[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [qemu-s390x] [PATCH v3 04/25] chardev: Let qemu_chr_be_can_write() r
|
From: |
Marc-André Lureau |
|
Subject: |
Re: [qemu-s390x] [PATCH v3 04/25] chardev: Let qemu_chr_be_can_write() return a size_t types |
|
Date: |
Wed, 20 Feb 2019 14:28:04 +0100 |
Hi
On Wed, Feb 20, 2019 at 12:26 PM Philippe Mathieu-Daudé
<address@hidden> wrote:
>
> On 2/20/19 11:40 AM, Marc-André Lureau wrote:
> > Hi
> >
> > On Wed, Feb 20, 2019 at 2:04 AM Philippe Mathieu-Daudé
> > <address@hidden> wrote:
> >>
> >> In the previous commit we added an assert to be sure than
> >> qemu_chr_be_can_write() will never return a negative value.
> >> We can now change its prototype to return a size_t.
> >> Adapt the backends accordingly.
> >
> > Each variable you change to an unsigned type, we should check it isn't
> > used with negative values.
>
> Fortunately the preprocessor can help here!
>
> Oh I forgot to write down the steps I ran:
>
> # enable warnings
> $ configure \
> --extra-cflags='-Wtype-limits -Wsign-conversion -Wsign-compare' \
> --disable-werror
>
> # since there are many sign abuse, build blindly
> $ make 2>/dev/null
>
> # now refresh the source we modified
> $ git diff --name-only origin/master \
> | egrep \.c\$ \
> | xargs touch
>
> # build again and carefully watch the warnings
> # (there are many unuseful #include warnings, ignore them)
> $ make
>
> >>
> >> Suggested-by: Paolo Bonzini <address@hidden>
> >> Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
> >> ---
> >> chardev/baum.c | 6 +++---
> >> chardev/char-fd.c | 2 +-
> >> chardev/char-pty.c | 4 ++--
> >> chardev/char-socket.c | 7 ++++---
> >> chardev/char-udp.c | 4 ++--
> >> chardev/char-win.c | 2 +-
> >> chardev/char.c | 2 +-
> >> chardev/msmouse.c | 4 ++--
> >> chardev/spice.c | 2 +-
> >> chardev/wctablet.c | 4 ++--
> >> hw/bt/hci-csr.c | 2 +-
> >> include/chardev/char-fd.h | 2 +-
> >> include/chardev/char.h | 2 +-
> >> ui/console.c | 6 +++---
> >> 14 files changed, 25 insertions(+), 24 deletions(-)
> >>
> >> diff --git a/chardev/baum.c b/chardev/baum.c
> >> index 78b0c87625..1d69d62158 100644
> >> --- a/chardev/baum.c
> >> +++ b/chardev/baum.c
> >> @@ -265,7 +265,7 @@ static int baum_deferred_init(BaumChardev *baum)
> >> static void baum_chr_accept_input(struct Chardev *chr)
> >> {
> >> BaumChardev *baum = BAUM_CHARDEV(chr);
> >> - int room, first;
> >> + size_t room, first;
> >>
> >> if (!baum->out_buf_used)
> >> return;
> >> @@ -292,7 +292,7 @@ static void baum_write_packet(BaumChardev *baum, const
> >> uint8_t *buf, int len)
> >> {
> >> Chardev *chr = CHARDEV(baum);
> >> uint8_t io_buf[1 + 2 * len], *cur = io_buf;
> >> - int room;
> >> + size_t room;
> >> *cur++ = ESC;
> >> while (len--)
> >> if ((*cur++ = *buf++) == ESC)
> >> @@ -303,7 +303,7 @@ static void baum_write_packet(BaumChardev *baum, const
> >> uint8_t *buf, int len)
> >> /* Fits */
> >> qemu_chr_be_write(chr, io_buf, len);
> >> } else {
> >> - int first;
> >> + size_t first;
> >> uint8_t out;
> >> /* Can't fit all, send what can be, and store the rest. */
> >> qemu_chr_be_write(chr, io_buf, room);
> >
> > baum room & first are only used for non-negative capacity values. ack
> >
