Re: Minimal GCC version for QEMU (was: Re: [PULL 27/49] meson: Add -Wformat-overflow=2)
On Tue, Mar 10, 2026 at 04:17:47PM +0100, Thomas Huth wrote: > On 10/03/2026 15.51, Peter Maydell wrote: > > On Tue, 10 Mar 2026 at 13:47, Fabiano Rosas wrote: > > > This gives me: > > > > > > ../tests/qtest/ast2700-sgpio-test.c: In function ‘test_output_pins’: > > > ../tests/qtest/ast2700-sgpio-test.c:27:33: error: ‘sprintf’ may write a > > > terminating nul past the end of the destination > > > [-Werror=format-overflow=] > > > > > > ../tests/qtest/ast2700-sgpio-test.c: In function ‘test_irq_level_high’: > > > ../tests/qtest/ast2700-sgpio-test.c:85:33: error: ‘sprintf’ may write a > > > terminating nul past the end of the destination > > > [-Werror=format-overflow=] > > > > > > ../tests/qtest/arm-cpu-features.c: In function > > > ‘test_query_cpu_model_expansion_kvm’: > > > ../tests/qtest/arm-cpu-features.c:578:35: error: ‘%u’ directive writing > > > between 1 and 10 bytes into a region of size 5 > > > [-Werror=format-overflow=] > > > > > > ../configure > > > --target-list=x86_64-softmmu,i386-softmmu,aarch64-softmmu,arm-softmmu,ppc64-softmmu,s390x-softmmu,riscv64-softmmu,aarch64-linux-user,loongarch64-softmmu > > > --disable-plugins --enable-modules --enable-werror > > > --enable-trace-backends=log,dtrace --enable-debug --enable-docs > > > --enable-rust --enable-strict-rust-lints > > > > > > gcc version 7.5.0 (SUSE Linux) > > > > This is quite an old GCC, so it's probably less good at noticing > > when there might be an overflow and when not (or it has bugs > > that have been fixed in subsequent versions). > > By the way, I think we likely could bump the minimum GCC version to a newer > level nowadays. GCC 7.4 was chosen for NetBSD 9 at that point in time: > > https://gitlab.com/qemu-project/qemu/-/issues/614 > https://gitlab.com/qemu-project/qemu/-/commit/3830df5f83b9b52d949676 > > ... but since NetBSD 10 has been released since a while, we could likely > bump the minimum GCC version to 10.4 now, see: > > > https://cvsweb.netbsd.org/bsdweb.cgi/src/doc/3RDPARTY?rev=1.1905.2.14;content-type=text%2Fplain;only_with_tag=netbsd-10-0-RELEASE > > WDYT? Yep, if any distro needing 7.4 is out of our support matrix we can bump it. Likewise clang can probably be bumped too. With regards, Daniel -- |: https://berrange.com ~~https://hachyderm.io/@berrange :| |: https://libvirt.org ~~ https://entangle-photo.org :| |: https://pixelfed.art/berrange ~~https://fstop138.berrange.com :|
Re: [PULL 27/49] meson: Add -Wformat-overflow=2
Peter Maydell writes: > On Tue, 10 Mar 2026 at 13:47, Fabiano Rosas wrote: >> ../tests/qtest/ast2700-sgpio-test.c: In function ‘test_output_pins’: >> ../tests/qtest/ast2700-sgpio-test.c:27:33: error: ‘sprintf’ may write a >> terminating nul past the end of the destination >> [-Werror=format-overflow=] >> >> ../tests/qtest/ast2700-sgpio-test.c: In function ‘test_irq_level_high’: >> ../tests/qtest/ast2700-sgpio-test.c:85:33: error: ‘sprintf’ may write a >> terminating nul past the end of the destination >> [-Werror=format-overflow=] >> >> ../tests/qtest/arm-cpu-features.c: In function >> ‘test_query_cpu_model_expansion_kvm’: >> ../tests/qtest/arm-cpu-features.c:578:35: error: ‘%u’ directive writing >> between 1 and 10 bytes into a region of size 5 >> [-Werror=format-overflow=] >> >> ../configure >> --target-list=x86_64-softmmu,i386-softmmu,aarch64-softmmu,arm-softmmu,ppc64-softmmu,s390x-softmmu,riscv64-softmmu,aarch64-linux-user,loongarch64-softmmu >> --disable-plugins --enable-modules --enable-werror >> --enable-trace-backends=log,dtrace --enable-debug --enable-docs >> --enable-rust --enable-strict-rust-lints > > Could you do a configure with all targets enabled and a make with > "-k" so we can check that these are all the source files your gcc > complains