From: Eric Blake <eblake@redhat.com>
To: Markus Armbruster <armbru@redhat.com>, qemu-devel@nongnu.org
Cc: kwolf@redhat.com, berto@igalia.com, mdroth@linux.vnet.ibm.com
Subject: Re: [Qemu-devel] [PATCH RFC v2 26/47] qapi-types: Convert to QAPISchemaVisitor, fixing flat unions
Date: Wed, 29 Jul 2015 17:11:38 -0600 [thread overview]
Message-ID: <55B95DAA.3040302@redhat.com> (raw)
In-Reply-To: <1435782155-31412-27-git-send-email-armbru@redhat.com>
[-- Attachment #1: Type: text/plain, Size: 5048 bytes --]
On 07/01/2015 02:22 PM, Markus Armbruster wrote:
> Fixes flat unions to get the base's base members. Test case is from
> commit 2fc0043, in qapi-schema-test.json:
>
> -def generate_alternate_qtypes(expr):
> +def gen_alternate_qtypes_decl(name):
> + return mcgen('''
>
> - name = expr['alternate']
> - members = expr['data']
> +extern const int %(c_name)s_qtypes[];
> +''',
> + c_name=c_name(name))
>
> +def gen_alternate_qtypes(name, variants):
> ret = mcgen('''
>
> const int %(name)s_qtypes[QTYPE_MAX] = {
> ''',
> name=c_name(name))
>
> - for key in members:
> - qtype = find_alternate_member_qtype(members[key])
> - assert qtype, "Invalid alternate member"
> + for var in variants.variants:
> + qtype = var.type.alternate_qtype()
> + assert qtype
I think I found a couple more corner case bugs here. We are using C99
initialization of the array; for example:
const int BlockdevRef_qtypes[QTYPE_MAX] = {
[QTYPE_QDICT] = BLOCKDEV_REF_KIND_DEFINITION,
[QTYPE_QSTRING] = BLOCKDEV_REF_KIND_REFERENCE,
};
but paired with an enum that starts at 0:
typedef enum BlockdevRefKind {
BLOCKDEV_REF_KIND_DEFINITION = 0,
BLOCKDEV_REF_KIND_REFERENCE = 1,
BLOCKDEV_REF_KIND_MAX = 2,
} BlockdevRefKind;
and that means that every QTYPE_ constant that we don't specify in
_qtypes[] is also assigned the value 0 (aka BLOCKDEV_REF_KIND_DEFINITION
in this example). In operation, calling something like:
{"execute":"blockdev-add","arguments":{"options":
{"driver":"raw","id":"a","file":true}}}
which is invalid per the .json description ("file" must be string or
object, not boolean), still manages to get past visit_get_next_type()
with success, and fall through to the 0th branch of the switch. If that
0th branch happens to be a struct (as it is for BlockdevRef), then we
fortunately catch the error on the very next parse call, where
qmp_input_start_struct() complains:
{"error": {"class": "GenericError", "desc": "Invalid parameter type for
'file', expected: QDict"}}
But what happens if the 0th branch is mapped to a different parser, as
would be the case if one of the alternate's branches is 'number'? In
particular, qmp_input_type_number() accepts BOTH QFloat and QInt types.
So, if we have this qapi:
{ 'alternate': 'Foo', 'data': { 'a': 'str', 'b': 'number' } }
but pass in an integer, visit_get_next_type() will see a qtype of QInt,
but Foo_qtypes[QTYPE_QINT] will be 0 (due to default initialization) and
we will wrongly try to visit the 0th branch (FOO_KIND_A) and fail (the
string parser doesn't like ints) even though the parse should succeed by
using the FOO_KIND_B branch.
Interestingly, this means that if we ever write an alternate type that
accepts both 'int' and 'number' (we have not attempted that so far),
then the number branch will only be taken for inputs that don't also
look like ints (normally, 'number' accepts anything numeric). Maybe that
means we should document and enforce that 'number' and 'int' cannot be
mixed in the same alternate?
So, the bugs are: visit_get_next_type() can't tell the difference
between a *_qtypes[] lookup that was explicitly initialized to 0 from
one that was accidentally left that way, and therefore can't report
failure for an unexpected type (but mostly mitigated by the fact that
always returning 0 means the parser will attempt to parse the first
branch of the alternate and gracefully fail); and that we don't properly
handle QInt for an alternate that accepts 'number' but not 'int'.
I don't think either bug has to be fixed in your series, although you
may want to add tests.
The first bug could be resolved by guaranteeing that the _qtypes[] array
has non-zero values for the explicitly initialized lookups, and teaching
visit_get_next_type() that a lookup that produces 0 meant that an
unexpected type was encountered. Perhaps by changing the creation of
_qtypes[] in qapi-types.c to list:
const int BlockdevRef_qtypes[QTYPE_MAX] = {
[QTYPE_QDICT] = BLOCKDEV_REF_KIND_DEFINITION + 1,
[QTYPE_QSTRING] = BLOCKDEV_REF_KIND_REFERENCE + 1,
};
and then having visit_get_next_type() subtract one after verifying a
non-zero value was looked up. Or perhaps leave _qtypes alone, and
instead change the alternate enum to have a placeholder at 0:
typedef enum BlockdevRefKind {
BLOCKDEV_REF_KIND_INVALID = 0,
BLOCKDEV_REF_KIND_DEFINITION = 1,
BLOCKDEV_REF_KIND_REFERENCE = 2,
BLOCKDEV_REF_KIND_MAX = 3,
} BlockdevRefKind;
and then teaching the generator for visit_type_BlockdevRef() to emit an
error if branch 0 is hit.
Fixing the second bug probably entails teaching the generator that if an
alternate contains 'number' but not 'int', then we need [QTYPE_QINT] to
map to the same lookup value as [QTYPE_QNUMBER].
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 604 bytes --]
next prev parent reply other threads:[~2015-07-29 23:11 UTC|newest]
Thread overview: 199+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-07-01 20:21 [Qemu-devel] [PATCH RFC v2 00/47] qapi: QMP introspection Markus Armbruster
2015-07-01 20:21 ` [Qemu-devel] [PATCH RFC v2 01/47] qapi: Clarify docs on including the same file multiple times Markus Armbruster
2015-07-20 15:17 ` Eric Blake
2015-07-01 20:21 ` [Qemu-devel] [PATCH RFC v2 02/47] qapi: Clean up cgen() and mcgen() Markus Armbruster
2015-07-20 16:45 ` Eric Blake
2015-07-01 20:21 ` [Qemu-devel] [PATCH RFC v2 03/47] qapi: Simplify guardname() Markus Armbruster
2015-07-20 17:32 ` Eric Blake
2015-07-01 20:21 ` [Qemu-devel] [PATCH RFC v2 04/47] qapi-event: Clean up how name of enum QAPIEvent is made Markus Armbruster
2015-07-20 17:46 ` Eric Blake
2015-07-01 20:21 ` [Qemu-devel] [PATCH RFC v2 05/47] qapi: Reject -p arguments that break qapi-event.py Markus Armbruster
2015-07-20 17:57 ` Eric Blake
2015-07-20 18:04 ` Eric Blake
2015-07-24 11:41 ` Markus Armbruster
2015-07-01 20:21 ` [Qemu-devel] [PATCH RFC v2 06/47] qapi: Drop unused and useless parameters and variables Markus Armbruster
2015-07-20 21:14 ` Eric Blake
2015-07-24 11:44 ` Markus Armbruster
2015-07-01 20:21 ` [Qemu-devel] [PATCH RFC v2 07/47] qapi: Generate a nicer struct for flat unions Markus Armbruster
2015-07-20 23:07 ` Eric Blake
2015-07-24 12:01 ` Markus Armbruster
2015-07-27 21:34 ` Eric Blake
2015-07-28 6:15 ` Markus Armbruster
2015-07-28 20:09 ` Eric Blake
2015-07-29 7:33 ` Markus Armbruster
2015-07-29 20:15 ` Eric Blake
2015-07-30 7:11 ` Markus Armbruster
2015-07-30 14:14 ` Eric Blake
2015-07-30 15:44 ` Markus Armbruster
2015-07-30 23:08 ` Eric Blake
2015-07-31 11:00 ` Markus Armbruster
2015-07-31 9:46 ` Markus Armbruster
2015-07-01 20:21 ` [Qemu-devel] [PATCH RFC v2 08/47] qapi-visit: Fix generated code when schema has forward refs Markus Armbruster
2015-07-20 23:19 ` Eric Blake
2015-07-27 7:31 ` Markus Armbruster
2015-07-01 20:21 ` [Qemu-devel] [PATCH RFC v2 09/47] qapi-visit: Replace list implicit_structs by set Markus Armbruster
2015-07-20 23:21 ` Eric Blake
2015-07-01 20:21 ` [Qemu-devel] [PATCH RFC v2 10/47] qapi-visit: Fix two name arguments passed to visitors Markus Armbruster
2015-07-21 2:26 ` Eric Blake
2015-07-01 20:21 ` [Qemu-devel] [PATCH RFC v2 11/47] tests/qapi-schema: Document alternate's enum lacks visit function Markus Armbruster
2015-07-21 3:06 ` Eric Blake
2015-07-01 20:22 ` [Qemu-devel] [PATCH RFC v2 12/47] tests/qapi-schema: Document events with with base don't work Markus Armbruster
2015-07-21 3:08 ` Eric Blake
2015-07-30 22:33 ` [Qemu-devel] [RFC PATCH 12.5/47] qapi: Document that input visitor semantics are prone to leaks Eric Blake
2015-07-31 9:50 ` Markus Armbruster
2015-07-30 23:07 ` [Qemu-devel] [RFC PATCH 12.6/47] qapi: Document shortcoming with union 'data' branch Eric Blake
2015-07-31 9:50 ` Markus Armbruster
2015-07-01 20:22 ` [Qemu-devel] [PATCH RFC v2 13/47] tests/qapi-schema: Restore test case for flat union base bug Markus Armbruster
2015-07-21 3:19 ` Eric Blake
2015-07-01 20:22 ` [Qemu-devel] [PATCH RFC v2 14/47] qapi-tests: New tests for union, alternate command arguments Markus Armbruster
2015-07-21 12:43 ` Eric Blake
2015-07-23 14:59 ` Eric Blake
2015-07-27 7:50 ` Markus Armbruster
2015-07-27 13:06 ` Eric Blake
2015-07-31 13:15 ` Markus Armbruster
2015-07-01 20:22 ` [Qemu-devel] [PATCH RFC v2 15/47] qapi: Fix to reject union " Markus Armbruster
2015-07-21 14:17 ` Eric Blake
2015-07-01 20:22 ` [Qemu-devel] [PATCH RFC v2 16/47] qapi-commands: Fix gen_err_check(e) for e and e != 'local_err' Markus Armbruster
2015-07-21 16:23 ` Eric Blake
2015-07-01 20:22 ` [Qemu-devel] [PATCH RFC v2 17/47] qapi-commands: Inline gen_marshal_output_call() Markus Armbruster
2015-07-21 16:41 ` Eric Blake
2015-07-01 20:22 ` [Qemu-devel] [PATCH RFC v2 18/47] qapi-commands: Don't feed output of mcgen() to mcgen() again Markus Armbruster
2015-07-21 17:20 ` Eric Blake
2015-07-01 20:22 ` [Qemu-devel] [PATCH RFC v2 19/47] qapi: Generated code cleanup Markus Armbruster
2015-07-21 17:43 ` Eric Blake
2015-07-27 8:07 ` Markus Armbruster
2015-08-04 9:08 ` Markus Armbruster
2015-08-04 12:31 ` Eric Blake
2015-08-04 14:35 ` Markus Armbruster
2015-07-01 20:22 ` [Qemu-devel] [PATCH RFC v2 20/47] qapi: Rename class QAPISchema to QAPISchemaParser Markus Armbruster
2015-07-21 17:52 ` Eric Blake
2015-07-01 20:22 ` [Qemu-devel] [PATCH RFC v2 21/47] qapi: New QAPISchema intermediate reperesentation Markus Armbruster
2015-07-21 20:32 ` Eric Blake
2015-07-27 9:23 ` Markus Armbruster
2015-07-27 14:01 ` Eric Blake
2015-07-01 20:22 ` [Qemu-devel] [PATCH RFC v2 22/47] qapi: QAPISchema code generation helper methods Markus Armbruster
2015-07-21 21:02 ` Eric Blake
2015-07-27 9:36 ` Markus Armbruster
2015-07-23 12:36 ` Eric Blake
2015-07-27 9:54 ` Markus Armbruster
2015-07-27 14:05 ` Eric Blake
2015-07-31 14:00 ` Markus Armbruster
2015-07-01 20:22 ` [Qemu-devel] [PATCH RFC v2 23/47] qapi: New QAPISchemaVisitor Markus Armbruster
2015-07-21 21:59 ` Eric Blake
