[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v3 04/25] chardev: Let qemu_chr_be_can_write() return a size_t types



Hi

On Wed, Feb 20, 2019 at 12:26 PM Philippe Mathieu-Daudé
<philmd@xxxxxxxxxx> wrote:
>
> On 2/20/19 11:40 AM, Marc-André Lureau wrote:
> > Hi
> >
> > On Wed, Feb 20, 2019 at 2:04 AM Philippe Mathieu-Daudé
> > <philmd@xxxxxxxxxx> wrote:
> >>
> >> In the previous commit we added an assert to be sure than
> >> qemu_chr_be_can_write() will never return a negative value.
> >> We can now change its prototype to return a size_t.
> >> Adapt the backends accordingly.
> >
> > Each variable you change to an unsigned type, we should check it isn't
> > used with negative values.
>
> Fortunately the preprocessor can help here!
>
> Oh I forgot to write down the steps I ran:
>
>   # enable warnings
>   $ configure \
>     --extra-cflags='-Wtype-limits -Wsign-conversion -Wsign-compare' \
>     --disable-werror
>
>   # since there are many sign abuse, build blindly
>   $ make 2>/dev/null
>
>   # now refresh the source we modified
>   $ git diff --name-only origin/master \
>       | egrep \.c\$ \
>       | xargs touch
>
>   # build again and carefully watch the warnings
>   # (there are many unuseful #include warnings, ignore them)
>   $ make
>
> >>
> >> Suggested-by: Paolo Bonzini <pbonzini@xxxxxxxxxx>
> >> Signed-off-by: Philippe Mathieu-Daudé <philmd@xxxxxxxxxx>
> >> ---
> >>  chardev/baum.c            | 6 +++---
> >>  chardev/char-fd.c         | 2 +-
> >>  chardev/char-pty.c        | 4 ++--
> >>  chardev/char-socket.c     | 7 ++++---
> >>  chardev/char-udp.c        | 4 ++--
> >>  chardev/char-win.c        | 2 +-
> >>  chardev/char.c            | 2 +-
> >>  chardev/msmouse.c         | 4 ++--
> >>  chardev/spice.c           | 2 +-
> >>  chardev/wctablet.c        | 4 ++--
> >>  hw/bt/hci-csr.c           | 2 +-
> >>  include/chardev/char-fd.h | 2 +-
> >>  include/chardev/char.h    | 2 +-
> >>  ui/console.c              | 6 +++---
> >>  14 files changed, 25 insertions(+), 24 deletions(-)
> >>
> >> diff --git a/chardev/baum.c b/chardev/baum.c
> >> index 78b0c87625..1d69d62158 100644
> >> --- a/chardev/baum.c
> >> +++ b/chardev/baum.c
> >> @@ -265,7 +265,7 @@ static int baum_deferred_init(BaumChardev *baum)
> >>  static void baum_chr_accept_input(struct Chardev *chr)
> >>  {
> >>      BaumChardev *baum = BAUM_CHARDEV(chr);
> >> -    int room, first;
> >> +    size_t room, first;
> >>
> >>      if (!baum->out_buf_used)
> >>          return;
> >> @@ -292,7 +292,7 @@ static void baum_write_packet(BaumChardev *baum, const 
> >> uint8_t *buf, int len)
> >>  {
> >>      Chardev *chr = CHARDEV(baum);
> >>      uint8_t io_buf[1 + 2 * len], *cur = io_buf;
> >> -    int room;
> >> +    size_t room;
> >>      *cur++ = ESC;
> >>      while (len--)
> >>          if ((*cur++ = *buf++) == ESC)
> >> @@ -303,7 +303,7 @@ static void baum_write_packet(BaumChardev *baum, const 
> >> uint8_t *buf, int len)
> >>          /* Fits */
> >>          qemu_chr_be_write(chr, io_buf, len);
> >>      } else {
> >> -        int first;
> >> +        size_t first;
> >>          uint8_t out;
> >>          /* Can't fit all, send what can be, and store the rest. */
> >>          qemu_chr_be_write(chr, io_buf, room);
> >
> > baum room & first are only used for non-negative capacity values. ack
