[v4,1/5] net: Clarify early exit condition

Message ID	20210113221013.390592-2-eblake@redhat.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <SRS0=XoOI=GQ=nongnu.org=qemu-devel-bounces+qemu-devel=archiver.kernel.org@kernel.org> DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org DDFDE23136 From: Eric Blake <eblake@redhat.com> To: qemu-devel@nongnu.org Subject: [PATCH v4 1/5] net: Clarify early exit condition Date: Wed, 13 Jan 2021 16:10:09 -0600 Message-Id: <20210113221013.390592-2-eblake@redhat.com> In-Reply-To: <20210113221013.390592-1-eblake@redhat.com> References: <20210113221013.390592-1-eblake@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" Received-SPF: pass client-ip=63.128.21.124; envelope-from=eblake@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -29 X-Spam_score: -3.0 X-Spam_bar: --- X-Spam_report: (-3.0 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.25, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action Precedence: list Cc: Jason Wang <jasowang@redhat.com>, vsementsov@virtuozzo.com, armbru@redhat.com Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: "Qemu-devel" <qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org>
Series	Common macros for QAPI list growth \| expand [v4,0/5] Common macros for QAPI list growth [v4,1/5] net: Clarify early exit condition [v4,2/5] qapi: A couple more QAPI_LIST_PREPEND() stragglers [v4,3/5] qapi: Introduce QAPI_LIST_APPEND [v4,4/5] qapi: Use QAPI_LIST_APPEND in trivial cases [v4,5/5] qapi: More complex uses of QAPI_LIST_APPEND

Message ID

20210113221013.390592-2-eblake@redhat.com (mailing list archive)

State

New, archived

Headers

DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org DDFDE23136
From: Eric Blake <eblake@redhat.com>
To: qemu-devel@nongnu.org
Subject: [PATCH v4 1/5] net: Clarify early exit condition
Date: Wed, 13 Jan 2021 16:10:09 -0600
Message-Id: <20210113221013.390592-2-eblake@redhat.com>
In-Reply-To: <20210113221013.390592-1-eblake@redhat.com>
References: <20210113221013.390592-1-eblake@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="US-ASCII"
Received-SPF: pass client-ip=63.128.21.124; envelope-from=eblake@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -29
X-Spam_score: -3.0
X-Spam_bar: ---
X-Spam_report: (-3.0 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.25,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001,
 SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Cc: Jason Wang <jasowang@redhat.com>, vsementsov@virtuozzo.com,
 armbru@redhat.com
Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org
Sender: "Qemu-devel"
 <qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org>

Series

Common macros for QAPI list growth | expand

Commit Message

Eric Blake Jan. 13, 2021, 10:10 p.m. UTC

On first glance, the loop in qmp_query_rx_filter() has early return
paths that could leak any allocation of filter_list from a previous
iteration.  But on closer inspection, it is obvious that all of the
early exits are guarded by has_name, and that the bulk of the loop
body can be executed at most once if the user is filtering by name,
thus, any early exit coincides with an empty list.  Add asserts to
make this obvious.

Signed-off-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
---
 net/net.c | 2 ++
 1 file changed, 2 insertions(+)

Comments

Vladimir Sementsov-Ogievskiy Jan. 14, 2021, 4:54 a.m. UTC | #1

14.01.2021 01:10, Eric Blake wrote:
> On first glance, the loop in qmp_query_rx_filter() has early return
> paths that could leak any allocation of filter_list from a previous
> iteration.  But on closer inspection, it is obvious that all of the
> early exits are guarded by has_name, and that the bulk of the loop
> body can be executed at most once if the user is filtering by name,
> thus, any early exit coincides with an empty list.  Add asserts to
> make this obvious.

A bit simpler (for me :) observation:

But on closer inspection, it is obvious that all of the early exits are guarded by has_name, and in case when has_name is true we leave the loop (by break) immediately after allocation and assigning filter_list for the first time.

> 
> Signed-off-by: Eric Blake <eblake@redhat.com>
> Reviewed-by: Markus Armbruster <armbru@redhat.com>

Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>

> ---
>   net/net.c | 2 ++
>   1 file changed, 2 insertions(+)
> 
> diff --git a/net/net.c b/net/net.c
> index e1035f21d183..e581c8a26868 100644
> --- a/net/net.c
> +++ b/net/net.c
> @@ -1211,6 +1211,7 @@ RxFilterInfoList *qmp_query_rx_filter(bool has_name, const char *name,
>           if (nc->info->type != NET_CLIENT_DRIVER_NIC) {
>               if (has_name) {
>                   error_setg(errp, "net client(%s) isn't a NIC", name);
> +                assert(!filter_list);
>                   return NULL;
>               }
>               continue;
> @@ -1236,6 +1237,7 @@ RxFilterInfoList *qmp_query_rx_filter(bool has_name, const char *name,
>           } else if (has_name) {
>               error_setg(errp, "net client(%s) doesn't support"
>                          " rx-filter querying", name);
> +            assert(!filter_list);
>               return NULL;
>           }
>

Eric Blake Jan. 19, 2021, 4:08 p.m. UTC | #2

On 1/13/21 10:54 PM, Vladimir Sementsov-Ogievskiy wrote:
> 14.01.2021 01:10, Eric Blake wrote:
>> On first glance, the loop in qmp_query_rx_filter() has early return
>> paths that could leak any allocation of filter_list from a previous
>> iteration.  But on closer inspection, it is obvious that all of the
>> early exits are guarded by has_name, and that the bulk of the loop
>> body can be executed at most once if the user is filtering by name,
>> thus, any early exit coincides with an empty list.  Add asserts to
>> make this obvious.
> 
> A bit simpler (for me :) observation:
> 
> But on closer inspection, it is obvious that all of the early exits are
> guarded by has_name, and in case when has_name is true we leave the loop

s/in case//

> (by break) immediately after allocation and assigning filter_list for
> the first time.

Replacing my wording with this touched-up sentence is fine with me, if
Markus would like to tweak the queued commit to incorporate it.

diff --git a/net/net.c b/net/net.c
index e1035f21d183..e581c8a26868 100644
--- a/net/net.c
+++ b/net/net.c
@@ -1211,6 +1211,7 @@  RxFilterInfoList *qmp_query_rx_filter(bool has_name, const char *name,
         if (nc->info->type != NET_CLIENT_DRIVER_NIC) {
             if (has_name) {
                 error_setg(errp, "net client(%s) isn't a NIC", name);
+                assert(!filter_list);
                 return NULL;
             }
             continue;
@@ -1236,6 +1237,7 @@  RxFilterInfoList *qmp_query_rx_filter(bool has_name, const char *name,
         } else if (has_name) {
             error_setg(errp, "net client(%s) doesn't support"
                        " rx-filter querying", name);
+            assert(!filter_list);
             return NULL;
         }

[v4,1/5] net: Clarify early exit condition

Commit Message

Comments

Patch