qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH 4/8] usb: fix unbounded stack for xhci_dma_write


From: Peter Xu
Subject: Re: [Qemu-devel] [PATCH 4/8] usb: fix unbounded stack for xhci_dma_write_u32s
Date: Wed, 9 Mar 2016 13:08:12 +0800
User-agent: Mutt/1.5.24 (2015-08-30)

On Tue, Mar 08, 2016 at 01:21:52PM +0100, Paolo Bonzini wrote:
> 
> 
> On 08/03/2016 08:00, Peter Xu wrote:
> > First of all, this function cannot be inlined even with always_inline,
> > so removing inline.
> 
> Why?  always_inline fixes the error for me.

I tried this patch:

-----------------

diff --git a/hw/usb/hcd-xhci.c b/hw/usb/hcd-xhci.c
index 44b6f8c..961fd78 100644
--- a/hw/usb/hcd-xhci.c
+++ b/hw/usb/hcd-xhci.c
@@ -694,7 +694,7 @@ static inline void xhci_dma_read_u32s(XHCIState *xhci, 
dma_addr_t addr,
     }
 }

-static inline void xhci_dma_write_u32s(XHCIState *xhci, dma_addr_t addr,
+static QEMU_ARTIFICIAL void xhci_dma_write_u32s(XHCIState *xhci, dma_addr_t 
addr,
                                        uint32_t *buf, size_t len)
 {
     int i;

-----------------

What I got is:

/root/git/qemu/hw/usb/hcd-xhci.c:699:1: warning: ‘artificial’ attribute ignored 
[-Wattributes]
 {
 ^
/root/git/qemu/hw/usb/hcd-xhci.c:697:56: warning: always_inline function might 
not be inlinable [-Wattributes]
 static QEMU_ARTIFICIAL void xhci_dma_write_u32s(XHCIState *xhci, dma_addr_t 
addr,
                                                        ^

GCC version:

pxdev:bin# gcc -v
Using built-in specs.
COLLECT_GCC=/bin/gcc
COLLECT_LTO_WRAPPER=/usr/libexec/gcc/x86_64-redhat-linux/4.8.5/lto-wrapper
Target: x86_64-redhat-linux
Configured with: ../configure --prefix=/usr --mandir=/usr/share/man 
--infodir=/usr/share/info --with-bugurl=http://bugzilla.redhat.com/bugzilla 
--enable-bootstrap --enable-shared --enable-threads=posix 
--enable-checking=release --with-system-zlib --enable-__cxa_atexit 
--disable-libunwind-exceptions --enable-gnu-unique-object 
--enable-linker-build-id --with-linker-hash-style=gnu 
--enable-languages=c,c++,objc,obj-c++,java,fortran,ada,go,lto --enable-plugin 
--enable-initfini-array --disable-libgcj 
--with-isl=/builddir/build/BUILD/gcc-4.8.5-20150702/obj-x86_64-redhat-linux/isl-install
 
--with-cloog=/builddir/build/BUILD/gcc-4.8.5-20150702/obj-x86_64-redhat-linux/cloog-install
 --enable-gnu-indirect-function --with-tune=generic --with-arch_32=x86-64 
--build=x86_64-redhat-linux
Thread model: posix
gcc version 4.8.5 20150623 (Red Hat 4.8.5-4) (GCC)

Do you know why "might not be inlinable"? Failed to figure it out
myself as mentioned in cover letter..

> 
> >      int i;
> > -    uint32_t tmp[len / sizeof(uint32_t)];
> > +    uint32_t n = len / sizeof(uint32_t);
> > +#define __BUF_SIZE (12)
> > +    uint32_t tmp[__BUF_SIZE];
> >  
> > +    assert(__BUF_SIZE >= n);
> 
> Instead of a #define, you can use ARRAY_SIZE(tmp).

Will do when needed. Thanks!

Peter



reply via email to

[Prev in Thread] Current Thread [Next in Thread]