2007-01-07 23:04:40 +01:00
|
|
|
/*
|
|
|
|
* Simple C functions to supplement the C library
|
2007-09-16 23:08:06 +02:00
|
|
|
*
|
2007-01-07 23:04:40 +01:00
|
|
|
* Copyright (c) 2006 Fabrice Bellard
|
|
|
|
*
|
|
|
|
* Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
|
|
* of this software and associated documentation files (the "Software"), to deal
|
|
|
|
* in the Software without restriction, including without limitation the rights
|
|
|
|
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
|
|
* copies of the Software, and to permit persons to whom the Software is
|
|
|
|
* furnished to do so, subject to the following conditions:
|
|
|
|
*
|
|
|
|
* The above copyright notice and this permission notice shall be included in
|
|
|
|
* all copies or substantial portions of the Software.
|
|
|
|
*
|
|
|
|
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
|
|
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
|
|
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
|
|
|
|
* THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
|
|
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
|
|
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
|
|
|
* THE SOFTWARE.
|
|
|
|
*/
|
2019-05-23 16:35:06 +02:00
|
|
|
|
2016-01-29 18:49:55 +01:00
|
|
|
#include "qemu/osdep.h"
|
2012-12-17 18:20:00 +01:00
|
|
|
#include "qemu/host-utils.h"
|
2010-10-21 17:15:46 +02:00
|
|
|
#include <math.h>
|
2007-01-07 23:04:40 +01:00
|
|
|
|
2022-05-25 16:41:26 +02:00
|
|
|
#ifdef __FreeBSD__
|
|
|
|
#include <sys/sysctl.h>
|
|
|
|
#include <sys/user.h>
|
|
|
|
#endif
|
|
|
|
|
|
|
|
#ifdef __NetBSD__
|
|
|
|
#include <sys/sysctl.h>
|
|
|
|
#endif
|
|
|
|
|
2022-07-18 18:42:11 +02:00
|
|
|
#ifdef __HAIKU__
|
|
|
|
#include <kernel/image.h>
|
|
|
|
#endif
|
|
|
|
|
2022-08-10 00:20:46 +02:00
|
|
|
#ifdef __APPLE__
|
|
|
|
#include <mach-o/dyld.h>
|
|
|
|
#endif
|
|
|
|
|
2022-06-24 16:50:37 +02:00
|
|
|
#ifdef G_OS_WIN32
|
|
|
|
#include <pathcch.h>
|
|
|
|
#include <wchar.h>
|
|
|
|
#endif
|
|
|
|
|
2019-05-23 16:35:06 +02:00
|
|
|
#include "qemu/ctype.h"
|
2016-03-20 18:16:19 +01:00
|
|
|
#include "qemu/cutils.h"
|
2017-08-18 20:47:35 +02:00
|
|
|
#include "qemu/error-report.h"
|
2011-09-08 13:46:25 +02:00
|
|
|
|
2012-07-09 08:50:43 +02:00
|
|
|
void strpadcpy(char *buf, int buf_size, const char *str, char pad)
|
|
|
|
{
|
|
|
|
int len = qemu_strnlen(str, buf_size);
|
|
|
|
memcpy(buf, str, len);
|
|
|
|
memset(buf + len, pad, buf_size - len);
|
|
|
|
}
|
|
|
|
|
2007-01-07 23:04:40 +01:00
|
|
|
void pstrcpy(char *buf, int buf_size, const char *str)
|
|
|
|
{
|
|
|
|
int c;
|
|
|
|
char *q = buf;
|
|
|
|
|
|
|
|
if (buf_size <= 0)
|
|
|
|
return;
|
|
|
|
|
|
|
|
for(;;) {
|
|
|
|
c = *str++;
|
|
|
|
if (c == 0 || q >= buf + buf_size - 1)
|
|
|
|
break;
|
|
|
|
*q++ = c;
|
|
|
|
}
|
|
|
|
*q = '\0';
|
|
|
|
}
|
|
|
|
|
|
|
|
/* strcat and truncate. */
|
|
|
|
char *pstrcat(char *buf, int buf_size, const char *s)
|
|
|
|
{
|
|
|
|
int len;
|
|
|
|
len = strlen(buf);
|
2007-09-16 23:08:06 +02:00
|
|
|
if (len < buf_size)
|
2007-01-07 23:04:40 +01:00
|
|
|
pstrcpy(buf + len, buf_size - len, s);
|
|
|
|
return buf;
|
|
|
|
}
|
|
|
|
|
|
|
|
int strstart(const char *str, const char *val, const char **ptr)
|
|
|
|
{
|
|
|
|
const char *p, *q;
|
|
|
|
p = str;
|
|
|
|
q = val;
|
|
|
|
while (*q != '\0') {
|
|
|
|
if (*p != *q)
|
|
|
|
return 0;
|
|
|
|
p++;
|
|
|
|
q++;
|
|
|
|
}
|
|
|
|
if (ptr)
|
|
|
|
*ptr = p;
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
int stristart(const char *str, const char *val, const char **ptr)
|
|
|
|
{
|
|
|
|
const char *p, *q;
|
|
|
|
p = str;
|
|
|
|
q = val;
|
|
|
|
while (*q != '\0') {
|
2008-11-16 14:53:32 +01:00
|
|
|
if (qemu_toupper(*p) != qemu_toupper(*q))
|
2007-01-07 23:04:40 +01:00
|
|
|
return 0;
|
|
|
|
p++;
|
|
|
|
q++;
|
|
|
|
}
|
|
|
|
if (ptr)
|
|
|
|
*ptr = p;
|
|
|
|
return 1;
|
|
|
|
}
|
2007-11-10 20:36:39 +01:00
|
|
|
|
2009-07-01 20:24:44 +02:00
|
|
|
/* XXX: use host strnlen if available ? */
|
|
|
|
int qemu_strnlen(const char *s, int max_len)
|
|
|
|
{
|
|
|
|
int i;
|
|
|
|
|
|
|
|
for(i = 0; i < max_len; i++) {
|
|
|
|
if (s[i] == '\0') {
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return i;
|
|
|
|
}
|
|
|
|
|
2013-06-05 14:19:35 +02:00
|
|
|
char *qemu_strsep(char **input, const char *delim)
|
|
|
|
{
|
|
|
|
char *result = *input;
|
|
|
|
if (result != NULL) {
|
|
|
|
char *p;
|
|
|
|
|
|
|
|
for (p = result; *p != '\0'; p++) {
|
|
|
|
if (strchr(delim, *p)) {
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (*p == '\0') {
|
|
|
|
*input = NULL;
|
|
|
|
} else {
|
|
|
|
*p = '\0';
|
|
|
|
*input = p + 1;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return result;
|
|
|
|
}
|
|
|
|
|
2007-11-10 20:36:39 +01:00
|
|
|
time_t mktimegm(struct tm *tm)
|
|
|
|
{
|
|
|
|
time_t t;
|
|
|
|
int y = tm->tm_year + 1900, m = tm->tm_mon + 1, d = tm->tm_mday;
|
|
|
|
if (m < 3) {
|
|
|
|
m += 12;
|
|
|
|
y--;
|
|
|
|
}
|
2012-10-01 14:22:06 +02:00
|
|
|
t = 86400ULL * (d + (153 * m - 457) / 5 + 365 * y + y / 4 - y / 100 +
|
2007-11-10 20:36:39 +01:00
|
|
|
y / 400 - 719469);
|
|
|
|
t += 3600 * tm->tm_hour + 60 * tm->tm_min + tm->tm_sec;
|
|
|
|
return t;
|
|
|
|
}
|
2008-12-04 20:19:45 +01:00
|
|
|
|
cutils: Make strtosz & friends leave follow set to callers
strtosz() & friends require the size to be at the end of the string,
or be followed by whitespace or ','. I find this surprising, because
the name suggests it works like strtol().
The check simplifies callers that accept exactly that follow set
slightly. No such callers exist.
The check is redundant for callers that accept a smaller follow set,
and thus need to check themselves anyway. Right now, this is the case
for all but one caller. All of them neglected to check, or checked
incorrectly, but the previous few commits fixed them up.
Finally, the check is problematic for callers that accept a larger
follow set. This is the case in monitor_parse_command().
Fortunately, the problems there are relatively harmless.
monitor_parse_command() uses strtosz() for argument type 'o'. When
the last argument is of type 'o', a trailing ',' is diagnosed
differently than other trailing junk:
(qemu) migrate_set_speed 1x
invalid size
(qemu) migrate_set_speed 1,
migrate_set_speed: extraneous characters at the end of line
A related inconsistency exists with non-last arguments. No such
command exists, but let's use memsave to explore the inconsistency.
The monitor permits, but does not require whitespace between
arguments. For instance, "memsave (1-1)1024foo" is parsed as command
memsave with three arguments 0, 1024 and "foo". Yes, this is daft,
but at least it's consistently daft.
If I change memsave's second argument from 'i' to 'o', then "memsave
(1-1)1foo" is rejected, because the size is followed by an 'f'. But
"memsave (1-1)1," is still accepted, and duly saves to file ",".
We don't have any users of strtosz that profit from the check. In the
users we have, it appears to encourage sloppy error checking, or gets
in the way. Drop the bothersome check.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-11-22 09:46:06 +01:00
|
|
|
static int64_t suffix_mul(char suffix, int64_t unit)
|
|
|
|
{
|
|
|
|
switch (qemu_toupper(suffix)) {
|
2017-02-21 21:14:01 +01:00
|
|
|
case 'B':
|
cutils: Make strtosz & friends leave follow set to callers
strtosz() & friends require the size to be at the end of the string,
or be followed by whitespace or ','. I find this surprising, because
the name suggests it works like strtol().
The check simplifies callers that accept exactly that follow set
slightly. No such callers exist.
The check is redundant for callers that accept a smaller follow set,
and thus need to check themselves anyway. Right now, this is the case
for all but one caller. All of them neglected to check, or checked
incorrectly, but the previous few commits fixed them up.
Finally, the check is problematic for callers that accept a larger
follow set. This is the case in monitor_parse_command().
Fortunately, the problems there are relatively harmless.
monitor_parse_command() uses strtosz() for argument type 'o'. When
the last argument is of type 'o', a trailing ',' is diagnosed
differently than other trailing junk:
(qemu) migrate_set_speed 1x
invalid size
(qemu) migrate_set_speed 1,
migrate_set_speed: extraneous characters at the end of line
A related inconsistency exists with non-last arguments. No such
command exists, but let's use memsave to explore the inconsistency.
The monitor permits, but does not require whitespace between
arguments. For instance, "memsave (1-1)1024foo" is parsed as command
memsave with three arguments 0, 1024 and "foo". Yes, this is daft,
but at least it's consistently daft.
If I change memsave's second argument from 'i' to 'o', then "memsave
(1-1)1foo" is rejected, because the size is followed by an 'f'. But
"memsave (1-1)1," is still accepted, and duly saves to file ",".
We don't have any users of strtosz that profit from the check. In the
users we have, it appears to encourage sloppy error checking, or gets
in the way. Drop the bothersome check.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-11-22 09:46:06 +01:00
|
|
|
return 1;
|
2017-02-21 21:14:01 +01:00
|
|
|
case 'K':
|
cutils: Make strtosz & friends leave follow set to callers
strtosz() & friends require the size to be at the end of the string,
or be followed by whitespace or ','. I find this surprising, because
the name suggests it works like strtol().
The check simplifies callers that accept exactly that follow set
slightly. No such callers exist.
The check is redundant for callers that accept a smaller follow set,
and thus need to check themselves anyway. Right now, this is the case
for all but one caller. All of them neglected to check, or checked
incorrectly, but the previous few commits fixed them up.
Finally, the check is problematic for callers that accept a larger
follow set. This is the case in monitor_parse_command().
Fortunately, the problems there are relatively harmless.
monitor_parse_command() uses strtosz() for argument type 'o'. When
the last argument is of type 'o', a trailing ',' is diagnosed
differently than other trailing junk:
(qemu) migrate_set_speed 1x
invalid size
(qemu) migrate_set_speed 1,
migrate_set_speed: extraneous characters at the end of line
A related inconsistency exists with non-last arguments. No such
command exists, but let's use memsave to explore the inconsistency.
The monitor permits, but does not require whitespace between
arguments. For instance, "memsave (1-1)1024foo" is parsed as command
memsave with three arguments 0, 1024 and "foo". Yes, this is daft,
but at least it's consistently daft.
If I change memsave's second argument from 'i' to 'o', then "memsave
(1-1)1foo" is rejected, because the size is followed by an 'f'. But
"memsave (1-1)1," is still accepted, and duly saves to file ",".
We don't have any users of strtosz that profit from the check. In the
users we have, it appears to encourage sloppy error checking, or gets
in the way. Drop the bothersome check.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-11-22 09:46:06 +01:00
|
|
|
return unit;
|
2017-02-21 21:14:01 +01:00
|
|
|
case 'M':
|
cutils: Make strtosz & friends leave follow set to callers
strtosz() & friends require the size to be at the end of the string,
or be followed by whitespace or ','. I find this surprising, because
the name suggests it works like strtol().
