From patchwork Thu Feb 15 17:57:12 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= X-Patchwork-Id: 772997 Delivered-To: patch@linaro.org Received: by 2002:adf:9dc2:0:b0:33b:4db1:f5b3 with SMTP id q2csp968899wre; Thu, 15 Feb 2024 10:08:25 -0800 (PST) X-Forwarded-Encrypted: i=2; AJvYcCXAalEjHuv57m4TMOElQxvVA5agGPCqwVKmBx4s9OxVdu8O6BIAEepp4VxROmuYBmgN76hL9fscD8Ya7EArUItt X-Google-Smtp-Source: AGHT+IFO8UhBCH1zhp3hR/5loxan+M0fMPxj7uCxM8bxjYxZhjTAWQMyPJWsD+hUJBqe/hsJv8Kw X-Received: by 2002:ac8:5a86:0:b0:42d:c831:6a3f with SMTP id c6-20020ac85a86000000b0042dc8316a3fmr3245619qtc.26.1708020505240; Thu, 15 Feb 2024 10:08:25 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1708020505; cv=none; d=google.com; s=arc-20160816; b=R1cDNUbOtCO5rPdmG8zWlLP9KvpQDn7+uOTjPq1Y5HHixbCXXGuIGwjiFyferZBQIi Jh+BuaOQ3XC2T1NWXH7gvsT2eHBExWAbWk+phlNAtEGDs23SO/cFenGkzO9jgY3gADo7 geW95DeU2mMJvqqRZoHxSPZVDZWvM/6RHq71HalBFpZSYWV18+wtTQ3+p496abHL4oAl EAdINjeNkOGSj5M4Lk49n9aUb9rbCZwo9aGRpZP6FRXBSXAHJRoS/dFaKPH4ciDMxohx UKIPp34dHJRexAC4LgL4taaHbX02nA05iFTurUQfeHZEadG9zNr1LptwymE963qwJqIX xTPA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=KrDWAyGRgS7V1HXGadIwipz2b43fHU+C3C1ocsMbGSU=; fh=79jo8uS4F5heQbBnxscZE6Qo9A1nC2fFGGPXbDqkpMA=; b=Kxjs/cp8z8ASC3JbeEWKinK/x7D2mAva0HQRX8uwxI67G8+1FZs0p82polkdTEdaE9 M4SyzWJt0DIU/jq8oWmF3gIjpXRsRRB8Tjeu6+jaD59LBIhEXVQk2SvNHWjmMg3YMyzk Y3sIN5q7Y7FYlWl8GmjxXioBcirNx38vLmdgdoPec8ukdx8PirZXRgVx5goAScsWRSZW zmlMs/FJscq59O1WO/nK6gd2Cuhw04BUMjwvn+3Ci/GL54XUPzh8+CbxsCMLEUbTtymQ XM2SrKK0sErOU6wtYDI0m6YXbDmeGsxVC3ckG5RfBM0zVsTwePxA0jXL4Ni+Ry0Y7B46 M/hQ==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=eSLdhUi4; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id m14-20020ac866ce000000b0042c5fb0e278si1866440qtp.597.2024.02.15.10.08.25 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Thu, 15 Feb 2024 10:08:25 -0800 (PST) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=eSLdhUi4; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rag1m-00079Y-9U; Thu, 15 Feb 2024 13:00:06 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rag1i-0006pZ-Cx for qemu-devel@nongnu.org; Thu, 15 Feb 2024 13:00:02 -0500 Received: from mail-wm1-x32d.google.com ([2a00:1450:4864:20::32d]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1rag1e-0001tC-Gm for qemu-devel@nongnu.org; Thu, 15 Feb 2024 13:00:01 -0500 Received: by mail-wm1-x32d.google.com with SMTP id 5b1f17b1804b1-412345cca4eso1641045e9.2 for ; Thu, 15 Feb 2024 09:59:54 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1708019992; x=1708624792; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=KrDWAyGRgS7V1HXGadIwipz2b43fHU+C3C1ocsMbGSU=; b=eSLdhUi4QXO3Q4APHbiB67wLcgis0wcTKvILLJ6Aw1XL43jad83bipoBhnWZaakNxK InhpHO0sXjpyZIAMIPcNbX3dQxzitCiveCWYq/96L1aHH3N/rwkUbvwEavL13a8P+Y5q bxBDw4Tvw05plZ0t+vfnPbx7lm1XfWS+qFxYBLy4ARdO1Q8yRLtE3ZaVJwTSX8156sk9 AHXJjXWkashzsb5nsjSVvCqdxjsqA0ePxiD5hXORPJZjGoDoMlT2G371BoRzI3jbAbaX GpkPeNRvAM5LGvIC9x+FPCbskY+pxFmuzEwHzkt4rZiiyGK411jXS5lmei5Bp4tal3Hp +RDQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708019992; x=1708624792; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=KrDWAyGRgS7V1HXGadIwipz2b43fHU+C3C1ocsMbGSU=; b=r6M+HJSUDcKxlvpAreGwXyssoEvhsMAqlpJLAS5H5pcFMYAPc1CczkP585ddc6gWdV sR0l0p2DpnQjTbn0QvVvJKq51kOec3VWUQ6lUHKif2CRP4NKJ7ytW3a/nbrWElsYEI5M ZT0BaZ8vVaf+gt6eJ7r/LzPm0/+i8UUBL09EJZzW4M3FUqxiH02V5q9RoBFINix7Trf5 