[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [qemu-s390x] [PATCH v3 04/25] chardev: Let qemu_chr_be_can_write() r
|
From: |
Philippe Mathieu-Daudé |
|
Subject: |
Re: [qemu-s390x] [PATCH v3 04/25] chardev: Let qemu_chr_be_can_write() return a size_t types |
|
Date: |
Wed, 20 Feb 2019 12:26:04 +0100 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.5.0 |
On 2/20/19 11:40 AM, Marc-André Lureau wrote:
> Hi
>
> On Wed, Feb 20, 2019 at 2:04 AM Philippe Mathieu-Daudé
> <address@hidden> wrote:
>>
>> In the previous commit we added an assert to be sure than
>> qemu_chr_be_can_write() will never return a negative value.
>> We can now change its prototype to return a size_t.
>> Adapt the backends accordingly.
>
> Each variable you change to an unsigned type, we should check it isn't
> used with negative values.
Fortunately the preprocessor can help here!
Oh I forgot to write down the steps I ran:
# enable warnings
$ configure \
--extra-cflags='-Wtype-limits -Wsign-conversion -Wsign-compare' \
--disable-werror
# since there are many sign abuse, build blindly
$ make 2>/dev/null
# now refresh the source we modified
$ git diff --name-only origin/master \
| egrep \.c\$ \
| xargs touch
# build again and carefully watch the warnings
# (there are many unuseful #include warnings, ignore them)
$ make
>>
>> Suggested-by: Paolo Bonzini <address@hidden>
>> Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
>> ---
>> chardev/baum.c | 6 +++---
>> chardev/char-fd.c | 2 +-
>> chardev/char-pty.c | 4 ++--
>> chardev/char-socket.c | 7 ++++---
>> chardev/char-udp.c | 4 ++--
>> chardev/char-win.c | 2 +-
>> chardev/char.c | 2 +-
>> chardev/msmouse.c | 4 ++--
>> chardev/spice.c | 2 +-
>> chardev/wctablet.c | 4 ++--
>> hw/bt/hci-csr.c | 2 +-
>> include/chardev/char-fd.h | 2 +-
>> include/chardev/char.h | 2 +-
>> ui/console.c | 6 +++---
>> 14 files changed, 25 insertions(+), 24 deletions(-)
>>
>> diff --git a/chardev/baum.c b/chardev/baum.c
>> index 78b0c87625..1d69d62158 100644
>> --- a/chardev/baum.c
>> +++ b/chardev/baum.c
>> @@ -265,7 +265,7 @@ static int baum_deferred_init(BaumChardev *baum)
>> static void baum_chr_accept_input(struct Chardev *chr)
>> {
>> BaumChardev *baum = BAUM_CHARDEV(chr);
>> - int room, first;
>> + size_t room, first;
>>
>> if (!baum->out_buf_used)
>> return;
>> @@ -292,7 +292,7 @@ static void baum_write_packet(BaumChardev *baum, const
>> uint8_t *buf, int len)
>> {
>> Chardev *chr = CHARDEV(baum);
>> uint8_t io_buf[1 + 2 * len], *cur = io_buf;
>> - int room;
>> + size_t room;
>> *cur++ = ESC;
>> while (len--)
>> if ((*cur++ = *buf++) == ESC)
>> @@ -303,7 +303,7 @@ static void baum_write_packet(BaumChardev *baum, const
>> uint8_t *buf, int len)
>> /* Fits */
>> qemu_chr_be_write(chr, io_buf, len);
>> } else {
>> - int first;
>> + size_t first;
>> uint8_t out;
>> /* Can't fit all, send what can be, and store the rest. */
>> qemu_chr_be_write(chr, io_buf, room);
>
