From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:36958)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <afaerber@suse.de>) id 1Zz9W4-0001Zc-Gy
	for qemu-devel@nongnu.org; Wed, 18 Nov 2015 15:39:45 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <afaerber@suse.de>) id 1Zz9W1-0005SB-9u
	for qemu-devel@nongnu.org; Wed, 18 Nov 2015 15:39:44 -0500
Received: from mx2.suse.de ([195.135.220.15]:49480)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <afaerber@suse.de>) id 1Zz9W1-0005S3-3e
	for qemu-devel@nongnu.org; Wed, 18 Nov 2015 15:39:41 -0500
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Wed, 18 Nov 2015 21:39:29 +0100
Message-Id: <1447879178-5440-2-git-send-email-afaerber@suse.de>
In-Reply-To: <1447879178-5440-1-git-send-email-afaerber@suse.de>
References: <1447879178-5440-1-git-send-email-afaerber@suse.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Subject: [Qemu-devel] [PULL 01/10] qdev: Change Property::offset field to
	ptrdiff_t type
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org
Cc: Ildar Isaev <ild@inbox.ru>, =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>

From: Ildar Isaev <ild@inbox.ru>

Property::offset field is calculated as a diff between two pointers:

  arrayprop->prop.offset =3D eltptr - (void *)dev;

If offset is declared as int, this subtraction can cause type overflow,
thus leading to failure of the subsequent assertion:

  assert(qdev_get_prop_ptr(dev, &arrayprop->prop) =3D=3D eltptr);

So ptrdiff_t should be used instead.

Signed-off-by: Ildar Isaev <ild@inbox.ru>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andreas F=C3=A4rber <afaerber@suse.de>
---
 include/hw/qdev-core.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/hw/qdev-core.h b/include/hw/qdev-core.h
index e6dbde4..c537969 100644
--- a/include/hw/qdev-core.h
+++ b/include/hw/qdev-core.h
@@ -237,7 +237,7 @@ struct BusState {
 struct Property {
     const char   *name;
     PropertyInfo *info;
-    int          offset;
+    ptrdiff_t    offset;
     uint8_t      bitnr;
     qtype_code   qtype;
     int64_t      defval;
--=20
2.6.2