Re: [Qemu-devel] [PATCH 1/1] nbd: fix max_discard/max_transfer_length

[Peter Lieven]

Am 06.02.2015 um 13:17 schrieb Denis V. Lunev:
> On 06/02/15 15:07, Kevin Wolf wrote:
>> Am 06.02.2015 um 12:59 hat Denis V. Lunev geschrieben:
>>> On 06/02/15 14:53, Kevin Wolf wrote:
>>>> Am 06.02.2015 um 12:24 hat Denis V. Lunev geschrieben:
>>>>> nbd_co_discard calls nbd_client_session_co_discard which uses uint32_t
>>>>> as the length in bytes of the data to discard due to the following
>>>>> definition:
>>>>>
>>>>> struct nbd_request {
>>>>>      uint32_t magic;
>>>>>      uint32_t type;
>>>>>      uint64_t handle;
>>>>>      uint64_t from;
>>>>>      uint32_t len; <-- the length of data to be discarded, in bytes
>>>>> } QEMU_PACKED;
>>>>>
>>>>> Thus we should limit bl_max_discard to UINT32_MAX >> BDRV_SECTOR_BITS to
>>>>> avoid overflow.
>>>>>
>>>>> NBD read/write code uses the same structure for transfers. Fix
>>>>> max_transfer_length accordingly.
>>>>>
>>>>> Signed-off-by: Denis V. Lunev <address@hidden>
>>>>> CC: Peter Lieven <address@hidden>
>>>>> CC: Kevin Wolf <address@hidden>
>>>> Thanks, I have applied both Peter's and your patch. Can you guys please
>>>> check whether the current state of my block branch is correct or whether
>>>> I forgot to include or remove some patch?
>>> can you give me tree URL?
>> Sure:
>>
>> git: git://repo.or.cz/qemu/kevin.git block
>> Web: http://repo.or.cz/w/qemu/kevin.git/shortlog/refs/heads/block
>>
>>>> By the way, I don't think this NBD patch is strictly necessary as you'll
>>>> have a hard time finding a platform where INT_MAX > UINT32_MAX, but I
>>>> think it's good documentation at least and a safeguard if we ever decide
>>>> to lift the general block layer restrictions.
>>>>
>>>> Kevin
>>> nope, it is absolutely mandatory
>>>
>>> stdint.h:
>>>
>>> /* Limit of `size_t' type.  */
>>> # if __WORDSIZE == 64
>>> #  define SIZE_MAX              (18446744073709551615UL)
>>> # else
>>> #  define SIZE_MAX              (4294967295U)
>>> # endif
>> But Peter defined it like this:
>>
>> #define BDRV_REQUEST_MAX_SECTORS MIN(SIZE_MAX >> BDRV_SECTOR_BITS, \
>>                                       INT_MAX >> BDRV_SECTOR_BITS)
>>
>> And having integers with more the 32 bits is at least unusual. I don't
>> know of any platform that has them.
>>
>> Anyway, as I said, your patch is good documentation, so I'm happy to
>> apply it nevertheless.
>>
>> Kevin
> I have misinterpreted this.
>
> Actually I think then the limit should be MAX() rather then MIN()
> as the stack is ready to size_t transfers. In the other case
> there is no need at all to use this construction. INT_MAX will be
> always less than SIZE_MAX. I do not know any platform
> where this is violated.

That doesn't work. All internal routines have int (32-bit) as type for 
nb_sectors
whereas size_t is often 64-bit.

I also think that INT_MAX is always less than SIZE_MAX, but I would leave it
in just to be absolutely sure. Its evaluated at compile time and will not
hurt.

Peter