[Qemu-devel] [PATCH v2 0/5] Fix some GCC 9 build warnings

[Qemu-devel] [PATCH v2 0/5] Fix some GCC 9 build warnings

[Alistair Francis]

v2:
 - Rewrite most patches based on the feedback from v1

Alistair Francis (5):
  util/qemu-sockets: Fix GCC 9 build warnings
  hw/usb/hcd-xhci: Fix GCC 9 build warning
  hw/usb/dev-mtp: Fix GCC 9 build warning
  linux-user/uname: Fix GCC 9 build warnings
  linux-user/elfload: Fix GCC 9 build warnings

 hw/usb/dev-mtp.c     | 13 +++++++++++++
 hw/usb/hcd-xhci.c    |  1 +
 linux-user/elfload.c |  2 +-
 linux-user/uname.c   |  2 +-
 util/qemu-sockets.c  |  4 ++--
 5 files changed, 18 insertions(+), 4 deletions(-)

-- 
2.21.0

[Qemu-devel] [PATCH v2 0/5] Fix some GCC 9 build warnings

[Alistair Francis]

v2:
 - Rewrite most patches based on the feedback from v1

Alistair Francis (5):
  util/qemu-sockets: Fix GCC 9 build warnings
  hw/usb/hcd-xhci: Fix GCC 9 build warning
  hw/usb/dev-mtp: Fix GCC 9 build warning
  linux-user/uname: Fix GCC 9 build warnings
  linux-user/elfload: Fix GCC 9 build warnings

 hw/usb/dev-mtp.c     | 13 +++++++++++++
 hw/usb/hcd-xhci.c    |  1 +
 linux-user/elfload.c |  2 +-
 linux-user/uname.c   |  2 +-
 util/qemu-sockets.c  |  4 ++--
 5 files changed, 18 insertions(+), 4 deletions(-)

-- 
2.21.0

[Qemu-devel] [PATCH v2 1/5] util/qemu-sockets: Fix GCC 9 build warnings

[Alistair Francis]

Fix this warning when building with GCC9 on Fedora 30:
In function ‘strncpy’,
    inlined from ‘unix_connect_saddr.isra.0’ at util/qemu-sockets.c:925:5:
/usr/include/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ specified bound 108 equals destination size [-Werror=stringop-truncation]
  106 |   return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
      |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In function ‘strncpy’,
    inlined from ‘unix_listen_saddr.isra.0’ at util/qemu-sockets.c:880:5:

Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
---
 util/qemu-sockets.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/util/qemu-sockets.c b/util/qemu-sockets.c
index 9705051690..8c3322958f 100644
--- a/util/qemu-sockets.c
+++ b/util/qemu-sockets.c
@@ -829,7 +829,7 @@ static int unix_listen_saddr(UnixSocketAddress *saddr,
     struct sockaddr_un un;
     int sock, fd;
     char *pathbuf = NULL;
-    const char *path;
+    const char *path QEMU_NONSTRING;
 
     sock = qemu_socket(PF_UNIX, SOCK_STREAM, 0);
     if (sock < 0) {
@@ -922,7 +922,7 @@ static int unix_connect_saddr(UnixSocketAddress *saddr, Error **errp)
 
     memset(&un, 0, sizeof(un));
     un.sun_family = AF_UNIX;
-    strncpy(un.sun_path, saddr->path, sizeof(un.sun_path));
+    memcpy(un.sun_path, saddr->path, MIN(strlen(saddr->path), sizeof(un.sun_path)));
 
     /* connect to peer */
     do {
-- 
2.21.0

[Qemu-devel] [PATCH v2 1/5] util/qemu-sockets: Fix GCC 9 build warnings

[Alistair Francis]

Fix this warning when building with GCC9 on Fedora 30:
In function ‘strncpy’,
    inlined from ‘unix_connect_saddr.isra.0’ at util/qemu-sockets.c:925:5:
/usr/include/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ specified bound 108 equals destination size [-Werror=stringop-truncation]
  106 |   return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
      |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In function ‘strncpy’,
    inlined from ‘unix_listen_saddr.isra.0’ at util/qemu-sockets.c:880:5:

Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
---
 util/qemu-sockets.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/util/qemu-sockets.c b/util/qemu-sockets.c
index 9705051690..8c3322958f 100644
--- a/util/qemu-sockets.c
+++ b/util/qemu-sockets.c
@@ -829,7 +829,7 @@ static int unix_listen_saddr(UnixSocketAddress *saddr,
     struct sockaddr_un un;
     int sock, fd;
     char *pathbuf = NULL;
-    const char *path;
+    const char *path QEMU_NONSTRING;
 
     sock = qemu_socket(PF_UNIX, SOCK_STREAM, 0);
     if (sock < 0) {
@@ -922,7 +922,7 @@ static int unix_connect_saddr(UnixSocketAddress *saddr, Error **errp)
 
     memset(&un, 0, sizeof(un));
     un.sun_family = AF_UNIX;
-    strncpy(un.sun_path, saddr->path, sizeof(un.sun_path));
+    memcpy(un.sun_path, saddr->path, MIN(strlen(saddr->path), sizeof(un.sun_path)));
 
     /* connect to peer */
     do {
-- 
2.21.0

[Qemu-devel] [PATCH v2 2/5] hw/usb/hcd-xhci: Fix GCC 9 build warning

[Alistair Francis]

Fix this build warning with GCC 9 on Fedora 30:
hw/usb/hcd-xhci.c:3339:66: error: ‘%d’ directive output may be truncated writing between 1 and 10 bytes into a region of size 5 [-Werror=format-truncation=]
 3339 |             snprintf(port->name, sizeof(port->name), "usb2 port #%d", i+1);
      |                                                                  ^~
hw/usb/hcd-xhci.c:3339:54: note: directive argument in the range [1, 2147483647]
 3339 |             snprintf(port->name, sizeof(port->name), "usb2 port #%d", i+1);
      |                                                      ^~~~~~~~~~~~~~~
In file included from /usr/include/stdio.h:867,
                 from /home/alistair/qemu/include/qemu/osdep.h:99,
                 from hw/usb/hcd-xhci.c:21:
/usr/include/bits/stdio2.h:67:10: note: ‘__builtin___snprintf_chk’ output between 13 and 22 bytes into a destination of size 16
   67 |   return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
      |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   68 |        __bos (__s), __fmt, __va_arg_pack ());
      |        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
---
 hw/usb/hcd-xhci.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/hw/usb/hcd-xhci.c b/hw/usb/hcd-xhci.c
index ec28bee319..2b061772b2 100644
--- a/hw/usb/hcd-xhci.c
+++ b/hw/usb/hcd-xhci.c
@@ -3322,6 +3322,7 @@ static void usb_xhci_init(XHCIState *xhci)
     usb_bus_new(&xhci->bus, sizeof(xhci->bus), &xhci_bus_ops, dev);
 
     for (i = 0; i < usbports; i++) {
+        g_assert(i < MAX(MAXPORTS_2, MAXPORTS_3));
         speedmask = 0;
         if (i < xhci->numports_2) {
             if (xhci_get_flag(xhci, XHCI_FLAG_SS_FIRST)) {
-- 
2.21.0

[Qemu-devel] [PATCH v2 2/5] hw/usb/hcd-xhci: Fix GCC 9 build warning

[Alistair Francis]

Fix this build warning with GCC 9 on Fedora 30:
hw/usb/hcd-xhci.c:3339:66: error: ‘%d’ directive output may be truncated writing between 1 and 10 bytes into a region of size 5 [-Werror=format-truncation=]
 3339 |             snprintf(port->name, sizeof(port->name), "usb2 port #%d", i+1);
      |                                                                  ^~
hw/usb/hcd-xhci.c:3339:54: note: directive argument in the range [1, 2147483647]
 3339 |             snprintf(port->name, sizeof(port->name), "usb2 port #%d", i+1);
      |                                                      ^~~~~~~~~~~~~~~
In file included from /usr/include/stdio.h:867,
                 from /home/alistair/qemu/include/qemu/osdep.h:99,
                 from hw/usb/hcd-xhci.c:21:
/usr/include/bits/stdio2.h:67:10: note: ‘__builtin___snprintf_chk’ output between 13 and 22 bytes into a destination of size 16
   67 |   return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
      |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   68 |        __bos (__s), __fmt, __va_arg_pack ());
      |        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
---
 hw/usb/hcd-xhci.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/hw/usb/hcd-xhci.c b/hw/usb/hcd-xhci.c
index ec28bee319..2b061772b2 100644
--- a/hw/usb/hcd-xhci.c
+++ b/hw/usb/hcd-xhci.c
@@ -3322,6 +3322,7 @@ static void usb_xhci_init(XHCIState *xhci)
     usb_bus_new(&xhci->bus, sizeof(xhci->bus), &xhci_bus_ops, dev);
 
     for (i = 0; i < usbports; i++) {
+        g_assert(i < MAX(MAXPORTS_2, MAXPORTS_3));
         speedmask = 0;
         if (i < xhci->numports_2) {
             if (xhci_get_flag(xhci, XHCI_FLAG_SS_FIRST)) {
-- 
2.21.0

[Qemu-devel] [PATCH v2 3/5] hw/usb/dev-mtp: Fix GCC 9 build warning

[Alistair Francis]

Fix this warning with GCC 9 on Fedora 30:
hw/usb/dev-mtp.c:1715:36: error: taking address of packed member of ‘struct <anonymous>’ may result in an unaligned pointer value [-Werror=address-of-packed-member]
 1715 |                             dataset->filename);
      |                             ~~~~~~~^~~~~~~~~~

Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
---
 hw/usb/dev-mtp.c | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/hw/usb/dev-mtp.c b/hw/usb/dev-mtp.c
index 99548b012d..8233beacab 100644
--- a/hw/usb/dev-mtp.c
+++ b/hw/usb/dev-mtp.c
@@ -1711,9 +1711,22 @@ static void usb_mtp_write_metadata(MTPState *s, uint64_t dlen)
     assert(!s->write_pending);
     assert(p != NULL);
 
