Stumbled over this while throwing away old mail. Andreas, what do you
think?
Ildar Isaev <i...@inbox.ru> writes:
> 'offset' field in struct Property is calculated as a diff between two
> pointers (hw/core/qdev-properties.c:802)
>
> arrayprop->prop.offset = eltptr - (void *)dev;
>
> If offset is declared as int, this subtraction can cause type overflow
> thus leading to the fall of the subsequent assert
> (hw/core/qdev-properties.c:803)
>
> assert(qdev_get_prop_ptr(dev, &arrayprop->prop) == eltptr);
>
> So ptrdiff_t should be used instead
>
> Signed-off-by: Ildar Isaev <i...@inbox.ru>
> ---
> include/hw/qdev-core.h | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/include/hw/qdev-core.h b/include/hw/qdev-core.h
> index 4e673f9..f0e2a73 100644
> --- a/include/hw/qdev-core.h
> +++ b/include/hw/qdev-core.h
> @@ -224,7 +224,7 @@ struct BusState {
> struct Property {
> const char *name;
> PropertyInfo *info;
> - int offset;
> + ptrdiff_t offset;
> uint8_t bitnr;
> uint8_t qtype;
> int64_t defval;
