Hi On Thu, Feb 14, 2019 at 9:19 PM Philippe Mathieu-Daudé <phi...@redhat.com> wrote: > > chardev::read() depends of what chardev::can_read() returns, move the > assertion to can_read(). > > Suggested-by: Paolo Bonzini <pbonz...@redhat.com> > Signed-off-by: Philippe Mathieu-Daudé <phi...@redhat.com>
Moving to can_read() makes sense, because nothing (except the chardev BREAK event) should update vscard_in_pos between the can_read() and read() callback. Changing the condition from < to <= could use some explanation. The can_read() callback should handle the case where the vscard_in buffer is full (adding = is necessary). And the read() callback should not be called with size == 0, when card->vscard_in_pos == VSCARD_IN_SIZE (no data to read). But it wouldn't harm to leave the existing assert(). Reviewed-by: Marc-André Lureau <marcandre.lur...@redhat.com> > --- > hw/usb/ccid-card-passthru.c | 5 ++--- > 1 file changed, 2 insertions(+), 3 deletions(-) > > diff --git a/hw/usb/ccid-card-passthru.c b/hw/usb/ccid-card-passthru.c > index 0a6c657228..8bb1314f49 100644 > --- a/hw/usb/ccid-card-passthru.c > +++ b/hw/usb/ccid-card-passthru.c > @@ -116,8 +116,8 @@ static int ccid_card_vscard_can_read(void *opaque) > { > PassthruState *card = opaque; > > - return VSCARD_IN_SIZE >= card->vscard_in_pos ? > - VSCARD_IN_SIZE - card->vscard_in_pos : 0; > + assert(card->vscard_in_pos <= VSCARD_IN_SIZE); > + return VSCARD_IN_SIZE - card->vscard_in_pos; > } > > static void ccid_card_vscard_handle_init( > @@ -282,7 +282,6 @@ static void ccid_card_vscard_read(void *opaque, const > uint8_t *buf, int size) > ccid_card_vscard_drop_connection(card); > return; > } > - assert(card->vscard_in_pos < VSCARD_IN_SIZE); > assert(card->vscard_in_hdr < VSCARD_IN_SIZE); > memcpy(card->vscard_in_data + card->vscard_in_pos, buf, size); > card->vscard_in_pos += size; > -- > 2.20.1 >