> -----Original Message----- > From: Philippe Mathieu-Daudé [mailto:phi...@redhat.com] > Sent: 20 February 2019 01:02 > To: qemu-de...@nongnu.org; Prasad J Pandit <p...@fedoraproject.org>; Marc- > André Lureau <marcandre.lur...@redhat.com>; Paolo Bonzini > <pbonz...@redhat.com> > Cc: Jason Wang <jasow...@redhat.com>; Anthony Perard > <anthony.per...@citrix.com>; qemu-...@nongnu.org; Stefan Berger > <stef...@linux.ibm.com>; David Gibson <da...@gibson.dropbear.id.au>; Gerd > Hoffmann <kra...@redhat.com>; Zhang Chen <zhangc...@gmail.com>; xen- > de...@lists.xenproject.org; Cornelia Huck <coh...@redhat.com>; Samuel > Thibault <samuel.thiba...@ens-lyon.org>; Christian Borntraeger > <borntrae...@de.ibm.com>; Amit Shah <a...@kernel.org>; Li Zhijian > <lizhij...@cn.fujitsu.com>; Corey Minyard <miny...@acm.org>; Michael S. > Tsirkin <m...@redhat.com>; Paul Durrant <paul.durr...@citrix.com>; Halil > Pasic <pa...@linux.ibm.com>; Stefano Stabellini <sstabell...@kernel.org>; > qemu-s3...@nongnu.org; Pavel Dovgalyuk <pavel.dovga...@ispras.ru>; > Philippe Mathieu-Daudé <phi...@redhat.com> > Subject: [RFC PATCH v3 13/25] xen: Let buffer_append() return a size_t > > To the Xen team: this is not trivial to me to demonstrate > this assertion can never happen, but then the whole series > is justified and I can convert qemu_chr_fe_write() to use > size_t argument. > Can you help me here?
I'm not particularly familiar with this bit of code but I can try... > > Signed-off-by: Philippe Mathieu-Daudé <phi...@redhat.com> > --- > hw/char/xen_console.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/hw/char/xen_console.c b/hw/char/xen_console.c > index 1a30014a11..5b672a5a24 100644 > --- a/hw/char/xen_console.c > +++ b/hw/char/xen_console.c > @@ -92,6 +92,7 @@ static ssize_t buffer_append(struct XenConsole *con) > } > > out: > + assert(buffer->size >= buffer->consumed); > return buffer->size - buffer->consumed; I think this assertion is reasonable as: - buffer_advance() appears to hit a termination condition when buffer->consumed == buffer->size. (Nothing checks for overflow which is bad, but that fact also lends weight to the assertion that consumed > size is a bug). - if buffer->size ever exceeds buffer->max_capacity then both size and consumed are re-calculated such that consumed <= size. Paul > } > > -- > 2.20.1 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel
