From: Paolo Bonzini <pbonzini@redhat.com>
To: "Philippe Mathieu-Daudé" <philmd@redhat.com>,
"Prasad J Pandit" <ppandit@redhat.com>
Cc: qemu-devel@nongnu.org, "Marc-André Lureau" <marcandre.lureau@redhat.com>
Subject: Re: [Qemu-devel] [PATCH v2 11/11] chardev: FDChardev::max_size be unsigned
Date: Fri, 12 Oct 2018 10:05:28 +0200 [thread overview]
Message-ID: <786ca1d4-f874-e643-b85a-20652f1c84d8@redhat.com> (raw)
In-Reply-To: <20181012002217.2864-12-philmd@redhat.com>
On 12/10/2018 02:22, Philippe Mathieu-Daudé wrote:
> Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
> ---
> chardev/char-fd.c | 2 +-
> include/chardev/char-fd.h | 2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/chardev/char-fd.c b/chardev/char-fd.c
> index bb426fa4b1..900da2f935 100644
> --- a/chardev/char-fd.c
> +++ b/chardev/char-fd.c
> @@ -43,7 +43,7 @@ static gboolean fd_chr_read(QIOChannel *chan, GIOCondition cond, void *opaque)
> {
> Chardev *chr = CHARDEV(opaque);
> FDChardev *s = FD_CHARDEV(opaque);
> - int len;
> + size_t len;
> uint8_t buf[CHR_READ_BUF_LEN];
> ssize_t ret;
>
> diff --git a/include/chardev/char-fd.h b/include/chardev/char-fd.h
> index e7c2b176f9..36c6b89cee 100644
> --- a/include/chardev/char-fd.h
> +++ b/include/chardev/char-fd.h
> @@ -31,7 +31,7 @@ typedef struct FDChardev {
> Chardev parent;
>
> QIOChannel *ioc_in, *ioc_out;
> - int max_size;
> + size_t max_size;
> } FDChardev;
>
> #define TYPE_CHARDEV_FD "chardev-fd"
>
This shouldn't be just for max_size, it should be for all variables that
are set in the *_read_poll functions (those that you touch in patch 3).
These variables are than used very little, basically only in a
len = MAX(s->max_size, sizeof(buf))
statement, so this switch is safe. However, the order of the patches
should be first 4, then this one (the assertion shows that the switch to
unsigned is safe), then 5-6-9-10, then 7-8. If you convert
implementations before users, the users could in principle overflow
"int" when passing an arguments or storing its value.
All this of course should be documented in commit messages, which are a
bit... scant in this series. :) I'm usually okay with very short commit
messages when the changes are spread across many commits (in that case,
I usually document what all the repetitive changes are in the patches
before and/or after those changes), but in this case you are leaving out
completely the "why" for the changes, and that's not really a good idea.
Finally, can you please include a patch to adjust the assertions in the
USB smartcard code, as mentioned in my original reply to Prasad?
Thanks,
Paolo
next prev parent reply other threads:[~2018-10-12 8:05 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-10-12 0:22 [Qemu-devel] [PATCH v2 00/11] chardev: Convert IO handlers to use unsigned type Philippe Mathieu-Daudé
2018-10-12 0:22 ` [Qemu-devel] [PATCH v2 01/11] hw/ipmi: Remove unnecessary declarations Philippe Mathieu-Daudé
2018-10-12 0:51 ` Corey Minyard
2018-10-12 0:22 ` [Qemu-devel] [PATCH v2 02/11] target/xtensa: " Philippe Mathieu-Daudé
2018-10-12 0:22 ` [Qemu-devel] [PATCH v2 03/11] chardev: Simplify IOWatchPoll::fd_can_read as a GSourceFunc Philippe Mathieu-Daudé
2018-10-12 0:22 ` [Qemu-devel] [PATCH v2 04/11] chardev: Assert backend's chr_can_read() is positive Philippe Mathieu-Daudé
2018-10-12 0:22 ` [Qemu-devel] [PATCH v2 05/11] chardev: Let chr_sync_read() use unsigned type Philippe Mathieu-Daudé
2018-10-12 0:22 ` [Qemu-devel] [PATCH v2 06/11] chardev: Let chr_write " Philippe Mathieu-Daudé
2018-10-12 0:22 ` [Qemu-devel] [PATCH v2 07/11] chardev: Let IOReadHandler " Philippe Mathieu-Daudé
2021-01-22 11:26 ` Richard Purdie
2021-01-22 11:52 ` P J P
2021-01-22 13:55 ` Philippe Mathieu-Daudé
2021-01-22 15:25 ` Richard Purdie
2018-10-12 0:22 ` [Qemu-devel] [PATCH v2 08/11] chardev: Let IOCanReadHandler " Philippe Mathieu-Daudé
2018-10-12 0:22 ` [Qemu-devel] [PATCH v2 09/11] chardev: Let qemu_chr_fe_* " Philippe Mathieu-Daudé
2018-10-12 0:22 ` [Qemu-devel] [PATCH v2 10/11] chardev: Let qemu_chr_be_* " Philippe Mathieu-Daudé
2018-10-12 6:43 ` Pavel Dovgalyuk
2018-10-12 0:22 ` [Qemu-devel] [PATCH v2 11/11] chardev: FDChardev::max_size be unsigned Philippe Mathieu-Daudé
2018-10-12 8:05 ` Paolo Bonzini [this message]
2018-10-12 8:20 ` [Qemu-devel] [PATCH v2 00/11] chardev: Convert IO handlers to use unsigned type Daniel P. Berrangé
2025-02-20 10:07 ` Philippe Mathieu-Daudé
2025-02-20 10:09 ` Philippe Mathieu-Daudé
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=786ca1d4-f874-e643-b85a-20652f1c84d8@redhat.com \
--to=pbonzini@redhat.com \
--cc=marcandre.lureau@redhat.com \
--cc=philmd@redhat.com \
--cc=ppandit@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).