Re: [PATCH][Regression] x86, 32-bit: trim memory not covered by wb mtrrs - FIX

From: Yinghai Lu
Date: Thu Feb 07 2008 - 04:11:38 EST


On Feb 7, 2008 1:04 AM, Ingo Molnar <mingo@xxxxxxx> wrote:
>
> * Yinghai Lu <yhlu.kernel@xxxxxxxxx> wrote:
>
> > minor difference
> > + trim_start = highest_pfn << PAGE_SHIFT;
> > + trim_size = end_pfn << PAGE_SHIFT;
> >
> > could cause some problem with 32 bit kernel when mem > 4g. becase
> > highest_pfn and end_pfn is unsigned long aka 32 bit ...could overflow.
> >
> > so need to assign thtem to tr, 32-bitim_start/trim_end at first
> > or
> > + trim_start = (u64)highest_pfn << PAGE_SHIFT;
> > + trim_size = (u64)end_pfn << PAGE_SHIFT;
>
> indeed ...
>
> i think the 64-bit behavior of gcc is inherently dangerous, we had
> numerous subtle bugs in that area.
>
> i think perhaps Sparse should be extended to warn about this. I think
> any case where on _32-bit_ we have an 'unsigned long' that is shifted to
> the left by any significant amount is clearly in danger of overflowing.
> _Especially_ when the lvalue is 64-bit!
>
> or in other words, on any such construct:
>
> 64-bit lvalue = ... 32-bit value
>
> we should enforce _explicit_ (u64) conversions.

so you mean gcc will do some optimization to make

+ trim_start = highest_pfn;
+ trim_start <<= PAGE_SHIFT;

to be

+ trim_start = highest_pfn << PAGE_SHIFT;

looks scary...

then gcc need to be fixed.

YH
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/