![[BACK]](/icons/back.gif){kind=icon}
Up to [cvs.NetBSD.org] / src / usr.bin / vndcompress
Request diff between arbitrary revisions
Default branch: MAIN
Current tag: MAIN
Revision 1.14 / (download) - annotate - [select for diffs], Sat Jul 29 21:04:07 2017 UTC (6 years, 8 months ago) by riastradh
Branch: MAIN
CVS Tags: phil-wifi-base,
phil-wifi-20200421,
phil-wifi-20200411,
phil-wifi-20200406,
phil-wifi-20191119,
phil-wifi-20190609,
phil-wifi,
pgoyette-compat-merge-20190127,
pgoyette-compat-base,
pgoyette-compat-20190127,
pgoyette-compat-20190118,
pgoyette-compat-1226,
pgoyette-compat-1126,
pgoyette-compat-1020,
pgoyette-compat-0930,
pgoyette-compat-0906,
pgoyette-compat-0728,
pgoyette-compat-0625,
pgoyette-compat-0521,
pgoyette-compat-0502,
pgoyette-compat-0422,
pgoyette-compat-0415,
pgoyette-compat-0407,
pgoyette-compat-0330,
pgoyette-compat-0322,
pgoyette-compat-0315,
pgoyette-compat,
netbsd-9-base,
netbsd-9-3-RELEASE,
netbsd-9-2-RELEASE,
netbsd-9-1-RELEASE,
netbsd-9-0-RELEASE,
netbsd-9-0-RC2,
netbsd-9-0-RC1,
netbsd-9,
netbsd-10-base,
netbsd-10-0-RELEASE,
netbsd-10-0-RC6,
netbsd-10-0-RC5,
netbsd-10-0-RC4,
netbsd-10-0-RC3,
netbsd-10-0-RC2,
netbsd-10-0-RC1,
netbsd-10,
is-mlppp-base,
is-mlppp,
cjep_sun2x-base1,
cjep_sun2x-base,
cjep_sun2x,
cjep_staticlib_x-base1,
cjep_staticlib_x-base,
cjep_staticlib_x,
HEAD
Changes since 1.13: +7 -7
lines
Diff to previous 1.13 (colored)
Clarify compile-time and run-time arithmetic safety assertions.
This is an experiment with a handful of macros for writing the
checks, most of which are compile-time:
MUL_OK(t, a, b) Does a*b avoid overflow in type t?
ADD_OK(t, a, b) Does a + b avoid overflow in type t?
TOOMANY(t, x, b, m) Are there more than m b-element blocks in x in type t?
(I.e., does ceiling(x/b) > m?)
Addenda that might make sense but are not needed here:
MUL(t, a, b, &p) Set p = a*b and return 0, or return ERANGE if overflow.
ADD(t, a, b, &s) Set s = a+b and return 0, or return ERANGE if overflow.
Example:
uint32_t a = ..., b = ..., y = ..., z = ..., x, w;
/* input validation */
error = MUL(size_t, a, b, &x);
if (error)
fail;
if (TOOMANY(uint32_t, x, BLKSIZ, MAX_NBLK))
fail;
y = HOWMANY(x, BLKSIZ);
if (z > Z_MAX)
fail;
...
/* internal computation */
__CTASSERT(MUL_OK(uint32_t, Z_MAX, MAX_NBLK));
w = z*y;
Obvious shortcomings:
1. Nothing checks your ctassert matches your subsequent arithmetic.
(Maybe we could have BOUNDED_MUL(t, x, xmax, y, ymax) with a
ctassert inside.)
2. Nothing flows the bounds needed by the arithmetic you use back
into candidate definitions of X_MAX/Y_MAX.
But at least the reviewer's job is only to make sure that (a) the
MUL_OK matches the *, and (b) the bounds in the assertion match the
bounds on the inputs -- in particular, the reviewer need not derive
the bounds from the context, only confirm they are supported by the
paths to it.
This is not meant to be a general-purpose proof assistant, or even a
special-purpose one like gfverif <http://gfverif.cryptojedi.org/>.
Rather, it is an experiment in adding a modicum of compile-time
verification with a simple C API change.
This also is not intended to serve as trapping arithmetic on
overflow. The goal here is to enable writing the program with
explicit checks on input and compile-time annotations on computation
to gain confident that overflow won't happen in the computation.
Revision 1.13 / (download) - annotate - [select for diffs], Mon Apr 17 00:03:33 2017 UTC (7 years ago) by riastradh
Branch: MAIN
CVS Tags: prg-localcount2-base3,
prg-localcount2-base2,
prg-localcount2-base1,
prg-localcount2-base,
prg-localcount2,
pgoyette-localcount-20170426,
perseant-stdc-iso10646-base,
perseant-stdc-iso10646,
netbsd-8-base,
netbsd-8-2-RELEASE,
netbsd-8-1-RELEASE,
netbsd-8-1-RC1,
netbsd-8-0-RELEASE,
netbsd-8-0-RC2,
netbsd-8-0-RC1,
netbsd-8,
matt-nb8-mediatek-base,
matt-nb8-mediatek,
bouyer-socketcan-base1
Changes since 1.12: +2 -3
lines
Diff to previous 1.12 (colored)
Omit needless XXX comment.
Revision 1.12 / (download) - annotate - [select for diffs], Sun Apr 16 23:50:40 2017 UTC (7 years ago) by riastradh
Branch: MAIN
Changes since 1.11: +3 -2
lines
Diff to previous 1.11 (colored)
Justify the last unjustified assertion here. Sprinkle a few more assertions to help along the way. (Actually, it was justified; I just hadn't made explicit the relation to the value of fdpos that all two callers specify.)
