Hi
On Thu, Feb 14, 2019 at 9:19 PM Philippe Mathieu-Daudé
<phi...@redhat.com> wrote:
>
> chardev::read() depends of what chardev::can_read() returns, move the
> assertion to can_read().
>
> Suggested-by: Paolo Bonzini <pbonz...@redhat.com>
> Signed-off-by: Philippe Mathieu-Daudé <phi...@redhat.com>
Moving to can_read() makes sense, because nothing (except the chardev
BREAK event) should update vscard_in_pos between the can_read() and
read() callback.
Changing the condition from < to <= could use some explanation. The
can_read() callback should handle the case where the vscard_in buffer
is full (adding = is necessary). And the read() callback should not be
called with size == 0, when card->vscard_in_pos == VSCARD_IN_SIZE (no
data to read).
But it wouldn't harm to leave the existing assert().
Reviewed-by: Marc-André Lureau <marcandre.lur...@redhat.com>
> ---
> hw/usb/ccid-card-passthru.c | 5 ++---
> 1 file changed, 2 insertions(+), 3 deletions(-)
>
> diff --git a/hw/usb/ccid-card-passthru.c b/hw/usb/ccid-card-passthru.c
> index 0a6c657228..8bb1314f49 100644
> --- a/hw/usb/ccid-card-passthru.c
> +++ b/hw/usb/ccid-card-passthru.c
> @@ -116,8 +116,8 @@ static int ccid_card_vscard_can_read(void *opaque)
> {
> PassthruState *card = opaque;
>
> - return VSCARD_IN_SIZE >= card->vscard_in_pos ?
> - VSCARD_IN_SIZE - card->vscard_in_pos : 0;
> + assert(card->vscard_in_pos <= VSCARD_IN_SIZE);
> + return VSCARD_IN_SIZE - card->vscard_in_pos;
> }
>
> static void ccid_card_vscard_handle_init(
> @@ -282,7 +282,6 @@ static void ccid_card_vscard_read(void *opaque, const
> uint8_t *buf, int size)
> ccid_card_vscard_drop_connection(card);
> return;
> }
> - assert(card->vscard_in_pos < VSCARD_IN_SIZE);
> assert(card->vscard_in_hdr < VSCARD_IN_SIZE);
> memcpy(card->vscard_in_data + card->vscard_in_pos, buf, size);
> card->vscard_in_pos += size;
> --
> 2.20.1
>
