[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Xen-devel] [PATCH 1/2] misc: Replace zero-length arrays with flexible array member (automatic)
- To: Paolo Bonzini <pbonzini@xxxxxxxxxx>, qemu-devel@xxxxxxxxxx
- From: Philippe Mathieu-Daudé <philmd@xxxxxxxxxx>
- Date: Wed, 4 Mar 2020 15:12:36 +0100
- Cc: Fam Zheng <fam@xxxxxxxxxx>, Peter Maydell <peter.maydell@xxxxxxxxxx>, "Michael S. Tsirkin" <mst@xxxxxxxxxx>, Jason Wang <jasowang@xxxxxxxxxx>, Yuval Shaia <yuval.shaia.ml@xxxxxxxxx>, Gerd Hoffmann <kraxel@xxxxxxxxxx>, Eric Blake <eblake@xxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, qemu-block@xxxxxxxxxx, David Hildenbrand <david@xxxxxxxxxx>, "Gustavo A . R . Silva" <gustavo@xxxxxxxxxxxxxx>, Halil Pasic <pasic@xxxxxxxxxxxxx>, Christian Borntraeger <borntraeger@xxxxxxxxxx>, "Gonglei \(Arei\)" <arei.gonglei@xxxxxxxxxx>, Marcel Apfelbaum <marcel.apfelbaum@xxxxxxxxx>, Anthony Perard <anthony.perard@xxxxxxxxxx>, Marc-André Lureau <marcandre.lureau@xxxxxxxxxx>, David Gibson <david@xxxxxxxxxxxxxxxxxxxxx>, Thomas Huth <thuth@xxxxxxxxxx>, Eduardo Habkost <ehabkost@xxxxxxxxxx>, Paul Durrant <paul@xxxxxxx>, Eric Auger <eric.auger@xxxxxxxxxx>, qemu-s390x@xxxxxxxxxx, qemu-arm@xxxxxxxxxx, xen-devel@xxxxxxxxxxxxxxxxxxxx, John Snow <jsnow@xxxxxxxxxx>, Richard Henderson <rth@xxxxxxxxxxx>, Kevin Wolf <kwolf@xxxxxxxxxx>, Xiao Guangrong <xiaoguangrong.eric@xxxxxxxxx>, Cornelia Huck <cohuck@xxxxxxxxxx>, Laurent Vivier <laurent@xxxxxxxxx>, Max Reitz <mreitz@xxxxxxxxxx>, Igor Mammedov <imammedo@xxxxxxxxxx>
- Delivery-date: Wed, 04 Mar 2020 14:12:47 +0000
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 3/4/20 2:44 PM, Paolo Bonzini wrote:
On 04/03/20 14:12, Philippe Mathieu-Daudé wrote:
hw/scsi/spapr_vscsi.c:69:29: error: field 'iu' with variable sized type
'union viosrp_iu' not at the end of a struct or class is a GNU extension
[-Werror,-Wgnu-variable-sized-type-not-at-end]
union viosrp_iu iu;
^
Yay we found a bug! Thanks Gustavo :)
union srp_iu {
struct srp_login_req login_req;
struct srp_login_rsp login_rsp;
struct srp_login_rej login_rej;
struct srp_i_logout i_logout;
struct srp_t_logout t_logout;
struct srp_tsk_mgmt tsk_mgmt;
struct srp_cmd cmd;
struct srp_rsp rsp;
uint8_t reserved[SRP_MAX_IU_LEN];
};
It's variable-sized but it's okay as long as the total size doesn't
exceed SRP_MAX_IU_LEN. So it's not a bug, but I agree it's a time bomb.
Moving the field last should work, but it would still be quite
dangerous code.
Yeah I reached the same conclusion.
I'll send a fix for the dangerous code.
Do you want to drop this series, or only the change in 'struct srp_rsp'
(or in all hw/scsi/srp.h). Actually I guess it makes sense I move the
'hw/scsi/srp.h' changes with the series cleaning dangerous code.
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel
|
