linux-user/syscall.c:555:25: warning: Out of bound memory access (accessed memory precedes memory block)
    target_fd_trans[fd] = trans;
    ~~~~~~~~~~~~~~~~~~~~^~~~~~~

Reported-by: Clang Static Analyzer
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
---
 linux-user/syscall.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 637270a02d..26450d235f 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -544,6 +544,7 @@ static void fd_trans_register(int fd, TargetFdTrans *trans)
 {
     unsigned int oldmax;
 
+    assert(fd >= 0);
     if (fd >= target_fd_max) {
         oldmax = target_fd_max;
         target_fd_max = ((fd >> 6) + 1) << 6; /* by slice of 64 entries */
-- 
2.13.3

Le 24/07/2017 à 20:27, Philippe Mathieu-Daudé a écrit :
> linux-user/syscall.c:555:25: warning: Out of bound memory access (accessed memory precedes memory block)
>     target_fd_trans[fd] = trans;
>     ~~~~~~~~~~~~~~~~~~~~^~~~~~~
> 
> Reported-by: Clang Static Analyzer
> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
> ---
>  linux-user/syscall.c | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/linux-user/syscall.c b/linux-user/syscall.c
> index 637270a02d..26450d235f 100644
> --- a/linux-user/syscall.c
> +++ b/linux-user/syscall.c
> @@ -544,6 +544,7 @@ static void fd_trans_register(int fd, TargetFdTrans *trans)
>  {
>      unsigned int oldmax;
>  
> +    assert(fd >= 0);
>      if (fd >= target_fd_max) {
>          oldmax = target_fd_max;
>          target_fd_max = ((fd >> 6) + 1) << 6; /* by slice of 64 entries */
> 

I think we should fix inotify_init(), inotify_init1(), eventfd() and
eventfd2() that call fd_trans_register() without checking the value of
fd before adding this assert...

Thanks,
Laurent