+/*
+ * We are about to access a packed struct. We are confident that the pointer
+ * address won't be unaligned, so we ignore GCC warnings.
+ */
+#if defined(CONFIG_PRAGMA_DIAGNOSTIC_AVAILABLE) && QEMU_GNUC_PREREQ(9, 0)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Waddress-of-packed-member"
+#endif
+
     filename = utf16_to_str(MIN(dataset->length, filename_chars),
                             dataset->filename);
 
+#if defined(CONFIG_PRAGMA_DIAGNOSTIC_AVAILABLE) && QEMU_GNUC_PREREQ(9, 0)
+#pragma GCC diagnostic pop
+#endif
+
     if (strchr(filename, '/')) {
         usb_mtp_queue_result(s, RES_PARAMETER_NOT_SUPPORTED, d->trans,
                              0, 0, 0, 0);
-- 
2.21.0

[Qemu-devel] [PATCH v2 3/5] hw/usb/dev-mtp: Fix GCC 9 build warning

[Alistair Francis]

Fix this warning with GCC 9 on Fedora 30:
hw/usb/dev-mtp.c:1715:36: error: taking address of packed member of ‘struct <anonymous>’ may result in an unaligned pointer value [-Werror=address-of-packed-member]
 1715 |                             dataset->filename);
      |                             ~~~~~~~^~~~~~~~~~

Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
---
 hw/usb/dev-mtp.c | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/hw/usb/dev-mtp.c b/hw/usb/dev-mtp.c
index 99548b012d..8233beacab 100644
--- a/hw/usb/dev-mtp.c
+++ b/hw/usb/dev-mtp.c
@@ -1711,9 +1711,22 @@ static void usb_mtp_write_metadata(MTPState *s, uint64_t dlen)
     assert(!s->write_pending);
     assert(p != NULL);
 
+/*
+ * We are about to access a packed struct. We are confident that the pointer
+ * address won't be unaligned, so we ignore GCC warnings.
+ */
+#if defined(CONFIG_PRAGMA_DIAGNOSTIC_AVAILABLE) && QEMU_GNUC_PREREQ(9, 0)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Waddress-of-packed-member"
+#endif
+
     filename = utf16_to_str(MIN(dataset->length, filename_chars),
                             dataset->filename);
 
+#if defined(CONFIG_PRAGMA_DIAGNOSTIC_AVAILABLE) && QEMU_GNUC_PREREQ(9, 0)
+#pragma GCC diagnostic pop
+#endif
+
     if (strchr(filename, '/')) {
         usb_mtp_queue_result(s, RES_PARAMETER_NOT_SUPPORTED, d->trans,
                              0, 0, 0, 0);
-- 
2.21.0

[Qemu-devel] [PATCH v2 4/5] linux-user/uname: Fix GCC 9 build warnings

[Alistair Francis]

Fix this warning when building with GCC9 on Fedora 30:
In function ‘strncpy’,
    inlined from ‘sys_uname’ at /home/alistair/qemu/linux-user/uname.c:94:3:
/usr/include/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ output may be truncated copying 64 bytes from a string of length 64 [-Werror=stringop-truncation]
  106 |   return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
      |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
---
 linux-user/uname.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/linux-user/uname.c b/linux-user/uname.c
index 313b79dbad..2fc6096a5b 100644
--- a/linux-user/uname.c
+++ b/linux-user/uname.c
@@ -73,7 +73,7 @@ const char *cpu_to_uname_machine(void *cpu_env)
 #define COPY_UTSNAME_FIELD(dest, src) \
   do { \
       /* __NEW_UTS_LEN doesn't include terminating null */ \
-      (void) strncpy((dest), (src), __NEW_UTS_LEN); \
+      (void) memcpy((dest), (src), MIN(strlen(src), __NEW_UTS_LEN)); \
       (dest)[__NEW_UTS_LEN] = '\0'; \
   } while (0)
 
-- 
2.21.0

[Qemu-devel] [PATCH v2 4/5] linux-user/uname: Fix GCC 9 build warnings

[Alistair Francis]

Fix this warning when building with GCC9 on Fedora 30:
In function ‘strncpy’,
    inlined from ‘sys_uname’ at /home/alistair/qemu/linux-user/uname.c:94:3:
/usr/include/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ output may be truncated copying 64 bytes from a string of length 64 [-Werror=stringop-truncation]
  106 |   return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
      |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
---
 linux-user/uname.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/linux-user/uname.c b/linux-user/uname.c
index 313b79dbad..2fc6096a5b 100644
--- a/linux-user/uname.c
+++ b/linux-user/uname.c
@@ -73,7 +73,7 @@ const char *cpu_to_uname_machine(void *cpu_env)
 #define COPY_UTSNAME_FIELD(dest, src) \
   do { \
       /* __NEW_UTS_LEN doesn't include terminating null */ \
-      (void) strncpy((dest), (src), __NEW_UTS_LEN); \
+      (void) memcpy((dest), (src), MIN(strlen(src), __NEW_UTS_LEN)); \
       (dest)[__NEW_UTS_LEN] = '\0'; \
   } while (0)
 
-- 
2.21.0

[Qemu-devel] [PATCH v2 5/5] linux-user/elfload: Fix GCC 9 build warnings

[Alistair Francis]

Fix this warning when building with GCC9 on Fedora 30:
In function ‘strncpy’,
    inlined from ‘fill_psinfo’ at /home/alistair/qemu/linux-user/elfload.c:3208:12,
    inlined from ‘fill_note_info’ at /home/alistair/qemu/linux-user/elfload.c:3390:5,
    inlined from ‘elf_core_dump’ at /home/alistair/qemu/linux-user/elfload.c:3539:9:
/usr/include/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ specified bound 16 equals destination size [-Werror=stringop-truncation]
  106 |   return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
      |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
---
 linux-user/elfload.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/linux-user/elfload.c b/linux-user/elfload.c
index c1a26021f8..d08fe23466 100644
--- a/linux-user/elfload.c
+++ b/linux-user/elfload.c
@@ -2872,7 +2872,7 @@ struct target_elf_prpsinfo {
     target_gid_t pr_gid;
     target_pid_t pr_pid, pr_ppid, pr_pgrp, pr_sid;
     /* Lots missing */
-    char    pr_fname[16];           /* filename of executable */
+    char    pr_fname[16] QEMU_NONSTRING; /* filename of executable */
     char    pr_psargs[ELF_PRARGSZ]; /* initial part of arg list */
 };
 
-- 
2.21.0

[Qemu-devel] [PATCH v2 5/5] linux-user/elfload: Fix GCC 9 build warnings

[Alistair Francis]

Fix this warning when building with GCC9 on Fedora 30:
In function ‘strncpy’,
    inlined from ‘fill_psinfo’ at /home/alistair/qemu/linux-user/elfload.c:3208:12,
    inlined from ‘fill_note_info’ at /home/alistair/qemu/linux-user/elfload.c:3390:5,
    inlined from ‘elf_core_dump’ at /home/alistair/qemu/linux-user/elfload.c:3539:9:
/usr/include/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ specified bound 16 equals destination size [-Werror=stringop-truncation]
  106 |   return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
      |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
---
 linux-user/elfload.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/linux-user/elfload.c b/linux-user/elfload.c
index c1a26021f8..d08fe23466 100644
--- a/linux-user/elfload.c
+++ b/linux-user/elfload.c
@@ -2872,7 +2872,7 @@ struct target_elf_prpsinfo {
     target_gid_t pr_gid;
     target_pid_t pr_pid, pr_ppid, pr_pgrp, pr_sid;
     /* Lots missing */
-    char    pr_fname[16];           /* filename of executable */
+    char    pr_fname[16] QEMU_NONSTRING; /* filename of executable */
     char    pr_psargs[ELF_PRARGSZ]; /* initial part of arg list */
 };
 
-- 
2.21.0

Re: [Qemu-devel] [PATCH v2 3/5] hw/usb/dev-mtp: Fix GCC 9 build warning

[Thomas Huth]

On 01/05/2019 01.28, Alistair Francis wrote:
> Fix this warning with GCC 9 on Fedora 30:
> hw/usb/dev-mtp.c:1715:36: error: taking address of packed member of ‘struct <anonymous>’ may result in an unaligned pointer value [-Werror=address-of-packed-member]
>  1715 |                             dataset->filename);
>       |                             ~~~~~~~^~~~~~~~~~
> 
> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
> ---
>  hw/usb/dev-mtp.c | 13 +++++++++++++
>  1 file changed, 13 insertions(+)
> 
> diff --git a/hw/usb/dev-mtp.c b/hw/usb/dev-mtp.c
> index 99548b012d..8233beacab 100644
> --- a/hw/usb/dev-mtp.c
> +++ b/hw/usb/dev-mtp.c
> @@ -1711,9 +1711,22 @@ static void usb_mtp_write_metadata(MTPState *s, uint64_t dlen)
>      assert(!s->write_pending);
>      assert(p != NULL);
>  
> +/*
> + * We are about to access a packed struct. We are confident that the pointer
> + * address won't be unaligned, so we ignore GCC warnings.
> + */
> +#if defined(CONFIG_PRAGMA_DIAGNOSTIC_AVAILABLE) && QEMU_GNUC_PREREQ(9, 0)
> +#pragma GCC diagnostic push
> +#pragma GCC diagnostic ignored "-Waddress-of-packed-member"
> +#endif
> +
>      filename = utf16_to_str(MIN(dataset->length, filename_chars),
>                              dataset->filename);
>  
> +#if defined(CONFIG_PRAGMA_DIAGNOSTIC_AVAILABLE) && QEMU_GNUC_PREREQ(9, 0)
> +#pragma GCC diagnostic pop
> +#endif

Would it be possible to use an assert() instead? Something like

 g_assert((dataset->filename & 1) == 0)

?

