From: Eric Blake Date: Thu, 30 Jul 2015 23:07:17 +0000 (-0600) Subject: qapi: Document shortcoming with union 'data' branch X-Git-Url: http://git.maquefel.me/?a=commitdiff_plain;h=ca56a822dd538017715345cbbe1f8829e0cc2742;p=qemu.git qapi: Document shortcoming with union 'data' branch Add a FIXME to remind us to fully audit whether removing the 'void *data' branch of each qapi union type can be done safely. Signed-off-by: Eric Blake Message-Id: <1438297637-26789-1-git-send-email-eblake@redhat.com> Signed-off-by: Markus Armbruster --- diff --git a/scripts/qapi-types.py b/scripts/qapi-types.py index 82141cdec3..8444f9836a 100644 --- a/scripts/qapi-types.py +++ b/scripts/qapi-types.py @@ -219,6 +219,14 @@ struct %(name)s ''', discriminator_type_name=c_name(discriminator_type_name)) + # FIXME: What purpose does data serve, besides preventing a union that + # has a branch named 'data'? We use it in qapi-visit.py to decide + # whether to bypass the switch statement if visiting the discriminator + # failed; but since we 0-initialize structs, and cannot tell what + # branch of the union is in use if the discriminator is invalid, there + # should not be any data leaks even without a data pointer. Or, if + # 'data' is merely added to guarantee we don't have an empty union, + # shouldn't we enforce that at .json parse time? ret += mcgen(''' union { /* union tag is @%(c_name)s */ void *data;