* [9fans] Re: Bug in sysrendezvous?
@ 1997-09-16 16:39 forsyth
0 siblings, 0 replies; 3+ messages in thread
From: forsyth @ 1997-09-16 16:39 UTC (permalink / raw)
>The "tag" operand of rendezvous is defined as ulong; but in the
>function sysrendezvous (in sysproc.c), it's copied into an int, which
i think philw said at the time to change the declaration of
long ... tag
to
ulong ...
in sysrendezvous, which i seem to have done on
all the systems i've got here. it obviously could go
badly wrong otherwise.
^ permalink raw reply [flat|nested] 3+ messages in thread
* [9fans] Re: Bug in sysrendezvous?
@ 1997-09-16 19:00 G.David
0 siblings, 0 replies; 3+ messages in thread
From: G.David @ 1997-09-16 19:00 UTC (permalink / raw)
From: "G. David Butler" <gdb@dbSystems.com>
>From: Amos Shapir <amos@cs.huji.ac.il>
>Date: Mon, 3 Jun 1996 09:59:36 -0400
>>
>>The "tag" operand of rendezvous is defined as ulong; but in the
>>function sysrendezvous (in sysproc.c), it's copied into an int, which
>>is used as an index in a table by the REND macro. If I'm mistaken
>>correctly, this means that if the tag is negative, the resulting
>>pointer would point *outside* the table!
>>
[snip]
>#define REND(p,s) ((p)->rendhash[(ulong)(s)%RENDHASH])
Well, I jumped the gun here. The fix was posted long ago with
a declaration change in sysrendezvous() to a ulong.
Sorry for the rehash :-).
^ permalink raw reply [flat|nested] 3+ messages in thread
* [9fans] Re: Bug in sysrendezvous?
@ 1997-09-16 18:39 G.David
0 siblings, 0 replies; 3+ messages in thread
From: G.David @ 1997-09-16 18:39 UTC (permalink / raw)
From: Amos Shapir <amos@cs.huji.ac.il>
Date: Mon, 3 Jun 1996 09:59:36 -0400
>
>The "tag" operand of rendezvous is defined as ulong; but in the
>function sysrendezvous (in sysproc.c), it's copied into an int, which
>is used as an index in a table by the REND macro. If I'm mistaken
>correctly, this means that if the tag is negative, the resulting
>pointer would point *outside* the table!
>
>I guess this bug was not discovered because the tag is usually an
>address in user space, but nothing in the manual suggests it has to be
>below 0x80000000 (or that it shouldn't be 0xdeadbeef...)
>
>Did anybody else had any trouble with this?
Did you? I am now getting into the rendezvous stuff and looked back
and found your mail. Did you do anything about this? If so, what?
Perhaps just casting the value to a ulong before the hash calc will
work? All that is really needed is the remainder. (positive of course.)
change
#define REND(p,s) ((p)->rendhash[(s)%RENDHASH])
to
#define REND(p,s) ((p)->rendhash[(ulong)(s)%RENDHASH])
David Butler
gdb@dbSystems.com
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~1997-09-16 19:00 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
1997-09-16 16:39 [9fans] Re: Bug in sysrendezvous? forsyth
1997-09-16 18:39 G.David
1997-09-16 19:00 G.David
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).