Eliminate bundle_size parameter from validator interface.

src/trusted/validator/x86/ncval_seg_sfi/ncvalidate.c

 /*
  * Copyright (c) 2012 The Native Client Authors. All rights reserved.
  * Use of this source code is governed by a BSD-style license that can be
  * found in the LICENSE file.
  */
 
 /*
  * ncvalidate.c
  * Validate x86 instructions for Native Client
  *
@@ skipping 308 matching lines @@
 
 /* forward declarations, needed for registration */
 static Bool ValidateInst(const NCDecoderInst *dinst);
 static Bool ValidateInstReplacement(NCDecoderStatePair* tthis,
                                     NCDecoderInst *dinst_old,
                                     NCDecoderInst *dinst_new);
 static void NCJumpSummarize(struct NCValidatorState* vstate);
 
 struct NCValidatorState *NCValidateInit(const NaClPcAddress vbase,
                                         const NaClPcAddress codesize,
-                                        const uint8_t alignment,
                                         const int readonly_text,
                                         const NaClCPUFeaturesX86 *features) {
   struct NCValidatorState *vstate = NULL;
+  const int alignment = 32;
 
   dprint(("NCValidateInit(%"NACL_PRIxNaClPcAddressAll
           ", %"NACL_PRIxNaClMemorySizeAll", %08x)\n", vbase, codesize,
           alignment));
   do {
-    if (alignment != 16 && alignment != 32)
+    if (features == NULL)
       break;
     if ((vbase & (alignment - 1)) != 0)
       break;
-    if (features == NULL)
-      break;
     dprint(("ncv_init(%"NACL_PRIxNaClPcAddress", %"NACL_PRIxNaClMemorySize
             ")\n", vbase, codesize));
     vstate = (struct NCValidatorState *)calloc(1, sizeof(*vstate));
     if (vstate == NULL)
       break;
     /* Record default error reporter here, since we don't construct
      * the decoder state until the call to NCValidateSegment. This allows
      * us to update the error reporter in the decoder state properly.
      */
     vstate->dstate.error_reporter = &kNCNullErrorReporter;
     vstate->num_diagnostics = kMaxDiagnostics;
     vstate->iadrbase = vbase;
     vstate->codesize = codesize;
     vstate->alignment = alignment;
-    vstate->alignmask = alignment-1;
+    vstate->alignmask = alignment - 1;

[Karl, 2012/04/17 22:20:12]

Is this safe? alignment was uint8_t and now we are using an int.

[Nick Bray (chromium), 2012/04/17 22:42:02]

0 < alignment and alignmask < 128, cspec says signed/unsigned casts will
preserve values when possible.

I am not seeing what could break.  What worries you?

[Karl, 2012/04/17 22:48:01]

Just nervous in general when using implicit casting. Been burned too many times.

     vstate->vttable = (uint8_t *)calloc(NCIATOffset(codesize) + 1, 1);
     vstate->kttable = (uint8_t *)calloc(NCIATOffset(codesize) + 1, 1);
     vstate->pattern_nonfirst_insts_table = NULL;
     vstate->summarize_fn = NCJumpSummarize;
     vstate->do_stub_out = 0;
     vstate->readonly_text = readonly_text;
     if (vstate->vttable == NULL || vstate->kttable == NULL)
       break;
     dprint(("  allocated tables\n"));
     NCStatsInit(vstate);
@@ skipping 610 matching lines @@
     ValidatePrintOffsetError(0, "Bad text segment (zero size)", vstate);
     NCStatsSegFault(vstate);
     return;
   }
   NCValidateDStateInit(vstate, mbase, vbase, sz);
   NCDecoderStateDecode(&vstate->dstate);
   NCDecoderStateDestruct(&vstate->dstate);
 }
 
 int NCValidateSegmentPair(uint8_t *mbase_old, uint8_t *mbase_new,
-                          NaClPcAddress vbase, size_t sz, uint8_t alignment,
+                          NaClPcAddress vbase, size_t sz,
                           const NaClCPUFeaturesX86 *features) {
   /* TODO(karl): Refactor to use inheritance from NCDecoderStatePair? */
   NCDecoderStatePair pair;
   NCValidatorState* new_vstate;
   NCValidatorState* old_vstate;
 
   int result = 0;
 
   /* Verify that we actually have a segment to walk. */
   if (sz == 0) {
     printf("VALIDATOR: %"NACL_PRIxNaClPcAddress
            ": Bad text segment (zero size)\n", vbase);
     return 0;
   }
 
-  old_vstate = NCValidateInit(vbase, sz, alignment, FALSE, features);
+  old_vstate = NCValidateInit(vbase, sz, FALSE, features);
   if (old_vstate != NULL) {
     NCValidateDStateInit(old_vstate, mbase_old, vbase, sz);
-    new_vstate = NCValidateInit(vbase, sz, alignment, FALSE, features);
+    new_vstate = NCValidateInit(vbase, sz, FALSE, features);
     if (new_vstate != NULL) {
       NCValidateDStateInit(new_vstate, mbase_new, vbase, sz);
 
       NCDecoderStatePairConstruct(&pair,
                                   &old_vstate->dstate,
                                   &new_vstate->dstate);
       pair.action_fn = ValidateInstReplacement;
       if (NCDecoderStatePairDecode(&pair)) {
         result = 1;
       } else {
@@ skipping 35 matching lines @@
   }
 
   /* check basic block boundaries */
   for (offset = 0; offset < vstate->codesize; offset += vstate->alignment) {
     if (!NCGetAdrTable(offset, vstate->vttable)) {
       ValidatePrintOffsetError(offset, "Bad basic block alignment", vstate);
       NCStatsBadAlignment(vstate);
     }
   }
 }