The check simplifies callers that accept exactly that follow set
slightly. No such callers exist.
The check is redundant for callers that accept a smaller follow set,
and thus need to check themselves anyway. Right now, this is the case
for all but one caller. All of them neglected to check, or checked
incorrectly, but the previous few commits fixed them up.
Finally, the check is problematic for callers that accept a larger
follow set. This is the case in monitor_parse_command().
Fortunately, the problems there are relatively harmless.
monitor_parse_command() uses strtosz() for argument type 'o'. When
the last argument is of type 'o', a trailing ',' is diagnosed
differently than other trailing junk:
(qemu) migrate_set_speed 1x
invalid size
(qemu) migrate_set_speed 1,
migrate_set_speed: extraneous characters at the end of line
A related inconsistency exists with non-last arguments. No such
command exists, but let's use memsave to explore the inconsistency.
The monitor permits, but does not require whitespace between
arguments. For instance, "memsave (1-1)1024foo" is parsed as command
memsave with three arguments 0, 1024 and "foo". Yes, this is daft,
but at least it's consistently daft.
If I change memsave's second argument from 'i' to 'o', then "memsave
(1-1)1foo" is rejected, because the size is followed by an 'f'. But
"memsave (1-1)1," is still accepted, and duly saves to file ",".
We don't have any users of strtosz that profit from the check. In the
users we have, it appears to encourage sloppy error checking, or gets
in the way. Drop the bothersome check.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-11-22 09:46:06 +01:00
|
|
|
return unit * unit;
|
2017-02-21 21:14:01 +01:00
|
|
|
case 'G':
|
cutils: Make strtosz & friends leave follow set to callers
strtosz() & friends require the size to be at the end of the string,
or be followed by whitespace or ','. I find this surprising, because
the name suggests it works like strtol().
The check simplifies callers that accept exactly that follow set
slightly. No such callers exist.
The check is redundant for callers that accept a smaller follow set,
and thus need to check themselves anyway. Right now, this is the case
for all but one caller. All of them neglected to check, or checked
incorrectly, but the previous few commits fixed them up.
Finally, the check is problematic for callers that accept a larger
follow set. This is the case in monitor_parse_command().
Fortunately, the problems there are relatively harmless.
monitor_parse_command() uses strtosz() for argument type 'o'. When
the last argument is of type 'o', a trailing ',' is diagnosed
differently than other trailing junk:
(qemu) migrate_set_speed 1x
invalid size
(qemu) migrate_set_speed 1,
migrate_set_speed: extraneous characters at the end of line
A related inconsistency exists with non-last arguments. No such
command exists, but let's use memsave to explore the inconsistency.
The monitor permits, but does not require whitespace between
arguments. For instance, "memsave (1-1)1024foo" is parsed as command
memsave with three arguments 0, 1024 and "foo". Yes, this is daft,
but at least it's consistently daft.
If I change memsave's second argument from 'i' to 'o', then "memsave
(1-1)1foo" is rejected, because the size is followed by an 'f'. But
"memsave (1-1)1," is still accepted, and duly saves to file ",".
We don't have any users of strtosz that profit from the check. In the
users we have, it appears to encourage sloppy error checking, or gets
in the way. Drop the bothersome check.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-11-22 09:46:06 +01:00
|
|
|
return unit * unit * unit;
|
2017-02-21 21:14:01 +01:00
|
|
|
case 'T':
|
cutils: Make strtosz & friends leave follow set to callers
strtosz() & friends require the size to be at the end of the string,
or be followed by whitespace or ','. I find this surprising, because
the name suggests it works like strtol().
The check simplifies callers that accept exactly that follow set
slightly. No such callers exist.
The check is redundant for callers that accept a smaller follow set,
and thus need to check themselves anyway. Right now, this is the case
for all but one caller. All of them neglected to check, or checked
incorrectly, but the previous few commits fixed them up.
Finally, the check is problematic for callers that accept a larger
follow set. This is the case in monitor_parse_command().
Fortunately, the problems there are relatively harmless.
monitor_parse_command() uses strtosz() for argument type 'o'. When
the last argument is of type 'o', a trailing ',' is diagnosed
differently than other trailing junk:
(qemu) migrate_set_speed 1x
invalid size
(qemu) migrate_set_speed 1,
migrate_set_speed: extraneous characters at the end of line
A related inconsistency exists with non-last arguments. No such
command exists, but let's use memsave to explore the inconsistency.
The monitor permits, but does not require whitespace between
arguments. For instance, "memsave (1-1)1024foo" is parsed as command
memsave with three arguments 0, 1024 and "foo". Yes, this is daft,
but at least it's consistently daft.
If I change memsave's second argument from 'i' to 'o', then "memsave
(1-1)1foo" is rejected, because the size is followed by an 'f'. But
"memsave (1-1)1," is still accepted, and duly saves to file ",".
We don't have any users of strtosz that profit from the check. In the
users we have, it appears to encourage sloppy error checking, or gets
in the way. Drop the bothersome check.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-11-22 09:46:06 +01:00
|
|
|
return unit * unit * unit * unit;
|
2017-02-21 21:14:01 +01:00
|
|
|
case 'P':
|
2013-06-05 14:19:27 +02:00
|
|
|
return unit * unit * unit * unit * unit;
|
2017-02-21 21:14:01 +01:00
|
|
|
case 'E':
|
2013-06-05 14:19:27 +02:00
|
|
|
return unit * unit * unit * unit * unit * unit;
|
cutils: Make strtosz & friends leave follow set to callers
strtosz() & friends require the size to be at the end of the string,
or be followed by whitespace or ','. I find this surprising, because
the name suggests it works like strtol().
The check simplifies callers that accept exactly that follow set
slightly. No such callers exist.
The check is redundant for callers that accept a smaller follow set,
and thus need to check themselves anyway. Right now, this is the case
for all but one caller. All of them neglected to check, or checked
incorrectly, but the previous few commits fixed them up.
Finally, the check is problematic for callers that accept a larger
follow set. This is the case in monitor_parse_command().
Fortunately, the problems there are relatively harmless.
monitor_parse_command() uses strtosz() for argument type 'o'. When
the last argument is of type 'o', a trailing ',' is diagnosed
differently than other trailing junk:
(qemu) migrate_set_speed 1x
invalid size
(qemu) migrate_set_speed 1,
migrate_set_speed: extraneous characters at the end of line
A related inconsistency exists with non-last arguments. No such
command exists, but let's use memsave to explore the inconsistency.
The monitor permits, but does not require whitespace between
arguments. For instance, "memsave (1-1)1024foo" is parsed as command
memsave with three arguments 0, 1024 and "foo". Yes, this is daft,
but at least it's consistently daft.
If I change memsave's second argument from 'i' to 'o', then "memsave
(1-1)1foo" is rejected, because the size is followed by an 'f'. But
"memsave (1-1)1," is still accepted, and duly saves to file ",".
We don't have any users of strtosz that profit from the check. In the
users we have, it appears to encourage sloppy error checking, or gets
in the way. Drop the bothersome check.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-11-22 09:46:06 +01:00
|
|
|
}
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
2010-10-21 17:15:46 +02:00
|
|
|
/*
|
utils: Improve qemu_strtosz() to have 64 bits of precision
We have multiple clients of qemu_strtosz (qemu-io, the opts visitor,
the keyval visitor), and it gets annoying that edge-case testing is
impacted by implicit rounding to 53 bits of precision due to parsing
with strtod(). As an example posted by Rich Jones:
$ nbdkit memory $(( 2**63 - 2**30 )) --run \
'build/qemu-io -f raw "$uri" -c "w -P 3 $(( 2**63 - 2**30 - 512 )) 512" '
write failed: Input/output error
because 9223372035781033472 got rounded to 0x7fffffffc0000000 which is
out of bounds.
It is also worth noting that our existing parser, by virtue of using
strtod(), accepts decimal AND hex numbers, even though test-cutils
previously lacked any coverage of the latter until the previous patch.
We do have existing clients that expect a hex parse to work (for
example, iotest 33 using qemu-io -c "write -P 0xa 0x200 0x400"), but
strtod() parses "08" as 8 rather than as an invalid octal number, so
we know there are no clients that depend on octal. Our use of
strtod() also means that "0x1.8k" would actually parse as 1536 (the
fraction is 8/16), rather than 1843 (if the fraction were 8/10); but
as this was not covered in the testsuite, I have no qualms forbidding
hex fractions as invalid, so this patch declares that the use of
fractions is only supported with decimal input, and enhances the
testsuite to document that.
Our previous use of strtod() meant that -1 parsed as a negative; now
that we parse with strtoull(), negative values can wrap around modulo
2^64, so we have to explicitly check whether the user passed in a '-';
and make it consistent to also reject '-0'. This has the minor effect
of treating negative values as EINVAL (with no change to endptr)
rather than ERANGE (with endptr advanced to what was parsed), visible
in the updated iotest output.
We also had no testsuite coverage of "1.1e0k", which happened to parse
under strtod() but is unlikely to occur in practice; as long as we are
making things more robust, it is easy enough to reject the use of
exponents in a strtod parse.
The fix is done by breaking the parse into an integer prefix (no loss
in precision), rejecting negative values (since we can no longer rely
on strtod() to do that), determining if a decimal or hexadecimal parse
was intended (with the new restriction that a fractional hex parse is
not allowed), and where appropriate, using a floating point fractional
parse (where we also scan to reject use of exponents in the fraction).
The bulk of the patch is then updates to the testsuite to match our
new precision, as well as adding new cases we reject (whether they
were rejected or inadvertently accepted before).
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210211204438.1184395-3-eblake@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2021-02-11 21:44:36 +01:00
|
|
|
* Convert size string to bytes.
|
|
|
|
*
|
|
|
|
* The size parsing supports the following syntaxes
|
|
|
|
* - 12345 - decimal, scale determined by @default_suffix and @unit
|
|
|
|
* - 12345{bBkKmMgGtTpPeE} - decimal, scale determined by suffix and @unit
|
|
|
|
* - 12345.678{kKmMgGtTpPeE} - decimal, scale determined by suffix, and
|
|
|
|
* fractional portion is truncated to byte
|
|
|
|
* - 0x7fEE - hexadecimal, unit determined by @default_suffix
|
|
|
|
*
|
|
|
|
* The following are intentionally not supported
|
2022-12-16 10:50:05 +01:00
|
|
|
* - hex with scaling suffix, such as 0x20M
|
utils: Improve qemu_strtosz() to have 64 bits of precision
We have multiple clients of qemu_strtosz (qemu-io, the opts visitor,
the keyval visitor), and it gets annoying that edge-case testing is
impacted by implicit rounding to 53 bits of precision due to parsing
with strtod(). As an example posted by Rich Jones:
$ nbdkit memory $(( 2**63 - 2**30 )) --run \
'build/qemu-io -f raw "$uri" -c "w -P 3 $(( 2**63 - 2**30 - 512 )) 512" '
write failed: Input/output error
because 9223372035781033472 got rounded to 0x7fffffffc0000000 which is
out of bounds.
It is also worth noting that our existing parser, by virtue of using
strtod(), accepts decimal AND hex numbers, even though test-cutils
previously lacked any coverage of the latter until the previous patch.
We do have existing clients that expect a hex parse to work (for
example, iotest 33 using qemu-io -c "write -P 0xa 0x200 0x400"), but
strtod() parses "08" as 8 rather than as an invalid octal number, so
we know there are no clients that depend on octal. Our use of
strtod() also means that "0x1.8k" would actually parse as 1536 (the
fraction is 8/16), rather than 1843 (if the fraction were 8/10); but
as this was not covered in the testsuite, I have no qualms forbidding
hex fractions as invalid, so this patch declares that the use of
fractions is only supported with decimal input, and enhances the
testsuite to document that.
Our previous use of strtod() meant that -1 parsed as a negative; now
that we parse with strtoull(), negative values can wrap around modulo
2^64, so we have to explicitly check whether the user passed in a '-';
and make it consistent to also reject '-0'. This has the minor effect
of treating negative values as EINVAL (with no change to endptr)
rather than ERANGE (with endptr advanced to what was parsed), visible
in the updated iotest output.
We also had no testsuite coverage of "1.1e0k", which happened to parse
under strtod() but is unlikely to occur in practice; as long as we are
making things more robust, it is easy enough to reject the use of
exponents in a strtod parse.
The fix is done by breaking the parse into an integer prefix (no loss
in precision), rejecting negative values (since we can no longer rely
on strtod() to do that), determining if a decimal or hexadecimal parse
was intended (with the new restriction that a fractional hex parse is
not allowed), and where appropriate, using a floating point fractional
parse (where we also scan to reject use of exponents in the fraction).
The bulk of the patch is then updates to the testsuite to match our
new precision, as well as adding new cases we reject (whether they
were rejected or inadvertently accepted before).
