From: Peter Maydell <peter.maydell@linaro.org>
To: Eric Blake <eblake@redhat.com>
Cc: QEMU Developers <qemu-devel@nongnu.org>,
Michael Roth <mdroth@linux.vnet.ibm.com>
Subject: Re: [Qemu-devel] [PATCH v3] qga: Support enum names in guest-file-seek
Date: Fri, 20 Mar 2020 13:49:53 +0000 [thread overview]
Message-ID: <CAFEAcA9_yGg4cDc4rxVUeemaPQk_qn9=BqrT_Ck8hB3EK5F92w@mail.gmail.com> (raw)
In-Reply-To: <1455053236-22735-1-git-send-email-eblake@redhat.com>
On Tue, 9 Feb 2016 at 21:27, Eric Blake <eblake@redhat.com> wrote:
>
> Magic constants are a pain to use, especially when we run the
> risk that our choice of '1' for QGA_SEEK_CUR might differ from
> the host or guest's choice of SEEK_CUR. Better is to use an
> enum value, via a qapi alternate type for back-compatibility.
>
> With this,
> {"command":"guest-file-seek", "arguments":{"handle":1,
> "offset":0, "whence":"cur"}}
> becomes a synonym for the older
> {"command":"guest-file-seek", "arguments":{"handle":1,
> "offset":0, "whence":1}}
>
> Signed-off-by: Eric Blake <eblake@redhat.com>
Hi; dragging up this patch from 2016 to say that Coverity
has just noticed that there's some C undefined behaviour
in it (CID 1421990):
> +/* Convert GuestFileWhence (either a raw integer or an enum value) into
> + * the guest's SEEK_ constants. */
> +int ga_parse_whence(GuestFileWhence *whence, Error **errp)
> +{
> + /* Exploit the fact that we picked values to match QGA_SEEK_*. */
> + if (whence->type == QTYPE_QSTRING) {
> + whence->type = QTYPE_QINT;
> + whence->u.value = whence->u.name;
Here whence->u.value and whence->u.name are two different
fields in a union generated by QAPI:
typedef enum QGASeek {
QGA_SEEK_SET,
QGA_SEEK_CUR,
QGA_SEEK_END,
QGA_SEEK__MAX,
} QGASeek;
struct GuestFileWhence {
QType type;
union { /* union tag is @type */
int64_t value;
QGASeek name;
} u;
};
So u.value and u.name overlap in storage. The C standard
says that this assignment is only valid if the overlap is
exact and the two objects have qualified or unqualified
versions of a compatible type. In this case the enum
type is likely not the same size as an int64_t, and so
we have undefined behaviour.
I guess to fix this we need to copy via a local variable
(with a comment so nobody helpfully optimizes the local
away again in future)...
> + }
> + switch (whence->u.value) {
> + case QGA_SEEK_SET:
> + return SEEK_SET;
> + case QGA_SEEK_CUR:
> + return SEEK_CUR;
> + case QGA_SEEK_END:
> + return SEEK_END;
> + }
> + error_setg(errp, "invalid whence code %"PRId64, whence->u.value);
> + return -1;
> +}
thanks
-- PMM
next prev parent reply other threads:[~2020-03-20 13:51 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-02-09 21:27 [Qemu-devel] [PATCH v3] qga: Support enum names in guest-file-seek Eric Blake
2016-02-09 22:08 ` Michael Roth
2016-02-25 2:06 ` Michael Roth
2020-03-20 13:49 ` Peter Maydell [this message]
2020-03-20 14:57 ` Eric Blake
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAFEAcA9_yGg4cDc4rxVUeemaPQk_qn9=BqrT_Ck8hB3EK5F92w@mail.gmail.com' \
--to=peter.maydell@linaro.org \
--cc=eblake@redhat.com \
--cc=mdroth@linux.vnet.ibm.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.