mirror of
https://github.com/Motorhead1991/qemu.git
synced 2026-01-05 14:07:41 -07:00
0426d53c65
Previously, working with alternates required two lookup arrays
and some indirection: for type Foo, we created Foo_qtypes[]
which maps each qtype to a value of the generated FooKind enum,
then look up that value in FooKind_lookup[] like we do for other
union types.
This has a couple of subtle bugs. First, the generator was
creating a call with a parameter '(int *) &(*obj)->type' where
type is an enum type; this is unsafe if the compiler chooses
to store the enum type in a different size than int, where
assigning through the wrong size pointer can corrupt data or
cause a SIGBUS.
Related bug, not not fixed in this patch: qapi-visit.py's
gen_visit_enum() generates a cast of its enum * argument to
int *. Marked FIXME.
Second, since the values of the FooKind enum start at zero, all
entries of the Foo_qtypes[] array that were not explicitly
initialized will map to the same branch of the union as the
first member of the alternate, rather than triggering a desired
failure in visit_get_next_type(). Fortunately, the bug seldom
bites; the very next thing the input visitor does is try to
parse the incoming JSON with the wrong parser, which normally
fails; the output visitor is not used with a C struct in that
state, and the dealloc visitor has nothing to clean up (so
there is no leak).
However, the second bug IS observable in one case: parsing an
integer causes unusual behavior in an alternate that contains
at least a 'number' member but no 'int' member, because the
'number' parser accepts QTYPE_QINT in addition to the expected
QTYPE_QFLOAT (that is, since 'int' is not a member, the type
QTYPE_QINT accidentally maps to FooKind 0; if this enum value
is the 'number' branch the integer parses successfully, but if
the 'number' branch is not first, some other branch tries to
parse the integer and rejects it). A later patch will worry
about fixing alternates to always parse all inputs that a
non-alternate 'number' would accept, for now this is still
marked FIXME in the updated test-qmp-input-visitor.c, to
merely point out that new undesired behavior of 'ans' matches
the existing undesired behavior of 'asn'.
This patch fixes the default-initialization bug by deleting the
indirection, and modifying get_next_type() to directly assign a
QTypeCode parameter. This in turn fixes the type-casting bug,
as we are no longer casting a pointer to enum to a questionable
size. There is no longer a need to generate an implicit FooKind
enum associated with the alternate type (since the QMP wire
format never uses the stringized counterparts of the C union
member names). Since the updated visit_get_next_type() does not
know which qtypes are expected, the generated visitor is
modified to generate an error statement if an unexpected type is
encountered.
Callers now have to know the QTYPE_* mapping when looking at the
discriminator; but so far, only the testsuite was even using the
C struct of an alternate types. I considered the possibility of
keeping the internal enum FooKind, but initialized differently
than most generated arrays, as in:
typedef enum FooKind {
FOO_KIND_A = QTYPE_QDICT,
FOO_KIND_B = QTYPE_QINT,
} FooKind;
to create nicer aliases for knowing when to use foo->a or foo->b
when inspecting foo->type; but it turned out to add too much
complexity, especially without a client.
There is a user-visible side effect to this change, but I
consider it to be an improvement. Previously,
the invalid QMP command:
{"execute":"blockdev-add", "arguments":{"options":
{"driver":"raw", "id":"a", "file":true}}}
failed with:
{"error": {"class": "GenericError",
"desc": "Invalid parameter type for 'file', expected: QDict"}}
(visit_get_next_type() succeeded, and the error comes from the
visit_type_BlockdevOptions() expecting {}; there is no mention of
the fact that a string would also work). Now it fails with:
{"error": {"class": "GenericError",
"desc": "Invalid parameter type for 'file', expected: BlockdevRef"}}
(the error when the next type doesn't match any expected types for
the overall alternate).