2015-07-01 20:22 ` [Qemu-devel] [PATCH RFC v2 24/47] tests/qapi-schema: Convert test harness to QAPISchemaVisitor Markus Armbruster
2015-07-21 22:23 ` Eric Blake
2015-07-27 14:03 ` Markus Armbruster
2015-07-01 20:22 ` [Qemu-devel] [PATCH RFC v2 25/47] qapi: Make generators work on sorted schema expressions Markus Armbruster
2015-07-21 22:50 ` Eric Blake
2015-07-27 14:19 ` Markus Armbruster
2015-07-01 20:22 ` [Qemu-devel] [PATCH RFC v2 26/47] qapi-types: Convert to QAPISchemaVisitor, fixing flat unions Markus Armbruster
2015-07-22 17:34 ` Eric Blake
2015-07-22 20:07 ` Eric Blake
2015-07-27 15:59 ` Markus Armbruster
2015-07-22 21:21 ` Eric Blake
2015-07-22 22:56 ` Eric Blake
2015-07-27 16:09 ` Markus Armbruster
2015-07-27 16:25 ` Eric Blake
2015-07-28 6:16 ` Markus Armbruster
2015-07-29 23:11 ` Eric Blake [this message]
2015-07-30 6:42 ` Markus Armbruster
2015-07-30 12:46 ` Eric Blake
2015-07-30 15:53 ` Markus Armbruster
2015-07-30 16:36 ` Eric Blake
2015-07-30 21:51 ` Eric Blake
2015-07-01 20:22 ` [Qemu-devel] [PATCH RFC v2 27/47] qapi-visit: Convert to QAPISchemaVisitor, fixing bugs Markus Armbruster
2015-07-22 22:28 ` Eric Blake
2015-07-27 17:53 ` Markus Armbruster
2015-07-27 19:01 ` Eric Blake
2015-07-28 6:41 ` Markus Armbruster
2015-07-28 14:46 ` Eric Blake
2015-07-29 7:59 ` Markus Armbruster
2015-07-27 21:35 ` Eric Blake
2015-07-28 6:44 ` Markus Armbruster
2015-07-28 20:41 ` Eric Blake
2015-07-29 8:00 ` Markus Armbruster
2015-07-29 16:56 ` Eric Blake
2015-07-01 20:22 ` [Qemu-devel] [PATCH RFC v2 28/47] qapi-commands: Convert to QAPISchemaVisitor Markus Armbruster
2015-07-22 23:05 ` Eric Blake
2015-07-27 18:08 ` Markus Armbruster
2015-07-01 20:22 ` [Qemu-devel] [PATCH RFC v2 29/47] qapi: Replace dirty is_c_ptr() by method c_null() Markus Armbruster
2015-07-22 23:22 ` Eric Blake
2015-07-28 7:34 ` Markus Armbruster
2015-07-28 14:53 ` Eric Blake
2015-07-29 8:32 ` Markus Armbruster
2015-07-29 15:41 ` Eric Blake
2015-07-29 17:22 ` Markus Armbruster
2015-07-30 14:19 ` Eric Blake
2015-07-30 15:57 ` Markus Armbruster
2015-07-30 22:48 ` Eric Blake
2015-07-31 7:43 ` Markus Armbruster
2015-07-23 12:32 ` Eric Blake
2015-07-28 7:57 ` Markus Armbruster
2015-07-01 20:22 ` [Qemu-devel] [PATCH RFC v2 30/47] qapi: De-duplicate enum code generation Markus Armbruster
2015-07-23 12:46 ` Eric Blake
2015-07-28 8:13 ` Markus Armbruster
2015-07-01 20:22 ` [Qemu-devel] [PATCH RFC v2 31/47] qapi-event: Eliminate global variable event_enum_value Markus Armbruster
2015-07-23 14:31 ` Eric Blake
2015-07-01 20:22 ` [Qemu-devel] [PATCH RFC v2 32/47] qapi-event: Convert to QAPISchemaVisitor, fixing data with base Markus Armbruster
2015-07-23 15:14 ` Eric Blake
2015-07-28 8:32 ` Markus Armbruster
2015-07-01 20:22 ` [Qemu-devel] [PATCH RFC v2 33/47] qapi: Clean up after recent conversions to QAPISchemaVisitor Markus Armbruster
2015-07-23 16:48 ` Eric Blake
2015-07-28 9:18 ` Markus Armbruster
2015-07-28 21:13 ` Eric Blake
2015-07-28 21:37 ` Eric Blake
2015-07-29 8:33 ` Markus Armbruster
2015-07-01 20:22 ` [Qemu-devel] [PATCH RFC v2 34/47] qapi-visit: Rearrange code a bit Markus Armbruster