 Thomas

Re: [Qemu-devel] [PATCH v2 3/5] hw/usb/dev-mtp: Fix GCC 9 build warning

[Thomas Huth]

On 01/05/2019 01.28, Alistair Francis wrote:
> Fix this warning with GCC 9 on Fedora 30:
> hw/usb/dev-mtp.c:1715:36: error: taking address of packed member of ‘struct <anonymous>’ may result in an unaligned pointer value [-Werror=address-of-packed-member]
>  1715 |                             dataset->filename);
>       |                             ~~~~~~~^~~~~~~~~~
> 
> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
> ---
>  hw/usb/dev-mtp.c | 13 +++++++++++++
>  1 file changed, 13 insertions(+)
> 
> diff --git a/hw/usb/dev-mtp.c b/hw/usb/dev-mtp.c
> index 99548b012d..8233beacab 100644
> --- a/hw/usb/dev-mtp.c
> +++ b/hw/usb/dev-mtp.c
> @@ -1711,9 +1711,22 @@ static void usb_mtp_write_metadata(MTPState *s, uint64_t dlen)
>      assert(!s->write_pending);
>      assert(p != NULL);
>  
> +/*
> + * We are about to access a packed struct. We are confident that the pointer
> + * address won't be unaligned, so we ignore GCC warnings.
> + */
> +#if defined(CONFIG_PRAGMA_DIAGNOSTIC_AVAILABLE) && QEMU_GNUC_PREREQ(9, 0)
> +#pragma GCC diagnostic push
> +#pragma GCC diagnostic ignored "-Waddress-of-packed-member"
> +#endif
> +
>      filename = utf16_to_str(MIN(dataset->length, filename_chars),
>                              dataset->filename);
>  
> +#if defined(CONFIG_PRAGMA_DIAGNOSTIC_AVAILABLE) && QEMU_GNUC_PREREQ(9, 0)
> +#pragma GCC diagnostic pop
> +#endif

Would it be possible to use an assert() instead? Something like

 g_assert((dataset->filename & 1) == 0)

?

 Thomas

Re: [Qemu-devel] [PATCH v2 1/5] util/qemu-sockets: Fix GCC 9 build warnings

[Laurent Vivier]

Le 01/05/2019 à 01:28, Alistair Francis a écrit :
> Fix this warning when building with GCC9 on Fedora 30:
> In function ‘strncpy’,
>     inlined from ‘unix_connect_saddr.isra.0’ at util/qemu-sockets.c:925:5:
> /usr/include/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ specified bound 108 equals destination size [-Werror=stringop-truncation]
>   106 |   return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
>       |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> In function ‘strncpy’,
>     inlined from ‘unix_listen_saddr.isra.0’ at util/qemu-sockets.c:880:5:
> 
> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
> ---
>  util/qemu-sockets.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/util/qemu-sockets.c b/util/qemu-sockets.c
> index 9705051690..8c3322958f 100644
> --- a/util/qemu-sockets.c
> +++ b/util/qemu-sockets.c
> @@ -829,7 +829,7 @@ static int unix_listen_saddr(UnixSocketAddress *saddr,
>      struct sockaddr_un un;
>      int sock, fd;
>      char *pathbuf = NULL;
> -    const char *path;
> +    const char *path QEMU_NONSTRING;

Do we need this with memcpy()?

Thanks,
Laurent

Re: [Qemu-devel] [PATCH v2 1/5] util/qemu-sockets: Fix GCC 9 build warnings

[Laurent Vivier]

Le 01/05/2019 à 01:28, Alistair Francis a écrit :
> Fix this warning when building with GCC9 on Fedora 30:
> In function ‘strncpy’,
>     inlined from ‘unix_connect_saddr.isra.0’ at util/qemu-sockets.c:925:5:
> /usr/include/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ specified bound 108 equals destination size [-Werror=stringop-truncation]
>   106 |   return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
>       |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> In function ‘strncpy’,
>     inlined from ‘unix_listen_saddr.isra.0’ at util/qemu-sockets.c:880:5:
> 
> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
> ---
>  util/qemu-sockets.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/util/qemu-sockets.c b/util/qemu-sockets.c
> index 9705051690..8c3322958f 100644
> --- a/util/qemu-sockets.c
> +++ b/util/qemu-sockets.c
> @@ -829,7 +829,7 @@ static int unix_listen_saddr(UnixSocketAddress *saddr,
>      struct sockaddr_un un;
>      int sock, fd;
>      char *pathbuf = NULL;
> -    const char *path;
> +    const char *path QEMU_NONSTRING;

Do we need this with memcpy()?

Thanks,
Laurent

Re: [Qemu-devel] [PATCH v2 2/5] hw/usb/hcd-xhci: Fix GCC 9 build warning

[Laurent Vivier]

Le 01/05/2019 à 01:28, Alistair Francis a écrit :
> Fix this build warning with GCC 9 on Fedora 30:
> hw/usb/hcd-xhci.c:3339:66: error: ‘%d’ directive output may be truncated writing between 1 and 10 bytes into a region of size 5 [-Werror=format-truncation=]
>  3339 |             snprintf(port->name, sizeof(port->name), "usb2 port #%d", i+1);
>       |                                                                  ^~
> hw/usb/hcd-xhci.c:3339:54: note: directive argument in the range [1, 2147483647]
>  3339 |             snprintf(port->name, sizeof(port->name), "usb2 port #%d", i+1);
>       |                                                      ^~~~~~~~~~~~~~~
> In file included from /usr/include/stdio.h:867,
>                  from /home/alistair/qemu/include/qemu/osdep.h:99,
>                  from hw/usb/hcd-xhci.c:21:
> /usr/include/bits/stdio2.h:67:10: note: ‘__builtin___snprintf_chk’ output between 13 and 22 bytes into a destination of size 16
>    67 |   return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
>       |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>    68 |        __bos (__s), __fmt, __va_arg_pack ());
>       |        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 
> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
> ---
>  hw/usb/hcd-xhci.c | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/hw/usb/hcd-xhci.c b/hw/usb/hcd-xhci.c
> index ec28bee319..2b061772b2 100644
> --- a/hw/usb/hcd-xhci.c
> +++ b/hw/usb/hcd-xhci.c
> @@ -3322,6 +3322,7 @@ static void usb_xhci_init(XHCIState *xhci)
>      usb_bus_new(&xhci->bus, sizeof(xhci->bus), &xhci_bus_ops, dev);
>  
>      for (i = 0; i < usbports; i++) {
> +        g_assert(i < MAX(MAXPORTS_2, MAXPORTS_3));
>          speedmask = 0;
>          if (i < xhci->numports_2) {
>              if (xhci_get_flag(xhci, XHCI_FLAG_SS_FIRST)) {
> 

Reviewed-by: Laurent Vivier <laurent@vivier.eu>

Re: [Qemu-devel] [PATCH v2 2/5] hw/usb/hcd-xhci: Fix GCC 9 build warning

[Laurent Vivier]

Le 01/05/2019 à 01:28, Alistair Francis a écrit :
> Fix this build warning with GCC 9 on Fedora 30:
> hw/usb/hcd-xhci.c:3339:66: error: ‘%d’ directive output may be truncated writing between 1 and 10 bytes into a region of size 5 [-Werror=format-truncation=]
>  3339 |             snprintf(port->name, sizeof(port->name), "usb2 port #%d", i+1);
>       |                                                                  ^~
> hw/usb/hcd-xhci.c:3339:54: note: directive argument in the range [1, 2147483647]
>  3339 |             snprintf(port->name, sizeof(port->name), "usb2 port #%d", i+1);
>       |                                                      ^~~~~~~~~~~~~~~
> In file included from /usr/include/stdio.h:867,
>                  from /home/alistair/qemu/include/qemu/osdep.h:99,
>                  from hw/usb/hcd-xhci.c:21:
> /usr/include/bits/stdio2.h:67:10: note: ‘__builtin___snprintf_chk’ output between 13 and 22 bytes into a destination of size 16
>    67 |   return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
>       |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>    68 |        __bos (__s), __fmt, __va_arg_pack ());
>       |        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 
> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
> ---
>  hw/usb/hcd-xhci.c | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/hw/usb/hcd-xhci.c b/hw/usb/hcd-xhci.c
> index ec28bee319..2b061772b2 100644
> --- a/hw/usb/hcd-xhci.c
> +++ b/hw/usb/hcd-xhci.c
> @@ -3322,6 +3322,7 @@ static void usb_xhci_init(XHCIState *xhci)
>      usb_bus_new(&xhci->bus, sizeof(xhci->bus), &xhci_bus_ops, dev);
>  
>      for (i = 0; i < usbports; i++) {
> +        g_assert(i < MAX(MAXPORTS_2, MAXPORTS_3));
>          speedmask = 0;
>          if (i < xhci->numports_2) {
>              if (xhci_get_flag(xhci, XHCI_FLAG_SS_FIRST)) {
> 

Reviewed-by: Laurent Vivier <laurent@vivier.eu>

Re: [Qemu-devel] [PATCH v2 3/5] hw/usb/dev-mtp: Fix GCC 9 build warning

[Daniel P. Berrangé]

On Tue, Apr 30, 2019 at 11:28:41PM +0000, Alistair Francis wrote:
> Fix this warning with GCC 9 on Fedora 30:
> hw/usb/dev-mtp.c:1715:36: error: taking address of packed member of ‘struct <anonymous>’ may result in an unaligned pointer value [-Werror=address-of-packed-member]
>  1715 |                             dataset->filename);
>       |                             ~~~~~~~^~~~~~~~~~
> 
> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
> ---
>  hw/usb/dev-mtp.c | 13 +++++++++++++
>  1 file changed, 13 insertions(+)
> 
> diff --git a/hw/usb/dev-mtp.c b/hw/usb/dev-mtp.c
> index 99548b012d..8233beacab 100644
> --- a/hw/usb/dev-mtp.c
> +++ b/hw/usb/dev-mtp.c
> @@ -1711,9 +1711,22 @@ static void usb_mtp_write_metadata(MTPState *s, uint64_t dlen)
>      assert(!s->write_pending);
>      assert(p != NULL);
>  
> +/*
> + * We are about to access a packed struct. We are confident that the pointer
> + * address won't be unaligned, so we ignore GCC warnings.
> + */

The data is mis-aligned as we're accessing an int16 array that
is immediately following an int8 field in a packed struct

