[flashrom] [PATCH] Unsignify lengths and addresses in chip functions and structs
Stefan Tauner
stefan.tauner at student.tuwien.ac.at
Tue Nov 22 23:09:43 CET 2011
On Sun, 13 Nov 2011 23:23:39 +0100
Carl-Daniel Hailfinger <c-d.hailfinger.devel.2006 at gmx.net> wrote:
> Am 19.09.2011 02:01 schrieb Stefan Tauner:
> > Push those changes forward where needed to prevent new sign
> > conversion warnings where possible.
>
> Thanks for your patch.
>
>
> > Signed-off-by: Stefan Tauner <stefan.tauner at student.tuwien.ac.at>
> >
> >
> > diff --git a/flash.h b/flash.h
> > index 535c1b8..e7bfd4e 100644
> > --- a/flash.h
> > +++ b/flash.h
> > @@ -121,8 +121,10 @@ struct flashchip {
> >
> > int (*probe) (struct flashchip *flash);
> >
> > - /* Delay after "enter/exit ID mode" commands in microseconds. */
> > - int probe_timing;
> > + /* Delay after "enter/exit ID mode" commands in microseconds.
> > + * NB: negative values have special meanings, see TIMING_* below.
> > + */
> > + signed int probe_timing;
>
> AFAICS the C standard defines that int is always signed. The only
> exception is char which is implementation-defined. Please kill signed
> here, but keep your comment.
see other mail, unchanged in attached patch.
> >
> > /*
> > * Erase blocks and associated erase function. Any chip erase function
> > diff --git a/ft2232_spi.c b/ft2232_spi.c
> > index 8ab89fa..8f00685 100644
> > --- a/ft2232_spi.c
> > +++ b/ft2232_spi.c
> > @@ -106,10 +106,10 @@ static const char *get_ft2232_vendorname(int ft2232_vid, int ft2232_type)
> > }
> >
> > static int send_buf(struct ftdi_context *ftdic, const unsigned char *buf,
> > - int size)
> > + unsigned int size)
> > {
> > int r;
> > - r = ftdi_write_data(ftdic, (unsigned char *) buf, size);
> > + r = ftdi_write_data(ftdic, (unsigned char *) buf, (int)size);
>
> This cast is a sign that something is odd. Can you keep size as a signed
> int?
reverted here and below...
>
> > if (r < 0) {
> > msg_perr("ftdi_write_data: %d, %s\n", r,
> > ftdi_get_error_string(ftdic));
> > @@ -119,19 +119,19 @@ static int send_buf(struct ftdi_context *ftdic, const unsigned char *buf,
> > }
> >
> > static int get_buf(struct ftdi_context *ftdic, const unsigned char *buf,
> > - int size)
> > + unsigned int size)
> > {
> > int r;
> >
> > while (size > 0) {
> > - r = ftdi_read_data(ftdic, (unsigned char *) buf, size);
> > + r = ftdi_read_data(ftdic, (unsigned char *) buf, (int)size);
>
> Same here.
>
>
> > if (r < 0) {
> > msg_perr("ftdi_read_data: %d, %s\n", r,
> > ftdi_get_error_string(ftdic));
> > return 1;
> > }
> > - buf += r;
> > - size -= r;
> > + buf += (unsigned int)r;
> > + size -= (unsigned int)r;
>
> ...
>
>
> > }
> > return 0;
> > }
> > @@ -332,9 +332,10 @@ static int ft2232_spi_send_command(unsigned int writecnt, unsigned int readcnt,
> > struct ftdi_context *ftdic = &ftdic_context;
> > static unsigned char *buf = NULL;
> > /* failed is special. We use bitwise ops, but it is essentially bool. */
> > - int i = 0, ret = 0, failed = 0;
> > - int bufsize;
> > - static int oldbufsize = 0;
> > + int ret = 0, failed = 0;
> > + unsigned int i = 0;
> > + unsigned int bufsize;
> > + static unsigned int oldbufsize = 0;
> >
> > if (writecnt > 65536 || readcnt > 65536)
> > return SPI_INVALID_LENGTH;
>
> get_buf and send_buf calls should be checked for size>=INT_MAX and the
> cast should happen in the call, not in get_buf/send_buf.
i am not sure this is what we want. mainly... because (the buffer
handling in) ft2232_spi.c is slightly awful :)
various "bufs" (well, 2), some of them static (ok, only the one in
send_command, but still this is messier than expected for such a
simple driver), the two ~equivalent failed/ret variables in send_command
etc. make it a bit unreadable.
we need to check for failure of the buffer methods anyway, so i dont
see a reason to do the size checks in the caller(s).
i have reverted the whole file now, because i am not sure how to
proceed and wanted to publish what i have. not much changed, but i had
to rebase it due to the addition of the opaque framework and hwseq.
> […]
> With the above comments this is
> Acked-by: Carl-Daniel Hailfinger <c-d.hailfinger.devel.2006 at gmx.net>
should i commit the attached version?
--
Kind regards/Mit freundlichen Grüßen, Stefan Tauner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Unsignify-lengths-and-addresses-in-chip-functions-an.patch
Type: text/x-patch
Size: 40770 bytes
Desc: not available
URL: <http://www.flashrom.org/pipermail/flashrom/attachments/20111122/71cb8036/attachment.patch>
More information about the flashrom
mailing list