13 Commits

Author SHA1 Message Date
Jeff Epler
238e121236 protocols: Allow them to be (optionally) type-safe
Protocols are nice, but there is no way for C code to verify whether
a type's "protocol" structure actually implements some particular
protocol.  As a result, you can pass an object that implements the
"vfs" protocol to one that expects the "stream" protocol, and the
opposite of awesomeness ensues.

This patch adds an OPTIONAL (but enabled by default) protocol identifier
as the first member of any protocol structure.  This identifier is
simply a unique QSTR chosen by the protocol designer and used by each
protocol implementer.  When checking for protocol support, instead of
just checking whether the object's type has a non-NULL protocol field,
use `mp_proto_get` which implements the protocol check when possible.

The existing protocols are now named:
    protocol_framebuf
    protocol_i2c
    protocol_pin
    protocol_stream
    protocol_spi
    protocol_vfs
(most of these are unused in CP and are just inherited from MP; vfs and
stream are definitely used though)

I did not find any crashing examples, but here's one to give a flavor of what
is improved, using `micropython_coverage`.  Before the change,
the vfs "ioctl" protocol is invoked, and the result is not intelligible
as json (but it could have resulted in a hard fault, potentially):

    >>> import uos, ujson
    >>> u = uos.VfsPosix('/tmp')
    >>> ujson.load(u)
    Traceback (most recent call last):
      File "<stdin>", line 1, in <module>
    ValueError: syntax error in JSON

After the change, the vfs object is correctly detected as not supporting
the stream protocol:
    >>> ujson.load(p)
    Traceback (most recent call last):
      File "<stdin>", line 1, in <module>
    OSError: stream operation not supported
2019-12-04 09:29:57 -06:00
Dan Halbert
f48b70050e merge finished 2018-07-28 13:29:47 -04:00
Damien George
a5f5552a0a tests/unix/extra_coverage: Don't test stream objs with NULL write fun.
This behaviour of a NULL write C method on a stream that uses the write
adaptor objects is no longer supported.  It was only ever used by the
coverage build for testing the fail path of mp_get_stream_raise().
2018-06-18 12:35:56 +10:00
Damien George
0b88a9f02e unix/coverage: Allow coverage tests to pass with debugging disabled. 2018-03-08 12:49:31 +11:00
Damien George
c607b58efe tests: Move heap-realloc-while-locked test from C to Python.
This test for calling gc_realloc() while the GC is locked can be done in
pure Python, so better to do it that way since it can then be tested on
more ports.
2018-03-02 10:59:09 +11:00
Damien George
c3f1b22338 tests/unix: Add coverage tests for various GC calls. 2018-03-01 22:49:15 +11:00
Damien George
d3cac18d49 tests/unix: Add coverage test for VM executing invalid bytecode. 2018-02-27 16:18:11 +11:00
Damien George
62be14d77c tests/unix: Add coverage tests for mpz_set_from_float, mpz_mul_inpl.
These new tests cover cases that can't be reached from Python and get
coverage of py/mpz.c to 100%.

These "unreachable from Python" pieces of code could be removed but they
form an integral part of the mpz C API and may be useful for non-Python
usage of mpz.
2018-02-25 23:43:16 +11:00
Damien George
923ebe767d tests/unix: Add coverage test for calling mp_obj_new_bytearray. 2018-02-08 11:14:30 +11:00
Damien George
e800e4463d tests/unix: Add test for printf with %lx format. 2017-12-19 15:01:17 +11:00
Damien George
4601759bf5 py/objstr: Remove "make_qstr_if_not_already" arg from mp_obj_new_str.
This patch simplifies the str creation API to favour the common case of
creating a str object that is not forced to be interned.  To force
interning of a new str the new mp_obj_new_str_via_qstr function is added,
and should only be used if warranted.

Apart from simplifying the mp_obj_new_str function (and making it have the
same signature as mp_obj_new_bytes), this patch also reduces code size by a
bit (-16 bytes for bare-arm and roughly -40 bytes on the bare-metal archs).
2017-11-16 13:17:51 +11:00
Damien George
ede8a0235b py/vstr: Raise a RuntimeError if fixed vstr buffer overflows.
Current users of fixed vstr buffers (building file paths) assume that there
is no overflow and do not check for overflow after building the vstr.  This
has the potential to lead to NULL pointer dereferences
(when vstr_null_terminated_str returns NULL because it can't allocate RAM
for the terminating byte) and stat'ing and loading invalid path names (due
to the path being truncated).  The safest and simplest thing to do in these
cases is just raise an exception if a write goes beyond the end of a fixed
vstr buffer, which is what this patch does.  It also simplifies the vstr
code.
2017-09-21 20:29:41 +10:00
Damien George
01dd7804b8 ports: Make new ports/ sub-directory and move all ports there.
This is to keep the top-level directory clean, to make it clear what is
core and what is a port, and to allow the repository to grow with new ports
in a sustainable way.
2017-09-06 13:40:51 +10:00