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210211204438.1184395-3-eblake@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2021-02-11 21:44:36 +01:00
|
|
|
* - octal, such as 08
|
|
|
|
* - fractional hex, such as 0x1.8
|
|
|
|
* - floating point exponents, such as 1e3
|
|
|
|
*
|
|
|
|
* The end pointer will be returned in *end, if not NULL. If there is
|
|
|
|
* no fraction, the input can be decimal or hexadecimal; if there is a
|
|
|
|
* fraction, then the input must be decimal and there must be a suffix
|
|
|
|
* (possibly by @default_suffix) larger than Byte, and the fractional
|
|
|
|
* portion may suffer from precision loss or rounding. The input must
|
|
|
|
* be positive.
|
|
|
|
*
|
|
|
|
* Return -ERANGE on overflow (with *@end advanced), and -EINVAL on
|
|
|
|
* other error (with *@end left unchanged).
|
2010-10-21 17:15:46 +02:00
|
|
|
*/
|
2018-11-21 17:44:14 +01:00
|
|
|
static int do_strtosz(const char *nptr, const char **end,
|
2017-02-21 21:14:06 +01:00
|
|
|
const char default_suffix, int64_t unit,
|
2017-02-21 21:14:07 +01:00
|
|
|
uint64_t *result)
|
2010-10-21 17:15:46 +02:00
|
|
|
{
|
2017-02-21 21:14:06 +01:00
|
|
|
int retval;
|
utils: Improve qemu_strtosz() to have 64 bits of precision
We have multiple clients of qemu_strtosz (qemu-io, the opts visitor,
the keyval visitor), and it gets annoying that edge-case testing is
impacted by implicit rounding to 53 bits of precision due to parsing
with strtod(). As an example posted by Rich Jones:
$ nbdkit memory $(( 2**63 - 2**30 )) --run \
'build/qemu-io -f raw "$uri" -c "w -P 3 $(( 2**63 - 2**30 - 512 )) 512" '
write failed: Input/output error
because 9223372035781033472 got rounded to 0x7fffffffc0000000 which is
out of bounds.
It is also worth noting that our existing parser, by virtue of using
strtod(), accepts decimal AND hex numbers, even though test-cutils
previously lacked any coverage of the latter until the previous patch.
We do have existing clients that expect a hex parse to work (for
example, iotest 33 using qemu-io -c "write -P 0xa 0x200 0x400"), but
strtod() parses "08" as 8 rather than as an invalid octal number, so
we know there are no clients that depend on octal. Our use of
strtod() also means that "0x1.8k" would actually parse as 1536 (the
fraction is 8/16), rather than 1843 (if the fraction were 8/10); but
as this was not covered in the testsuite, I have no qualms forbidding
hex fractions as invalid, so this patch declares that the use of
fractions is only supported with decimal input, and enhances the
testsuite to document that.
Our previous use of strtod() meant that -1 parsed as a negative; now
that we parse with strtoull(), negative values can wrap around modulo
2^64, so we have to explicitly check whether the user passed in a '-';
and make it consistent to also reject '-0'. This has the minor effect
of treating negative values as EINVAL (with no change to endptr)
rather than ERANGE (with endptr advanced to what was parsed), visible
in the updated iotest output.
We also had no testsuite coverage of "1.1e0k", which happened to parse
under strtod() but is unlikely to occur in practice; as long as we are
making things more robust, it is easy enough to reject the use of
exponents in a strtod parse.
The fix is done by breaking the parse into an integer prefix (no loss
in precision), rejecting negative values (since we can no longer rely
on strtod() to do that), determining if a decimal or hexadecimal parse
was intended (with the new restriction that a fractional hex parse is
not allowed), and where appropriate, using a floating point fractional
parse (where we also scan to reject use of exponents in the fraction).
The bulk of the patch is then updates to the testsuite to match our
new precision, as well as adding new cases we reject (whether they
were rejected or inadvertently accepted before).
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210211204438.1184395-3-eblake@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2021-02-11 21:44:36 +01:00
|
|
|
const char *endptr, *f;
|
cutils: Make strtosz & friends leave follow set to callers
strtosz() & friends require the size to be at the end of the string,
or be followed by whitespace or ','. I find this surprising, because
the name suggests it works like strtol().
The check simplifies callers that accept exactly that follow set
slightly. No such callers exist.
The check is redundant for callers that accept a smaller follow set,
and thus need to check themselves anyway. Right now, this is the case
for all but one caller. All of them neglected to check, or checked
incorrectly, but the previous few commits fixed them up.
Finally, the check is problematic for callers that accept a larger
follow set. This is the case in monitor_parse_command().
Fortunately, the problems there are relatively harmless.
monitor_parse_command() uses strtosz() for argument type 'o'. When
the last argument is of type 'o', a trailing ',' is diagnosed
differently than other trailing junk:
(qemu) migrate_set_speed 1x
invalid size
(qemu) migrate_set_speed 1,
migrate_set_speed: extraneous characters at the end of line
A related inconsistency exists with non-last arguments. No such
command exists, but let's use memsave to explore the inconsistency.
The monitor permits, but does not require whitespace between
arguments. For instance, "memsave (1-1)1024foo" is parsed as command
memsave with three arguments 0, 1024 and "foo". Yes, this is daft,
but at least it's consistently daft.
If I change memsave's second argument from 'i' to 'o', then "memsave
(1-1)1foo" is rejected, because the size is followed by an 'f'. But
"memsave (1-1)1," is still accepted, and duly saves to file ",".
We don't have any users of strtosz that profit from the check. In the
users we have, it appears to encourage sloppy error checking, or gets
in the way. Drop the bothersome check.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-11-22 09:46:06 +01:00
|
|
|
unsigned char c;
|
2021-03-14 23:49:30 +01:00
|
|
|
uint64_t val, valf = 0;
|
utils: Improve qemu_strtosz() to have 64 bits of precision
We have multiple clients of qemu_strtosz (qemu-io, the opts visitor,
the keyval visitor), and it gets annoying that edge-case testing is
impacted by implicit rounding to 53 bits of precision due to parsing
with strtod(). As an example posted by Rich Jones:
$ nbdkit memory $(( 2**63 - 2**30 )) --run \
'build/qemu-io -f raw "$uri" -c "w -P 3 $(( 2**63 - 2**30 - 512 )) 512" '
write failed: Input/output error
because 9223372035781033472 got rounded to 0x7fffffffc0000000 which is
out of bounds.
It is also worth noting that our existing parser, by virtue of using
strtod(), accepts decimal AND hex numbers, even though test-cutils
previously lacked any coverage of the latter until the previous patch.
We do have existing clients that expect a hex parse to work (for
example, iotest 33 using qemu-io -c "write -P 0xa 0x200 0x400"), but
strtod() parses "08" as 8 rather than as an invalid octal number, so
we know there are no clients that depend on octal. Our use of
strtod() also means that "0x1.8k" would actually parse as 1536 (the
fraction is 8/16), rather than 1843 (if the fraction were 8/10); but
as this was not covered in the testsuite, I have no qualms forbidding
hex fractions as invalid, so this patch declares that the use of
fractions is only supported with decimal input, and enhances the
testsuite to document that.
Our previous use of strtod() meant that -1 parsed as a negative; now
that we parse with strtoull(), negative values can wrap around modulo
2^64, so we have to explicitly check whether the user passed in a '-';
and make it consistent to also reject '-0'. This has the minor effect
of treating negative values as EINVAL (with no change to endptr)
rather than ERANGE (with endptr advanced to what was parsed), visible
in the updated iotest output.
We also had no testsuite coverage of "1.1e0k", which happened to parse
under strtod() but is unlikely to occur in practice; as long as we are
making things more robust, it is easy enough to reject the use of
exponents in a strtod parse.
The fix is done by breaking the parse into an integer prefix (no loss
in precision), rejecting negative values (since we can no longer rely
on strtod() to do that), determining if a decimal or hexadecimal parse
was intended (with the new restriction that a fractional hex parse is
not allowed), and where appropriate, using a floating point fractional
parse (where we also scan to reject use of exponents in the fraction).
The bulk of the patch is then updates to the testsuite to match our
new precision, as well as adding new cases we reject (whether they
were rejected or inadvertently accepted before).
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210211204438.1184395-3-eblake@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2021-02-11 21:44:36 +01:00
|
|
|
int64_t mul;
|
2010-10-21 17:15:46 +02:00
|
|
|
|
utils: Improve qemu_strtosz() to have 64 bits of precision
We have multiple clients of qemu_strtosz (qemu-io, the opts visitor,
the keyval visitor), and it gets annoying that edge-case testing is
impacted by implicit rounding to 53 bits of precision due to parsing
with strtod(). As an example posted by Rich Jones:
$ nbdkit memory $(( 2**63 - 2**30 )) --run \
'build/qemu-io -f raw "$uri" -c "w -P 3 $(( 2**63 - 2**30 - 512 )) 512" '
write failed: Input/output error
because 9223372035781033472 got rounded to 0x7fffffffc0000000 which is
out of bounds.
It is also worth noting that our existing parser, by virtue of using
strtod(), accepts decimal AND hex numbers, even though test-cutils
previously lacked any coverage of the latter until the previous patch.
We do have existing clients that expect a hex parse to work (for
example, iotest 33 using qemu-io -c "write -P 0xa 0x200 0x400"), but
strtod() parses "08" as 8 rather than as an invalid octal number, so
we know there are no clients that depend on octal. Our use of
strtod() also means that "0x1.8k" would actually parse as 1536 (the
fraction is 8/16), rather than 1843 (if the fraction were 8/10); but
as this was not covered in the testsuite, I have no qualms forbidding
hex fractions as invalid, so this patch declares that the use of
fractions is only supported with decimal input, and enhances the
testsuite to document that.
Our previous use of strtod() meant that -1 parsed as a negative; now
that we parse with strtoull(), negative values can wrap around modulo
2^64, so we have to explicitly check whether the user passed in a '-';
and make it consistent to also reject '-0'. This has the minor effect
of treating negative values as EINVAL (with no change to endptr)
rather than ERANGE (with endptr advanced to what was parsed), visible
in the updated iotest output.
We also had no testsuite coverage of "1.1e0k", which happened to parse
under strtod() but is unlikely to occur in practice; as long as we are
making things more robust, it is easy enough to reject the use of
exponents in a strtod parse.
The fix is done by breaking the parse into an integer prefix (no loss
in precision), rejecting negative values (since we can no longer rely
on strtod() to do that), determining if a decimal or hexadecimal parse
was intended (with the new restriction that a fractional hex parse is
not allowed), and where appropriate, using a floating point fractional
parse (where we also scan to reject use of exponents in the fraction).
The bulk of the patch is then updates to the testsuite to match our
new precision, as well as adding new cases we reject (whether they
were rejected or inadvertently accepted before).
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210211204438.1184395-3-eblake@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2021-02-11 21:44:36 +01:00
|
|
|
/* Parse integral portion as decimal. */
|
|
|
|
retval = qemu_strtou64(nptr, &endptr, 10, &val);
|
2018-11-21 17:44:14 +01:00
|
|
|
if (retval) {
|
2017-02-21 21:14:05 +01:00
|
|
|
goto out;
|
2010-10-21 17:15:46 +02:00
|
|
|
}
|
utils: Improve qemu_strtosz() to have 64 bits of precision
We have multiple clients of qemu_strtosz (qemu-io, the opts visitor,
the keyval visitor), and it gets annoying that edge-case testing is
impacted by implicit rounding to 53 bits of precision due to parsing
with strtod(). As an example posted by Rich Jones:
$ nbdkit memory $(( 2**63 - 2**30 )) --run \
'build/qemu-io -f raw "$uri" -c "w -P 3 $(( 2**63 - 2**30 - 512 )) 512" '
write failed: Input/output error
because 9223372035781033472 got rounded to 0x7fffffffc0000000 which is
out of bounds.
It is also worth noting that our existing parser, by virtue of using
strtod(), accepts decimal AND hex numbers, even though test-cutils
previously lacked any coverage of the latter until the previous patch.
We do have existing clients that expect a hex parse to work (for
example, iotest 33 using qemu-io -c "write -P 0xa 0x200 0x400"), but
strtod() parses "08" as 8 rather than as an invalid octal number, so
we know there are no clients that depend on octal. Our use of
strtod() also means that "0x1.8k" would actually parse as 1536 (the
fraction is 8/16), rather than 1843 (if the fraction were 8/10); but
as this was not covered in the testsuite, I have no qualms forbidding
hex fractions as invalid, so this patch declares that the use of
fractions is only supported with decimal input, and enhances the
testsuite to document that.
Our previous use of strtod() meant that -1 parsed as a negative; now
that we parse with strtoull(), negative values can wrap around modulo
2^64, so we have to explicitly check whether the user passed in a '-';
and make it consistent to also reject '-0'. This has the minor effect
of treating negative values as EINVAL (with no change to endptr)
rather than ERANGE (with endptr advanced to what was parsed), visible
in the updated iotest output.
We also had no testsuite coverage of "1.1e0k", which happened to parse
under strtod() but is unlikely to occur in practice; as long as we are
making things more robust, it is easy enough to reject the use of
exponents in a strtod parse.
The fix is done by breaking the parse into an integer prefix (no loss
in precision), rejecting negative values (since we can no longer rely
on strtod() to do that), determining if a decimal or hexadecimal parse
was intended (with the new restriction that a fractional hex parse is
not allowed), and where appropriate, using a floating point fractional
parse (where we also scan to reject use of exponents in the fraction).