This problem is fixed by the following series which Gerd has in the
USB queue:

  https://lists.gnu.org/archive/html/qemu-devel/2019-04/msg02524.html

> +#if defined(CONFIG_PRAGMA_DIAGNOSTIC_AVAILABLE) && QEMU_GNUC_PREREQ(9, 0)
> +#pragma GCC diagnostic push
> +#pragma GCC diagnostic ignored "-Waddress-of-packed-member"
> +#endif
> +
>      filename = utf16_to_str(MIN(dataset->length, filename_chars),
>                              dataset->filename);
>  
> +#if defined(CONFIG_PRAGMA_DIAGNOSTIC_AVAILABLE) && QEMU_GNUC_PREREQ(9, 0)
> +#pragma GCC diagnostic pop
> +#endif
> +
>      if (strchr(filename, '/')) {
>          usb_mtp_queue_result(s, RES_PARAMETER_NOT_SUPPORTED, d->trans,
>                               0, 0, 0, 0);

Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

Re: [Qemu-devel] [PATCH v2 3/5] hw/usb/dev-mtp: Fix GCC 9 build warning

[Daniel P. Berrangé]

On Tue, Apr 30, 2019 at 11:28:41PM +0000, Alistair Francis wrote:
> Fix this warning with GCC 9 on Fedora 30:
> hw/usb/dev-mtp.c:1715:36: error: taking address of packed member of ‘struct <anonymous>’ may result in an unaligned pointer value [-Werror=address-of-packed-member]
>  1715 |                             dataset->filename);
>       |                             ~~~~~~~^~~~~~~~~~
> 
> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
> ---
>  hw/usb/dev-mtp.c | 13 +++++++++++++
>  1 file changed, 13 insertions(+)
> 
> diff --git a/hw/usb/dev-mtp.c b/hw/usb/dev-mtp.c
> index 99548b012d..8233beacab 100644
> --- a/hw/usb/dev-mtp.c
> +++ b/hw/usb/dev-mtp.c
> @@ -1711,9 +1711,22 @@ static void usb_mtp_write_metadata(MTPState *s, uint64_t dlen)
>      assert(!s->write_pending);
>      assert(p != NULL);
>  
> +/*
> + * We are about to access a packed struct. We are confident that the pointer
> + * address won't be unaligned, so we ignore GCC warnings.
> + */

The data is mis-aligned as we're accessing an int16 array that
is immediately following an int8 field in a packed struct

This problem is fixed by the following series which Gerd has in the
USB queue:

  https://lists.gnu.org/archive/html/qemu-devel/2019-04/msg02524.html

> +#if defined(CONFIG_PRAGMA_DIAGNOSTIC_AVAILABLE) && QEMU_GNUC_PREREQ(9, 0)
> +#pragma GCC diagnostic push
> +#pragma GCC diagnostic ignored "-Waddress-of-packed-member"
> +#endif
> +
>      filename = utf16_to_str(MIN(dataset->length, filename_chars),
>                              dataset->filename);
>  
> +#if defined(CONFIG_PRAGMA_DIAGNOSTIC_AVAILABLE) && QEMU_GNUC_PREREQ(9, 0)
> +#pragma GCC diagnostic pop
> +#endif
> +
>      if (strchr(filename, '/')) {
>          usb_mtp_queue_result(s, RES_PARAMETER_NOT_SUPPORTED, d->trans,
>                               0, 0, 0, 0);

Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

Re: [Qemu-devel] [PATCH v2 4/5] linux-user/uname: Fix GCC 9 build warnings

[Laurent Vivier]

On 01/05/2019 01:28, Alistair Francis wrote:
> Fix this warning when building with GCC9 on Fedora 30:
> In function ‘strncpy’,
>     inlined from ‘sys_uname’ at /home/alistair/qemu/linux-user/uname.c:94:3:
> /usr/include/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ output may be truncated copying 64 bytes from a string of length 64 [-Werror=stringop-truncation]
>   106 |   return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
>       |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 
> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
> ---
>  linux-user/uname.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/linux-user/uname.c b/linux-user/uname.c
> index 313b79dbad..2fc6096a5b 100644
> --- a/linux-user/uname.c
> +++ b/linux-user/uname.c
> @@ -73,7 +73,7 @@ const char *cpu_to_uname_machine(void *cpu_env)
>  #define COPY_UTSNAME_FIELD(dest, src) \
>    do { \
>        /* __NEW_UTS_LEN doesn't include terminating null */ \
> -      (void) strncpy((dest), (src), __NEW_UTS_LEN); \
> +      (void) memcpy((dest), (src), MIN(strlen(src), __NEW_UTS_LEN)); \

You should use MIN(strlen(src) + 1, __NEW_UTS_LEN) to copy the NUL
character if it is present and fit in __NEW_UTS_LEN.

>        (dest)[__NEW_UTS_LEN] = '\0'; \
>    } while (0)
>  
> 

Re: [Qemu-devel] [PATCH v2 4/5] linux-user/uname: Fix GCC 9 build warnings

[Laurent Vivier]

On 01/05/2019 01:28, Alistair Francis wrote:
> Fix this warning when building with GCC9 on Fedora 30:
> In function ‘strncpy’,
>     inlined from ‘sys_uname’ at /home/alistair/qemu/linux-user/uname.c:94:3:
> /usr/include/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ output may be truncated copying 64 bytes from a string of length 64 [-Werror=stringop-truncation]
>   106 |   return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
>       |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 
> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
> ---
>  linux-user/uname.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/linux-user/uname.c b/linux-user/uname.c
> index 313b79dbad..2fc6096a5b 100644
> --- a/linux-user/uname.c
> +++ b/linux-user/uname.c
> @@ -73,7 +73,7 @@ const char *cpu_to_uname_machine(void *cpu_env)
>  #define COPY_UTSNAME_FIELD(dest, src) \
>    do { \
>        /* __NEW_UTS_LEN doesn't include terminating null */ \
> -      (void) strncpy((dest), (src), __NEW_UTS_LEN); \
> +      (void) memcpy((dest), (src), MIN(strlen(src), __NEW_UTS_LEN)); \

You should use MIN(strlen(src) + 1, __NEW_UTS_LEN) to copy the NUL
character if it is present and fit in __NEW_UTS_LEN.

>        (dest)[__NEW_UTS_LEN] = '\0'; \
>    } while (0)
>  
> 

Re: [Qemu-devel] [PATCH v2 5/5] linux-user/elfload: Fix GCC 9 build warnings

[Laurent Vivier]

On 01/05/2019 01:29, Alistair Francis wrote:
> Fix this warning when building with GCC9 on Fedora 30:
> In function ‘strncpy’,
>     inlined from ‘fill_psinfo’ at /home/alistair/qemu/linux-user/elfload.c:3208:12,
>     inlined from ‘fill_note_info’ at /home/alistair/qemu/linux-user/elfload.c:3390:5,
>     inlined from ‘elf_core_dump’ at /home/alistair/qemu/linux-user/elfload.c:3539:9:
> /usr/include/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ specified bound 16 equals destination size [-Werror=stringop-truncation]
>   106 |   return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
>       |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 
> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
> ---
>  linux-user/elfload.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/linux-user/elfload.c b/linux-user/elfload.c
> index c1a26021f8..d08fe23466 100644
> --- a/linux-user/elfload.c
> +++ b/linux-user/elfload.c
> @@ -2872,7 +2872,7 @@ struct target_elf_prpsinfo {
>      target_gid_t pr_gid;
>      target_pid_t pr_pid, pr_ppid, pr_pgrp, pr_sid;
>      /* Lots missing */
> -    char    pr_fname[16];           /* filename of executable */
> +    char    pr_fname[16] QEMU_NONSTRING; /* filename of executable */
>      char    pr_psargs[ELF_PRARGSZ]; /* initial part of arg list */
>  };
>  
> 

Reviewed-by: Laurent Vivier <laurent@vivier.eu>

Re: [Qemu-devel] [PATCH v2 5/5] linux-user/elfload: Fix GCC 9 build warnings

[Laurent Vivier]

On 01/05/2019 01:29, Alistair Francis wrote:
> Fix this warning when building with GCC9 on Fedora 30:
> In function ‘strncpy’,
>     inlined from ‘fill_psinfo’ at /home/alistair/qemu/linux-user/elfload.c:3208:12,
>     inlined from ‘fill_note_info’ at /home/alistair/qemu/linux-user/elfload.c:3390:5,
>     inlined from ‘elf_core_dump’ at /home/alistair/qemu/linux-user/elfload.c:3539:9:
> /usr/include/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ specified bound 16 equals destination size [-Werror=stringop-truncation]
>   106 |   return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
>       |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 
> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
> ---
>  linux-user/elfload.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/linux-user/elfload.c b/linux-user/elfload.c
> index c1a26021f8..d08fe23466 100644
> --- a/linux-user/elfload.c
> +++ b/linux-user/elfload.c
> @@ -2872,7 +2872,7 @@ struct target_elf_prpsinfo {
>      target_gid_t pr_gid;
>      target_pid_t pr_pid, pr_ppid, pr_pgrp, pr_sid;
>      /* Lots missing */
> -    char    pr_fname[16];           /* filename of executable */
> +    char    pr_fname[16] QEMU_NONSTRING; /* filename of executable */
>      char    pr_psargs[ELF_PRARGSZ]; /* initial part of arg list */
>  };
>  
> 

Reviewed-by: Laurent Vivier <laurent@vivier.eu>

Re: [Qemu-devel] [PATCH v2 1/5] util/qemu-sockets: Fix GCC 9 build warnings

[Daniel P. Berrangé]

