFFF);
> > + assert (v >= 0 && Int64.of_int v <= 0xFFFF_FFFFL);
>
> In the case that v is 32 bits wide, it will underflow and fail the v
> >=
> 0 check, before the upcast to Int64.
I'll have to review the callers of this, I think my intention was to
forbid dumping negative values because it is ambigous what it means.
In case you are running on 64-bit that is most likely a bug because I
think most 32-bit values were defined as unsigned in the migration spec
or in the original xen public headers (I'll have to double check).
However in case of a 32-bit system we can have negative values where an
otherwise unsigned 32-bit quantity in xen is represented as an ocaml
int, or even silently truncated (if the xen value actually uses all 32-
bits, because OCaml ints are only 31-bits on 32-bit systems, one would
have to use the int32 type to get true 32-bit quantities in ocaml but
that comes with additional boxing and a more complicated syntax,
so in most places in Xen I see the difference just being ignored).
Perhaps this should forbid negative values only on 64-bit systems
(where that would be a bug), and allow it on 32-bit systems (where a
negative value might be legitimate or a bug, we can't tell).
Checking Sys.word_size should tell us what system we are on.
Best regards,
--Edwin
prev parent reply other threads:[~2021-05-12 15:04 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-05-11 18:05 [PATCH v2 00/17] live update and gnttab patches Edwin Török
2021-05-11 18:05 ` [PATCH v2 01/17] docs/designs/xenstore-migration.md: clarify that deletes are recursive Edwin Török
2021-05-11 18:05 ` [PATCH v2 02/17] tools/ocaml: add unit test skeleton with Dune build system Edwin Török
2021-05-11 18:05 ` [PATCH v2 03/17] tools/ocaml: vendor external dependencies for convenience Edwin Török
2021-05-11 18:05 ` [PATCH v2 04/17] tools/ocaml/xenstored: implement the live migration binary format Edwin Török
2021-05-11 18:05 ` [PATCH v2 05/17] tools/ocaml/xenstored: add binary dump format support Edwin Török
2021-05-11 18:05 ` [PATCH v2 06/17] tools/ocaml/xenstored: add support for binary format Edwin Török
2021-05-11 18:05 ` [PATCH v2 07/17] tools/ocaml/xenstored: validate config file before live update Edwin Török
2021-05-11 18:05 ` [PATCH v2 08/17] Add structured fuzzing unit test Edwin Török
2021-05-11 18:05 ` [PATCH v2 09/17] tools/ocaml: use common macros for manipulating mmap_interface Edwin Török
2021-05-11 18:05 ` [PATCH v2 10/17] tools/ocaml/libs/mmap: allocate correct number of bytes Edwin Török
2021-05-11 18:05 ` [PATCH v2 11/17] tools/ocaml/libs/mmap: Expose stub_mmap_alloc Edwin Török
2021-05-11 18:05 ` [PATCH v2 12/17] tools/ocaml/libs/mmap: mark mmap/munmap as blocking Edwin Török
2021-05-11 18:05 ` [PATCH v2 13/17] tools/ocaml/libs/xb: import gnttab stubs from mirage Edwin Török
2021-05-11 18:05 ` [PATCH v2 14/17] tools/ocaml: safer Xenmmap interface Edwin Török
2021-05-11 18:05 ` [PATCH v2 15/17] tools/ocaml/xenstored: use gnttab instead of xenctrl's foreign_map_range Edwin Török
2021-05-11 18:05 ` [PATCH v2 16/17] tools/ocaml/xenstored: don't store domU's mfn of ring page Edwin Török
2021-05-11 18:05 ` [PATCH v2 17/17] tools/ocaml/libs/mmap: Clean up unused read/write Edwin Török
2021-05-12 13:06 ` Andrew Cooper
2021-05-11 18:12 ` [PATCH v2 00/17] live update and gnttab patches Edwin Torok
2021-05-11 20:05 ` Andrew Cooper
2021-05-12 10:10 ` Edwin Torok
2021-05-12 12:51 ` Andrew Cooper
2021-05-12 15:04 ` Edwin Torok [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=a61829312384fa5cf3cd170dc97a12a55eed4598.camel@citrix.com \
--to=edvin.torok@citrix.com \
--cc=Andrew.Cooper3@citrix.com \
--cc=George.Dunlap@citrix.com \
--cc=christian.lindig@citrix.com \
--cc=dave@recoil.org \
--cc=iwj@xenproject.org \
--cc=jbeulich@suse.com \
--cc=jgross@suse.com \
--cc=julien@xen.org \
--cc=sstabellini@kernel.org \
--cc=wl@xen.org \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).