The bulk of the patch is then updates to the testsuite to match our
new precision, as well as adding new cases we reject (whether they
were rejected or inadvertently accepted before).
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210211204438.1184395-3-eblake@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2021-02-11 21:44:36 +01:00
|
|
|
if (memchr(nptr, '-', endptr - nptr) != NULL) {
|
|
|
|
endptr = nptr;
|
|
|
|
retval = -EINVAL;
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
if (val == 0 && (*endptr == 'x' || *endptr == 'X')) {
|
2022-12-16 10:50:05 +01:00
|
|
|
/* Input looks like hex; reparse, and insist on no fraction or suffix. */
|
utils: Improve qemu_strtosz() to have 64 bits of precision
We have multiple clients of qemu_strtosz (qemu-io, the opts visitor,
the keyval visitor), and it gets annoying that edge-case testing is
impacted by implicit rounding to 53 bits of precision due to parsing
with strtod(). As an example posted by Rich Jones:
$ nbdkit memory $(( 2**63 - 2**30 )) --run \
'build/qemu-io -f raw "$uri" -c "w -P 3 $(( 2**63 - 2**30 - 512 )) 512" '
write failed: Input/output error
because 9223372035781033472 got rounded to 0x7fffffffc0000000 which is
out of bounds.
It is also worth noting that our existing parser, by virtue of using
strtod(), accepts decimal AND hex numbers, even though test-cutils
previously lacked any coverage of the latter until the previous patch.
We do have existing clients that expect a hex parse to work (for
example, iotest 33 using qemu-io -c "write -P 0xa 0x200 0x400"), but
strtod() parses "08" as 8 rather than as an invalid octal number, so
we know there are no clients that depend on octal. Our use of
strtod() also means that "0x1.8k" would actually parse as 1536 (the
fraction is 8/16), rather than 1843 (if the fraction were 8/10); but
as this was not covered in the testsuite, I have no qualms forbidding
hex fractions as invalid, so this patch declares that the use of
fractions is only supported with decimal input, and enhances the
testsuite to document that.
Our previous use of strtod() meant that -1 parsed as a negative; now
that we parse with strtoull(), negative values can wrap around modulo
2^64, so we have to explicitly check whether the user passed in a '-';
and make it consistent to also reject '-0'. This has the minor effect
of treating negative values as EINVAL (with no change to endptr)
rather than ERANGE (with endptr advanced to what was parsed), visible
in the updated iotest output.
We also had no testsuite coverage of "1.1e0k", which happened to parse
under strtod() but is unlikely to occur in practice; as long as we are
making things more robust, it is easy enough to reject the use of
exponents in a strtod parse.
The fix is done by breaking the parse into an integer prefix (no loss
in precision), rejecting negative values (since we can no longer rely
on strtod() to do that), determining if a decimal or hexadecimal parse
was intended (with the new restriction that a fractional hex parse is
not allowed), and where appropriate, using a floating point fractional
parse (where we also scan to reject use of exponents in the fraction).
The bulk of the patch is then updates to the testsuite to match our
new precision, as well as adding new cases we reject (whether they
were rejected or inadvertently accepted before).
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210211204438.1184395-3-eblake@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2021-02-11 21:44:36 +01:00
|
|
|
retval = qemu_strtou64(nptr, &endptr, 16, &val);
|
|
|
|
if (retval) {
|
|
|
|
goto out;
|
|
|
|
}
|
2022-12-16 10:50:05 +01:00
|
|
|
if (*endptr == '.' || suffix_mul(*endptr, unit) > 0) {
|
utils: Improve qemu_strtosz() to have 64 bits of precision
We have multiple clients of qemu_strtosz (qemu-io, the opts visitor,
the keyval visitor), and it gets annoying that edge-case testing is
impacted by implicit rounding to 53 bits of precision due to parsing
with strtod(). As an example posted by Rich Jones:
$ nbdkit memory $(( 2**63 - 2**30 )) --run \
'build/qemu-io -f raw "$uri" -c "w -P 3 $(( 2**63 - 2**30 - 512 )) 512" '
write failed: Input/output error
because 9223372035781033472 got rounded to 0x7fffffffc0000000 which is
out of bounds.
It is also worth noting that our existing parser, by virtue of using
strtod(), accepts decimal AND hex numbers, even though test-cutils
previously lacked any coverage of the latter until the previous patch.
We do have existing clients that expect a hex parse to work (for
example, iotest 33 using qemu-io -c "write -P 0xa 0x200 0x400"), but
strtod() parses "08" as 8 rather than as an invalid octal number, so
we know there are no clients that depend on octal. Our use of
strtod() also means that "0x1.8k" would actually parse as 1536 (the
fraction is 8/16), rather than 1843 (if the fraction were 8/10); but
as this was not covered in the testsuite, I have no qualms forbidding
hex fractions as invalid, so this patch declares that the use of
fractions is only supported with decimal input, and enhances the
testsuite to document that.
Our previous use of strtod() meant that -1 parsed as a negative; now
that we parse with strtoull(), negative values can wrap around modulo
2^64, so we have to explicitly check whether the user passed in a '-';
and make it consistent to also reject '-0'. This has the minor effect
of treating negative values as EINVAL (with no change to endptr)
rather than ERANGE (with endptr advanced to what was parsed), visible
in the updated iotest output.
We also had no testsuite coverage of "1.1e0k", which happened to parse
under strtod() but is unlikely to occur in practice; as long as we are
making things more robust, it is easy enough to reject the use of
exponents in a strtod parse.
The fix is done by breaking the parse into an integer prefix (no loss
in precision), rejecting negative values (since we can no longer rely
on strtod() to do that), determining if a decimal or hexadecimal parse
was intended (with the new restriction that a fractional hex parse is
not allowed), and where appropriate, using a floating point fractional
parse (where we also scan to reject use of exponents in the fraction).
The bulk of the patch is then updates to the testsuite to match our
new precision, as well as adding new cases we reject (whether they
were rejected or inadvertently accepted before).
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210211204438.1184395-3-eblake@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2021-02-11 21:44:36 +01:00
|
|
|
endptr = nptr;
|
|
|
|
retval = -EINVAL;
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
} else if (*endptr == '.') {
|
|
|
|
/*
|
|
|
|
* Input looks like a fraction. Make sure even 1.k works
|
|
|
|
* without fractional digits. If we see an exponent, treat
|
|
|
|
* the entire input as invalid instead.
|
|
|
|
*/
|
2021-03-14 23:49:30 +01:00
|
|
|
double fraction;
|
|
|
|
|
utils: Improve qemu_strtosz() to have 64 bits of precision
We have multiple clients of qemu_strtosz (qemu-io, the opts visitor,
the keyval visitor), and it gets annoying that edge-case testing is
impacted by implicit rounding to 53 bits of precision due to parsing
with strtod(). As an example posted by Rich Jones:
$ nbdkit memory $(( 2**63 - 2**30 )) --run \
'build/qemu-io -f raw "$uri" -c "w -P 3 $(( 2**63 - 2**30 - 512 )) 512" '
write failed: Input/output error
because 9223372035781033472 got rounded to 0x7fffffffc0000000 which is
out of bounds.
It is also worth noting that our existing parser, by virtue of using
strtod(), accepts decimal AND hex numbers, even though test-cutils
previously lacked any coverage of the latter until the previous patch.
We do have existing clients that expect a hex parse to work (for
example, iotest 33 using qemu-io -c "write -P 0xa 0x200 0x400"), but
strtod() parses "08" as 8 rather than as an invalid octal number, so
we know there are no clients that depend on octal. Our use of
strtod() also means that "0x1.8k" would actually parse as 1536 (the
fraction is 8/16), rather than 1843 (if the fraction were 8/10); but
as this was not covered in the testsuite, I have no qualms forbidding
hex fractions as invalid, so this patch declares that the use of
fractions is only supported with decimal input, and enhances the
testsuite to document that.
Our previous use of strtod() meant that -1 parsed as a negative; now
that we parse with strtoull(), negative values can wrap around modulo
2^64, so we have to explicitly check whether the user passed in a '-';
and make it consistent to also reject '-0'. This has the minor effect
of treating negative values as EINVAL (with no change to endptr)
rather than ERANGE (with endptr advanced to what was parsed), visible
in the updated iotest output.
We also had no testsuite coverage of "1.1e0k", which happened to parse
under strtod() but is unlikely to occur in practice; as long as we are
making things more robust, it is easy enough to reject the use of
exponents in a strtod parse.
The fix is done by breaking the parse into an integer prefix (no loss
in precision), rejecting negative values (since we can no longer rely
on strtod() to do that), determining if a decimal or hexadecimal parse
was intended (with the new restriction that a fractional hex parse is
not allowed), and where appropriate, using a floating point fractional
parse (where we also scan to reject use of exponents in the fraction).
The bulk of the patch is then updates to the testsuite to match our
new precision, as well as adding new cases we reject (whether they
were rejected or inadvertently accepted before).
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210211204438.1184395-3-eblake@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2021-02-11 21:44:36 +01:00
|
|
|
f = endptr;
|
|
|
|
retval = qemu_strtod_finite(f, &endptr, &fraction);
|
|
|
|
if (retval) {
|
|
|
|
endptr++;
|
|
|
|
} else if (memchr(f, 'e', endptr - f) || memchr(f, 'E', endptr - f)) {
|
|
|
|
endptr = nptr;
|
|
|
|
retval = -EINVAL;
|
|
|
|
goto out;
|
2021-03-14 23:49:30 +01:00
|
|
|
} else {
|
|
|
|
/* Extract into a 64-bit fixed-point fraction. */
|
|
|
|
valf = (uint64_t)(fraction * 0x1p64);
|
utils: Improve qemu_strtosz() to have 64 bits of precision
We have multiple clients of qemu_strtosz (qemu-io, the opts visitor,
the keyval visitor), and it gets annoying that edge-case testing is
impacted by implicit rounding to 53 bits of precision due to parsing
with strtod(). As an example posted by Rich Jones:
$ nbdkit memory $(( 2**63 - 2**30 )) --run \
'build/qemu-io -f raw "$uri" -c "w -P 3 $(( 2**63 - 2**30 - 512 )) 512" '
write failed: Input/output error
because 9223372035781033472 got rounded to 0x7fffffffc0000000 which is
out of bounds.
It is also worth noting that our existing parser, by virtue of using
strtod(), accepts decimal AND hex numbers, even though test-cutils
previously lacked any coverage of the latter until the previous patch.
We do have existing clients that expect a hex parse to work (for
example, iotest 33 using qemu-io -c "write -P 0xa 0x200 0x400"), but
strtod() parses "08" as 8 rather than as an invalid octal number, so
we know there are no clients that depend on octal. Our use of
strtod() also means that "0x1.8k" would actually parse as 1536 (the
fraction is 8/16), rather than 1843 (if the fraction were 8/10); but
as this was not covered in the testsuite, I have no qualms forbidding
hex fractions as invalid, so this patch declares that the use of
fractions is only supported with decimal input, and enhances the
testsuite to document that.
Our previous use of strtod() meant that -1 parsed as a negative; now
that we parse with strtoull(), negative values can wrap around modulo
2^64, so we have to explicitly check whether the user passed in a '-';
and make it consistent to also reject '-0'. This has the minor effect
of treating negative values as EINVAL (with no change to endptr)
rather than ERANGE (with endptr advanced to what was parsed), visible
in the updated iotest output.
We also had no testsuite coverage of "1.1e0k", which happened to parse
under strtod() but is unlikely to occur in practice; as long as we are
making things more robust, it is easy enough to reject the use of
exponents in a strtod parse.
The fix is done by breaking the parse into an integer prefix (no loss
in precision), rejecting negative values (since we can no longer rely
on strtod() to do that), determining if a decimal or hexadecimal parse
was intended (with the new restriction that a fractional hex parse is
not allowed), and where appropriate, using a floating point fractional
parse (where we also scan to reject use of exponents in the fraction).
The bulk of the patch is then updates to the testsuite to match our
new precision, as well as adding new cases we reject (whether they
were rejected or inadvertently accepted before).
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210211204438.1184395-3-eblake@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2021-02-11 21:44:36 +01:00
|
|
|
}
|
2010-10-21 17:15:46 +02:00
|
|
|
}
|
|
|
|
c = *endptr;
|
cutils: Make strtosz & friends leave follow set to callers
strtosz() & friends require the size to be at the end of the string,
or be followed by whitespace or ','. I find this surprising, because
the name suggests it works like strtol().
The check simplifies callers that accept exactly that follow set
slightly. No such callers exist.
The check is redundant for callers that accept a smaller follow set,
and thus need to check themselves anyway. Right now, this is the case
for all but one caller. All of them neglected to check, or checked
incorrectly, but the previous few commits fixed them up.
Finally, the check is problematic for callers that accept a larger
follow set. This is the case in monitor_parse_command().
Fortunately, the problems there are relatively harmless.
monitor_parse_command() uses strtosz() for argument type 'o'. When
the last argument is of type 'o', a trailing ',' is diagnosed
differently than other trailing junk:
(qemu) migrate_set_speed 1x
invalid size
(qemu) migrate_set_speed 1,
migrate_set_speed: extraneous characters at the end of line
A related inconsistency exists with non-last arguments. No such
command exists, but let's use memsave to explore the inconsistency.
