Re: [Xen-devel] [PATCH] build/printf: fix incorrect format specifiers

2017-02-10 Thread Jan Beulich 
>>> On 09.02.17 at 17:35,  wrote:
> --- a/xen/arch/x86/cpu/mcheck/mce.c
> +++ b/xen/arch/x86/cpu/mcheck/mce.c
> @@ -596,8 +596,8 @@ int show_mca_info(int inited, struct cpuinfo_x86 *c)
>  };
>  
>  snprintf(prefix, ARRAY_SIZE(prefix),
> - g_type != mcheck_unset ? XENLOG_WARNING "CPU%i: "
> - : XENLOG_INFO,
> + g_type != mcheck_unset ? XENLOG_WARNING "CPU%i: ":
> +  XENLOG_INFO "CPU%i: ",

At the very least there a blank missing ahead of the colon. But I
think we generally prefer to align the colon with the question
mark, despite otherwise placing operators last on a line when
needing to break it. Plus I don#t see why you want the format
string duplicated - just use

snprintf(prefix, ARRAY_SIZE(prefix), "%sCPU%i: ",
 g_type != mcheck_unset ? XENLOG_WARNING : XENLOG_INFO,
 smp_processor_id());

> --- a/xen/common/grant_table.c
> +++ b/xen/common/grant_table.c
> @@ -3284,7 +3284,7 @@ gnttab_release_mappings(
>  
>  ref = map->ref;
>  
> -gdprintk(XENLOG_INFO, "Grant release (%hu) ref:(%hu) "
> +gdprintk(XENLOG_INFO, "Grant release (%u) ref:(%u) "
>  "flags:(%x) dom:(%hu)\n",

I have always been puzzled by these h modifiers; I don't think it's
useful to have even for the domain ID (which after all we print
with %d almost everywhere else).

Since you're touching these anyway, I'd like to also bring up the
question of decimal vs hex: The larger the amount of grants in use,
the less useful I consider decimal numbers being logged. So perhaps
these should switch to %#x at once.

Jan


___
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel

Re: [Xen-devel] [PATCH] build/printf: fix incorrect format specifiers

2017-02-09 Thread Roger Pau Monne 
On Thu, Feb 09, 2017 at 04:42:00PM +, Ian Jackson wrote:
> Roger Pau Monne writes ("[PATCH] build/printf: fix incorrect format 
> specifiers"):
> > The following incorrect format specifiers and incorrect number of parameters
> > passed to printf like functions are reported by clang:
> 
> Do we know why our GCC builds do not detect these bugs ?

In general clang has always been able to detect more of those than gcc, I still
remember my ~20 patch series to use clang, and more from others. But no, I
don't know the exact reason why gcc doesn't detect those.

I've forgot to commit the chunk below, which actually enables this.

---8<---
diff --git a/Config.mk b/Config.mk
index 3a1d960..4739f36 100644
--- a/Config.mk
+++ b/Config.mk
@@ -215,7 +215,7 @@ CFLAGS += -Wall -Wstrict-prototypes
 # Clang complains about macros that expand to 'if ( ( foo == bar ) ) ...'
 # and is over-zealous with the printf format lint
 # and is a bit too fierce about unused return values
-CFLAGS-$(clang) += -Wno-parentheses -Wno-format -Wno-unused-value
+CFLAGS-$(clang) += -Wno-parentheses -Wno-unused-value
 
 $(call cc-option-add,HOSTCFLAGS,HOSTCC,-Wdeclaration-after-statement)
 $(call cc-option-add,CFLAGS,CC,-Wdeclaration-after-statement)


___
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel

[Xen-devel] [PATCH] build/printf: fix incorrect format specifiers

2017-02-09 Thread Roger Pau Monne 
The following incorrect format specifiers and incorrect number of parameters
passed to printf like functions are reported by clang:

grant_table.c:3289:17: error: format specifies type 'unsigned short' but the 
argument has type
  'grant_handle_t' (aka 'unsigned int') [-Werror,-Wformat]
handle, ref, map->flags, map->domid);
^~

grant_table.c:3289:25: error: format specifies type 'unsigned short' but the 
argument has type
  'grant_ref_t' (aka 'unsigned int') [-Werror,-Wformat]
handle, ref, map->flags, map->domid);
^~~

mce.c:601:18: error: data argument not used by format string 
[-Werror,-Wformat-extra-args]
 smp_processor_id());
 ^

xenpm.c:102:23: error: data argument not used by format string 
[-Werror,-Wformat-extra-args]
what, argv[argc > 1]);
  ^

libxl_internal.c:25:69: error: data argument not used by format string
  [-Werror,-Wformat-extra-args]
libxl__log(ctx, XTL_CRITICAL, ENOMEM, 0,0, func, INVALID_DOMID, L);
^
libxl_internal.c:24:17: note: expanded from macro 'L'
  func, (unsigned long)nmemb, (unsigned long)size
^
libxl_internal.c:26:21: error: data argument not used by format string
  [-Werror,-Wformat-extra-args]
fprintf(stderr, L);
^
libxl_internal.c:24:17: note: expanded from macro 'L'
  func, (unsigned long)nmemb, (unsigned long)size
^

This patch contains the fixes for them.