Revision 1.11 / (download) - annotate - [select for diffs], Sat Jan 25 15:31:06 2014 UTC (10 years, 2 months ago) by riastradh
Branch: MAIN
CVS Tags: yamt-pagecache-base9,
tls-maxphys-base,
tls-earlyentropy-base,
tls-earlyentropy,
riastradh-xf86-video-intel-2-7-1-pre-2-21-15,
riastradh-drm2-base3,
pgoyette-localcount-base,
pgoyette-localcount-20170320,
pgoyette-localcount-20170107,
pgoyette-localcount-20161104,
pgoyette-localcount-20160806,
pgoyette-localcount-20160726,
netbsd-7-nhusb-base-20170116,
netbsd-7-nhusb-base,
netbsd-7-nhusb,
netbsd-7-base,
netbsd-7-2-RELEASE,
netbsd-7-1-RELEASE,
netbsd-7-1-RC2,
netbsd-7-1-RC1,
netbsd-7-1-2-RELEASE,
netbsd-7-1-1-RELEASE,
netbsd-7-1,
netbsd-7-0-RELEASE,
netbsd-7-0-RC3,
netbsd-7-0-RC2,
netbsd-7-0-RC1,
netbsd-7-0-2-RELEASE,
netbsd-7-0-1-RELEASE,
netbsd-7-0,
netbsd-7,
localcount-20160914,
bouyer-socketcan-base
Branch point for: yamt-pagecache,
pgoyette-localcount,
netbsd-6,
bouyer-socketcan
Changes since 1.10: +4 -3
lines
Diff to previous 1.10 (colored)
Fix some more integer overflow/truncation issues. Arithmetic in C is hard. Let's go shopping!
Revision 1.10 / (download) - annotate - [select for diffs], Wed Jan 22 06:18:00 2014 UTC (10 years, 2 months ago) by riastradh
Branch: MAIN
Changes since 1.9: +13 -3
lines
Diff to previous 1.9 (colored)
Change vndcompress to use a default window size of 512. For vnduncompress on nonseekable input, the window size is as large as it needs to be by default, as before. Not clear that this is the right choice -- by default vnduncompress on nonseekable input will just use unbounded memory unsolicited.
Revision 1.9 / (download) - annotate - [select for diffs], Wed Jan 22 06:17:34 2014 UTC (10 years, 2 months ago) by riastradh
Branch: MAIN
Changes since 1.8: +22 -19
lines
Diff to previous 1.8 (colored)
Move err1 & errx1 to the end of vnduncompress.c; add __printflike.
Revision 1.8 / (download) - annotate - [select for diffs], Wed Jan 22 06:15:57 2014 UTC (10 years, 2 months ago) by riastradh
Branch: MAIN
Changes since 1.7: +15 -2
lines
Diff to previous 1.7 (colored)
Add option -w to vnd(un)compress to specify the window size.
Revision 1.7 / (download) - annotate - [select for diffs], Wed Jan 22 06:15:22 2014 UTC (10 years, 2 months ago) by riastradh
Branch: MAIN
Changes since 1.6: +2 -1
lines
Diff to previous 1.6 (colored)
Implement machinery for fixed-size windows into the offset table.
Revision 1.6 / (download) - annotate - [select for diffs], Wed Jan 22 06:15:12 2014 UTC (10 years, 2 months ago) by riastradh
Branch: MAIN
Changes since 1.5: +6 -4
lines
Diff to previous 1.5 (colored)
Write offsets in hexadecimal, not decimal.
Revision 1.5 / (download) - annotate - [select for diffs], Wed Jan 22 06:14:46 2014 UTC (10 years, 2 months ago) by riastradh
Branch: MAIN
Changes since 1.4: +34 -20
lines
Diff to previous 1.4 (colored)
Abstract handling of the cloop2 offset table. Preparation for converting it to use a fixed-size window.
Revision 1.4 / (download) - annotate - [select for diffs], Wed Jan 22 06:14:28 2014 UTC (10 years, 2 months ago) by riastradh
Branch: MAIN
Changes since 1.3: +5 -3
lines
Diff to previous 1.3 (colored)
Use read_block instead of read in vnduncompress.
Revision 1.3 / (download) - annotate - [select for diffs], Wed Jan 22 06:14:03 2014 UTC (10 years, 2 months ago) by riastradh
Branch: MAIN
Changes since 1.2: +4 -2
lines
Diff to previous 1.2 (colored)
Fail if malloc can't allocate offset table.
Revision 1.2 / (download) - annotate - [select for diffs], Mon May 6 22:53:24 2013 UTC (10 years, 11 months ago) by riastradh
Branch: MAIN
CVS Tags: riastradh-drm2-base2,
riastradh-drm2-base1,
riastradh-drm2-base,
riastradh-drm2
Branch point for: tls-maxphys
Changes since 1.1: +10 -8
lines
Diff to previous 1.1 (colored)
Make partial read/write error messages more consistent in vndcompress.
Revision 1.1 / (download) - annotate - [select for diffs], Fri May 3 23:28:15 2013 UTC (10 years, 11 months ago) by riastradh
Branch: MAIN
Rewrite vndcompress to support SIGINFO and restart after interrupt. Make it generally more robust in the process. No objection (or comment) on tech-userlevel. ok christos