The monitor permits, but does not require whitespace between
arguments. For instance, "memsave (1-1)1024foo" is parsed as command
memsave with three arguments 0, 1024 and "foo". Yes, this is daft,
but at least it's consistently daft.
If I change memsave's second argument from 'i' to 'o', then "memsave
(1-1)1foo" is rejected, because the size is followed by an 'f'. But
"memsave (1-1)1," is still accepted, and duly saves to file ",".
We don't have any users of strtosz that profit from the check. In the
users we have, it appears to encourage sloppy error checking, or gets
in the way. Drop the bothersome check.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-11-22 09:46:06 +01:00
|
|
|
mul = suffix_mul(c, unit);
|
utils: Improve qemu_strtosz() to have 64 bits of precision
We have multiple clients of qemu_strtosz (qemu-io, the opts visitor,
the keyval visitor), and it gets annoying that edge-case testing is
impacted by implicit rounding to 53 bits of precision due to parsing
with strtod(). As an example posted by Rich Jones:
$ nbdkit memory $(( 2**63 - 2**30 )) --run \
'build/qemu-io -f raw "$uri" -c "w -P 3 $(( 2**63 - 2**30 - 512 )) 512" '
write failed: Input/output error
because 9223372035781033472 got rounded to 0x7fffffffc0000000 which is
out of bounds.
It is also worth noting that our existing parser, by virtue of using
strtod(), accepts decimal AND hex numbers, even though test-cutils
previously lacked any coverage of the latter until the previous patch.
We do have existing clients that expect a hex parse to work (for
example, iotest 33 using qemu-io -c "write -P 0xa 0x200 0x400"), but
strtod() parses "08" as 8 rather than as an invalid octal number, so
we know there are no clients that depend on octal. Our use of
strtod() also means that "0x1.8k" would actually parse as 1536 (the
fraction is 8/16), rather than 1843 (if the fraction were 8/10); but
as this was not covered in the testsuite, I have no qualms forbidding
hex fractions as invalid, so this patch declares that the use of
fractions is only supported with decimal input, and enhances the
testsuite to document that.
Our previous use of strtod() meant that -1 parsed as a negative; now
that we parse with strtoull(), negative values can wrap around modulo
2^64, so we have to explicitly check whether the user passed in a '-';
and make it consistent to also reject '-0'. This has the minor effect
of treating negative values as EINVAL (with no change to endptr)
rather than ERANGE (with endptr advanced to what was parsed), visible
in the updated iotest output.
We also had no testsuite coverage of "1.1e0k", which happened to parse
under strtod() but is unlikely to occur in practice; as long as we are
making things more robust, it is easy enough to reject the use of
exponents in a strtod parse.
The fix is done by breaking the parse into an integer prefix (no loss
in precision), rejecting negative values (since we can no longer rely
on strtod() to do that), determining if a decimal or hexadecimal parse
was intended (with the new restriction that a fractional hex parse is
not allowed), and where appropriate, using a floating point fractional
parse (where we also scan to reject use of exponents in the fraction).
The bulk of the patch is then updates to the testsuite to match our
new precision, as well as adding new cases we reject (whether they
were rejected or inadvertently accepted before).
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210211204438.1184395-3-eblake@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2021-02-11 21:44:36 +01:00
|
|
|
if (mul > 0) {
|
cutils: Make strtosz & friends leave follow set to callers
strtosz() & friends require the size to be at the end of the string,
or be followed by whitespace or ','. I find this surprising, because
the name suggests it works like strtol().
The check simplifies callers that accept exactly that follow set
slightly. No such callers exist.
The check is redundant for callers that accept a smaller follow set,
and thus need to check themselves anyway. Right now, this is the case
for all but one caller. All of them neglected to check, or checked
incorrectly, but the previous few commits fixed them up.
Finally, the check is problematic for callers that accept a larger
follow set. This is the case in monitor_parse_command().
Fortunately, the problems there are relatively harmless.
monitor_parse_command() uses strtosz() for argument type 'o'. When
the last argument is of type 'o', a trailing ',' is diagnosed
differently than other trailing junk:
(qemu) migrate_set_speed 1x
invalid size
(qemu) migrate_set_speed 1,
migrate_set_speed: extraneous characters at the end of line
A related inconsistency exists with non-last arguments. No such
command exists, but let's use memsave to explore the inconsistency.
The monitor permits, but does not require whitespace between
arguments. For instance, "memsave (1-1)1024foo" is parsed as command
memsave with three arguments 0, 1024 and "foo". Yes, this is daft,
but at least it's consistently daft.
If I change memsave's second argument from 'i' to 'o', then "memsave
(1-1)1foo" is rejected, because the size is followed by an 'f'. But
"memsave (1-1)1," is still accepted, and duly saves to file ",".
We don't have any users of strtosz that profit from the check. In the
users we have, it appears to encourage sloppy error checking, or gets
in the way. Drop the bothersome check.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-11-22 09:46:06 +01:00
|
|
|
endptr++;
|
|
|
|
} else {
|
|
|
|
mul = suffix_mul(default_suffix, unit);
|
utils: Improve qemu_strtosz() to have 64 bits of precision
We have multiple clients of qemu_strtosz (qemu-io, the opts visitor,
the keyval visitor), and it gets annoying that edge-case testing is
impacted by implicit rounding to 53 bits of precision due to parsing
with strtod(). As an example posted by Rich Jones:
$ nbdkit memory $(( 2**63 - 2**30 )) --run \
'build/qemu-io -f raw "$uri" -c "w -P 3 $(( 2**63 - 2**30 - 512 )) 512" '
write failed: Input/output error
because 9223372035781033472 got rounded to 0x7fffffffc0000000 which is
out of bounds.
It is also worth noting that our existing parser, by virtue of using
strtod(), accepts decimal AND hex numbers, even though test-cutils
previously lacked any coverage of the latter until the previous patch.
We do have existing clients that expect a hex parse to work (for
example, iotest 33 using qemu-io -c "write -P 0xa 0x200 0x400"), but
strtod() parses "08" as 8 rather than as an invalid octal number, so
we know there are no clients that depend on octal. Our use of
strtod() also means that "0x1.8k" would actually parse as 1536 (the
fraction is 8/16), rather than 1843 (if the fraction were 8/10); but
as this was not covered in the testsuite, I have no qualms forbidding
hex fractions as invalid, so this patch declares that the use of
fractions is only supported with decimal input, and enhances the
testsuite to document that.
Our previous use of strtod() meant that -1 parsed as a negative; now
that we parse with strtoull(), negative values can wrap around modulo
2^64, so we have to explicitly check whether the user passed in a '-';
and make it consistent to also reject '-0'. This has the minor effect
of treating negative values as EINVAL (with no change to endptr)
rather than ERANGE (with endptr advanced to what was parsed), visible
in the updated iotest output.
We also had no testsuite coverage of "1.1e0k", which happened to parse
under strtod() but is unlikely to occur in practice; as long as we are
making things more robust, it is easy enough to reject the use of
exponents in a strtod parse.
The fix is done by breaking the parse into an integer prefix (no loss
in precision), rejecting negative values (since we can no longer rely
on strtod() to do that), determining if a decimal or hexadecimal parse
was intended (with the new restriction that a fractional hex parse is
not allowed), and where appropriate, using a floating point fractional
parse (where we also scan to reject use of exponents in the fraction).
The bulk of the patch is then updates to the testsuite to match our
new precision, as well as adding new cases we reject (whether they
were rejected or inadvertently accepted before).
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210211204438.1184395-3-eblake@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2021-02-11 21:44:36 +01:00
|
|
|
assert(mul > 0);
|
2010-10-21 17:15:46 +02:00
|
|
|
}
|
2021-03-14 23:49:30 +01:00
|
|
|
if (mul == 1) {
|
|
|
|
/* When a fraction is present, a scale is required. */
|
|
|
|
if (valf != 0) {
|
|
|
|
endptr = nptr;
|
|
|
|
retval = -EINVAL;
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
uint64_t valh, tmp;
|
|
|
|
|
|
|
|
/* Compute exact result: 64.64 x 64.0 -> 128.64 fixed point */
|
|
|
|
mulu64(&val, &valh, val, mul);
|
|
|
|
mulu64(&valf, &tmp, valf, mul);
|
|
|
|
val += tmp;
|
|
|
|
valh += val < tmp;
|
|
|
|
|
|
|
|
/* Round 0.5 upward. */
|
|
|
|
tmp = valf >> 63;
|
|
|
|
val += tmp;
|
|
|
|
valh += val < tmp;
|
|
|
|
|
|
|
|
/* Report overflow. */
|
|
|
|
if (valh != 0) {
|
|
|
|
retval = -ERANGE;
|
|
|
|
goto out;
|
|
|
|
}
|
2010-10-21 17:15:46 +02:00
|
|
|
}
|
2021-03-14 23:49:30 +01:00
|
|
|
|
2017-02-21 21:14:06 +01:00
|
|
|
retval = 0;
|
2010-10-21 17:15:46 +02:00
|
|
|
|
2017-02-21 21:14:05 +01:00
|
|
|
out:
|
2010-10-21 17:15:46 +02:00
|
|
|
if (end) {
|
|
|
|
*end = endptr;
|
2017-02-21 21:14:05 +01:00
|
|
|
} else if (*endptr) {
|
|
|
|
retval = -EINVAL;
|
2010-10-21 17:15:46 +02:00
|
|
|
}
|
2021-03-23 17:52:59 +01:00
|
|
|
if (retval == 0) {
|
|
|
|
*result = val;
|
|
|
|
}
|
2010-10-21 17:15:46 +02:00
|
|
|
|
|
|
|
return retval;
|
|
|
|
}
|
2010-12-09 14:17:24 +01:00
|
|
|
|
2018-11-21 17:44:14 +01:00
|
|
|
int qemu_strtosz(const char *nptr, const char **end, uint64_t *result)
|
2011-07-07 16:13:11 +02:00
|
|
|
{
|
2017-02-21 21:14:06 +01:00
|
|
|
return do_strtosz(nptr, end, 'B', 1024, result);
|
2011-07-07 16:13:11 +02:00
|
|
|
}
|
|
|
|
|
2018-11-21 17:44:14 +01:00
|
|
|
int qemu_strtosz_MiB(const char *nptr, const char **end, uint64_t *result)
|
2010-12-09 14:17:24 +01:00
|
|
|
{
|
2017-02-21 21:14:06 +01:00
|
|
|
return do_strtosz(nptr, end, 'M', 1024, result);
|
2010-12-09 14:17:24 +01:00
|
|
|
}
|
2011-09-28 12:41:32 +02:00
|
|
|
|
2018-11-21 17:44:14 +01:00
|
|
|
int qemu_strtosz_metric(const char *nptr, const char **end, uint64_t *result)
|
2017-02-21 21:13:58 +01:00
|
|
|
{
|
2017-02-21 21:14:06 +01:00
|
|
|
return do_strtosz(nptr, end, 'B', 1000, result);
|
2017-02-21 21:13:58 +01:00
|
|
|
}
|
|
|
|
|
2015-07-20 01:02:17 +02:00
|
|
|
/**
|
2017-02-21 21:13:51 +01:00
|
|
|
* Helper function for error checking after strtol() and the like
|
2015-07-20 01:02:17 +02:00
|
|
|
*/
|
2017-02-21 21:13:51 +01:00
|
|
|
static int check_strtox_error(const char *nptr, char *ep,
|
2021-03-23 17:53:00 +01:00
|
|
|
const char **endptr, bool check_zero,
|
|
|
|
int libc_errno)
|
2015-07-20 01:02:17 +02:00
|
|
|
{
|
2018-12-06 16:18:56 +01:00
|
|
|
assert(ep >= nptr);
|
2021-03-23 17:53:00 +01:00
|
|
|
|
|
|
|
/* Windows has a bug in that it fails to parse 0 from "0x" in base 16 */
|
|
|
|
if (check_zero && ep == nptr && libc_errno == 0) {
|
|
|
|
char *tmp;
|
|
|
|
|
|
|
|
errno = 0;
|
|
|
|
if (strtol(nptr, &tmp, 10) == 0 && errno == 0 &&
|
|
|
|
(*tmp == 'x' || *tmp == 'X')) {
|
|
|
|
ep = tmp;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-02-21 21:13:52 +01:00
|
|
|
if (endptr) {
|
|
|
|
*endptr = ep;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Turn "no conversion" into an error */
|
2017-02-21 21:13:51 +01:00
|
|
|
if (libc_errno == 0 && ep == nptr) {
|
2017-02-21 21:13:52 +01:00
|
|
|
return -EINVAL;
|
2015-09-10 10:02:00 +02:00
|
|
|
}
|
2017-02-21 21:13:52 +01:00
|
|
|
|
|
|
|
/* Fail when we're expected to consume the string, but didn't */
|
2017-02-21 21:13:51 +01:00
|
|
|
if (!endptr && *ep) {
|
2015-07-20 01:02:17 +02:00
|
|
|
return -EINVAL;
|
|
|
|
}
|
2017-02-21 21:13:52 +01:00
|
|
|
|
2017-02-21 21:13:51 +01:00
|
|
|
return -libc_errno;
|
2015-07-20 01:02:17 +02:00
|
|
|
}
|
|
|
|
|
2017-12-22 13:46:23 +01:00
|
|
|
/**
|
|
|
|
* Convert string @nptr to an integer, and store it in @result.