about, please? > Yep, it's just these ones: tests/qtest/ast2700-gpio-test.p/ast2700-gpio-test.c.o tests/qtest/ast2700-sgpio-test.p/ast2700-sgpio-test.c.o tests/qtest/arm-cpu-features.p/arm-cpu-features.c.o tests/qtest/aspeed_gpio-test.p/aspeed_gpio-test.c.o [5862/6179] Compiling C object tests/qtest/ast2700-gpio-test.p/ast2700-gpio-test.c.o FAILED: tests/qtest/ast2700-gpio-test.p/ast2700-gpio-test.c.o ../tests/qtest/ast2700-gpio-test.c: In function ‘test_input_pins’: ../tests/qtest/ast2700-gpio-test.c:54:36: error: ‘sprintf’ may write a terminating nul past the end of the destination [-Werror=format-overflow=] sprintf(name, "gpio%c%d", c, i); ^ ../tests/qtest/ast2700-gpio-test.c:54:13: note: ‘sprintf’ output between 7 and 17 bytes into a destination of size 16 sprintf(name, "gpio%c%d", c, i); ^~~ [5875/6179] Compiling C object tests/qtest/ast2700-sgpio-test.p/ast2700-sgpio-test.c.o FAILED: tests/qtest/ast2700-sgpio-test.p/ast2700-sgpio-test.c.o ../tests/qtest/ast2700-sgpio-test.c: In function ‘test_output_pins’: ../tests/qtest/ast2700-sgpio-test.c:27:33: error: ‘sprintf’ may write a terminating nul past the end of the destination [-Werror=format-overflow=] sprintf(name, "sgpio%03d", i * 2 + 1); ^ ../tests/qtest/ast2700-sgpio-test.c:27:9: note: ‘sprintf’ output between 9 and 17 bytes into a destination of size 16 sprintf(name, "sgpio%03d", i * 2 + 1); ^ ../tests/qtest/ast2700-sgpio-test.c: In function ‘test_input_pins’: ../tests/qtest/ast2700-sgpio-test.c:54:33: error: ‘sprintf’ may write a terminating nul past the end of the destination [-Werror=format-overflow=] sprintf(name, "sgpio%03d", i * 2); ^ ../tests/qtest/ast2700-sgpio-test.c:54:9: note: ‘sprintf’ output between 9 and 17 bytes into a destination of size 16 sprintf(name, "sgpio%03d", i * 2); ^ ../tests/qtest/ast2700-sgpio-test.c: In function ‘test_irq_level_high’: ../tests/qtest/ast2700-sgpio-test.c:85:33: error: ‘sprintf’ may write a terminating nul past the end of the destination [-Werror=format-overflow=] sprintf(name, "sgpio%03d", i * 2); ^ ../tests/qtest/ast2700-sgpio-test.c:85:9: note: ‘sprintf’ output between 9 and 17 bytes into a destination of size 16 sprintf(name, "sgpio%03d", i * 2); ^ [5896/6179] Compiling C object tests/qtest/arm-cpu-features.p/arm-cpu-features.c.o FAILED: tests/qtest/arm-cpu-features.p/arm-cpu-features.c.o ../tests/qtest/arm-cpu-features.c: In function ‘test_query_cpu_model_expansion_kvm’: ../tests/qtest/arm-cpu-features.c:578:35: error: ‘%u’ directive writing between 1 and 10 bytes into a region of size 5 [-Werror=format-overflow=] sprintf(max_name, "sve%u", max_vq * 128); ^~ ../tests/qtest/arm-cpu-features.c:578:13: note: ‘sprintf’ output between 5 and 14 bytes into a destination of size 8 sprintf(max_name, "sve%u", max_vq * 128); ^~~~ ../tests/qtest/arm-cpu-features.c:598:35: error: ‘%u’ directive writing between 1 and 10 bytes into a region of size 5 [-Werror=format-overflow=] sprintf(name, "sve%u", vq * 128); ^~ ../tests/qtest/arm-cpu-features.c:598:17: note: ‘sprintf’ output between 5 and 14 bytes into a destination of size 8 sprintf(name, "sve%u", vq * 128); ^~
Re: [PULL 27/49] meson: Add -Wformat-overflow=2
On Tue, 10 Mar 2026 at 14:38, Philippe Mathieu-Daudé wrote: > > Cc'ing more developers. > > On 10/3/26 14:47, Fabiano Rosas wrote: > > ../tests/qtest/ast2700-sgpio-test.c: In function ‘test_output_pins’: > > ../tests/qtest/ast2700-sgpio-test.c:27:33: error: ‘sprintf’ may write a > > terminating nul past the end of the destination > > [-Werror=format-overflow=] > > > > ../tests/qtest/ast2700-sgpio-test.c: In function ‘test_irq_level_high’: > > ../tests/qtest/ast2700-sgpio-test.c:85:33: error: ‘sprintf’ may write a > > terminating nul past the end of the destination > > [-Werror=format-overflow=] > > > > ../tests/qtest/arm-cpu-features.c: In function > > ‘test_query_cpu_model_expansion_kvm’: > > ../tests/qtest/arm-cpu-features.c:578:35: error: ‘%u’ directive writing > > between 1 and 10 bytes into a region of size 5 > > [-Werror=format-overflow=] I don't have this specific GCC version, but this series I just sent should fix at least these three: https://lore.kernel.org/qemu-devel/[email protected]/ -- PMM