On Tue, Apr 30, 2019 at 11:28:22PM +0000, Alistair Francis wrote:
> Fix this warning when building with GCC9 on Fedora 30:
> In function ‘strncpy’,
>     inlined from ‘unix_connect_saddr.isra.0’ at util/qemu-sockets.c:925:5:
> /usr/include/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ specified bound 108 equals destination size [-Werror=stringop-truncation]
>   106 |   return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
>       |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> In function ‘strncpy’,
>     inlined from ‘unix_listen_saddr.isra.0’ at util/qemu-sockets.c:880:5:
> 
> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
> ---
>  util/qemu-sockets.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/util/qemu-sockets.c b/util/qemu-sockets.c
> index 9705051690..8c3322958f 100644
> --- a/util/qemu-sockets.c
> +++ b/util/qemu-sockets.c
> @@ -829,7 +829,7 @@ static int unix_listen_saddr(UnixSocketAddress *saddr,
>      struct sockaddr_un un;
>      int sock, fd;
>      char *pathbuf = NULL;
> -    const char *path;
> +    const char *path QEMU_NONSTRING;
>  
>      sock = qemu_socket(PF_UNIX, SOCK_STREAM, 0);
>      if (sock < 0) {
> @@ -922,7 +922,7 @@ static int unix_connect_saddr(UnixSocketAddress *saddr, Error **errp)
>  
>      memset(&un, 0, sizeof(un));
>      un.sun_family = AF_UNIX;
> -    strncpy(un.sun_path, saddr->path, sizeof(un.sun_path));
> +    memcpy(un.sun_path, saddr->path, MIN(strlen(saddr->path), sizeof(un.sun_path)));
>  
>      /* connect to peer */
>      do {

I think my proposed fix for this file is preferrable as it avoids
repeated strlen calls 

  https://lists.gnu.org/archive/html/qemu-devel/2019-04/msg02124.html


Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

Re: [Qemu-devel] [PATCH v2 1/5] util/qemu-sockets: Fix GCC 9 build warnings

[Daniel P. Berrangé]

On Tue, Apr 30, 2019 at 11:28:22PM +0000, Alistair Francis wrote:
> Fix this warning when building with GCC9 on Fedora 30:
> In function ‘strncpy’,
>     inlined from ‘unix_connect_saddr.isra.0’ at util/qemu-sockets.c:925:5:
> /usr/include/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ specified bound 108 equals destination size [-Werror=stringop-truncation]
>   106 |   return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
>       |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> In function ‘strncpy’,
>     inlined from ‘unix_listen_saddr.isra.0’ at util/qemu-sockets.c:880:5:
> 
> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
> ---
>  util/qemu-sockets.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/util/qemu-sockets.c b/util/qemu-sockets.c
> index 9705051690..8c3322958f 100644
> --- a/util/qemu-sockets.c
> +++ b/util/qemu-sockets.c
> @@ -829,7 +829,7 @@ static int unix_listen_saddr(UnixSocketAddress *saddr,
>      struct sockaddr_un un;
>      int sock, fd;
>      char *pathbuf = NULL;
> -    const char *path;
> +    const char *path QEMU_NONSTRING;
>  
>      sock = qemu_socket(PF_UNIX, SOCK_STREAM, 0);
>      if (sock < 0) {
> @@ -922,7 +922,7 @@ static int unix_connect_saddr(UnixSocketAddress *saddr, Error **errp)
>  
>      memset(&un, 0, sizeof(un));
>      un.sun_family = AF_UNIX;
> -    strncpy(un.sun_path, saddr->path, sizeof(un.sun_path));
> +    memcpy(un.sun_path, saddr->path, MIN(strlen(saddr->path), sizeof(un.sun_path)));
>  
>      /* connect to peer */
>      do {

I think my proposed fix for this file is preferrable as it avoids
repeated strlen calls 

  https://lists.gnu.org/archive/html/qemu-devel/2019-04/msg02124.html


Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

Re: [Qemu-devel] [PATCH v2 2/5] hw/usb/hcd-xhci: Fix GCC 9 build warning

[Daniel P. Berrangé]

On Tue, Apr 30, 2019 at 11:28:31PM +0000, Alistair Francis wrote:
> Fix this build warning with GCC 9 on Fedora 30:
> hw/usb/hcd-xhci.c:3339:66: error: ‘%d’ directive output may be truncated writing between 1 and 10 bytes into a region of size 5 [-Werror=format-truncation=]
>  3339 |             snprintf(port->name, sizeof(port->name), "usb2 port #%d", i+1);
>       |                                                                  ^~
> hw/usb/hcd-xhci.c:3339:54: note: directive argument in the range [1, 2147483647]
>  3339 |             snprintf(port->name, sizeof(port->name), "usb2 port #%d", i+1);
>       |                                                      ^~~~~~~~~~~~~~~
> In file included from /usr/include/stdio.h:867,
>                  from /home/alistair/qemu/include/qemu/osdep.h:99,
>                  from hw/usb/hcd-xhci.c:21:
> /usr/include/bits/stdio2.h:67:10: note: ‘__builtin___snprintf_chk’ output between 13 and 22 bytes into a destination of size 16
>    67 |   return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
>       |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>    68 |        __bos (__s), __fmt, __va_arg_pack ());
>       |        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 
> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
> ---
>  hw/usb/hcd-xhci.c | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/hw/usb/hcd-xhci.c b/hw/usb/hcd-xhci.c
> index ec28bee319..2b061772b2 100644
> --- a/hw/usb/hcd-xhci.c
> +++ b/hw/usb/hcd-xhci.c
> @@ -3322,6 +3322,7 @@ static void usb_xhci_init(XHCIState *xhci)
>      usb_bus_new(&xhci->bus, sizeof(xhci->bus), &xhci_bus_ops, dev);
>  
>      for (i = 0; i < usbports; i++) {
> +        g_assert(i < MAX(MAXPORTS_2, MAXPORTS_3));
>          speedmask = 0;
>          if (i < xhci->numports_2) {
>              if (xhci_get_flag(xhci, XHCI_FLAG_SS_FIRST)) {

I proposed a slightly different fix here:

  https://lists.gnu.org/archive/html/qemu-devel/2019-04/msg02125.html

but both have the same effect


  Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>


Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

Re: [Qemu-devel] [PATCH v2 2/5] hw/usb/hcd-xhci: Fix GCC 9 build warning

[Daniel P. Berrangé]

On Tue, Apr 30, 2019 at 11:28:31PM +0000, Alistair Francis wrote:
> Fix this build warning with GCC 9 on Fedora 30:
> hw/usb/hcd-xhci.c:3339:66: error: ‘%d’ directive output may be truncated writing between 1 and 10 bytes into a region of size 5 [-Werror=format-truncation=]
>  3339 |             snprintf(port->name, sizeof(port->name), "usb2 port #%d", i+1);
>       |                                                                  ^~
> hw/usb/hcd-xhci.c:3339:54: note: directive argument in the range [1, 2147483647]
>  3339 |             snprintf(port->name, sizeof(port->name), "usb2 port #%d", i+1);
>       |                                                      ^~~~~~~~~~~~~~~
> In file included from /usr/include/stdio.h:867,
>                  from /home/alistair/qemu/include/qemu/osdep.h:99,
>                  from hw/usb/hcd-xhci.c:21:
> /usr/include/bits/stdio2.h:67:10: note: ‘__builtin___snprintf_chk’ output between 13 and 22 bytes into a destination of size 16
>    67 |   return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
>       |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>    68 |        __bos (__s), __fmt, __va_arg_pack ());
>       |        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 
> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
> ---
>  hw/usb/hcd-xhci.c | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/hw/usb/hcd-xhci.c b/hw/usb/hcd-xhci.c
> index ec28bee319..2b061772b2 100644
> --- a/hw/usb/hcd-xhci.c
> +++ b/hw/usb/hcd-xhci.c
> @@ -3322,6 +3322,7 @@ static void usb_xhci_init(XHCIState *xhci)
>      usb_bus_new(&xhci->bus, sizeof(xhci->bus), &xhci_bus_ops, dev);
>  
>      for (i = 0; i < usbports; i++) {
> +        g_assert(i < MAX(MAXPORTS_2, MAXPORTS_3));
>          speedmask = 0;
>          if (i < xhci->numports_2) {
>              if (xhci_get_flag(xhci, XHCI_FLAG_SS_FIRST)) {

I proposed a slightly different fix here:

  https://lists.gnu.org/archive/html/qemu-devel/2019-04/msg02125.html

but both have the same effect


  Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>


Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

Re: [Qemu-devel] [PATCH v2 4/5] linux-user/uname: Fix GCC 9 build warnings

[Daniel P. Berrangé]

On Wed, May 01, 2019 at 11:40:13AM +0200, Laurent Vivier wrote:
> On 01/05/2019 01:28, Alistair Francis wrote:
> > Fix this warning when building with GCC9 on Fedora 30:
> > In function ‘strncpy’,
> >     inlined from ‘sys_uname’ at /home/alistair/qemu/linux-user/uname.c:94:3:
> > /usr/include/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ output may be truncated copying 64 bytes from a string of length 64 [-Werror=stringop-truncation]
> >   106 |   return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
> >       |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> > 
> > Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
> > ---
> >  linux-user/uname.c | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> > 
> > diff --git a/linux-user/uname.c b/linux-user/uname.c
> > index 313b79dbad..2fc6096a5b 100644
> > --- a/linux-user/uname.c
> > +++ b/linux-user/uname.c
> > @@ -73,7 +73,7 @@ const char *cpu_to_uname_machine(void *cpu_env)
> >  #define COPY_UTSNAME_FIELD(dest, src) \
> >    do { \
> >        /* __NEW_UTS_LEN doesn't include terminating null */ \
> > -      (void) strncpy((dest), (src), __NEW_UTS_LEN); \
> > +      (void) memcpy((dest), (src), MIN(strlen(src), __NEW_UTS_LEN)); \
> 
> You should use MIN(strlen(src) + 1, __NEW_UTS_LEN) to copy the NUL
> character if it is present and fit in __NEW_UTS_LEN.