|
|
|
|
*
|
|
|
|
* This is a wrapper around strtol() that is harder to misuse.
|
|
|
|
* Semantics of @nptr, @endptr, @base match strtol() with differences
|
|
|
|
* noted below.
|
|
|
|
*
|
|
|
|
* @nptr may be null, and no conversion is performed then.
|
|
|
|
*
|
|
|
|
* If no conversion is performed, store @nptr in *@endptr and return
|
|
|
|
* -EINVAL.
|
|
|
|
*
|
|
|
|
* If @endptr is null, and the string isn't fully converted, return
|
|
|
|
* -EINVAL. This is the case when the pointer that would be stored in
|
|
|
|
* a non-null @endptr points to a character other than '\0'.
|
|
|
|
*
|
|
|
|
* If the conversion overflows @result, store INT_MAX in @result,
|
|
|
|
* and return -ERANGE.
|
|
|
|
*
|
|
|
|
* If the conversion underflows @result, store INT_MIN in @result,
|
|
|
|
* and return -ERANGE.
|
|
|
|
*
|
|
|
|
* Else store the converted value in @result, and return zero.
|
|
|
|
*/
|
|
|
|
int qemu_strtoi(const char *nptr, const char **endptr, int base,
|
|
|
|
int *result)
|
|
|
|
{
|
|
|
|
char *ep;
|
|
|
|
long long lresult;
|
|
|
|
|
2018-12-06 16:18:56 +01:00
|
|
|
assert((unsigned) base <= 36 && base != 1);
|
2017-12-22 13:46:23 +01:00
|
|
|
if (!nptr) {
|
|
|
|
if (endptr) {
|
|
|
|
*endptr = nptr;
|
|
|
|
}
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
|
|
|
errno = 0;
|
|
|
|
lresult = strtoll(nptr, &ep, base);
|
|
|
|
if (lresult < INT_MIN) {
|
|
|
|
*result = INT_MIN;
|
|
|
|
errno = ERANGE;
|
|
|
|
} else if (lresult > INT_MAX) {
|
|
|
|
*result = INT_MAX;
|
|
|
|
errno = ERANGE;
|
|
|
|
} else {
|
|
|
|
*result = lresult;
|
|
|
|
}
|
2021-03-23 17:53:00 +01:00
|
|
|
return check_strtox_error(nptr, ep, endptr, lresult == 0, errno);
|
2017-12-22 13:46:23 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Convert string @nptr to an unsigned integer, and store it in @result.
|
|
|
|
*
|
|
|
|
* This is a wrapper around strtoul() that is harder to misuse.
|
|
|
|
* Semantics of @nptr, @endptr, @base match strtoul() with differences
|
|
|
|
* noted below.
|
|
|
|
*
|
|
|
|
* @nptr may be null, and no conversion is performed then.
|
|
|
|
*
|
|
|
|
* If no conversion is performed, store @nptr in *@endptr and return
|
|
|
|
* -EINVAL.
|
|
|
|
*
|
|
|
|
* If @endptr is null, and the string isn't fully converted, return
|
|
|
|
* -EINVAL. This is the case when the pointer that would be stored in
|
|
|
|
* a non-null @endptr points to a character other than '\0'.
|
|
|
|
*
|
|
|
|
* If the conversion overflows @result, store UINT_MAX in @result,
|
|
|
|
* and return -ERANGE.
|
|
|
|
*
|
|
|
|
* Else store the converted value in @result, and return zero.
|
|
|
|
*
|
|
|
|
* Note that a number with a leading minus sign gets converted without
|
|
|
|
* the minus sign, checked for overflow (see above), then negated (in
|
|
|
|
* @result's type). This is exactly how strtoul() works.
|
|
|
|
*/
|
|
|
|
int qemu_strtoui(const char *nptr, const char **endptr, int base,
|
|
|
|
unsigned int *result)
|
|
|
|
{
|
|
|
|
char *ep;
|
|
|
|
long long lresult;
|
|
|
|
|
2018-12-06 16:18:56 +01:00
|
|
|
assert((unsigned) base <= 36 && base != 1);
|
2017-12-22 13:46:23 +01:00
|
|
|
if (!nptr) {
|
|
|
|
if (endptr) {
|
|
|
|
*endptr = nptr;
|
|
|
|
}
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
|
|
|
errno = 0;
|
|
|
|
lresult = strtoull(nptr, &ep, base);
|
|
|
|
|
|
|
|
/* Windows returns 1 for negative out-of-range values. */
|
|
|
|
if (errno == ERANGE) {
|
|
|
|
*result = -1;
|
|
|
|
} else {
|
|
|
|
if (lresult > UINT_MAX) {
|
|
|
|
*result = UINT_MAX;
|
|
|
|
errno = ERANGE;
|
|
|
|
} else if (lresult < INT_MIN) {
|
|
|
|
*result = UINT_MAX;
|
|
|
|
errno = ERANGE;
|
|
|
|
} else {
|
|
|
|
*result = lresult;
|
|
|
|
}
|
|
|
|
}
|
2021-03-23 17:53:00 +01:00
|
|
|
return check_strtox_error(nptr, ep, endptr, lresult == 0, errno);
|
2017-12-22 13:46:23 +01:00
|
|
|
}
|
|
|
|
|
2015-07-20 01:02:17 +02:00
|
|
|
/**
|
2017-02-21 21:13:49 +01:00
|
|
|
* Convert string @nptr to a long integer, and store it in @result.
|
2015-07-20 01:02:17 +02:00
|
|
|
*
|
2017-02-21 21:13:49 +01:00
|
|
|
* This is a wrapper around strtol() that is harder to misuse.
|
|
|
|
* Semantics of @nptr, @endptr, @base match strtol() with differences
|
|
|
|
* noted below.
|
2015-07-20 01:02:17 +02:00
|
|
|
*
|
2017-02-21 21:13:49 +01:00
|
|
|
* @nptr may be null, and no conversion is performed then.
|
2015-07-20 01:02:17 +02:00
|
|
|
*
|
2017-02-21 21:13:49 +01:00
|
|
|
* If no conversion is performed, store @nptr in *@endptr and return
|
|
|
|
* -EINVAL.
|
2015-07-20 01:02:17 +02:00
|
|
|
*
|
2017-02-21 21:13:49 +01:00
|
|
|
* If @endptr is null, and the string isn't fully converted, return
|
|
|
|
* -EINVAL. This is the case when the pointer that would be stored in
|
|
|
|
* a non-null @endptr points to a character other than '\0'.
|
|
|
|
*
|
|
|
|
* If the conversion overflows @result, store LONG_MAX in @result,
|
|
|
|
* and return -ERANGE.
|
|
|
|
*
|
|
|
|
* If the conversion underflows @result, store LONG_MIN in @result,
|
|
|
|
* and return -ERANGE.
|
|
|
|
*
|
|
|
|
* Else store the converted value in @result, and return zero.
|
2015-07-20 01:02:17 +02:00
|
|
|
*/
|
|
|
|
int qemu_strtol(const char *nptr, const char **endptr, int base,
|
|
|
|
long *result)
|
|
|
|
{
|
2017-02-21 21:13:51 +01:00
|
|
|
char *ep;
|
2017-02-21 21:13:52 +01:00
|
|
|
|
2018-12-06 16:18:56 +01:00
|
|
|
assert((unsigned) base <= 36 && base != 1);
|
2015-07-20 01:02:17 +02:00
|
|
|
if (!nptr) {
|
|
|
|
if (endptr) {
|
|
|
|
*endptr = nptr;
|
|
|
|
}
|
2017-02-21 21:13:52 +01:00
|
|
|
return -EINVAL;
|
2015-07-20 01:02:17 +02:00
|
|
|
}
|
2017-02-21 21:13:52 +01:00
|
|
|
|
|
|
|
errno = 0;
|
|
|
|
*result = strtol(nptr, &ep, base);
|
2021-03-23 17:53:00 +01:00
|
|
|
return check_strtox_error(nptr, ep, endptr, *result == 0, errno);
|
2015-07-20 01:02:17 +02:00
|
|
|
}
|
2015-07-20 01:02:18 +02:00
|
|
|
|
|
|
|
/**
|
2017-02-21 21:13:49 +01:00
|
|
|
* Convert string @nptr to an unsigned long, and store it in @result.
|
|
|
|
*
|
|
|
|
* This is a wrapper around strtoul() that is harder to misuse.
|
|
|
|
* Semantics of @nptr, @endptr, @base match strtoul() with differences
|
|
|
|
* noted below.
|
|
|
|
*
|
|
|
|
* @nptr may be null, and no conversion is performed then.
|
|
|
|
*
|
|
|
|
* If no conversion is performed, store @nptr in *@endptr and return
|
|
|
|
* -EINVAL.
|
|
|
|
*
|
|
|
|
* If @endptr is null, and the string isn't fully converted, return
|
|
|
|
* -EINVAL. This is the case when the pointer that would be stored in
|
|
|
|
* a non-null @endptr points to a character other than '\0'.
|
2015-07-20 01:02:18 +02:00
|
|
|
*
|
2017-02-21 21:13:49 +01:00
|
|
|
* If the conversion overflows @result, store ULONG_MAX in @result,
|
|
|
|
* and return -ERANGE.
|
2015-07-20 01:02:18 +02:00
|
|
|
*
|
2017-02-21 21:13:49 +01:00
|
|
|
* Else store the converted value in @result, and return zero.
|
2015-07-20 01:02:18 +02:00
|
|
|
*
|
2017-02-21 21:13:49 +01:00
|
|
|
* Note that a number with a leading minus sign gets converted without
|
|
|
|
* the minus sign, checked for overflow (see above), then negated (in
|
|
|
|
* @result's type). This is exactly how strtoul() works.
|
2015-07-20 01:02:18 +02:00
|
|
|
*/
|
|
|
|
int qemu_strtoul(const char *nptr, const char **endptr, int base,
|
|
|
|
unsigned long *result)
|
|
|
|
{
|
2017-02-21 21:13:51 +01:00
|
|
|
char *ep;
|
2017-02-21 21:13:52 +01:00
|
|
|
|
2018-12-06 16:18:56 +01:00
|
|
|
assert((unsigned) base <= 36 && base != 1);
|
2015-07-20 01:02:18 +02:00
|
|
|
if (!nptr) {
|
|
|
|
if (endptr) {
|
|
|
|
*endptr = nptr;
|
|
|
|
}
|
2017-02-21 21:13:52 +01:00
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
|
|
|
errno = 0;
|
|
|
|
*result = strtoul(nptr, &ep, base);
|
|
|
|
/* Windows returns 1 for negative out-of-range values. */
|
|
|
|
if (errno == ERANGE) {
|
|
|
|
*result = -1;
|
2015-07-20 01:02:18 +02:00
|
|
|
}
|
2021-03-23 17:53:00 +01:00
|
|
|
return check_strtox_error(nptr, ep, endptr, *result == 0, errno);
|
2015-07-20 01:02:18 +02:00
|
|
|
}
|
|
|
|
|
2015-07-20 01:02:19 +02:00
|
|
|
/**
|
2017-02-21 21:13:49 +01:00
|
|
|
* Convert string @nptr to an int64_t.
|
2015-07-20 01:02:19 +02:00
|
|
|
*
|
2017-02-21 21:13:49 +01:00
|
|
|
* Works like qemu_strtol(), except it stores INT64_MAX on overflow,
|
2019-11-25 14:38:45 +01:00
|
|
|
* and INT64_MIN on underflow.
|
2015-07-20 01:02:19 +02:00
|
|
|
*/
|
2017-02-21 21:13:50 +01:00
|
|
|
int qemu_strtoi64(const char *nptr, const char **endptr, int base,
|
2015-07-20 01:02:19 +02:00
|
|
|
int64_t *result)
|
|
|
|
{
|
2017-02-21 21:13:51 +01:00
|
|
|
char *ep;
|
2017-02-21 21:13:52 +01:00
|
|
|
|
2018-12-06 16:18:56 +01:00
|
|
|
assert((unsigned) base <= 36 && base != 1);
|
2015-07-20 01:02:19 +02:00
|
|
|
if (!nptr) {
|
|
|
|
if (endptr) {
|
|
|
|
*endptr = nptr;
|
|
|
|
}
|
2017-02-21 21:13:52 +01:00
|
|
|
return -EINVAL;
|
2015-07-20 01:02:19 +02:00
|
|
|
}
|
2017-02-21 21:13:52 +01:00
|
|
|
|
2019-11-25 14:38:45 +01:00
|
|
|
/* This assumes int64_t is long long TODO relax */
|
|
|
|
QEMU_BUILD_BUG_ON(sizeof(int64_t) != sizeof(long long));
|
2017-02-21 21:13:52 +01:00
|
|
|
errno = 0;
|
|
|
|
*result = strtoll(nptr, &ep, base);
|
2021-03-23 17:53:00 +01:00
|
|
|
return check_strtox_error(nptr, ep, endptr, *result == 0, errno);
|
2015-07-20 01:02:19 +02:00
|
|
|
}
|
|
|
|
|
2015-07-20 01:02:20 +02:00
|
|
|
/**
|
2017-02-21 21:13:49 +01:00
|
|
|
* Convert string @nptr to an uint64_t.
