From patchwork Wed Dec 12 09:55:19 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Cornelia Huck X-Patchwork-Id: 153559 Delivered-To: patch@linaro.org Received: by 2002:a2e:299d:0:0:0:0:0 with SMTP id p29-v6csp1635034ljp; Wed, 12 Dec 2018 02:02:03 -0800 (PST) X-Google-Smtp-Source: AFSGD/Wn7FFr/9dc5BE1E6z8hg4td1Z1DtGe8bvR6bUmvneTfQ53pBZqgO+DB5xUeAHE4dx+khFO X-Received: by 2002:ac8:2211:: with SMTP id o17mr19688321qto.170.1544608923592; Wed, 12 Dec 2018 02:02:03 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1544608923; cv=none; d=google.com; s=arc-20160816; b=im17XiqwjVkJQRsElekpRsF9Npe3ibExeh8OC4nO1aRnvbf+MmvQV5WYuToShsMS5B RHbDmDjSch60Ci5OsL4GOhV518UcEdLyxRjBgAB5I1ZtpCVSLAg4apOTecZBEeUxyoa6 qnrgVYqc1gxhSVHC6ANyjy9SJxBe2XEKsdz0eOEubhy/EVwsVL3x5RgiECcOiobheIsf N/VI0HVoDimEmbABfyK37IIN2bQs72210IliEFUXCNZ2fnLgGDjUFAn056byUTYXaO7C 4cTY3bXTRsmqL+LV07x8iKMxHnsI4Id4Pp7zvaPoo8Z70dtXHJtJ4vvrMlW17W0xdGcR OiiQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject :content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:to:from; bh=AUzrTlKi7KeicK5xYgf1TzL9MkEZBMeSWuP9D3LB2a8=; b=c7sXR4UuKROF4zYebKZvIGq6DvPNYk8EwCggohh203zF9rtwZ9FhVWbVvLTeqNYGOB lloJ2nK6bVEXU27iI78j/gsJ1R55l5k6+KReAaX/Ld+d2SonuA70sPX2WtKos62qgM02 q5mEEKe9CYM3QAiV1PFQVsIe4evIY7TBJYW6uvcZbZZn7eBj9BgGtPnTiVrMMoVazOGn YgDEZD2FeCCNrqB7VGX+/zn7cJeOEgdgTk4SxhHbTKhXOjoiC+aukM/b60G5p5TS9Qq+ hkir00zsy1DusTxJTLSx1sOJMFHaHnZx2yyKhfJxjyN96w3KQS3Ky668wdZmxdr6FE2i /FUQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from lists.gnu.org (lists.gnu.org. [2001:4830:134:3::11]) by mx.google.com with ESMTPS id v40si7128579qta.42.2018.12.12.02.02.03 for (version=TLS1 cipher=AES128-SHA bits=128/128); Wed, 12 Dec 2018 02:02:03 -0800 (PST) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) client-ip=2001:4830:134:3::11; Authentication-Results: mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from localhost ([::1]:43615 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gX1L8-0003L3-Vi for patch@linaro.org; Wed, 12 Dec 2018 05:02:03 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43688) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gX1Ex-0006EH-Kr for qemu-devel@nongnu.org; Wed, 12 Dec 2018 04:55:40 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1gX1Ev-0006qJ-SZ for qemu-devel@nongnu.org; Wed, 12 Dec 2018 04:55:39 -0500 Received: from mx1.redhat.com ([209.132.183.28]:46818) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1gX1Ev-0006pg-Hf; Wed, 12 Dec 2018 04:55:37 -0500 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 727FE5F78F; Wed, 12 Dec 2018 09:55:36 +0000 (UTC) Received: from localhost (dhcp-192-187.str.redhat.com [10.33.192.187]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 17C84600C9; Wed, 12 Dec 2018 09:55:35 +0000 (UTC) From: Cornelia Huck To: Peter Maydell Date: Wed, 12 Dec 2018 10:55:19 +0100 Message-Id: <20181212095519.6390-7-cohuck@redhat.com> In-Reply-To: <20181212095519.6390-1-cohuck@redhat.com> References: <20181212095519.6390-1-cohuck@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.39]); Wed, 12 Dec 2018 09:55:36 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PULL 6/6] hw/s390x/virtio-ccw.c: Don't take address of fields in packed structs X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: qemu-s390x@nongnu.org, Cornelia Huck , qemu-devel@nongnu.org Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" From: Peter Maydell Taking the address of a field in a packed struct is a bad idea, because it might not be actually aligned enough for that pointer type (and thus cause a crash on dereference on some host architectures). Newer versions of clang warn about this. Avoid the bug by not using the "modify in place" byte swapping functions. Patch produced with scripts/coccinelle/inplace-byteswaps.cocci (with a couple of long lines manually wrapped). Signed-off-by: Peter Maydell Message-Id: <20181210120436.30522-1-peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé Reviewed-by: Halil Pasic Signed-off-by: Cornelia Huck --- hw/s390x/virtio-ccw.c | 42 ++++++++++++++++++++++-------------------- 1 file changed, 22 insertions(+), 20 deletions(-) -- 2.17.2 diff --git a/hw/s390x/virtio-ccw.c b/hw/s390x/virtio-ccw.c index 212b3d3dea..c2b78c8e9b 100644 --- a/hw/s390x/virtio-ccw.c +++ b/hw/s390x/virtio-ccw.c @@ -287,18 +287,18 @@ static int virtio_ccw_handle_set_vq(SubchDev *sch, CCW1 ccw, bool check_len, } if (is_legacy) { ccw_dstream_read(&sch->cds, linfo); - be64_to_cpus(&linfo.queue); - be32_to_cpus(&linfo.align); - be16_to_cpus(&linfo.index); - be16_to_cpus(&linfo.num); + linfo.queue = be64_to_cpu(linfo.queue); + linfo.align = be32_to_cpu(linfo.align); + linfo.index = be16_to_cpu(linfo.index); + linfo.num = be16_to_cpu(linfo.num); ret = virtio_ccw_set_vqs(sch, NULL, &linfo); } else { ccw_dstream_read(&sch->cds, info); - be64_to_cpus(&info.desc); - be16_to_cpus(&info.index); - be16_to_cpus(&info.num); - be64_to_cpus(&info.avail); - be64_to_cpus(&info.used); + info.desc = be64_to_cpu(info.desc); + info.index = be16_to_cpu(info.index); + info.num = be16_to_cpu(info.num); + info.avail = be64_to_cpu(info.avail); + info.used = be64_to_cpu(info.used); ret = virtio_ccw_set_vqs(sch, &info, NULL); } sch->curr_status.scsw.count = 0; @@ -382,7 +382,7 @@ static int virtio_ccw_cb(SubchDev *sch, CCW1 ccw) features.features = 0; } ccw_dstream_rewind(&sch->cds); - cpu_to_le32s(&features.features); + features.features = cpu_to_le32(features.features); ccw_dstream_write(&sch->cds, features.features); sch->curr_status.scsw.count = ccw.count - sizeof(features); ret = 0; @@ -403,7 +403,7 @@ static int virtio_ccw_cb(SubchDev *sch, CCW1 ccw) ret = -EFAULT; } else { ccw_dstream_read(&sch->cds, features); - le32_to_cpus(&features.features); + features.features = le32_to_cpu(features.features); if (features.index == 0) { virtio_set_features(vdev, (vdev->guest_features & 0xffffffff00000000ULL) | @@ -546,7 +546,7 @@ static int virtio_ccw_cb(SubchDev *sch, CCW1 ccw) ret = -EFAULT; } else { ccw_dstream_read(&sch->cds, indicators); - be64_to_cpus(&indicators); + indicators = be64_to_cpu(indicators); dev->indicators = get_indicator(indicators, sizeof(uint64_t)); sch->curr_status.scsw.count = ccw.count - sizeof(indicators); ret = 0; @@ -567,7 +567,7 @@ static int virtio_ccw_cb(SubchDev *sch, CCW1 ccw) ret = -EFAULT; } else { ccw_dstream_read(&sch->cds, indicators); - be64_to_cpus(&indicators); + indicators = be64_to_cpu(indicators); dev->indicators2 = get_indicator(indicators, sizeof(uint64_t)); sch->curr_status.scsw.count = ccw.count - sizeof(indicators); ret = 0; @@ -588,14 +588,14 @@ static int virtio_ccw_cb(SubchDev *sch, CCW1 ccw) ret = -EFAULT; } else { ccw_dstream_read(&sch->cds, vq_config.index); - be16_to_cpus(&vq_config.index); + vq_config.index = be16_to_cpu(vq_config.index); if (vq_config.index >= VIRTIO_QUEUE_MAX) { ret = -EINVAL; break; } vq_config.num_max = virtio_queue_get_num(vdev, vq_config.index); - cpu_to_be16s(&vq_config.num_max); + vq_config.num_max = cpu_to_be16(vq_config.num_max); ccw_dstream_write(&sch->cds, vq_config.num_max); sch->curr_status.scsw.count = ccw.count - sizeof(vq_config); ret = 0; @@ -621,9 +621,11 @@ static int virtio_ccw_cb(SubchDev *sch, CCW1 ccw) if (ccw_dstream_read(&sch->cds, thinint)) { ret = -EFAULT; } else { - be64_to_cpus(&thinint.ind_bit); - be64_to_cpus(&thinint.summary_indicator); - be64_to_cpus(&thinint.device_indicator); + thinint.ind_bit = be64_to_cpu(thinint.ind_bit); + thinint.summary_indicator = + be64_to_cpu(thinint.summary_indicator); + thinint.device_indicator = + be64_to_cpu(thinint.device_indicator); dev->summary_indicator = get_indicator(thinint.summary_indicator, sizeof(uint8_t)); @@ -654,8 +656,8 @@ static int virtio_ccw_cb(SubchDev *sch, CCW1 ccw) break; } ccw_dstream_read_buf(&sch->cds, &revinfo, 4); - be16_to_cpus(&revinfo.revision); - be16_to_cpus(&revinfo.length); + revinfo.revision = be16_to_cpu(revinfo.revision); + revinfo.length = be16_to_cpu(revinfo.length); if (ccw.count < len + revinfo.length || (check_len && ccw.count > len + revinfo.length)) { ret = -EINVAL;