IMHO we shouldn't use strlen at all. I proposed fixing it using sizeof()
instead here:

  https://lists.gnu.org/archive/html/qemu-devel/2019-04/msg02154.html

> 
> >        (dest)[__NEW_UTS_LEN] = '\0'; \
> >    } while (0)

Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

Re: [Qemu-devel] [PATCH v2 4/5] linux-user/uname: Fix GCC 9 build warnings

[Daniel P. Berrangé]

On Wed, May 01, 2019 at 11:40:13AM +0200, Laurent Vivier wrote:
> On 01/05/2019 01:28, Alistair Francis wrote:
> > Fix this warning when building with GCC9 on Fedora 30:
> > In function ‘strncpy’,
> >     inlined from ‘sys_uname’ at /home/alistair/qemu/linux-user/uname.c:94:3:
> > /usr/include/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ output may be truncated copying 64 bytes from a string of length 64 [-Werror=stringop-truncation]
> >   106 |   return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
> >       |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> > 
> > Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
> > ---
> >  linux-user/uname.c | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> > 
> > diff --git a/linux-user/uname.c b/linux-user/uname.c
> > index 313b79dbad..2fc6096a5b 100644
> > --- a/linux-user/uname.c
> > +++ b/linux-user/uname.c
> > @@ -73,7 +73,7 @@ const char *cpu_to_uname_machine(void *cpu_env)
> >  #define COPY_UTSNAME_FIELD(dest, src) \
> >    do { \
> >        /* __NEW_UTS_LEN doesn't include terminating null */ \
> > -      (void) strncpy((dest), (src), __NEW_UTS_LEN); \
> > +      (void) memcpy((dest), (src), MIN(strlen(src), __NEW_UTS_LEN)); \
> 
> You should use MIN(strlen(src) + 1, __NEW_UTS_LEN) to copy the NUL
> character if it is present and fit in __NEW_UTS_LEN.

IMHO we shouldn't use strlen at all. I proposed fixing it using sizeof()
instead here:

  https://lists.gnu.org/archive/html/qemu-devel/2019-04/msg02154.html

> 
> >        (dest)[__NEW_UTS_LEN] = '\0'; \
> >    } while (0)

Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

Re: [Qemu-devel] [PATCH v2 4/5] linux-user/uname: Fix GCC 9 build warnings

[Laurent Vivier]

On 01/05/2019 11:44, Daniel P. Berrangé wrote:
> On Wed, May 01, 2019 at 11:40:13AM +0200, Laurent Vivier wrote:
>> On 01/05/2019 01:28, Alistair Francis wrote:
>>> Fix this warning when building with GCC9 on Fedora 30:
>>> In function ‘strncpy’,
>>>     inlined from ‘sys_uname’ at /home/alistair/qemu/linux-user/uname.c:94:3:
>>> /usr/include/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ output may be truncated copying 64 bytes from a string of length 64 [-Werror=stringop-truncation]
>>>   106 |   return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
>>>       |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>>>
>>> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
>>> ---
>>>  linux-user/uname.c | 2 +-
>>>  1 file changed, 1 insertion(+), 1 deletion(-)
>>>
>>> diff --git a/linux-user/uname.c b/linux-user/uname.c
>>> index 313b79dbad..2fc6096a5b 100644
>>> --- a/linux-user/uname.c
>>> +++ b/linux-user/uname.c
>>> @@ -73,7 +73,7 @@ const char *cpu_to_uname_machine(void *cpu_env)
>>>  #define COPY_UTSNAME_FIELD(dest, src) \
>>>    do { \
>>>        /* __NEW_UTS_LEN doesn't include terminating null */ \
>>> -      (void) strncpy((dest), (src), __NEW_UTS_LEN); \
>>> +      (void) memcpy((dest), (src), MIN(strlen(src), __NEW_UTS_LEN)); \
>>
>> You should use MIN(strlen(src) + 1, __NEW_UTS_LEN) to copy the NUL
>> character if it is present and fit in __NEW_UTS_LEN.
> 
> IMHO we shouldn't use strlen at all. I proposed fixing it using sizeof()
> instead here:
> 
>   https://lists.gnu.org/archive/html/qemu-devel/2019-04/msg02154.html
> 

Yes, it's better.

Thanks,
Laurent

Re: [Qemu-devel] [PATCH v2 4/5] linux-user/uname: Fix GCC 9 build warnings

[Laurent Vivier]

On 01/05/2019 11:44, Daniel P. Berrangé wrote:
> On Wed, May 01, 2019 at 11:40:13AM +0200, Laurent Vivier wrote:
>> On 01/05/2019 01:28, Alistair Francis wrote:
>>> Fix this warning when building with GCC9 on Fedora 30:
>>> In function ‘strncpy’,
>>>     inlined from ‘sys_uname’ at /home/alistair/qemu/linux-user/uname.c:94:3:
>>> /usr/include/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ output may be truncated copying 64 bytes from a string of length 64 [-Werror=stringop-truncation]
>>>   106 |   return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
>>>       |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>>>
>>> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
>>> ---
>>>  linux-user/uname.c | 2 +-
>>>  1 file changed, 1 insertion(+), 1 deletion(-)
>>>
>>> diff --git a/linux-user/uname.c b/linux-user/uname.c
>>> index 313b79dbad..2fc6096a5b 100644
>>> --- a/linux-user/uname.c
>>> +++ b/linux-user/uname.c
>>> @@ -73,7 +73,7 @@ const char *cpu_to_uname_machine(void *cpu_env)
>>>  #define COPY_UTSNAME_FIELD(dest, src) \
>>>    do { \
>>>        /* __NEW_UTS_LEN doesn't include terminating null */ \
>>> -      (void) strncpy((dest), (src), __NEW_UTS_LEN); \
>>> +      (void) memcpy((dest), (src), MIN(strlen(src), __NEW_UTS_LEN)); \
>>
>> You should use MIN(strlen(src) + 1, __NEW_UTS_LEN) to copy the NUL
>> character if it is present and fit in __NEW_UTS_LEN.
> 
> IMHO we shouldn't use strlen at all. I proposed fixing it using sizeof()
> instead here:
> 
>   https://lists.gnu.org/archive/html/qemu-devel/2019-04/msg02154.html
> 

Yes, it's better.

Thanks,
Laurent

Re: [Qemu-devel] [PATCH v2 4/5] linux-user/uname: Fix GCC 9 build warnings

[Eric Blake]

[-- Attachment #1: Type: text/plain, Size: 1726 bytes --]

On 5/1/19 4:40 AM, Laurent Vivier wrote:
> On 01/05/2019 01:28, Alistair Francis wrote:
>> Fix this warning when building with GCC9 on Fedora 30:
>> In function ‘strncpy’,
>>     inlined from ‘sys_uname’ at /home/alistair/qemu/linux-user/uname.c:94:3:
>> /usr/include/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ output may be truncated copying 64 bytes from a string of length 64 [-Werror=stringop-truncation]
>>   106 |   return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
>>       |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>>
>> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
>> ---
>>  linux-user/uname.c | 2 +-
>>  1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/linux-user/uname.c b/linux-user/uname.c
>> index 313b79dbad..2fc6096a5b 100644
>> --- a/linux-user/uname.c
>> +++ b/linux-user/uname.c
>> @@ -73,7 +73,7 @@ const char *cpu_to_uname_machine(void *cpu_env)
>>  #define COPY_UTSNAME_FIELD(dest, src) \
>>    do { \
>>        /* __NEW_UTS_LEN doesn't include terminating null */ \
>> -      (void) strncpy((dest), (src), __NEW_UTS_LEN); \
>> +      (void) memcpy((dest), (src), MIN(strlen(src), __NEW_UTS_LEN)); \
> 
> You should use MIN(strlen(src) + 1, __NEW_UTS_LEN) to copy the NUL
> character if it is present and fit in __NEW_UTS_LEN.

No, the NUL character is already present, due to the memset() prior to
any use of COPY_UTSNAME_FIELD().  However, the commit message should
call that out, as it is not part of the default 3-line diff.

-- 
Eric Blake, Principal Software Engineer
Red Hat, Inc.           +1-919-301-3226
Virtualization:  qemu.org | libvirt.org


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]

Re: [Qemu-devel] [PATCH v2 2/5] hw/usb/hcd-xhci: Fix GCC 9 build warning

[Richard Henderson]

On 4/30/19 4:28 PM, Alistair Francis wrote:
>      for (i = 0; i < usbports; i++) {
> +        g_assert(i < MAX(MAXPORTS_2, MAXPORTS_3));

I would hope that it works to move this out of the loop:

  g_assert(usbports <= MAX(MAXPORTS_2, MAXPORTS_3));


r~

Re: [Qemu-devel] [PATCH v2 2/5] hw/usb/hcd-xhci: Fix GCC 9 build warning

[Richard Henderson]

On 4/30/19 4:28 PM, Alistair Francis wrote:
>      for (i = 0; i < usbports; i++) {
> +        g_assert(i < MAX(MAXPORTS_2, MAXPORTS_3));

I would hope that it works to move this out of the loop:

  g_assert(usbports <= MAX(MAXPORTS_2, MAXPORTS_3));


r~

Re: [Qemu-devel] [PATCH v2 5/5] linux-user/elfload: Fix GCC 9 build warnings

[Richard Henderson]

On 4/30/19 4:29 PM, Alistair Francis wrote:
> @@ -2872,7 +2872,7 @@ struct target_elf_prpsinfo {
>      target_gid_t pr_gid;
>      target_pid_t pr_pid, pr_ppid, pr_pgrp, pr_sid;
>      /* Lots missing */
> -    char    pr_fname[16];           /* filename of executable */
> +    char    pr_fname[16] QEMU_NONSTRING; /* filename of executable */

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>


r~

Re: [Qemu-devel] [PATCH v2 5/5] linux-user/elfload: Fix GCC 9 build warnings

[Richard Henderson]

On 4/30/19 4:29 PM, Alistair Francis wrote:
> @@ -2872,7 +2872,7 @@ struct target_elf_prpsinfo {
>      target_gid_t pr_gid;
>      target_pid_t pr_pid, pr_ppid, pr_pgrp, pr_sid;
>      /* Lots missing */
> -    char    pr_fname[16];           /* filename of executable */
> +    char    pr_fname[16] QEMU_NONSTRING; /* filename of executable */

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>


r~

Re: [Qemu-devel] [PATCH v2 2/5] hw/usb/hcd-xhci: Fix GCC 9 build warning

[Philippe Mathieu-Daudé]