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1449033659-25497-5-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
|
||
|---|---|---|
| .. | ||
| acpi-test-data | ||
| image-fuzzer | ||
| libqos | ||
| multiboot | ||
| qapi-schema | ||
| qemu-iotests | ||
| rocker | ||
| tcg | ||
| vmstate-static-checker-data | ||
| .gitignore | ||
| ac97-test.c | ||
| ahci-test.c | ||
| bios-tables-test.c | ||
| boot-order-test.c | ||
| check-block.sh | ||
| check-qdict.c | ||
| check-qfloat.c | ||
| check-qint.c | ||
| check-qjson.c | ||
| check-qlist.c | ||
| check-qom-interface.c | ||
| check-qom-proplist.c | ||
| check-qstring.c | ||
| crypto-tls-x509-helpers.c | ||
| crypto-tls-x509-helpers.h | ||
| device-introspect-test.c | ||
| display-vga-test.c | ||
| drive_del-test.c | ||
| ds1338-test.c | ||
| e1000-test.c | ||
| eepro100-test.c | ||
| endianness-test.c | ||
| es1370-test.c | ||
| fdc-test.c | ||
| fw_cfg-test.c | ||
| hd-geo-test.c | ||
| i440fx-test.c | ||
| i82801b11-test.c | ||
| ide-test.c | ||
| intel-hda-test.c | ||
| ioh3420-test.c | ||
| ipoctal232-test.c | ||
| ivshmem-test.c | ||
| libqtest.c | ||
| libqtest.h | ||
| m48t59-test.c | ||
| Makefile | ||
| ne2000-test.c | ||
| nvme-test.c | ||
| pc-cpu-test.c | ||
| pcnet-test.c | ||
| pkix_asn1_tab.c | ||
| pvpanic-test.c | ||
| q35-test.c | ||
| qemu-iotests-quick.sh | ||
| qom-test.c | ||
| rcutorture.c | ||
| rtc-test.c | ||
| rtl8139-test.c | ||
| spapr-phb-test.c | ||
| tco-test.c | ||
| test-aio.c | ||
| test-bitops.c | ||
| test-blockjob-txn.c | ||
| test-coroutine.c | ||
| test-crypto-cipher.c | ||
| test-crypto-hash.c | ||
| test-crypto-tlscredsx509.c | ||
| test-crypto-tlssession.c | ||
| test-cutils.c | ||
| test-hbitmap.c | ||
| test-int128.c | ||
| test-iov.c | ||
| test-mul64.c | ||
| test-netfilter.c | ||
| test-opts-visitor.c | ||
| test-qdev-global-props.c | ||
| test-qemu-opts.c | ||
| test-qga.c | ||
| test-qmp-commands.c | ||
| test-qmp-event.c | ||
| test-qmp-input-strict.c | ||
| test-qmp-input-visitor.c | ||
| test-qmp-output-visitor.c | ||
| test-rcu-list.c | ||
| test-rfifolock.c | ||
| test-string-input-visitor.c | ||
| test-string-output-visitor.c | ||
| test-thread-pool.c | ||
| test-throttle.c | ||
| test-timed-average.c | ||
| test-visitor-serialization.c | ||
| test-vmstate.c | ||
| test-write-threshold.c | ||
| test-x86-cpuid.c | ||
| test-xbzrle.c | ||
| tmp105-test.c | ||
| tpci200-test.c | ||
| usb-hcd-ehci-test.c | ||
| usb-hcd-ohci-test.c | ||
| usb-hcd-uhci-test.c | ||
| usb-hcd-xhci-test.c | ||
| vhost-user-bridge.c | ||
| vhost-user-test.c | ||
| virtio-9p-test.c | ||
| virtio-balloon-test.c | ||
| virtio-blk-test.c | ||
| virtio-console-test.c | ||
| virtio-net-test.c | ||
| virtio-rng-test.c | ||
| virtio-scsi-test.c | ||
| virtio-serial-test.c | ||
| vmxnet3-test.c | ||
| wdt_ib700-test.c | ||