YGZAQuGvC3McFDF97kDjh5B5rGzp+5vUeQmKnpGAn3DANtTatfWFYvZPOxc2UjfIObm7 4u9NNNMppLd5jubVlXtn7IzlhYUgDJQNT+fnsIWBROvj7j7ceSSliod0NJhx7yRHYD6Y NqYw== X-Gm-Message-State: AOJu0Yw0RMAU2cFx3eLEu/PFY1L8vS+2eNu5vI4iyzwex2LZ7wSz/uQG KgU3tQR+fGh+WuSqTib9BD9HGL8uet5Vz8Rw5X0rJ+Yso5A2QPCZ+Pf20zC7BG2G5/i6Cs3yLCn B3BA= X-Received: by 2002:a05:600c:91a:b0:40e:f46d:ad35 with SMTP id m26-20020a05600c091a00b0040ef46dad35mr2161791wmp.36.1708019992628; Thu, 15 Feb 2024 09:59:52 -0800 (PST) Received: from m1x-phil.lan ([176.187.193.50]) by smtp.gmail.com with ESMTPSA id z11-20020a7bc7cb000000b00411b7c91470sm5630301wmk.12.2024.02.15.09.59.50 (version=TLS1_3 cipher=TLS_CHACHA20_POLY1305_SHA256 bits=256/256); Thu, 15 Feb 2024 09:59:52 -0800 (PST) From: =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= To: qemu-devel@nongnu.org Cc: qemu-ppc@nongnu.org, qemu-arm@nongnu.org, qemu-block@nongnu.org, Paolo Bonzini , =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= , Bernhard Beschow , "Michael S. Tsirkin" , Richard Henderson Subject: [PULL 18/56] hw/isa: specify instance_size in isa_superio_type_info Date: Thu, 15 Feb 2024 18:57:12 +0100 Message-ID: <20240215175752.82828-19-philmd@linaro.org> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20240215175752.82828-1-philmd@linaro.org> References: <20240215175752.82828-1-philmd@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::32d; envelope-from=philmd@linaro.org; helo=mail-wm1-x32d.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org From: Paolo Bonzini Right now all subclasses of TYPE_ISA_SUPERIO have to specify an instance_size, because the ISASuperIODevice struct adds fields to ISADevice but the type does not include the increased instance size. Failure to do so results in an access past the bounds of struct ISADevice as soon as isa_superio_realize is called. Fix this by specifying the instance_size already in the superclass. Fixes: 4c3119a6e3 ("hw/isa/superio: Factor out the parallel code from pc87312.c") Reviewed-by: Philippe Mathieu-Daudé Reviewed-by: Bernhard Beschow Signed-off-by: Paolo Bonzini Message-ID: <20240213155005.109954-6-pbonzini@redhat.com> Signed-off-by: Philippe Mathieu-Daudé --- hw/isa/isa-superio.c | 2 +- hw/isa/smc37c669-superio.c | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/hw/isa/isa-superio.c b/hw/isa/isa-superio.c index 7dbfc374da..d85f22db1a 100644 --- a/hw/isa/isa-superio.c +++ b/hw/isa/isa-superio.c @@ -185,6 +185,7 @@ static const TypeInfo isa_superio_type_info = { .abstract = true, .class_size = sizeof(ISASuperIOClass), .class_init = isa_superio_class_init, + .instance_size = sizeof(ISASuperIODevice), }; /* SMS FDC37M817 Super I/O */ @@ -201,7 +202,6 @@ static void fdc37m81x_class_init(ObjectClass *klass, void *data) static const TypeInfo fdc37m81x_type_info = { .name = TYPE_FDC37M81X_SUPERIO, .parent = TYPE_ISA_SUPERIO, - .instance_size = sizeof(ISASuperIODevice), .class_init = fdc37m81x_class_init, }; diff --git a/hw/isa/smc37c669-superio.c b/hw/isa/smc37c669-superio.c index 18287741cb..9e59dc1603 100644 --- a/hw/isa/smc37c669-superio.c +++ b/hw/isa/smc37c669-superio.c @@ -103,7 +103,6 @@ static void smc37c669_class_init(ObjectClass *klass, void *data) static const TypeInfo smc37c669_type_info = { .name = TYPE_SMC37C669_SUPERIO, .parent = TYPE_ISA_SUPERIO, - .instance_size = sizeof(ISASuperIODevice), .class_size = sizeof(ISASuperIOClass), .class_init = smc37c669_class_init, };