Re: [PATCH 3/3] meson: Enable -Wvla

qemu-ppc

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 3/3] meson: Enable -Wvla

From:	Thomas Huth
Subject:	Re: [PATCH 3/3] meson: Enable -Wvla
Date:	Wed, 21 Feb 2024 18:48:59 +0100
User-agent:	Mozilla Thunderbird

On 21/02/2024 17.59, Thomas Huth wrote:

On 21/02/2024 17.26, Thomas Huth wrote:

From: Peter Maydell <peter.maydell@linaro.org>

QEMU has historically used variable length arrays only very rarely.
Variable length arrays are a potential security issue where an
on-stack dynamic allocation isn't correctly size-checked, especially
when the size comes from the guest.  (An example problem of this kind
from the past is CVE-2021-3527).  Forbidding them entirely is a
defensive measure against further bugs of this kind.

Enable -Wvla to prevent any new uses from sneaking into the codebase.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-ID: <20240125173211.1786196-3-peter.maydell@linaro.org>
[thuth: rebased to current master branch]
Signed-off-by: Thomas Huth <thuth@redhat.com>
---
  meson.build | 1 +
  1 file changed, 1 insertion(+)

diff --git a/meson.build b/meson.build
index c1dc83e4c0..0ef1654e86 100644
--- a/meson.build
+++ b/meson.build
@@ -592,6 +592,7 @@ warn_flags = [
    '-Wstrict-prototypes',
    '-Wtype-limits',
    '-Wundef',
+  '-Wvla',
    '-Wwrite-strings',
    # Then disable some undesirable warnings


Sigh, there's a new warning in the latest master branch:

  https://gitlab.com/thuth/qemu/-/jobs/6225992174

Caused by commit d65aba828 ("hw/sparc/leon3: implement multiprocessor")...

Clément, Philippe, could this maybe be written in a different way that doesnot trigger a -Wvla warning?

I think the DO_UPCAST is wrong here - if I got that right, DO_UPCAST issupposed to check that the second parameter is at the same location as thefirst type later points to. This is not the case here. I think we ratherwant container_of() here, so this patch is likely a simple fix:


diff --git a/hw/sparc/leon3.c b/hw/sparc/leon3.c
--- a/hw/sparc/leon3.c
+++ b/hw/sparc/leon3.c
@@ -150,7 +150,7 @@ static void leon3_cpu_reset(void *opaque)
 {
     struct CPUResetData *info = (struct CPUResetData *) opaque;
     int id = info->id;
-    ResetData *s = (ResetData *)DO_UPCAST(ResetData, info[id], info);
+    ResetData *s = container_of(info, ResetData, info[id]);
     CPUState *cpu = CPU(s->info[id].cpu);
     CPUSPARCState *env = cpu_env(cpu);

I can send it as a proper patch, too.

 Thomas

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH 1/3] target/ppc/kvm: Replace variable length array in kvmppc_save_htab(), (continued)
- [PATCH 1/3] target/ppc/kvm: Replace variable length array in kvmppc_save_htab(), Thomas Huth, 2024/02/21
  - Re: [PATCH 1/3] target/ppc/kvm: Replace variable length array in kvmppc_save_htab(), Peter Maydell, 2024/02/21
    - Re: [PATCH 1/3] target/ppc/kvm: Replace variable length array in kvmppc_save_htab(), Thomas Huth, 2024/02/21
- [PATCH 2/3] target/ppc/kvm: Replace variable length array in kvmppc_read_hptes(), Thomas Huth, 2024/02/21
  - Re: [PATCH 2/3] target/ppc/kvm: Replace variable length array in kvmppc_read_hptes(), Peter Maydell, 2024/02/21
- [PATCH 3/3] meson: Enable -Wvla, Thomas Huth, 2024/02/21
  - Re: [PATCH 3/3] meson: Enable -Wvla, Thomas Huth, 2024/02/21
    - Re: [PATCH 3/3] meson: Enable -Wvla, Philippe Mathieu-Daudé, 2024/02/21
    - Re: [PATCH 3/3] meson: Enable -Wvla, Philippe Mathieu-Daudé, 2024/02/21
    - Re: [PATCH 3/3] meson: Enable -Wvla, Clément Chigot, 2024/02/22
    - Re: [PATCH 3/3] meson: Enable -Wvla, Thomas Huth <=

Prev by Date: Re: [PATCH 3/3] meson: Enable -Wvla
Next by Date: Re: [PATCH v3 0/4] hw/pci-host: Build ppc4xx_pci.c/ppc440_pcix.c once
Previous by thread: Re: [PATCH 3/3] meson: Enable -Wvla
Next by thread: [PULL 00/25] Misc HW patches for 2024-02-21
Index(es):
- Date
- Thread