> >
> >> diff --git a/chardev/char-fd.c b/chardev/char-fd.c
> >> index 2421d8e216..0fe2822869 100644
> >> --- a/chardev/char-fd.c
> >> +++ b/chardev/char-fd.c
> >> @@ -43,7 +43,7 @@ static gboolean fd_chr_read(QIOChannel *chan, 
> >> GIOCondition cond, void *opaque)
> >>  {
> >>      Chardev *chr = CHARDEV(opaque);
> >>      FDChardev *s = FD_CHARDEV(opaque);
> >> -    int len;
> >> +    size_t len;
> >>      uint8_t buf[CHR_READ_BUF_LEN];
> >>      ssize_t ret;
> >>
> >
> > fd len is only used for non-negative buffer size. ack
> >
> >> diff --git a/chardev/char-pty.c b/chardev/char-pty.c
> >> index 7777f6ddef..eae25f043b 100644
> >> --- a/chardev/char-pty.c
> >> +++ b/chardev/char-pty.c
> >> @@ -34,7 +34,7 @@
> >>  typedef struct {
> >>      Chardev parent;
> >>      QIOChannel *ioc;
> >> -    int read_bytes;
> >> +    size_t read_bytes;
> >>
> >
> > Only set with values returned from qemu_chr_be_can_write(), ack
> >
> >>      int connected;
> >>      GSource *timer_src;
> >> @@ -132,7 +132,7 @@ static gboolean pty_chr_read(QIOChannel *chan, 
> >> GIOCondition cond, void *opaque)
> >>  {
> >>      Chardev *chr = CHARDEV(opaque);
> >>      PtyChardev *s = PTY_CHARDEV(opaque);
> >> -    gsize len;
> >> +    size_t len;
> >>      uint8_t buf[CHR_READ_BUF_LEN];
> >>      ssize_t ret;
> >
> > pty len is only used for non-negative buffer size. ack
> >
> >> diff --git a/chardev/char-socket.c b/chardev/char-socket.c
> >> index 262a59b64f..4010c343e0 100644
> >> --- a/chardev/char-socket.c
> >> +++ b/chardev/char-socket.c
> >> @@ -60,7 +60,7 @@ typedef struct {
> >>      GSource *hup_source;
> >>      QCryptoTLSCreds *tls_creds;
> >>      TCPChardevState state;
> >> -    int max_size;
> >> +    size_t max_size;
> >
> > Only set with values returned from qemu_chr_be_can_write(), ack
> >
> >>      int do_telnetopt;
> >>      int do_nodelay;
> >>      int *read_msgfds;
> >> @@ -493,10 +493,11 @@ static gboolean tcp_chr_read(QIOChannel *chan, 
> >> GIOCondition cond, void *opaque)
> >>      Chardev *chr = CHARDEV(opaque);
> >>      SocketChardev *s = SOCKET_CHARDEV(opaque);
> >>      uint8_t buf[CHR_READ_BUF_LEN];
> >> -    int len, size;
> >> +    size_t len;
> >
> > len is only used for non-negative buffer size. ack
> >
> >> +    int size;
> >>
> >>      if ((s->state != TCP_CHARDEV_STATE_CONNECTED) ||
> >> -        s->max_size <= 0) {
> >> +        s->max_size == 0) {
> >>          return TRUE;
> >>      }
> >>      len = sizeof(buf);
> >> diff --git a/chardev/char-udp.c b/chardev/char-udp.c
> >> index b6e399e983..d4f40626e4 100644
> >> --- a/chardev/char-udp.c
> >> +++ b/chardev/char-udp.c
> >> @@ -39,7 +39,7 @@ typedef struct {
> >>      uint8_t buf[CHR_READ_BUF_LEN];
> >>      int bufcnt;
> >>      int bufptr;
> >> -    int max_size;
> >> +    size_t max_size;
> >
> > Only set with values returned from qemu_chr_be_can_write(), ack
> >
> >>  } UdpChardev;
> >>
> >>  #define UDP_CHARDEV(obj) OBJECT_CHECK(UdpChardev, (obj), TYPE_CHARDEV_UDP)
> >> @@ -58,7 +58,7 @@ static void udp_chr_flush_buffer(UdpChardev *s)
> >>      Chardev *chr = CHARDEV(s);
> >>
> >>      while (s->max_size > 0 && s->bufptr < s->bufcnt) {
> >> -        int n = MIN(s->max_size, s->bufcnt - s->bufptr);
> >> +        size_t n = MIN(s->max_size, s->bufcnt - s->bufptr);