On 5/1/19 4:12 PM, Richard Henderson wrote:
> On 4/30/19 4:28 PM, Alistair Francis wrote:
>>      for (i = 0; i < usbports; i++) {
>> +        g_assert(i < MAX(MAXPORTS_2, MAXPORTS_3));
> 
> I would hope that it works to move this out of the loop:
> 
>   g_assert(usbports <= MAX(MAXPORTS_2, MAXPORTS_3));

With Richard suggestion:

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>

Re: [Qemu-devel] [PATCH v2 5/5] linux-user/elfload: Fix GCC 9 build warnings

[Laurent Vivier]

On 01/05/2019 01:29, Alistair Francis wrote:
> Fix this warning when building with GCC9 on Fedora 30:
> In function ‘strncpy’,
>     inlined from ‘fill_psinfo’ at /home/alistair/qemu/linux-user/elfload.c:3208:12,
>     inlined from ‘fill_note_info’ at /home/alistair/qemu/linux-user/elfload.c:3390:5,
>     inlined from ‘elf_core_dump’ at /home/alistair/qemu/linux-user/elfload.c:3539:9:
> /usr/include/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ specified bound 16 equals destination size [-Werror=stringop-truncation]
>   106 |   return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
>       |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 
> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
> ---
>  linux-user/elfload.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/linux-user/elfload.c b/linux-user/elfload.c
> index c1a26021f8..d08fe23466 100644
> --- a/linux-user/elfload.c
> +++ b/linux-user/elfload.c
> @@ -2872,7 +2872,7 @@ struct target_elf_prpsinfo {
>      target_gid_t pr_gid;
>      target_pid_t pr_pid, pr_ppid, pr_pgrp, pr_sid;
>      /* Lots missing */
> -    char    pr_fname[16];           /* filename of executable */
> +    char    pr_fname[16] QEMU_NONSTRING; /* filename of executable */
>      char    pr_psargs[ELF_PRARGSZ]; /* initial part of arg list */
>  };
>  
> 


Applied to my linux-user branch.

Thanks,
Laurent

Re: [Qemu-devel] [PATCH v2 5/5] linux-user/elfload: Fix GCC 9 build warnings

[Laurent Vivier]

On 01/05/2019 01:29, Alistair Francis wrote:
> Fix this warning when building with GCC9 on Fedora 30:
> In function ‘strncpy’,
>     inlined from ‘fill_psinfo’ at /home/alistair/qemu/linux-user/elfload.c:3208:12,
>     inlined from ‘fill_note_info’ at /home/alistair/qemu/linux-user/elfload.c:3390:5,
>     inlined from ‘elf_core_dump’ at /home/alistair/qemu/linux-user/elfload.c:3539:9:
> /usr/include/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ specified bound 16 equals destination size [-Werror=stringop-truncation]
>   106 |   return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
>       |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 
> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
> ---
>  linux-user/elfload.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/linux-user/elfload.c b/linux-user/elfload.c
> index c1a26021f8..d08fe23466 100644
> --- a/linux-user/elfload.c
> +++ b/linux-user/elfload.c
> @@ -2872,7 +2872,7 @@ struct target_elf_prpsinfo {
>      target_gid_t pr_gid;
>      target_pid_t pr_pid, pr_ppid, pr_pgrp, pr_sid;
>      /* Lots missing */
> -    char    pr_fname[16];           /* filename of executable */
> +    char    pr_fname[16] QEMU_NONSTRING; /* filename of executable */
>      char    pr_psargs[ELF_PRARGSZ]; /* initial part of arg list */
>  };
>  
> 


Applied to my linux-user branch.

Thanks,
Laurent

Re: [Qemu-devel] [PATCH v2 4/5] linux-user/uname: Fix GCC 9 build warnings

[Alistair Francis]

On Wed, May 1, 2019 at 5:00 AM Eric Blake <eblake@redhat.com> wrote:
>
> On 5/1/19 4:40 AM, Laurent Vivier wrote:
> > On 01/05/2019 01:28, Alistair Francis wrote:
> >> Fix this warning when building with GCC9 on Fedora 30:
> >> In function ‘strncpy’,
> >>     inlined from ‘sys_uname’ at /home/alistair/qemu/linux-user/uname.c:94:3:
> >> /usr/include/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ output may be truncated copying 64 bytes from a string of length 64 [-Werror=stringop-truncation]
> >>   106 |   return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
> >>       |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> >>
> >> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>

I'm dropping this patch in favour of the other one.

Alistair

> >> ---
> >>  linux-user/uname.c | 2 +-
> >>  1 file changed, 1 insertion(+), 1 deletion(-)
> >>
> >> diff --git a/linux-user/uname.c b/linux-user/uname.c
> >> index 313b79dbad..2fc6096a5b 100644
> >> --- a/linux-user/uname.c
> >> +++ b/linux-user/uname.c
> >> @@ -73,7 +73,7 @@ const char *cpu_to_uname_machine(void *cpu_env)
> >>  #define COPY_UTSNAME_FIELD(dest, src) \
> >>    do { \
> >>        /* __NEW_UTS_LEN doesn't include terminating null */ \
> >> -      (void) strncpy((dest), (src), __NEW_UTS_LEN); \
> >> +      (void) memcpy((dest), (src), MIN(strlen(src), __NEW_UTS_LEN)); \
> >
> > You should use MIN(strlen(src) + 1, __NEW_UTS_LEN) to copy the NUL
> > character if it is present and fit in __NEW_UTS_LEN.
>
> No, the NUL character is already present, due to the memset() prior to
> any use of COPY_UTSNAME_FIELD().  However, the commit message should
> call that out, as it is not part of the default 3-line diff.
>
> --
> Eric Blake, Principal Software Engineer
> Red Hat, Inc.           +1-919-301-3226
> Virtualization:  qemu.org | libvirt.org
>

Re: [Qemu-devel] [PATCH v2 4/5] linux-user/uname: Fix GCC 9 build warnings

[Alistair Francis]

On Wed, May 1, 2019 at 5:00 AM Eric Blake <eblake@redhat.com> wrote:
>
> On 5/1/19 4:40 AM, Laurent Vivier wrote:
> > On 01/05/2019 01:28, Alistair Francis wrote:
> >> Fix this warning when building with GCC9 on Fedora 30:
> >> In function ‘strncpy’,
> >>     inlined from ‘sys_uname’ at /home/alistair/qemu/linux-user/uname.c:94:3:
> >> /usr/include/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ output may be truncated copying 64 bytes from a string of length 64 [-Werror=stringop-truncation]
> >>   106 |   return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
> >>       |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> >>
> >> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>

I'm dropping this patch in favour of the other one.

Alistair

> >> ---
> >>  linux-user/uname.c | 2 +-
> >>  1 file changed, 1 insertion(+), 1 deletion(-)
> >>
> >> diff --git a/linux-user/uname.c b/linux-user/uname.c
> >> index 313b79dbad..2fc6096a5b 100644
> >> --- a/linux-user/uname.c
> >> +++ b/linux-user/uname.c
> >> @@ -73,7 +73,7 @@ const char *cpu_to_uname_machine(void *cpu_env)
> >>  #define COPY_UTSNAME_FIELD(dest, src) \
> >>    do { \
> >>        /* __NEW_UTS_LEN doesn't include terminating null */ \
> >> -      (void) strncpy((dest), (src), __NEW_UTS_LEN); \
> >> +      (void) memcpy((dest), (src), MIN(strlen(src), __NEW_UTS_LEN)); \
> >
> > You should use MIN(strlen(src) + 1, __NEW_UTS_LEN) to copy the NUL
> > character if it is present and fit in __NEW_UTS_LEN.
>
> No, the NUL character is already present, due to the memset() prior to
> any use of COPY_UTSNAME_FIELD().  However, the commit message should
> call that out, as it is not part of the default 3-line diff.
>
> --
> Eric Blake, Principal Software Engineer
> Red Hat, Inc.           +1-919-301-3226
> Virtualization:  qemu.org | libvirt.org
>

Re: [Qemu-devel] [PATCH v2 3/5] hw/usb/dev-mtp: Fix GCC 9 build warning

[Alistair Francis]

On Wed, May 1, 2019 at 2:40 AM Daniel P. Berrangé <berrange@redhat.com> wrote:
>
> On Tue, Apr 30, 2019 at 11:28:41PM +0000, Alistair Francis wrote:
> > Fix this warning with GCC 9 on Fedora 30:
> > hw/usb/dev-mtp.c:1715:36: error: taking address of packed member of ‘struct <anonymous>’ may result in an unaligned pointer value [-Werror=address-of-packed-member]
> >  1715 |                             dataset->filename);
> >       |                             ~~~~~~~^~~~~~~~~~
> >
> > Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
> > ---
> >  hw/usb/dev-mtp.c | 13 +++++++++++++
> >  1 file changed, 13 insertions(+)
> >
> > diff --git a/hw/usb/dev-mtp.c b/hw/usb/dev-mtp.c
> > index 99548b012d..8233beacab 100644
> > --- a/hw/usb/dev-mtp.c
> > +++ b/hw/usb/dev-mtp.c
> > @@ -1711,9 +1711,22 @@ static void usb_mtp_write_metadata(MTPState *s, uint64_t dlen)
> >      assert(!s->write_pending);
> >      assert(p != NULL);
> >
> > +/*
> > + * We are about to access a packed struct. We are confident that the pointer
> > + * address won't be unaligned, so we ignore GCC warnings.
> > + */
>
> The data is mis-aligned as we're accessing an int16 array that
> is immediately following an int8 field in a packed struct
>
> This problem is fixed by the following series which Gerd has in the
> USB queue:
>
>   https://lists.gnu.org/archive/html/qemu-devel/2019-04/msg02524.html

Great, that fixes the build issues. Dropping this patch.