> baum room & first are only used for non-negative capacity values. ack
>
>> diff --git a/chardev/char-fd.c b/chardev/char-fd.c
>> index 2421d8e216..0fe2822869 100644
>> --- a/chardev/char-fd.c
>> +++ b/chardev/char-fd.c
>> @@ -43,7 +43,7 @@ static gboolean fd_chr_read(QIOChannel *chan, GIOCondition
>> cond, void *opaque)
>> {
>> Chardev *chr = CHARDEV(opaque);
>> FDChardev *s = FD_CHARDEV(opaque);
>> - int len;
>> + size_t len;
>> uint8_t buf[CHR_READ_BUF_LEN];
>> ssize_t ret;
>>
>
> fd len is only used for non-negative buffer size. ack
>
>> diff --git a/chardev/char-pty.c b/chardev/char-pty.c
>> index 7777f6ddef..eae25f043b 100644
>> --- a/chardev/char-pty.c
>> +++ b/chardev/char-pty.c
>> @@ -34,7 +34,7 @@
>> typedef struct {
>> Chardev parent;
>> QIOChannel *ioc;
>> - int read_bytes;
>> + size_t read_bytes;
>>
>
> Only set with values returned from qemu_chr_be_can_write(), ack
>
>> int connected;
>> GSource *timer_src;
>> @@ -132,7 +132,7 @@ static gboolean pty_chr_read(QIOChannel *chan,
>> GIOCondition cond, void *opaque)
>> {
>> Chardev *chr = CHARDEV(opaque);
>> PtyChardev *s = PTY_CHARDEV(opaque);
>> - gsize len;
>> + size_t len;
>> uint8_t buf[CHR_READ_BUF_LEN];
>> ssize_t ret;
>
> pty len is only used for non-negative buffer size. ack
>
>> diff --git a/chardev/char-socket.c b/chardev/char-socket.c
>> index 262a59b64f..4010c343e0 100644
>> --- a/chardev/char-socket.c
>> +++ b/chardev/char-socket.c
>> @@ -60,7 +60,7 @@ typedef struct {
>> GSource *hup_source;
>> QCryptoTLSCreds *tls_creds;
>> TCPChardevState state;
>> - int max_size;
>> + size_t max_size;
>
> Only set with values returned from qemu_chr_be_can_write(), ack
>
>> int do_telnetopt;
>> int do_nodelay;
>> int *read_msgfds;
>> @@ -493,10 +493,11 @@ static gboolean tcp_chr_read(QIOChannel *chan,
>> GIOCondition cond, void *opaque)
>> Chardev *chr = CHARDEV(opaque);
>> SocketChardev *s = SOCKET_CHARDEV(opaque);
>> uint8_t buf[CHR_READ_BUF_LEN];
>> - int len, size;
>> + size_t len;
>
> len is only used for non-negative buffer size. ack
>
>> + int size;
>>
>> if ((s->state != TCP_CHARDEV_STATE_CONNECTED) ||
>> - s->max_size <= 0) {
>> + s->max_size == 0) {
>> return TRUE;
>> }
>> len = sizeof(buf);
>> diff --git a/chardev/char-udp.c b/chardev/char-udp.c
>> index b6e399e983..d4f40626e4 100644
>> --- a/chardev/char-udp.c
>> +++ b/chardev/char-udp.c
>> @@ -39,7 +39,7 @@ typedef struct {
>> uint8_t buf[CHR_READ_BUF_LEN];
>> int bufcnt;
>> int bufptr;
>> - int max_size;
>> + size_t max_size;
>
> Only set with values returned from qemu_chr_be_can_write(), ack
>
>> } UdpChardev;
>>
>> #define UDP_CHARDEV(obj) OBJECT_CHECK(UdpChardev, (obj), TYPE_CHARDEV_UDP)
>> @@ -58,7 +58,7 @@ static void udp_chr_flush_buffer(UdpChardev *s)
>> Chardev *chr = CHARDEV(s);
>>
>> while (s->max_size > 0 && s->bufptr < s->bufcnt) {
>> - int n = MIN(s->max_size, s->bufcnt - s->bufptr);
>> + size_t n = MIN(s->max_size, s->bufcnt - s->bufptr);
>
> the while() condition ensures the value will be > 0. ack