> >> diff --git a/chardev/char-fd.c b/chardev/char-fd.c
> >> index 2421d8e216..0fe2822869 100644
> >> --- a/chardev/char-fd.c
> >> +++ b/chardev/char-fd.c
> >> @@ -43,7 +43,7 @@ static gboolean fd_chr_read(QIOChannel *chan,
> >> GIOCondition cond, void *opaque)
> >> {
> >> Chardev *chr = CHARDEV(opaque);
> >> FDChardev *s = FD_CHARDEV(opaque);
> >> - int len;
> >> + size_t len;
> >> uint8_t buf[CHR_READ_BUF_LEN];
> >> ssize_t ret;
> >>
> >
> > fd len is only used for non-negative buffer size. ack
> >
> >> diff --git a/chardev/char-pty.c b/chardev/char-pty.c
> >> index 7777f6ddef..eae25f043b 100644
> >> --- a/chardev/char-pty.c
> >> +++ b/chardev/char-pty.c
> >> @@ -34,7 +34,7 @@
> >> typedef struct {
> >> Chardev parent;
> >> QIOChannel *ioc;
> >> - int read_bytes;
> >> + size_t read_bytes;
> >>
> >
> > Only set with values returned from qemu_chr_be_can_write(), ack
> >
> >> int connected;
> >> GSource *timer_src;
> >> @@ -132,7 +132,7 @@ static gboolean pty_chr_read(QIOChannel *chan,
> >> GIOCondition cond, void *opaque)
> >> {
> >> Chardev *chr = CHARDEV(opaque);
> >> PtyChardev *s = PTY_CHARDEV(opaque);
> >> - gsize len;
> >> + size_t len;
> >> uint8_t buf[CHR_READ_BUF_LEN];
> >> ssize_t ret;
> >
> > pty len is only used for non-negative buffer size. ack
> >
> >> diff --git a/chardev/char-socket.c b/chardev/char-socket.c
> >> index 262a59b64f..4010c343e0 100644
> >> --- a/chardev/char-socket.c
> >> +++ b/chardev/char-socket.c
> >> @@ -60,7 +60,7 @@ typedef struct {
> >> GSource *hup_source;
> >> QCryptoTLSCreds *tls_creds;
> >> TCPChardevState state;
> >> - int max_size;
> >> + size_t max_size;
> >
> > Only set with values returned from qemu_chr_be_can_write(), ack
> >
> >> int do_telnetopt;
> >> int do_nodelay;
> >> int *read_msgfds;
> >> @@ -493,10 +493,11 @@ static gboolean tcp_chr_read(QIOChannel *chan,
> >> GIOCondition cond, void *opaque)
> >> Chardev *chr = CHARDEV(opaque);
> >> SocketChardev *s = SOCKET_CHARDEV(opaque);
> >> uint8_t buf[CHR_READ_BUF_LEN];
> >> - int len, size;
> >> + size_t len;
> >
> > len is only used for non-negative buffer size. ack
> >
> >> + int size;
> >>
> >> if ((s->state != TCP_CHARDEV_STATE_CONNECTED) ||
> >> - s->max_size <= 0) {
> >> + s->max_size == 0) {
> >> return TRUE;
> >> }
> >> len = sizeof(buf);
> >> diff --git a/chardev/char-udp.c b/chardev/char-udp.c
> >> index b6e399e983..d4f40626e4 100644
> >> --- a/chardev/char-udp.c
> >> +++ b/chardev/char-udp.c
> >> @@ -39,7 +39,7 @@ typedef struct {
> >> uint8_t buf[CHR_READ_BUF_LEN];
> >> int bufcnt;
> >> int bufptr;
> >> - int max_size;
> >> + size_t max_size;
> >
> > Only set with values returned from qemu_chr_be_can_write(), ack
> >
> >> } UdpChardev;
> >>
> >> #define UDP_CHARDEV(obj) OBJECT_CHECK(UdpChardev, (obj), TYPE_CHARDEV_UDP)
> >> @@ -58,7 +58,7 @@ static void udp_chr_flush_buffer(UdpChardev *s)
> >> Chardev *chr = CHARDEV(s);
> >>
> >> while (s->max_size > 0 && s->bufptr < s->bufcnt) {
> >> - int n = MIN(s->max_size, s->bufcnt - s->bufptr);
> >> + size_t n = MIN(s->max_size, s->bufcnt - s->bufptr);
> >
> > the while() condition ensures the value will be > 0. ack
> >
> >> qemu_chr_be_write(chr, &s->buf[s->bufptr], n);
> >> s->bufptr += n;
> >> s->max_size = qemu_chr_be_can_write(chr);
