From nobody Sat Nov 8 05:44:49 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 154532681782619.28911981529393; Thu, 20 Dec 2018 09:26:57 -0800 (PST) Received: from localhost ([::1]:38673 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ga1Uk-0002kw-AI for importer@patchew.org; Thu, 20 Dec 2018 11:48:22 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:52525) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ga1RB-0000E6-Jt for qemu-devel@nongnu.org; Thu, 20 Dec 2018 11:44:42 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ga1R9-0004C9-Fx for qemu-devel@nongnu.org; Thu, 20 Dec 2018 11:44:41 -0500 Received: from mx1.redhat.com ([209.132.183.28]:48410) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1ga1R9-0004BL-97; Thu, 20 Dec 2018 11:44:39 -0500 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 9E57A3E2DE; Thu, 20 Dec 2018 16:44:38 +0000 (UTC) Received: from localhost (dhcp-192-187.str.redhat.com [10.33.192.187]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 369D461373; Thu, 20 Dec 2018 16:44:38 +0000 (UTC) From: Cornelia Huck To: Peter Maydell Date: Thu, 20 Dec 2018 17:44:32 +0100 Message-Id: <20181220164433.21705-2-cohuck@redhat.com> In-Reply-To: <20181220164433.21705-1-cohuck@redhat.com> References: <20181220164433.21705-1-cohuck@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.30]); Thu, 20 Dec 2018 16:44:38 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PULL 1/2] hw/s390/ccw.c: Don't take address of packed members X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: qemu-s390x@nongnu.org, Cornelia Huck , qemu-devel@nongnu.org Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" From: Peter Maydell Taking the address of a field in a packed struct is a bad idea, because it might not be actually aligned enough for that pointer type (and thus cause a crash on dereference on some host architectures). Newer versions of clang warn about this. Avoid the problem by using local copies of the PMCW and SCSW struct fields in copy_schib_from_guest() and copy_schib_to_guest(). Signed-off-by: Peter Maydell Message-Id: <20181213120252.21697-1-peter.maydell@linaro.org> Reviewed-by: Farhan Ali Reviewed-by: Thomas Huth Signed-off-by: Cornelia Huck --- hw/s390x/css.c | 32 ++++++++++++++++++++++++++------ 1 file changed, 26 insertions(+), 6 deletions(-) diff --git a/hw/s390x/css.c b/hw/s390x/css.c index 04ec5cc970..f92b046cd3 100644 --- a/hw/s390x/css.c +++ b/hw/s390x/css.c @@ -1290,9 +1290,19 @@ void copy_scsw_to_guest(SCSW *dest, const SCSW *src) static void copy_schib_to_guest(SCHIB *dest, const SCHIB *src) { int i; - - copy_pmcw_to_guest(&dest->pmcw, &src->pmcw); - copy_scsw_to_guest(&dest->scsw, &src->scsw); + /* + * We copy the PMCW and SCSW in and out of local variables to + * avoid taking the address of members of a packed struct. + */ + PMCW src_pmcw, dest_pmcw; + SCSW src_scsw, dest_scsw; + + src_pmcw =3D src->pmcw; + copy_pmcw_to_guest(&dest_pmcw, &src_pmcw); + dest->pmcw =3D dest_pmcw; + src_scsw =3D src->scsw; + copy_scsw_to_guest(&dest_scsw, &src_scsw); + dest->scsw =3D dest_scsw; dest->mba =3D cpu_to_be64(src->mba); for (i =3D 0; i < ARRAY_SIZE(dest->mda); i++) { dest->mda[i] =3D src->mda[i]; @@ -1339,9 +1349,19 @@ static void copy_scsw_from_guest(SCSW *dest, const S= CSW *src) static void copy_schib_from_guest(SCHIB *dest, const SCHIB *src) { int i; - - copy_pmcw_from_guest(&dest->pmcw, &src->pmcw); - copy_scsw_from_guest(&dest->scsw, &src->scsw); + /* + * We copy the PMCW and SCSW in and out of local variables to + * avoid taking the address of members of a packed struct. + */ + PMCW src_pmcw, dest_pmcw; + SCSW src_scsw, dest_scsw; + + src_pmcw =3D src->pmcw; + copy_pmcw_from_guest(&dest_pmcw, &src_pmcw); + dest->pmcw =3D dest_pmcw; + src_scsw =3D src->scsw; + copy_scsw_from_guest(&dest_scsw, &src_scsw); + dest->scsw =3D dest_scsw; dest->mba =3D be64_to_cpu(src->mba); for (i =3D 0; i < ARRAY_SIZE(dest->mda); i++) { dest->mda[i] =3D src->mda[i]; --=20 2.17.2 From nobody Sat Nov 8 05:44:49 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1545326804768360.1827828531726; Thu, 20 Dec 2018 09:26:44 -0800 (PST) Received: from localhost ([::1]:38650 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ga1Sr-0001J4-3D for importer@patchew.org; Thu, 20 Dec 2018 11:46:25 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:52536) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ga1RC-0000EM-0a for qemu-devel@nongnu.org; Thu, 20 Dec 2018 11:44:42 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ga1RB-0004Di-Ez for qemu-devel@nongnu.org; Thu, 20 Dec 2018 11:44:41 -0500 Received: from mx1.redhat.com ([209.132.183.28]:52232) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1ga1RB-0004DJ-9Q; Thu, 20 Dec 2018 11:44:41 -0500 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 94BD090C65; Thu, 20 Dec 2018 16:44:40 +0000 (UTC) Received: from localhost (dhcp-192-187.str.redhat.com [10.33.192.187]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 1E92710C9E7D; Thu, 20 Dec 2018 16:44:39 +0000 (UTC) From: Cornelia Huck To: Peter Maydell Date: Thu, 20 Dec 2018 17:44:33 +0100 Message-Id: <20181220164433.21705-3-cohuck@redhat.com> In-Reply-To: <20181220164433.21705-1-cohuck@redhat.com> References: <20181220164433.21705-1-cohuck@redhat.com> X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]); Thu, 20 Dec 2018 16:44:40 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PULL 2/2] hw/s390x: Fix bad mask in time2tod() X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Thomas Huth , qemu-s390x@nongnu.org, Cornelia Huck , qemu-devel@nongnu.org, qemu-stable@nongnu.org Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" From: Thomas Huth Since "s390x/tcg: avoid overflows in time2tod/tod2time", the time2tod() function tries to deal with the 9 uppermost bits in the time value, but uses the wrong mask for this: 0xff80000000000000 should be used instead of 0xff10000000000000 here. Fixes: 14055ce53c2d901d826ffad7fb7d6bb8ab46bdfd Cc: qemu-stable@nongnu.org Signed-off-by: Thomas Huth Message-Id: <1544792887-14575-1-git-send-email-thuth@redhat.com> Reviewed-by: David Hildenbrand [CH: tweaked commit message] Signed-off-by: Cornelia Huck --- include/hw/s390x/tod.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/hw/s390x/tod.h b/include/hw/s390x/tod.h index cbd7552e7a..47ef9de869 100644 --- a/include/hw/s390x/tod.h +++ b/include/hw/s390x/tod.h @@ -56,7 +56,7 @@ typedef struct S390TODClass { /* Converts ns to s390's clock format */ static inline uint64_t time2tod(uint64_t ns) { - return (ns << 9) / 125 + (((ns & 0xff10000000000000ull) / 125) << 9); + return (ns << 9) / 125 + (((ns & 0xff80000000000000ull) / 125) << 9); } =20 /* Converts s390's clock format to ns */ --=20 2.17.2