>
>> qemu_chr_be_write(chr, &s->buf[s->bufptr], n);
>> s->bufptr += n;
>> s->max_size = qemu_chr_be_can_write(chr);
>> diff --git a/chardev/char-win.c b/chardev/char-win.c
>> index 05518e0958..30361e8852 100644
>> --- a/chardev/char-win.c
>> +++ b/chardev/char-win.c
>> @@ -29,7 +29,7 @@
>> static void win_chr_read(Chardev *chr, DWORD len)
>> {
>> WinChardev *s = WIN_CHARDEV(chr);
>> - int max_size = qemu_chr_be_can_write(chr);
>> + size_t max_size = qemu_chr_be_can_write(chr);
>
> unmodified, ack
>
>> int ret, err;
>> uint8_t buf[CHR_READ_BUF_LEN];
>> DWORD size;
>> diff --git a/chardev/char.c b/chardev/char.c
>> index 71ecd32b25..3149cd3ba9 100644
>> --- a/chardev/char.c
>> +++ b/chardev/char.c
>> @@ -156,7 +156,7 @@ int qemu_chr_write(Chardev *s, const uint8_t *buf, int
>> len, bool write_all)
>> return offset;
>> }
>>
>> -int qemu_chr_be_can_write(Chardev *s)
>> +size_t qemu_chr_be_can_write(Chardev *s)
>> {
>> CharBackend *be = s->be;
>> int receivable_bytes;
>> diff --git a/chardev/msmouse.c b/chardev/msmouse.c
>> index 0ffd137ce8..cdb6f86037 100644
>> --- a/chardev/msmouse.c
>> +++ b/chardev/msmouse.c
>> @@ -38,7 +38,7 @@ typedef struct {
>> bool btns[INPUT_BUTTON__MAX];
>> bool btnc[INPUT_BUTTON__MAX];
>> uint8_t outbuf[32];
>> - int outlen;
>> + size_t outlen;
>
> outlen is only used as non-negative buffer size, ack
>
>> } MouseChardev;
>>
>> #define TYPE_CHARDEV_MSMOUSE "chardev-msmouse"
>> @@ -48,7 +48,7 @@ typedef struct {
>> static void msmouse_chr_accept_input(Chardev *chr)
>> {
>> MouseChardev *mouse = MOUSE_CHARDEV(chr);
>> - int len;
>> + size_t len;
>>
>> len = qemu_chr_be_can_write(chr);
>
> same
>
>> if (len > mouse->outlen) {
>> diff --git a/chardev/spice.c b/chardev/spice.c
>> index 173c257949..ad180a8a13 100644
>> --- a/chardev/spice.c
>> +++ b/chardev/spice.c
>> @@ -43,7 +43,7 @@ static int vmc_write(SpiceCharDeviceInstance *sin, const
>> uint8_t *buf, int len)
>> uint8_t* p = (uint8_t*)buf;
>>
>> while (len > 0) {
>> - int can_write = qemu_chr_be_can_write(chr);
>> + size_t can_write = qemu_chr_be_can_write(chr);
>
> unmodified value, ack
>
>> last_out = MIN(len, can_write);
>> if (last_out <= 0) {
>> break;
>> diff --git a/chardev/wctablet.c b/chardev/wctablet.c
>> index cf7a08a363..daae570bc7 100644
>> --- a/chardev/wctablet.c
>> +++ b/chardev/wctablet.c
>> @@ -74,7 +74,7 @@ typedef struct {
>>
>> /* Command to be sent to serial port */
>> uint8_t outbuf[WC_OUTPUT_BUF_MAX_LEN];
>> - int outlen;
>> + size_t outlen;
>
> Used as non-negative buffer size only, ack
>>
>> int line_speed;
>> bool send_events;
>> @@ -186,7 +186,7 @@ static QemuInputHandler wctablet_handler = {
>> static void wctablet_chr_accept_input(Chardev *chr)
>> {
>> TabletChardev *tablet = WCTABLET_CHARDEV(chr);
>> - int len, canWrite;
>> + size_t len, canWrite;
>
> Used as non-negative buffer size only, ack
>
>>
>> canWrite = qemu_chr_be_can_write(chr);
>> len = canWrite;
>> diff --git a/hw/bt/hci-csr.c b/hw/bt/hci-csr.c