> >
> > the while() condition ensures the value will be > 0. ack
> >
> >>          qemu_chr_be_write(chr, &s->buf[s->bufptr], n);
> >>          s->bufptr += n;
> >>          s->max_size = qemu_chr_be_can_write(chr);
> >> diff --git a/chardev/char-win.c b/chardev/char-win.c
> >> index 05518e0958..30361e8852 100644
> >> --- a/chardev/char-win.c
> >> +++ b/chardev/char-win.c
> >> @@ -29,7 +29,7 @@
> >>  static void win_chr_read(Chardev *chr, DWORD len)
> >>  {
> >>      WinChardev *s = WIN_CHARDEV(chr);
> >> -    int max_size = qemu_chr_be_can_write(chr);
> >> +    size_t max_size = qemu_chr_be_can_write(chr);
> >
> > unmodified, ack
> >
> >>      int ret, err;
> >>      uint8_t buf[CHR_READ_BUF_LEN];
> >>      DWORD size;
> >> diff --git a/chardev/char.c b/chardev/char.c
> >> index 71ecd32b25..3149cd3ba9 100644
> >> --- a/chardev/char.c
> >> +++ b/chardev/char.c
> >> @@ -156,7 +156,7 @@ int qemu_chr_write(Chardev *s, const uint8_t *buf, int 
> >> len, bool write_all)
> >>      return offset;
> >>  }
> >>
> >> -int qemu_chr_be_can_write(Chardev *s)
> >> +size_t qemu_chr_be_can_write(Chardev *s)
> >>  {
> >>      CharBackend *be = s->be;
> >>      int receivable_bytes;
> >> diff --git a/chardev/msmouse.c b/chardev/msmouse.c
> >> index 0ffd137ce8..cdb6f86037 100644
> >> --- a/chardev/msmouse.c
> >> +++ b/chardev/msmouse.c
> >> @@ -38,7 +38,7 @@ typedef struct {
> >>      bool btns[INPUT_BUTTON__MAX];
> >>      bool btnc[INPUT_BUTTON__MAX];
> >>      uint8_t outbuf[32];
> >> -    int outlen;
> >> +    size_t outlen;
> >
> > outlen is only used as non-negative buffer size, ack
> >
> >>  } MouseChardev;
> >>
> >>  #define TYPE_CHARDEV_MSMOUSE "chardev-msmouse"
> >> @@ -48,7 +48,7 @@ typedef struct {
> >>  static void msmouse_chr_accept_input(Chardev *chr)
> >>  {
> >>      MouseChardev *mouse = MOUSE_CHARDEV(chr);
> >> -    int len;
> >> +    size_t len;
> >>
> >>      len = qemu_chr_be_can_write(chr);
> >
> > same
> >
> >>      if (len > mouse->outlen) {
> >> diff --git a/chardev/spice.c b/chardev/spice.c
> >> index 173c257949..ad180a8a13 100644
> >> --- a/chardev/spice.c
> >> +++ b/chardev/spice.c
> >> @@ -43,7 +43,7 @@ static int vmc_write(SpiceCharDeviceInstance *sin, const 
> >> uint8_t *buf, int len)
> >>      uint8_t* p = (uint8_t*)buf;
> >>
> >>      while (len > 0) {
> >> -        int can_write = qemu_chr_be_can_write(chr);
> >> +        size_t can_write = qemu_chr_be_can_write(chr);
> >
> > unmodified value, ack
> >
> >>          last_out = MIN(len, can_write);
> >>          if (last_out <= 0) {
> >>              break;
> >> diff --git a/chardev/wctablet.c b/chardev/wctablet.c
> >> index cf7a08a363..daae570bc7 100644
> >> --- a/chardev/wctablet.c
> >> +++ b/chardev/wctablet.c
> >> @@ -74,7 +74,7 @@ typedef struct {
> >>
> >>      /* Command to be sent to serial port */
> >>      uint8_t outbuf[WC_OUTPUT_BUF_MAX_LEN];
> >> -    int outlen;
> >> +    size_t outlen;
> >
> > Used as non-negative buffer size only, ack
> >>
> >>      int line_speed;
> >>      bool send_events;
> >> @@ -186,7 +186,7 @@ static QemuInputHandler wctablet_handler = {
> >>  static void wctablet_chr_accept_input(Chardev *chr)
> >>  {
> >>      TabletChardev *tablet = WCTABLET_CHARDEV(chr);
> >> -    int len, canWrite;
> >> +    size_t len, canWrite;