Minimal GCC version for QEMU (was: Re: [PULL 27/49] meson: Add -Wformat-overflow=2)
On 10/03/2026 15.51, Peter Maydell wrote: On Tue, 10 Mar 2026 at 13:47, Fabiano Rosas wrote: This gives me: ../tests/qtest/ast2700-sgpio-test.c: In function ‘test_output_pins’: ../tests/qtest/ast2700-sgpio-test.c:27:33: error: ‘sprintf’ may write a terminating nul past the end of the destination [-Werror=format-overflow=] ../tests/qtest/ast2700-sgpio-test.c: In function ‘test_irq_level_high’: ../tests/qtest/ast2700-sgpio-test.c:85:33: error: ‘sprintf’ may write a terminating nul past the end of the destination [-Werror=format-overflow=] ../tests/qtest/arm-cpu-features.c: In function ‘test_query_cpu_model_expansion_kvm’: ../tests/qtest/arm-cpu-features.c:578:35: error: ‘%u’ directive writing between 1 and 10 bytes into a region of size 5 [-Werror=format-overflow=] ../configure --target-list=x86_64-softmmu,i386-softmmu,aarch64-softmmu,arm-softmmu,ppc64-softmmu,s390x-softmmu,riscv64-softmmu,aarch64-linux-user,loongarch64-softmmu --disable-plugins --enable-modules --enable-werror --enable-trace-backends=log,dtrace --enable-debug --enable-docs --enable-rust --enable-strict-rust-lints gcc version 7.5.0 (SUSE Linux) This is quite an old GCC, so it's probably less good at noticing when there might be an overflow and when not (or it has bugs that have been fixed in subsequent versions). By the way, I think we likely could bump the minimum GCC version to a newer level nowadays. GCC 7.4 was chosen for NetBSD 9 at that point in time: https://gitlab.com/qemu-project/qemu/-/issues/614 https://gitlab.com/qemu-project/qemu/-/commit/3830df5f83b9b52d949676 ... but since NetBSD 10 has been released since a while, we could likely bump the minimum GCC version to 10.4 now, see: https://cvsweb.netbsd.org/bsdweb.cgi/src/doc/3RDPARTY?rev=1.1905.2.14;content-type=text%2Fplain;only_with_tag=netbsd-10-0-RELEASE WDYT? Thomas
Re: [PULL 27/49] meson: Add -Wformat-overflow=2
On Tue, 10 Mar 2026 at 13:47, Fabiano Rosas wrote: > ../tests/qtest/ast2700-sgpio-test.c: In function ‘test_output_pins’: > ../tests/qtest/ast2700-sgpio-test.c:27:33: error: ‘sprintf’ may write a > terminating nul past the end of the destination > [-Werror=format-overflow=] > > ../tests/qtest/ast2700-sgpio-test.c: In function ‘test_irq_level_high’: > ../tests/qtest/ast2700-sgpio-test.c:85:33: error: ‘sprintf’ may write a > terminating nul past the end of the destination > [-Werror=format-overflow=] > > ../tests/qtest/arm-cpu-features.c: In function > ‘test_query_cpu_model_expansion_kvm’: > ../tests/qtest/arm-cpu-features.c:578:35: error: ‘%u’ directive writing > between 1 and 10 bytes into a region of size 5 > [-Werror=format-overflow=] > > ../configure > --target-list=x86_64-softmmu,i386-softmmu,aarch64-softmmu,arm-softmmu,ppc64-softmmu,s390x-softmmu,riscv64-softmmu,aarch64-linux-user,loongarch64-softmmu > --disable-plugins --enable-modules --enable-werror > --enable-trace-backends=log,dtrace --enable-debug --enable-docs > --enable-rust --enable-strict-rust-lints Could you do a configure with all targets enabled and a make with "-k" so we can check that these are all the source files your gcc complains about, please? thanks -- PMM
Re: [PULL 27/49] meson: Add -Wformat-overflow=2