>> index fa6660a113..e837a3fa1f 100644
>> --- a/hw/bt/hci-csr.c
>> +++ b/hw/bt/hci-csr.c
>> @@ -38,7 +38,7 @@ struct csrhci_s {
>> #define FIFO_LEN 4096
>> int out_start;
>> int out_len;
>> - int out_size;
>> + size_t out_size;
>
> Used as non-negative buffer size only, ack
>
>> uint8_t outfifo[FIFO_LEN * 2];
>> uint8_t inpkt[FIFO_LEN];
>> enum {
>> diff --git a/include/chardev/char-fd.h b/include/chardev/char-fd.h
>> index e7c2b176f9..36c6b89cee 100644
>> --- a/include/chardev/char-fd.h
>> +++ b/include/chardev/char-fd.h
>> @@ -31,7 +31,7 @@ typedef struct FDChardev {
>> Chardev parent;
>>
>> QIOChannel *ioc_in, *ioc_out;
>> - int max_size;
>> + size_t max_size;
>
> Only set with values returned from qemu_chr_be_can_write(), ack
>
>> } FDChardev;
>>
>> #define TYPE_CHARDEV_FD "chardev-fd"
>> diff --git a/include/chardev/char.h b/include/chardev/char.h
>> index c0b57f7685..0341dd1ba2 100644
>> --- a/include/chardev/char.h
>> +++ b/include/chardev/char.h
>> @@ -173,7 +173,7 @@ Chardev *qemu_chr_new_noreplay(const char *label, const
>> char *filename,
>> *
>> * Returns: the number of bytes the front end can receive via
>> @qemu_chr_be_write
>> */
>> -int qemu_chr_be_can_write(Chardev *s);
>> +size_t qemu_chr_be_can_write(Chardev *s);
>>
>> /**
>> * qemu_chr_be_write:
>> diff --git a/ui/console.c b/ui/console.c
>> index 6d2282d3e9..42f04e2b37 100644
>> --- a/ui/console.c
>> +++ b/ui/console.c
>> @@ -61,8 +61,8 @@ enum TTYState {
>>
>> typedef struct QEMUFIFO {
>> uint8_t *buf;
>> - int buf_size;
>> - int count, wptr, rptr;
>> + size_t buf_size, count;
>> + int wptr, rptr;
>
> Only used as non-negative buffer size, ack
>
>> } QEMUFIFO;
>>
>> static int qemu_fifo_write(QEMUFIFO *f, const uint8_t *buf, int len1)
>> @@ -1110,7 +1110,7 @@ static int vc_chr_write(Chardev *chr, const uint8_t
>> *buf, int len)
>> static void kbd_send_chars(void *opaque)
>> {
>> QemuConsole *s = opaque;
>> - int len;
>> + size_t len;
>
> Only used as non-negative buffer size, ack
>
>> uint8_t buf[16];
>>
>> len = qemu_chr_be_can_write(s->chr);
>> --
>> 2.20.1
>>
>
> That was painful, hopefully I didn't miss something...
As is this series and its rebases...
I hope you will still be as willingful to review the follow up series
(part #2) which is worst.
I felt this is pointless to write the same detailed review you did in
the commit message, because the reviewer still has to go to each patch
and verify.
>
> Reviewed-by: Marc-André Lureau <address@hidden>
>
Thanks a lot!
Phil.
[qemu-s390x] [PATCH v3 19/25] s390/ebcdic: Use size_t to iterate over arrays, Philippe Mathieu-Daudé, 2019/02/19
[qemu-s390x] [PATCH v3 10/25] usb-redir: Verify usbredirparser_write get called with positive count, Philippe Mathieu-Daudé, 2019/02/19
[qemu-s390x] [PATCH v3 23/25] hw/ipmi: Assert outlen > outpos, Philippe Mathieu-Daudé, 2019/02/19
[qemu-s390x] [PATCH v3 17/25] net/filter-mirror: Use size_t, Philippe Mathieu-Daudé, 2019/02/19