> >> diff --git a/chardev/char-win.c b/chardev/char-win.c
> >> index 05518e0958..30361e8852 100644
> >> --- a/chardev/char-win.c
> >> +++ b/chardev/char-win.c
> >> @@ -29,7 +29,7 @@
> >> static void win_chr_read(Chardev *chr, DWORD len)
> >> {
> >> WinChardev *s = WIN_CHARDEV(chr);
> >> - int max_size = qemu_chr_be_can_write(chr);
> >> + size_t max_size = qemu_chr_be_can_write(chr);
> >
> > unmodified, ack
> >
> >> int ret, err;
> >> uint8_t buf[CHR_READ_BUF_LEN];
> >> DWORD size;
> >> diff --git a/chardev/char.c b/chardev/char.c
> >> index 71ecd32b25..3149cd3ba9 100644
> >> --- a/chardev/char.c
> >> +++ b/chardev/char.c
> >> @@ -156,7 +156,7 @@ int qemu_chr_write(Chardev *s, const uint8_t *buf, int
> >> len, bool write_all)
> >> return offset;
> >> }
> >>
> >> -int qemu_chr_be_can_write(Chardev *s)
> >> +size_t qemu_chr_be_can_write(Chardev *s)
> >> {
> >> CharBackend *be = s->be;
> >> int receivable_bytes;
> >> diff --git a/chardev/msmouse.c b/chardev/msmouse.c
> >> index 0ffd137ce8..cdb6f86037 100644
> >> --- a/chardev/msmouse.c
> >> +++ b/chardev/msmouse.c
> >> @@ -38,7 +38,7 @@ typedef struct {
> >> bool btns[INPUT_BUTTON__MAX];
> >> bool btnc[INPUT_BUTTON__MAX];
> >> uint8_t outbuf[32];
> >> - int outlen;
> >> + size_t outlen;
> >
> > outlen is only used as non-negative buffer size, ack
> >
> >> } MouseChardev;
> >>
> >> #define TYPE_CHARDEV_MSMOUSE "chardev-msmouse"
> >> @@ -48,7 +48,7 @@ typedef struct {
> >> static void msmouse_chr_accept_input(Chardev *chr)
> >> {
> >> MouseChardev *mouse = MOUSE_CHARDEV(chr);
> >> - int len;
> >> + size_t len;
> >>
> >> len = qemu_chr_be_can_write(chr);
> >
> > same
> >
> >> if (len > mouse->outlen) {
> >> diff --git a/chardev/spice.c b/chardev/spice.c
> >> index 173c257949..ad180a8a13 100644
> >> --- a/chardev/spice.c
> >> +++ b/chardev/spice.c
> >> @@ -43,7 +43,7 @@ static int vmc_write(SpiceCharDeviceInstance *sin, const
> >> uint8_t *buf, int len)
> >> uint8_t* p = (uint8_t*)buf;
> >>
> >> while (len > 0) {
> >> - int can_write = qemu_chr_be_can_write(chr);
> >> + size_t can_write = qemu_chr_be_can_write(chr);
> >
> > unmodified value, ack
> >
> >> last_out = MIN(len, can_write);
> >> if (last_out <= 0) {
> >> break;
> >> diff --git a/chardev/wctablet.c b/chardev/wctablet.c
> >> index cf7a08a363..daae570bc7 100644
> >> --- a/chardev/wctablet.c
> >> +++ b/chardev/wctablet.c
> >> @@ -74,7 +74,7 @@ typedef struct {
> >>
> >> /* Command to be sent to serial port */
> >> uint8_t outbuf[WC_OUTPUT_BUF_MAX_LEN];
> >> - int outlen;
> >> + size_t outlen;
> >
> > Used as non-negative buffer size only, ack
> >>
> >> int line_speed;
> >> bool send_events;
> >> @@ -186,7 +186,7 @@ static QemuInputHandler wctablet_handler = {
> >> static void wctablet_chr_accept_input(Chardev *chr)
> >> {
> >> TabletChardev *tablet = WCTABLET_CHARDEV(chr);
> >> - int len, canWrite;
> >> + size_t len, canWrite;
> >
> > Used as non-negative buffer size only, ack
> >
> >>
> >> canWrite = qemu_chr_be_can_write(chr);
> >> len = canWrite;
> >> diff --git a/hw/bt/hci-csr.c b/hw/bt/hci-csr.c
> >> index fa6660a113..e837a3fa1f 100644
> >> --- a/hw/bt/hci-csr.c
> >> +++ b/hw/bt/hci-csr.c
> >> @@ -38,7 +38,7 @@ struct csrhci_s {
> >> #define FIFO_LEN 4096
