From patchwork Sun Dec 16 17:06:23 2012 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Tokarev X-Patchwork-Id: 206734 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by ozlabs.org (Postfix) with ESMTPS id 9EC412C008D for ; Mon, 17 Dec 2012 04:06:47 +1100 (EST) Received: from localhost ([::1]:48425 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1TkHfo-0005d0-4T for incoming@patchwork.ozlabs.org; Sun, 16 Dec 2012 12:06:44 -0500 Received: from eggs.gnu.org ([208.118.235.92]:59647) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1TkHff-0005cM-Rs for qemu-devel@nongnu.org; Sun, 16 Dec 2012 12:06:36 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1TkHfe-00033S-5y for qemu-devel@nongnu.org; Sun, 16 Dec 2012 12:06:35 -0500 Received: from isrv.corpit.ru ([86.62.121.231]:42829) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1TkHfd-000318-UI for qemu-devel@nongnu.org; Sun, 16 Dec 2012 12:06:34 -0500 Received: from [192.168.88.2] (mjt.vpn.tls.msk.ru [192.168.177.99]) by isrv.corpit.ru (Postfix) with ESMTP id A2CA4A10F2; Sun, 16 Dec 2012 21:06:23 +0400 (MSK) Message-ID: <50CDFF8F.6010607@msgid.tls.msk.ru> Date: Sun, 16 Dec 2012 21:06:23 +0400 From: Michael Tokarev Organization: Telecom Service, JSC User-Agent: Mozilla/5.0 (X11; Linux i686 on x86_64; rv:10.0.10) Gecko/20121028 Icedove/10.0.10 MIME-Version: 1.0 To: Fred Oliveira , Don Slutz X-Enigmail-Version: 1.4.1 OpenPGP: id=804465C5 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x X-Received-From: 86.62.121.231 Cc: Stefan Hajnoczi , qemu-devel , =?UTF-8?B?QW5kcmVhcyBGw6RyYmVy?= Subject: Re: [Qemu-devel] target-i386: Allow tsc-frequency to be larger then 2.147G X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org This is a follow-up to a more-or-less trivial commit, 2e84849aa2cc7f220d3b3668f5f7e3c57bb1b590 . I'm adding some more context - the whole function in question. commit 2e84849aa2cc7f220d3b3668f5f7e3c57bb1b590 Author: Don Slutz Date: Fri Sep 21 20:13:13 2012 -0400 target-i386: Allow tsc-frequency to be larger then 2.147G The check using INT_MAX (2147483647) is wrong in this case. Signed-off-by: Fred Oliveira Signed-off-by: Don Slutz Signed-off-by: Stefan Hajnoczi if (error_is_set(errp)) { return; } if (value < min || value > max) { error_set(errp, QERR_PROPERTY_VALUE_OUT_OF_RANGE, "", name ? name : "null", value, min, max); return; } cpu->env.tsc_khz = value / 1000; } The patch makes the second test (if value > max) to be a no-op, since value is of type int64_t, and max is now INT64_MAX, so value can never be larger than max. Overflow can be catched by the first test (value < 0). Note this function has another defect: the tsc frequency is truncated to KHz. It's okay when it is called from the default cpu init function, where the initial value is in khz and is multiplied by 1000 when calling x86_cpuid_set_tsc_freq(), but not okay when called as a handler for user- defined option, like -cpu foo,tsc_frequency=bar. I'm not sure how often this option is used, however. Thanks, /mjt diff --git a/target-i386/cpu.c b/target-i386/cpu.c index 423e009..cbc172e 100644 --- a/target-i386/cpu.c +++ b/target-i386/cpu.c @@ -846,7 +846,7 @@ static void x86_cpuid_set_tsc_freq(Object *obj, Visitor *v, void *opaque, { X86CPU *cpu = X86_CPU(obj); const int64_t min = 0; - const int64_t max = INT_MAX; + const int64_t max = INT64_MAX; int64_t value; visit_type_int(v, &value, name, errp);