|
2015-07-20 01:02:20 +02:00
|
|
|
*
|
2017-02-21 21:13:49 +01:00
|
|
|
* Works like qemu_strtoul(), except it stores UINT64_MAX on overflow.
|
2015-07-20 01:02:20 +02:00
|
|
|
*/
|
2017-02-21 21:13:50 +01:00
|
|
|
int qemu_strtou64(const char *nptr, const char **endptr, int base,
|
2015-07-20 01:02:20 +02:00
|
|
|
uint64_t *result)
|
|
|
|
{
|
2017-02-21 21:13:51 +01:00
|
|
|
char *ep;
|
2017-02-21 21:13:52 +01:00
|
|
|
|
2018-12-06 16:18:56 +01:00
|
|
|
assert((unsigned) base <= 36 && base != 1);
|
2015-07-20 01:02:20 +02:00
|
|
|
if (!nptr) {
|
|
|
|
if (endptr) {
|
|
|
|
*endptr = nptr;
|
|
|
|
}
|
2017-02-21 21:13:52 +01:00
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
2019-11-25 14:38:45 +01:00
|
|
|
/* This assumes uint64_t is unsigned long long TODO relax */
|
|
|
|
QEMU_BUILD_BUG_ON(sizeof(uint64_t) != sizeof(unsigned long long));
|
2017-02-21 21:13:52 +01:00
|
|
|
errno = 0;
|
|
|
|
*result = strtoull(nptr, &ep, base);
|
|
|
|
/* Windows returns 1 for negative out-of-range values. */
|
|
|
|
if (errno == ERANGE) {
|
|
|
|
*result = -1;
|
2015-07-20 01:02:20 +02:00
|
|
|
}
|
2021-03-23 17:53:00 +01:00
|
|
|
return check_strtox_error(nptr, ep, endptr, *result == 0, errno);
|
2015-07-20 01:02:20 +02:00
|
|
|
}
|
|
|
|
|
2018-11-21 17:44:13 +01:00
|
|
|
/**
|
|
|
|
* Convert string @nptr to a double.
|
|
|
|
*
|
|
|
|
* This is a wrapper around strtod() that is harder to misuse.
|
|
|
|
* Semantics of @nptr and @endptr match strtod() with differences
|
|
|
|
* noted below.
|
|
|
|
*
|
|
|
|
* @nptr may be null, and no conversion is performed then.
|
|
|
|
*
|
|
|
|
* If no conversion is performed, store @nptr in *@endptr and return
|
|
|
|
* -EINVAL.
|
|
|
|
*
|
|
|
|
* If @endptr is null, and the string isn't fully converted, return
|
|
|
|
* -EINVAL. This is the case when the pointer that would be stored in
|
|
|
|
* a non-null @endptr points to a character other than '\0'.
|
|
|
|
*
|
|
|
|
* If the conversion overflows, store +/-HUGE_VAL in @result, depending
|
|
|
|
* on the sign, and return -ERANGE.
|
|
|
|
*
|
|
|
|
* If the conversion underflows, store +/-0.0 in @result, depending on the
|
|
|
|
* sign, and return -ERANGE.
|
|
|
|
*
|
|
|
|
* Else store the converted value in @result, and return zero.
|
|
|
|
*/
|
|
|
|
int qemu_strtod(const char *nptr, const char **endptr, double *result)
|
|
|
|
{
|
|
|
|
char *ep;
|
|
|
|
|
|
|
|
if (!nptr) {
|
|
|
|
if (endptr) {
|
|
|
|
*endptr = nptr;
|
|
|
|
}
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
|
|
|
errno = 0;
|
|
|
|
*result = strtod(nptr, &ep);
|
2021-03-23 17:53:00 +01:00
|
|
|
return check_strtox_error(nptr, ep, endptr, false, errno);
|
2018-11-21 17:44:13 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Convert string @nptr to a finite double.
|
|
|
|
*
|
|
|
|
* Works like qemu_strtod(), except that "NaN" and "inf" are rejected
|
|
|
|
* with -EINVAL and no conversion is performed.
|
|
|
|
*/
|
|
|
|
int qemu_strtod_finite(const char *nptr, const char **endptr, double *result)
|
|
|
|
{
|
|
|
|
double tmp;
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
ret = qemu_strtod(nptr, endptr, &tmp);
|
|
|
|
if (!ret && !isfinite(tmp)) {
|
|
|
|
if (endptr) {
|
|
|
|
*endptr = nptr;
|
|
|
|
}
|
|
|
|
ret = -EINVAL;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (ret != -EINVAL) {
|
|
|
|
*result = tmp;
|
|
|
|
}
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2018-06-29 12:32:10 +02:00
|
|
|
/**
|
|
|
|
* Searches for the first occurrence of 'c' in 's', and returns a pointer
|
|
|
|
* to the trailing null byte if none was found.
|
|
|
|
*/
|
|
|
|
#ifndef HAVE_STRCHRNUL
|
|
|
|
const char *qemu_strchrnul(const char *s, int c)
|
|
|
|
{
|
|
|
|
const char *e = strchr(s, c);
|
|
|
|
if (!e) {
|
|
|
|
e = s + strlen(s);
|
|
|
|
}
|
|
|
|
return e;
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
|
2013-02-04 19:27:45 +01:00
|
|
|
/**
|
|
|
|
* parse_uint:
|
|
|
|
*
|
|
|
|
* @s: String to parse
|
|
|
|
* @value: Destination for parsed integer value
|
|
|
|
* @endptr: Destination for pointer to first character not consumed
|
|
|
|
* @base: integer base, between 2 and 36 inclusive, or 0
|
|
|
|
*
|
|
|
|
* Parse unsigned integer
|
|
|
|
*
|
|
|
|
* Parsed syntax is like strtoull()'s: arbitrary whitespace, a single optional
|
|
|
|
* '+' or '-', an optional "0x" if @base is 0 or 16, one or more digits.
|
|
|
|
*
|
|
|
|
* If @s is null, or @base is invalid, or @s doesn't start with an
|
|
|
|
* integer in the syntax above, set *@value to 0, *@endptr to @s, and
|
|
|
|
* return -EINVAL.
|
|
|
|
*
|
|
|
|
* Set *@endptr to point right beyond the parsed integer (even if the integer
|
|
|
|
* overflows or is negative, all digits will be parsed and *@endptr will
|
|
|
|
* point right beyond them).
|
|
|
|
*
|
|
|
|
* If the integer is negative, set *@value to 0, and return -ERANGE.
|
|
|
|
*
|
|
|
|
* If the integer overflows unsigned long long, set *@value to
|
|
|
|
* ULLONG_MAX, and return -ERANGE.
|
|
|
|
*
|
|
|
|
* Else, set *@value to the parsed integer, and return 0.
|
|
|
|
*/
|
|
|
|
int parse_uint(const char *s, unsigned long long *value, char **endptr,
|
|
|
|
int base)
|
|
|
|
{
|
|
|
|
int r = 0;
|
|
|
|
char *endp = (char *)s;
|
|
|
|
unsigned long long val = 0;
|
|
|
|
|
2018-12-06 16:18:56 +01:00
|
|
|
assert((unsigned) base <= 36 && base != 1);
|
2013-02-04 19:27:45 +01:00
|
|
|
if (!s) {
|
|
|
|
r = -EINVAL;
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
|
|
|
errno = 0;
|
|
|
|
val = strtoull(s, &endp, base);
|
|
|
|
if (errno) {
|
|
|
|
r = -errno;
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (endp == s) {
|
|
|
|
r = -EINVAL;
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* make sure we reject negative numbers: */
|
2019-05-14 20:03:11 +02:00
|
|
|
while (qemu_isspace(*s)) {
|
2013-02-04 19:27:45 +01:00
|
|
|
s++;
|
|
|
|
}
|
|
|
|
if (*s == '-') {
|
|
|
|
val = 0;
|
|
|
|
r = -ERANGE;
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
|
|
|
out:
|
|
|
|
*value = val;
|
|
|
|
*endptr = endp;
|
|
|
|
return r;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* parse_uint_full:
|
|
|
|
*
|
|
|
|
* @s: String to parse
|
|
|
|
* @value: Destination for parsed integer value
|
|
|
|
* @base: integer base, between 2 and 36 inclusive, or 0
|
|
|
|
*
|
|
|
|
* Parse unsigned integer from entire string
|
|
|
|
*
|
|
|
|
* Have the same behavior of parse_uint(), but with an additional check
|
|
|
|
* for additional data after the parsed number. If extra characters are present
|
|
|
|
* after the parsed number, the function will return -EINVAL, and *@v will
|
|
|
|
* be set to 0.
|
|
|
|
*/
|
|
|
|
int parse_uint_full(const char *s, unsigned long long *value, int base)
|
|
|
|
{
|
|
|
|
char *endp;
|
|
|
|
int r;
|
|
|
|
|
|
|
|
r = parse_uint(s, value, &endp, base);
|
|
|
|
if (r < 0) {
|
|
|
|
return r;
|
|
|
|
}
|
|
|
|
if (*endp) {
|
|
|
|
*value = 0;
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2011-09-28 12:41:32 +02:00
|
|
|
int qemu_parse_fd(const char *param)
|
|
|
|
{
|
2014-04-10 10:24:30 +02:00
|
|
|
long fd;
|
|
|
|
char *endptr;
|
2011-09-28 12:41:32 +02:00
|
|
|
|
2014-04-10 10:24:30 +02:00
|
|
|
errno = 0;
|
2011-09-28 12:41:32 +02:00
|
|
|
fd = strtol(param, &endptr, 10);
|
2014-04-10 10:24:30 +02:00
|
|
|
if (param == endptr /* no conversion performed */ ||
|
|
|
|
errno != 0 /* not representable as long; possibly others */ ||
|
|
|
|
*endptr != '\0' /* final string not empty */ ||
|
|
|
|
fd < 0 /* invalid as file descriptor */ ||
|
|
|
|
fd > INT_MAX /* not representable as int */) {
|
2011-09-28 12:41:32 +02:00
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
return fd;
|
|
|
|
}
|
2012-08-06 20:42:50 +02:00
|
|
|
|
2012-08-06 20:42:51 +02:00
|
|
|
/*
|
|
|
|
* Implementation of ULEB128 (http://en.wikipedia.org/wiki/LEB128)
|
|
|
|
* Input is limited to 14-bit numbers
|
|
|
|
*/
|
|
|
|
int uleb128_encode_small(uint8_t *out, uint32_t n)
|
|
|
|
{
|
|
|
|
g_assert(n <= 0x3fff);
|
|
|
|
if (n < 0x80) {
|
2019-06-10 05:08:51 +02:00
|
|
|
*out = n;
|
2012-08-06 20:42:51 +02:00
|
|
|
return 1;
|
|
|
|
} else {
|
|
|
|
*out++ = (n & 0x7f) | 0x80;
|
2019-06-10 05:08:51 +02:00
|
|
|
*out = n >> 7;
|
2012-08-06 20:42:51 +02:00
|
|
|
return 2;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
int uleb128_decode_small(const uint8_t *in, uint32_t *n)
|
|
|
|
{
|
|
|
|
if (!(*in & 0x80)) {
|
2019-06-10 05:08:51 +02:00
|
|
|
*n = *in;
|
2012-08-06 20:42:51 +02:00
|
|
|
return 1;
|
|
|
|
} else {
|
|
|
|
*n = *in++ & 0x7f;
|
|
|
|
/* we exceed 14 bit number */
|
|
|
|
if (*in & 0x80) {
|
|
|
|
return -1;
|
|
|
|
}
|
2019-06-10 05:08:51 +02:00
|
|
|
*n |= *in << 7;
|
2012-08-06 20:42:51 +02:00
|
|
|
return 2;
|
|
|
|
}
|
|
|
|
}
|
2013-03-04 17:41:28 +01:00
|
|
|
|
|
|
|
/*
|
|
|
|
* helper to parse debug environment variables
|
|
|
|
*/
|
|
|
|
int parse_debug_env(const char *name, int max, int initial)
|
|
|
|
{
|
|
|
|
char *debug_env = getenv(name);
|
|
|
|
char *inv = NULL;
|
2015-02-11 12:30:43 +01:00
|
|
|
long debug;
|
2013-03-04 17:41:28 +01:00
|
|
|
|
|
|
|
if (!debug_env) {
|
|
|
|
return initial;
|
|
|
|
}
|
2015-02-11 12:30:43 +01:00
|
|
|
errno = 0;
|
2013-03-04 17:41:28 +01:00
|
|
|
debug = strtol(debug_env, &inv, 10);
|
|
|
|
if (inv == debug_env) {
|
|
|
|
return initial;
|
|
|
|
}
|
2015-02-11 12:30:43 +01:00
|
|
|
if (debug < 0 || debug > max || errno != 0) {
|
2017-08-18 20:47:35 +02:00
|
|
|
warn_report("%s not in [0, %d]", name, max);
|
2013-03-04 17:41:28 +01:00
|
|
|
return initial;
|
|
|
|
}
|
|
|
|
return debug;
|
|
|
|
}
|
2014-03-11 00:42:26 +01:00
|
|
|
|
2022-05-25 15:38:48 +02:00
|
|
|
const char *si_prefix(unsigned int exp10)
|
|
|
|
{
|
|
|
|
static const char *prefixes[] = {
|
|
|
|
"a", "f", "p", "n", "u", "m", "", "K", "M", "G", "T", "P", "E"
|
|
|
|
};
|
|
|
|
|
|
|
|
exp10 += 18;
|
|
|
|
assert(exp10 % 3 == 0 && exp10 / 3 < ARRAY_SIZE(prefixes));
|
|
|
|
return prefixes[exp10 / 3];
|
|
|
|
}
|
|
|
|
|
|
|
|
const char *iec_binary_prefix(unsigned int exp2)
|
|
|
|
{
|
|
|
|
static const char *prefixes[] = { "", "Ki", "Mi", "Gi", "Ti", "Pi", "Ei" };
|
|
|
|
|
|
|
|
assert(exp2 % 10 == 0 && exp2 / 10 < ARRAY_SIZE(prefixes));
|
|
|
|
return prefixes[exp2 / 10];
|
|
|
|
}
|
|
|
|
|
2017-05-12 06:17:40 +02:00
|
|
|
/*
|
|
|
|
* Return human readable string for size @val.