> >> int out_start;
> >> int out_len;
> >> - int out_size;
> >> + size_t out_size;
> >
> > Used as non-negative buffer size only, ack
> >
> >> uint8_t outfifo[FIFO_LEN * 2];
> >> uint8_t inpkt[FIFO_LEN];
> >> enum {
> >> diff --git a/include/chardev/char-fd.h b/include/chardev/char-fd.h
> >> index e7c2b176f9..36c6b89cee 100644
> >> --- a/include/chardev/char-fd.h
> >> +++ b/include/chardev/char-fd.h
> >> @@ -31,7 +31,7 @@ typedef struct FDChardev {
> >> Chardev parent;
> >>
> >> QIOChannel *ioc_in, *ioc_out;
> >> - int max_size;
> >> + size_t max_size;
> >
> > Only set with values returned from qemu_chr_be_can_write(), ack
> >
> >> } FDChardev;
> >>
> >> #define TYPE_CHARDEV_FD "chardev-fd"
> >> diff --git a/include/chardev/char.h b/include/chardev/char.h
> >> index c0b57f7685..0341dd1ba2 100644
> >> --- a/include/chardev/char.h
> >> +++ b/include/chardev/char.h
> >> @@ -173,7 +173,7 @@ Chardev *qemu_chr_new_noreplay(const char *label,
> >> const char *filename,
> >> *
> >> * Returns: the number of bytes the front end can receive via
> >> @qemu_chr_be_write
> >> */
> >> -int qemu_chr_be_can_write(Chardev *s);
> >> +size_t qemu_chr_be_can_write(Chardev *s);
> >>
> >> /**
> >> * qemu_chr_be_write:
> >> diff --git a/ui/console.c b/ui/console.c
> >> index 6d2282d3e9..42f04e2b37 100644
> >> --- a/ui/console.c
> >> +++ b/ui/console.c
> >> @@ -61,8 +61,8 @@ enum TTYState {
> >>
> >> typedef struct QEMUFIFO {
> >> uint8_t *buf;
> >> - int buf_size;
> >> - int count, wptr, rptr;
> >> + size_t buf_size, count;
> >> + int wptr, rptr;
> >
> > Only used as non-negative buffer size, ack
> >
> >> } QEMUFIFO;
> >>
> >> static int qemu_fifo_write(QEMUFIFO *f, const uint8_t *buf, int len1)
> >> @@ -1110,7 +1110,7 @@ static int vc_chr_write(Chardev *chr, const uint8_t
> >> *buf, int len)
> >> static void kbd_send_chars(void *opaque)
> >> {
> >> QemuConsole *s = opaque;
> >> - int len;
> >> + size_t len;
> >
> > Only used as non-negative buffer size, ack
> >
> >> uint8_t buf[16];
> >>
> >> len = qemu_chr_be_can_write(s->chr);
> >> --
> >> 2.20.1
> >>
> >
> > That was painful, hopefully I didn't miss something...
>
> As is this series and its rebases...
>
> I hope you will still be as willingful to review the follow up series
> (part #2) which is worst.
>
> I felt this is pointless to write the same detailed review you did in
> the commit message, because the reviewer still has to go to each patch
> and verify.
Sure, but it is still better than nothing :) If you systematically
review each change, it doesn't take much more time to write it down.
And if there are issues later on, there would be a short rationale for
it, even if prooved to be wrong/bad.
>
> >
> > Reviewed-by: Marc-André Lureau <address@hidden>
> >
>
> Thanks a lot!
>
> Phil.
[qemu-s390x] [PATCH v3 19/25] s390/ebcdic: Use size_t to iterate over arrays, Philippe Mathieu-Daudé, 2019/02/19
[qemu-s390x] [PATCH v3 10/25] usb-redir: Verify usbredirparser_write get called with positive count, Philippe Mathieu-Daudé, 2019/02/19
[qemu-s390x] [PATCH v3 23/25] hw/ipmi: Assert outlen > outpos, Philippe Mathieu-Daudé, 2019/02/19
[qemu-s390x] [PATCH v3 17/25] net/filter-mirror: Use size_t, Philippe Mathieu-Daudé, 2019/02/19