• Iustin Pop's avatar
    Introduce a micro type system for opcodes · 3636400f
    Iustin Pop authored
    Currently, we have one structual validation for opcode attributes: the
    _OP_REQP, which checks that a given attribute is not 'None', and the
    rest of the checks are done at runtime. This means our type system has
    two types: None versus Not-None.
    We have been hit many times by small, trivial bugs in this area, and
    only a huge amount of unittest and/or hand-written checks would ensure
    that we cover all possibilities. This patch attempts to redress the
    needs for manual checks by introducing a micro-type system for the
    validation of the opcode attributes. What we lose, from the start, are
    the custom error messages (e.g. "Invalid reboot mode, choose one of …",
    or "The disk index must be a positive integer"). What we gain is the
    ability to express easily things as:
    - this parameter must be None or an int
    - this parameter must be a non-empty list
    - this parameter must be either none or a list of dictionaries with keys
      from the list of valid hypervisors and the values dictionaries with
      keys strings and values either None or strings; furthermore, the list
      must be non-empty
    These examples show that we have a composable (as opposed to just a few
    static types) system, and that we can nest it a few times (just for
    sanity; we could nest it up to stack depth).
    We also gain lots of ))))))), which is not that nice :)
    The current patch moves the existing _OP_REQP to the new framework, but
    if accepted, a lot more validations should move to it. In the end, we
    definitely should declare a type for all the opcode parameters
    (eventually moving _OP_REQP directly to opcodes.py and validating in the
    load/init case, and build __slots__ from it).
    Signed-off-by: default avatarIustin Pop <iustin@google.com>
    Reviewed-by: default avatarGuido Trotter <ultrotter@google.com>