2015-07-23 17:00 ` Eric Blake
2015-07-01 20:22 ` [Qemu-devel] [PATCH RFC v2 35/47] qapi-commands: Rearrange code Markus Armbruster
2015-07-23 17:41 ` Eric Blake
2015-07-28 9:18 ` Markus Armbruster
2015-07-01 20:22 ` [Qemu-devel] [PATCH RFC v2 36/47] qapi: Rename qmp_marshal_input_FOO() to qmp_marshal_FOO() Markus Armbruster
2015-07-23 19:07 ` Eric Blake
2015-07-28 9:19 ` Markus Armbruster
2015-07-01 20:22 ` [Qemu-devel] [PATCH RFC v2 37/47] qapi: De-duplicate parameter list generation Markus Armbruster
2015-07-23 19:27 ` Eric Blake
2015-07-28 11:15 ` Markus Armbruster
2015-07-28 17:48 ` Eric Blake
2015-07-29 8:36 ` Markus Armbruster
2015-07-01 20:22 ` [Qemu-devel] [PATCH RFC v2 38/47] qapi-commands: De-duplicate output marshaling functions Markus Armbruster
2015-07-23 19:47 ` Eric Blake
2015-07-28 11:20 ` Markus Armbruster
2015-07-01 20:22 ` [Qemu-devel] [PATCH RFC v2 39/47] qapi: Improve built-in type documentation Markus Armbruster
2015-07-23 21:29 ` Eric Blake
2015-07-01 20:22 ` [Qemu-devel] [PATCH RFC v2 40/47] qapi: Introduce a first class 'any' type Markus Armbruster
2015-07-23 22:04 ` Eric Blake
2015-07-28 11:31 ` Markus Armbruster
2015-07-01 20:22 ` [Qemu-devel] [PATCH RFC v2 41/47] qom: Don't use 'gen': false for qom-get, qom-set, object-add Markus Armbruster
2015-07-23 22:21 ` Eric Blake
2015-07-28 11:59 ` Markus Armbruster
2015-07-01 20:22 ` [Qemu-devel] [PATCH RFC v2 42/47] qapi-schema: Fix up misleading specification of netdev_add Markus Armbruster
2015-07-23 22:59 ` Eric Blake
2015-07-28 12:04 ` Markus Armbruster
2015-07-01 20:22 ` [Qemu-devel] [PATCH RFC v2 43/47] qmp: Improve netdev_add usage example in the manual Markus Armbruster
2015-07-23 23:01 ` Eric Blake
2015-07-01 20:22 ` [Qemu-devel] [PATCH RFC v2 44/47] qapi: Pseudo-type '**' is now unused, drop it Markus Armbruster
2015-07-23 23:20 ` Eric Blake
2015-07-28 12:24 ` Markus Armbruster
2015-07-01 20:22 ` [Qemu-devel] [PATCH RFC v2 45/47] qapi: New QMP command query-schema for QMP schema introspection Markus Armbruster
2015-07-24 3:29 ` Eric Blake
2015-07-28 14:33 ` Markus Armbruster
2015-07-28 19:11 ` Eric Blake
2015-07-29 9:19 ` Markus Armbruster
2015-07-29 15:56 ` Eric Blake
2015-07-29 17:26 ` Markus Armbruster
2015-08-03 15:15 ` Markus Armbruster
2015-07-01 20:22 ` [Qemu-devel] [PATCH RFC v2 46/47] qapi-introspect: Map all integer types to 'int' Markus Armbruster
2015-07-24 3:33 ` Eric Blake
2015-07-01 20:22 ` [Qemu-devel] [PATCH RFC v2 47/47] qapi-introspect: Hide type names Markus Armbruster
2015-07-24 3:44 ` Eric Blake
2015-07-27 16:15 ` Eric Blake
2015-07-28 18:39 ` Markus Armbruster
2015-07-28 21:26 ` Eric Blake
2015-07-29 9:24 ` Markus Armbruster
2015-07-28 18:24 ` Markus Armbruster
2015-07-28 21:32 ` Eric Blake
2015-07-29 9:34 ` Markus Armbruster
2015-07-29 16:03 ` Eric Blake
2015-07-28 23:19 ` Eric Blake
2015-07-29 9:35 ` Markus Armbruster
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=55B95DAA.3040302@redhat.com \
--to=eblake@redhat.com \
--cc=armbru@redhat.com \
--cc=berto@igalia.com \
--cc=kwolf@redhat.com \
--cc=mdroth@linux.vnet.ibm.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.