Signed-off-by: Roger Pau Monné 
---
NB: FWIW, there's a way to disable extra arguments checks
(-Wno-format-extra-args), that would prevent us from having to apply some of
the changes here. However, given that there are not that many occurrences, I
would rather leave the full checks of Wformat enabled.

NB2: this has only been tested with a FreeBSD clang build (3.8.0), and only
against the components that build on FreeBSD (ie: no qemu-trad, and certainly
no blktap).
---
Cc: Ian Jackson 
Cc: Wei Liu 
Cc: Christoph Egger 
Cc: Liu Jinsong 
Cc: Jan Beulich 
Cc: Andrew Cooper 
---
 tools/libxl/libxl_internal.c  | 21 -
 tools/misc/xenpm.c| 13 -
 xen/arch/x86/cpu/mcheck/mce.c |  4 ++--
 xen/common/grant_table.c  |  2 +-
 4 files changed, 27 insertions(+), 13 deletions(-)

diff --git a/tools/libxl/libxl_internal.c b/tools/libxl/libxl_internal.c
index d288215..f492dae 100644
--- a/tools/libxl/libxl_internal.c
+++ b/tools/libxl/libxl_internal.c
@@ -20,14 +20,25 @@
 void libxl__alloc_failed(libxl_ctx *ctx, const char *func,
  size_t nmemb, size_t size) {
 #define M "libxl: FATAL ERROR: memory allocation failure"
-#define L (size ? M " (%s, %lu x %lu)\n" : M " (%s)\n"), \
-  func, (unsigned long)nmemb, (unsigned long)size
-libxl__log(ctx, XTL_CRITICAL, ENOMEM, 0,0, func, INVALID_DOMID, L);
-fprintf(stderr, L);
+#define M_SIZE M " (%s, %lu x %lu)\n"
+#define M_NSIZE M " (%s)\n"
+if (size) {
+   libxl__log(ctx, XTL_CRITICAL, ENOMEM, 0, 0, func, INVALID_DOMID,
+  M_SIZE, func, (unsigned long)nmemb, (unsigned long)size);
+   fprintf(stderr, M_SIZE, func, (unsigned long)nmemb,
+   (unsigned long)size);
+} else {
+   libxl__log(ctx, XTL_CRITICAL, ENOMEM, 0, 0, func, INVALID_DOMID,
+  M_NSIZE, func);
+   fprintf(stderr, M_NSIZE, func);
+
+}
+
 fflush(stderr);
 _exit(-1);
+#undef M_NSIZE
+#undef M_SIZE
 #undef M
-#undef L
 }
 
 void libxl__ptr_add(libxl__gc *gc, void *ptr)
diff --git a/tools/misc/xenpm.c b/tools/misc/xenpm.c
index a2edee5..ded40b9 100644
--- a/tools/misc/xenpm.c
+++ b/tools/misc/xenpm.c
@@ -93,13 +93,16 @@ static void parse_cpuid(const char *arg, int *cpuid)
 static void parse_cpuid_and_int(int argc, char *argv[],
 int *cpuid, int *val, const char *what)
 {
-if ( argc > 1 )
-parse_cpuid(argv[0], cpuid);
+if ( argc == 0 )
+{
+ fprintf(stderr, "Missing %s\n", what);
+ exit(EINVAL);
+}
 
-if ( argc == 0 || sscanf(argv[argc > 1], "%d", val) != 1 )
+parse_cpuid(argv[0], cpuid);
+if ( sscanf(argv[1], "%d", val) != 1 )
 {
-fprintf(stderr, argc ? "Invalid %s '%s'\n" : "Missing %s\n",
-what, argv[argc > 1]);
+fprintf(stderr, "Invalid %s '%s'\n", what, argv[1]);
 exit(EINVAL);
 }
 }
diff --git a/xen/arch/x86/cpu/mcheck/mce.c b/xen/arch/x86/cpu/mcheck/mce.c
index 2695b0c..5f40e71 100644
--- a/xen/arch/x86/cpu/mcheck/mce.c
+++ b/xen/arch/x86/cpu/mcheck/mce.c
@@ -596,8 +596,8 @@ int show_mca_info(int inited, struct cpuinfo_x86 *c)
 };
 
 snprintf(prefix,