|
|
|
|
* @val can be anything that uint64_t allows (no more than "16 EiB").
|
|
|
|
* Use IEC binary units like KiB, MiB, and so forth.
|
|
|
|
* Caller is responsible for passing it to g_free().
|
|
|
|
*/
|
|
|
|
char *size_to_str(uint64_t val)
|
|
|
|
{
|
2019-04-17 19:11:00 +02:00
|
|
|
uint64_t div;
|
2017-05-12 06:17:40 +02:00
|
|
|
int i;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* The exponent (returned in i) minus one gives us
|
|
|
|
* floor(log2(val * 1024 / 1000). The correction makes us
|
|
|
|
* switch to the higher power when the integer part is >= 1000.
|
|
|
|
* (see e41b509d68afb1f for more info)
|
|
|
|
*/
|
|
|
|
frexp(val / (1000.0 / 1024.0), &i);
|
2022-05-25 15:38:48 +02:00
|
|
|
i = (i - 1) / 10 * 10;
|
|
|
|
div = 1ULL << i;
|
2017-05-12 06:17:40 +02:00
|
|
|
|
2022-05-25 15:38:48 +02:00
|
|
|
return g_strdup_printf("%0.3g %sB", (double)val / div, iec_binary_prefix(i));
|
2017-05-12 06:17:40 +02:00
|
|
|
}
|
2018-09-07 08:44:33 +02:00
|
|
|
|
2020-10-12 11:57:44 +02:00
|
|
|
char *freq_to_str(uint64_t freq_hz)
|
|
|
|
{
|
|
|
|
double freq = freq_hz;
|
2022-05-25 15:38:48 +02:00
|
|
|
size_t exp10 = 0;
|
2020-10-12 11:57:44 +02:00
|
|
|
|
2020-11-17 13:56:32 +01:00
|
|
|
while (freq >= 1000.0) {
|
2020-10-12 11:57:44 +02:00
|
|
|
freq /= 1000.0;
|
2022-05-25 15:38:48 +02:00
|
|
|
exp10 += 3;
|
2020-10-12 11:57:44 +02:00
|
|
|
}
|
|
|
|
|
2022-05-25 15:38:48 +02:00
|
|
|
return g_strdup_printf("%0.3g %sHz", freq, si_prefix(exp10));
|
2020-10-12 11:57:44 +02:00
|
|
|
}
|
|
|
|
|
2018-09-07 08:44:33 +02:00
|
|
|
int qemu_pstrcmp0(const char **str1, const char **str2)
|
|
|
|
{
|
|
|
|
return g_strcmp0(*str1, *str2);
|
|
|
|
}
|
2020-08-18 11:55:47 +02:00
|
|
|
|
|
|
|
static inline bool starts_with_prefix(const char *dir)
|
|
|
|
{
|
|
|
|
size_t prefix_len = strlen(CONFIG_PREFIX);
|
|
|
|
return !memcmp(dir, CONFIG_PREFIX, prefix_len) &&
|
|
|
|
(!dir[prefix_len] || G_IS_DIR_SEPARATOR(dir[prefix_len]));
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Return the next path component in dir, and store its length in *p_len. */
|
|
|
|
static inline const char *next_component(const char *dir, int *p_len)
|
|
|
|
{
|
|
|
|
int len;
|
2021-02-08 21:57:52 +01:00
|
|
|
while ((*dir && G_IS_DIR_SEPARATOR(*dir)) ||
|
|
|
|
(*dir == '.' && (G_IS_DIR_SEPARATOR(dir[1]) || dir[1] == '\0'))) {
|
2020-08-18 11:55:47 +02:00
|
|
|
dir++;
|
|
|
|
}
|
|
|
|
len = 0;
|
|
|
|
while (dir[len] && !G_IS_DIR_SEPARATOR(dir[len])) {
|
|
|
|
len++;
|
|
|
|
}
|
|
|
|
*p_len = len;
|
|
|
|
return dir;
|
|
|
|
}
|
|
|
|
|
2022-05-25 16:41:26 +02:00
|
|
|
static const char *exec_dir;
|
|
|
|
|
|
|
|
void qemu_init_exec_dir(const char *argv0)
|
|
|
|
{
|
|
|
|
#ifdef G_OS_WIN32
|
|
|
|
char *p;
|
|
|
|
char buf[MAX_PATH];
|
|
|
|
DWORD len;
|
|
|
|
|
|
|
|
if (exec_dir) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
len = GetModuleFileName(NULL, buf, sizeof(buf) - 1);
|
|
|
|
if (len == 0) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
buf[len] = 0;
|
|
|
|
p = buf + len - 1;
|
|
|
|
while (p != buf && *p != '\\') {
|
|
|
|
p--;
|
|
|
|
}
|
|
|
|
*p = 0;
|
|
|
|
if (access(buf, R_OK) == 0) {
|
|
|
|
exec_dir = g_strdup(buf);
|
|
|
|
} else {
|
|
|
|
exec_dir = CONFIG_BINDIR;
|
|
|
|
}
|
|
|
|
#else
|
|
|
|
char *p = NULL;
|
|
|
|
char buf[PATH_MAX];
|
|
|
|
|
|
|
|
if (exec_dir) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
#if defined(__linux__)
|
|
|
|
{
|
|
|
|
int len;
|
|
|
|
len = readlink("/proc/self/exe", buf, sizeof(buf) - 1);
|
|
|
|
if (len > 0) {
|
|
|
|
buf[len] = 0;
|
|
|
|
p = buf;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
#elif defined(__FreeBSD__) \
|
|
|
|
|| (defined(__NetBSD__) && defined(KERN_PROC_PATHNAME))
|
|
|
|
{
|
|
|
|
#if defined(__FreeBSD__)
|
|
|
|
static int mib[4] = {CTL_KERN, KERN_PROC, KERN_PROC_PATHNAME, -1};
|
|
|
|
#else
|
|
|
|
static int mib[4] = {CTL_KERN, KERN_PROC_ARGS, -1, KERN_PROC_PATHNAME};
|
|
|
|
#endif
|
|
|
|
size_t len = sizeof(buf) - 1;
|
|
|
|
|
|
|
|
*buf = '\0';
|
|
|
|
if (!sysctl(mib, ARRAY_SIZE(mib), buf, &len, NULL, 0) &&
|
|
|
|
*buf) {
|
|
|
|
buf[sizeof(buf) - 1] = '\0';
|
|
|
|
p = buf;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
#elif defined(__APPLE__)
|
|
|
|
{
|
|
|
|
char fpath[PATH_MAX];
|
|
|
|
uint32_t len = sizeof(fpath);
|
|
|
|
if (_NSGetExecutablePath(fpath, &len) == 0) {
|
|
|
|
p = realpath(fpath, buf);
|
|
|
|
if (!p) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
#elif defined(__HAIKU__)
|
|
|
|
{
|
|
|
|
image_info ii;
|
|
|
|
int32_t c = 0;
|
|
|
|
|
|
|
|
*buf = '\0';
|
|
|
|
while (get_next_image_info(0, &c, &ii) == B_OK) {
|
|
|
|
if (ii.type == B_APP_IMAGE) {
|
|
|
|
strncpy(buf, ii.name, sizeof(buf));
|
|
|
|
buf[sizeof(buf) - 1] = 0;
|
|
|
|
p = buf;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
/* If we don't have any way of figuring out the actual executable
|
|
|
|
location then try argv[0]. */
|
|
|
|
if (!p && argv0) {
|
|
|
|
p = realpath(argv0, buf);
|
|
|
|
}
|
|
|
|
if (p) {
|
|
|
|
exec_dir = g_path_get_dirname(p);
|
|
|
|
} else {
|
|
|
|
exec_dir = CONFIG_BINDIR;
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
}
|
|
|
|
|
|
|
|
const char *qemu_get_exec_dir(void)
|
|
|
|
{
|
|
|
|
return exec_dir;
|
|
|
|
}
|
|
|
|
|
2020-08-18 11:55:47 +02:00
|
|
|
char *get_relocated_path(const char *dir)
|
|
|
|
{
|
|
|
|
size_t prefix_len = strlen(CONFIG_PREFIX);
|
|
|
|
const char *bindir = CONFIG_BINDIR;
|
|
|
|
const char *exec_dir = qemu_get_exec_dir();
|
|
|
|
GString *result;
|
|
|
|
int len_dir, len_bindir;
|
|
|
|
|
|
|
|
/* Fail if qemu_init_exec_dir was not called. */
|
|
|
|
assert(exec_dir[0]);
|
|
|
|
|
|
|
|
result = g_string_new(exec_dir);
|
2022-06-24 16:50:37 +02:00
|
|
|
g_string_append(result, "/qemu-bundle");
|
|
|
|
if (access(result->str, R_OK) == 0) {
|
|
|
|
#ifdef G_OS_WIN32
|
|
|
|
size_t size = mbsrtowcs(NULL, &dir, 0, &(mbstate_t){0}) + 1;
|
|
|
|
PWSTR wdir = g_new(WCHAR, size);
|
|
|
|
mbsrtowcs(wdir, &dir, size, &(mbstate_t){0});
|
|
|
|
|
|
|
|
PCWSTR wdir_skipped_root;
|
|
|
|
PathCchSkipRoot(wdir, &wdir_skipped_root);
|
|
|
|
|
|
|
|
size = wcsrtombs(NULL, &wdir_skipped_root, 0, &(mbstate_t){0});
|
|
|
|
char *cursor = result->str + result->len;
|
|
|
|
g_string_set_size(result, result->len + size);
|
|
|
|
wcsrtombs(cursor, &wdir_skipped_root, size + 1, &(mbstate_t){0});
|
|
|
|
g_free(wdir);
|
|
|
|
#else
|
|
|
|
g_string_append(result, dir);
|
|
|
|
#endif
|
|
|
|
} else if (!starts_with_prefix(dir) || !starts_with_prefix(bindir)) {
|
|
|
|
g_string_assign(result, dir);
|
|
|
|
} else {
|
|
|
|
g_string_assign(result, exec_dir);
|
|
|
|
|
|
|
|
/* Advance over common components. */
|
|
|
|
len_dir = len_bindir = prefix_len;
|
|
|
|
do {
|
|
|
|
dir += len_dir;
|
|
|
|
bindir += len_bindir;
|
|
|
|
dir = next_component(dir, &len_dir);
|
|
|
|
bindir = next_component(bindir, &len_bindir);
|
|
|
|
} while (len_dir && len_dir == len_bindir && !memcmp(dir, bindir, len_dir));
|
|
|
|
|
|
|
|
/* Ascend from bindir to the common prefix with dir. */
|
|
|
|
while (len_bindir) {
|
|
|
|
bindir += len_bindir;
|
|
|
|
g_string_append(result, "/..");
|
|
|
|
bindir = next_component(bindir, &len_bindir);
|
|
|
|
}
|
2020-08-18 11:55:47 +02:00
|
|
|
|
2022-06-24 16:50:37 +02:00
|
|
|
if (*dir) {
|
|
|
|
assert(G_IS_DIR_SEPARATOR(dir[-1]));
|
|
|
|
g_string_append(result, dir - 1);
|
|
|
|
}
|
2020-08-18 11:55:47 +02:00
|
|
|
}
|
|
|
|
|
2021-04-12 19:02:55 +02:00
|
|
|
return g_string_free(result, false);
|
2020-08-18 11:55:47 +02:00
|
|
|
}
|