> >
> > Used as non-negative buffer size only, ack
> >
> >>
> >>      canWrite = qemu_chr_be_can_write(chr);
> >>      len = canWrite;
> >> diff --git a/hw/bt/hci-csr.c b/hw/bt/hci-csr.c
> >> index fa6660a113..e837a3fa1f 100644
> >> --- a/hw/bt/hci-csr.c
> >> +++ b/hw/bt/hci-csr.c
> >> @@ -38,7 +38,7 @@ struct csrhci_s {
> >>  #define FIFO_LEN       4096
> >>      int out_start;
> >>      int out_len;
> >> -    int out_size;
> >> +    size_t out_size;
> >
> > Used as non-negative buffer size only, ack
> >
> >>      uint8_t outfifo[FIFO_LEN * 2];
> >>      uint8_t inpkt[FIFO_LEN];
> >>      enum {
> >> diff --git a/include/chardev/char-fd.h b/include/chardev/char-fd.h
> >> index e7c2b176f9..36c6b89cee 100644
> >> --- a/include/chardev/char-fd.h
> >> +++ b/include/chardev/char-fd.h
> >> @@ -31,7 +31,7 @@ typedef struct FDChardev {
> >>      Chardev parent;
> >>
> >>      QIOChannel *ioc_in, *ioc_out;
> >> -    int max_size;
> >> +    size_t max_size;
> >
> > Only set with values returned from qemu_chr_be_can_write(), ack
> >
> >>  } FDChardev;
> >>
> >>  #define TYPE_CHARDEV_FD "chardev-fd"
> >> diff --git a/include/chardev/char.h b/include/chardev/char.h
> >> index c0b57f7685..0341dd1ba2 100644
> >> --- a/include/chardev/char.h
> >> +++ b/include/chardev/char.h
> >> @@ -173,7 +173,7 @@ Chardev *qemu_chr_new_noreplay(const char *label, 
> >> const char *filename,
> >>   *
> >>   * Returns: the number of bytes the front end can receive via 
> >> @qemu_chr_be_write
> >>   */
> >> -int qemu_chr_be_can_write(Chardev *s);
> >> +size_t qemu_chr_be_can_write(Chardev *s);
> >>
> >>  /**
> >>   * qemu_chr_be_write:
> >> diff --git a/ui/console.c b/ui/console.c
> >> index 6d2282d3e9..42f04e2b37 100644
> >> --- a/ui/console.c
> >> +++ b/ui/console.c
> >> @@ -61,8 +61,8 @@ enum TTYState {
> >>
> >>  typedef struct QEMUFIFO {
> >>      uint8_t *buf;
> >> -    int buf_size;
> >> -    int count, wptr, rptr;
> >> +    size_t buf_size, count;
> >> +    int wptr, rptr;
> >
> > Only used as non-negative buffer size, ack
> >
> >>  } QEMUFIFO;
> >>
> >>  static int qemu_fifo_write(QEMUFIFO *f, const uint8_t *buf, int len1)
> >> @@ -1110,7 +1110,7 @@ static int vc_chr_write(Chardev *chr, const uint8_t 
> >> *buf, int len)
> >>  static void kbd_send_chars(void *opaque)
> >>  {
> >>      QemuConsole *s = opaque;
> >> -    int len;
> >> +    size_t len;
> >
> > Only used as non-negative buffer size, ack
> >
> >>      uint8_t buf[16];
> >>
> >>      len = qemu_chr_be_can_write(s->chr);
> >> --
> >> 2.20.1
> >>
> >
> > That was painful, hopefully I didn't miss something...
>
> As is this series and its rebases...
>
> I hope you will still be as willingful to review the follow up series
> (part #2) which is worst.
>
> I felt this is pointless to write the same detailed review you did in
> the commit message, because the reviewer still has to go to each patch
> and verify.


Sure, but it is still better than nothing :) If you systematically
review each change, it doesn't take much more time to write it down.
And if there are issues later on, there would be a short rationale for
it, even if prooved to be wrong/bad.

>
> >
> > Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx>
> >
>
> Thanks a lot!
>
> Phil.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.