Alistair

>
> > +#if defined(CONFIG_PRAGMA_DIAGNOSTIC_AVAILABLE) && QEMU_GNUC_PREREQ(9, 0)
> > +#pragma GCC diagnostic push
> > +#pragma GCC diagnostic ignored "-Waddress-of-packed-member"
> > +#endif
> > +
> >      filename = utf16_to_str(MIN(dataset->length, filename_chars),
> >                              dataset->filename);
> >
> > +#if defined(CONFIG_PRAGMA_DIAGNOSTIC_AVAILABLE) && QEMU_GNUC_PREREQ(9, 0)
> > +#pragma GCC diagnostic pop
> > +#endif
> > +
> >      if (strchr(filename, '/')) {
> >          usb_mtp_queue_result(s, RES_PARAMETER_NOT_SUPPORTED, d->trans,
> >                               0, 0, 0, 0);
>
> Regards,
> Daniel
> --
> |: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
> |: https://libvirt.org         -o-            https://fstop138.berrange.com :|
> |: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

Re: [Qemu-devel] [PATCH v2 3/5] hw/usb/dev-mtp: Fix GCC 9 build warning

[Alistair Francis]

On Wed, May 1, 2019 at 2:40 AM Daniel P. Berrangé <berrange@redhat.com> wrote:
>
> On Tue, Apr 30, 2019 at 11:28:41PM +0000, Alistair Francis wrote:
> > Fix this warning with GCC 9 on Fedora 30:
> > hw/usb/dev-mtp.c:1715:36: error: taking address of packed member of ‘struct <anonymous>’ may result in an unaligned pointer value [-Werror=address-of-packed-member]
> >  1715 |                             dataset->filename);
> >       |                             ~~~~~~~^~~~~~~~~~
> >
> > Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
> > ---
> >  hw/usb/dev-mtp.c | 13 +++++++++++++
> >  1 file changed, 13 insertions(+)
> >
> > diff --git a/hw/usb/dev-mtp.c b/hw/usb/dev-mtp.c
> > index 99548b012d..8233beacab 100644
> > --- a/hw/usb/dev-mtp.c
> > +++ b/hw/usb/dev-mtp.c
> > @@ -1711,9 +1711,22 @@ static void usb_mtp_write_metadata(MTPState *s, uint64_t dlen)
> >      assert(!s->write_pending);
> >      assert(p != NULL);
> >
> > +/*
> > + * We are about to access a packed struct. We are confident that the pointer
> > + * address won't be unaligned, so we ignore GCC warnings.
> > + */
>
> The data is mis-aligned as we're accessing an int16 array that
> is immediately following an int8 field in a packed struct
>
> This problem is fixed by the following series which Gerd has in the
> USB queue:
>
>   https://lists.gnu.org/archive/html/qemu-devel/2019-04/msg02524.html

Great, that fixes the build issues. Dropping this patch.

Alistair

>
> > +#if defined(CONFIG_PRAGMA_DIAGNOSTIC_AVAILABLE) && QEMU_GNUC_PREREQ(9, 0)
> > +#pragma GCC diagnostic push
> > +#pragma GCC diagnostic ignored "-Waddress-of-packed-member"
> > +#endif
> > +
> >      filename = utf16_to_str(MIN(dataset->length, filename_chars),
> >                              dataset->filename);
> >
> > +#if defined(CONFIG_PRAGMA_DIAGNOSTIC_AVAILABLE) && QEMU_GNUC_PREREQ(9, 0)
> > +#pragma GCC diagnostic pop
> > +#endif
> > +
> >      if (strchr(filename, '/')) {
> >          usb_mtp_queue_result(s, RES_PARAMETER_NOT_SUPPORTED, d->trans,
> >                               0, 0, 0, 0);
>
> Regards,
> Daniel
> --
> |: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
> |: https://libvirt.org         -o-            https://fstop138.berrange.com :|
> |: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

Re: [Qemu-devel] [PATCH v2 2/5] hw/usb/hcd-xhci: Fix GCC 9 build warning

[Alistair Francis]

On Wed, May 1, 2019 at 7:12 AM Richard Henderson
<richard.henderson@linaro.org> wrote:
>
> On 4/30/19 4:28 PM, Alistair Francis wrote:
> >      for (i = 0; i < usbports; i++) {
> > +        g_assert(i < MAX(MAXPORTS_2, MAXPORTS_3));
>
> I would hope that it works to move this out of the loop:
>
>   g_assert(usbports <= MAX(MAXPORTS_2, MAXPORTS_3));

Yes, that also works. I have updated the patch.

Alistair

>
>
> r~

Re: [Qemu-devel] [PATCH v2 2/5] hw/usb/hcd-xhci: Fix GCC 9 build warning

[Alistair Francis]

On Wed, May 1, 2019 at 7:12 AM Richard Henderson
<richard.henderson@linaro.org> wrote:
>
> On 4/30/19 4:28 PM, Alistair Francis wrote:
> >      for (i = 0; i < usbports; i++) {
> > +        g_assert(i < MAX(MAXPORTS_2, MAXPORTS_3));
>
> I would hope that it works to move this out of the loop:
>
>   g_assert(usbports <= MAX(MAXPORTS_2, MAXPORTS_3));

Yes, that also works. I have updated the patch.

Alistair

>
>
> r~

Re: [Qemu-devel] [PATCH v2 1/5] util/qemu-sockets: Fix GCC 9 build warnings

[Alistair Francis]

On Wed, May 1, 2019 at 2:41 AM Daniel P. Berrangé <berrange@redhat.com> wrote:
>
> On Tue, Apr 30, 2019 at 11:28:22PM +0000, Alistair Francis wrote:
> > Fix this warning when building with GCC9 on Fedora 30:
> > In function ‘strncpy’,
> >     inlined from ‘unix_connect_saddr.isra.0’ at util/qemu-sockets.c:925:5:
> > /usr/include/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ specified bound 108 equals destination size [-Werror=stringop-truncation]
> >   106 |   return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
> >       |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> > In function ‘strncpy’,
> >     inlined from ‘unix_listen_saddr.isra.0’ at util/qemu-sockets.c:880:5:
> >
> > Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
> > ---
> >  util/qemu-sockets.c | 4 ++--
> >  1 file changed, 2 insertions(+), 2 deletions(-)
> >
> > diff --git a/util/qemu-sockets.c b/util/qemu-sockets.c
> > index 9705051690..8c3322958f 100644
> > --- a/util/qemu-sockets.c
> > +++ b/util/qemu-sockets.c
> > @@ -829,7 +829,7 @@ static int unix_listen_saddr(UnixSocketAddress *saddr,
> >      struct sockaddr_un un;
> >      int sock, fd;
> >      char *pathbuf = NULL;
> > -    const char *path;
> > +    const char *path QEMU_NONSTRING;
> >
> >      sock = qemu_socket(PF_UNIX, SOCK_STREAM, 0);
> >      if (sock < 0) {
> > @@ -922,7 +922,7 @@ static int unix_connect_saddr(UnixSocketAddress *saddr, Error **errp)
> >
> >      memset(&un, 0, sizeof(un));
> >      un.sun_family = AF_UNIX;
> > -    strncpy(un.sun_path, saddr->path, sizeof(un.sun_path));
> > +    memcpy(un.sun_path, saddr->path, MIN(strlen(saddr->path), sizeof(un.sun_path)));
> >
> >      /* connect to peer */
> >      do {
>
> I think my proposed fix for this file is preferrable as it avoids
> repeated strlen calls
>
>   https://lists.gnu.org/archive/html/qemu-devel/2019-04/msg02124.html

That's fine with me, I have dropped this patch.

Alistair

>
>
> Regards,
> Daniel
> --
> |: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
> |: https://libvirt.org         -o-            https://fstop138.berrange.com :|
> |: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

Re: [Qemu-devel] [PATCH v2 1/5] util/qemu-sockets: Fix GCC 9 build warnings

[Alistair Francis]

On Wed, May 1, 2019 at 2:41 AM Daniel P. Berrangé <berrange@redhat.com> wrote:
>
> On Tue, Apr 30, 2019 at 11:28:22PM +0000, Alistair Francis wrote:
> > Fix this warning when building with GCC9 on Fedora 30:
> > In function ‘strncpy’,
> >     inlined from ‘unix_connect_saddr.isra.0’ at util/qemu-sockets.c:925:5:
> > /usr/include/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ specified bound 108 equals destination size [-Werror=stringop-truncation]
> >   106 |   return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
> >       |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> > In function ‘strncpy’,
> >     inlined from ‘unix_listen_saddr.isra.0’ at util/qemu-sockets.c:880:5:
> >
> > Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
> > ---
> >  util/qemu-sockets.c | 4 ++--
> >  1 file changed, 2 insertions(+), 2 deletions(-)
> >
> > diff --git a/util/qemu-sockets.c b/util/qemu-sockets.c
> > index 9705051690..8c3322958f 100644
> > --- a/util/qemu-sockets.c
> > +++ b/util/qemu-sockets.c
> > @@ -829,7 +829,7 @@ static int unix_listen_saddr(UnixSocketAddress *saddr,
> >      struct sockaddr_un un;
> >      int sock, fd;
> >      char *pathbuf = NULL;
> > -    const char *path;
> > +    const char *path QEMU_NONSTRING;
> >
> >      sock = qemu_socket(PF_UNIX, SOCK_STREAM, 0);
> >      if (sock < 0) {
> > @@ -922,7 +922,7 @@ static int unix_connect_saddr(UnixSocketAddress *saddr, Error **errp)
> >
> >      memset(&un, 0, sizeof(un));
> >      un.sun_family = AF_UNIX;
> > -    strncpy(un.sun_path, saddr->path, sizeof(un.sun_path));
> > +    memcpy(un.sun_path, saddr->path, MIN(strlen(saddr->path), sizeof(un.sun_path)));
> >
> >      /* connect to peer */
> >      do {
>
> I think my proposed fix for this file is preferrable as it avoids
> repeated strlen calls
>
>   https://lists.gnu.org/archive/html/qemu-devel/2019-04/msg02124.html

That's fine with me, I have dropped this patch.

Alistair

>
>
> Regards,
> Daniel
> --
> |: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
> |: https://libvirt.org         -o-            https://fstop138.berrange.com :|
> |: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|