On Tue, 10 Mar 2026 at 13:47, Fabiano Rosas wrote: > This gives me: > > ../tests/qtest/ast2700-sgpio-test.c: In function ‘test_output_pins’: > ../tests/qtest/ast2700-sgpio-test.c:27:33: error: ‘sprintf’ may write a > terminating nul past the end of the destination > [-Werror=format-overflow=] > > ../tests/qtest/ast2700-sgpio-test.c: In function ‘test_irq_level_high’: > ../tests/qtest/ast2700-sgpio-test.c:85:33: error: ‘sprintf’ may write a > terminating nul past the end of the destination > [-Werror=format-overflow=] > > ../tests/qtest/arm-cpu-features.c: In function > ‘test_query_cpu_model_expansion_kvm’: > ../tests/qtest/arm-cpu-features.c:578:35: error: ‘%u’ directive writing > between 1 and 10 bytes into a region of size 5 > [-Werror=format-overflow=] > > ../configure > --target-list=x86_64-softmmu,i386-softmmu,aarch64-softmmu,arm-softmmu,ppc64-softmmu,s390x-softmmu,riscv64-softmmu,aarch64-linux-user,loongarch64-softmmu > --disable-plugins --enable-modules --enable-werror > --enable-trace-backends=log,dtrace --enable-debug --enable-docs > --enable-rust --enable-strict-rust-lints > > gcc version 7.5.0 (SUSE Linux) This is quite an old GCC, so it's probably less good at noticing when there might be an overflow and when not (or it has bugs that have been fixed in subsequent versions). For all of these examples, it would be fine and I think also better to use g_strdup_printf() to create the strings rather than a fixed size array and sprintf(). -- PMM
Re: [PULL 27/49] meson: Add -Wformat-overflow=2
Cc'ing more developers. On 10/3/26 14:47, Fabiano Rosas wrote: Philippe Mathieu-Daudé writes: From: Akihiko Odaki https://gcc.gnu.org/onlinedocs/gcc-15.2.0/gcc/Warning-Options.html Level 2 warns also about calls that might overflow the destination buffer given an argument of sufficient length or magnitude. At level 2, unknown numeric arguments are assumed to have the minimum representable value for signed types with a precision greater than 1, and the maximum representable value otherwise. Unknown string arguments whose length cannot be assumed to be bounded either by the directive’s precision, or by a finite set of string literals they may evaluate to, or the character array they may point to, are assumed to be 1 character long. Signed-off-by: Akihiko Odaki Reviewed-by: Peter Maydell Message-ID: <[email protected]> Signed-off-by: Philippe Mathieu-Daudé --- meson.build | 1 + 1 file changed, 1 insertion(+) diff --git a/meson.build b/meson.build index 102f0cbb13e..f45885f05a1 100644 --- a/meson.build +++ b/meson.build @@ -694,6 +694,7 @@ warn_flags = [ '-Wempty-body', '-Wendif-labels', '-Wexpansion-to-defined', + '-Wformat-overflow=2', '-Wformat-security', '-Wformat-y2k', '-Wignored-qualifiers', This gives me: ../tests/qtest/ast2700-sgpio-test.c: In function ‘test_output_pins’: ../tests/qtest/ast2700-sgpio-test.c:27:33: error: ‘sprintf’ may write a terminating nul past the end of the destination [-Werror=format-overflow=] ../tests/qtest/ast2700-sgpio-test.c: In function ‘test_irq_level_high’: ../tests/qtest/ast2700-sgpio-test.c:85:33: error: ‘sprintf’ may write a terminating nul past the end of the destination [-Werror=format-overflow=] ../tests/qtest/arm-cpu-features.c: In function ‘test_query_cpu_model_expansion_kvm’: ../tests/qtest/arm-cpu-features.c:578:35: error: ‘%u’ directive writing between 1 and 10 bytes into a region of size 5 [-Werror=format-overflow=] ../configure --target-list=x86_64-softmmu,i386-softmmu,aarch64-softmmu,arm-softmmu,ppc64-softmmu,s390x-softmmu,riscv64-softmmu,aarch64-linux-user,loongarch64-softmmu --disable-plugins --enable-modules --enable-werror --enable-trace-backends=log,dtrace --enable-debug --enable-docs --enable-rust --enable-strict-rust-lints gcc version 7.5.0 (SUSE Linux)
Re: [PULL 27/49] meson: Add -Wformat-overflow=2
Philippe Mathieu-Daudé writes: > From: Akihiko Odaki > > https://gcc.gnu.org/onlinedocs/gcc-15.2.0/gcc/Warning-Options.html >> Level 2 warns also about calls that might overflow the destination >> buffer given an argument of sufficient length or magnitude. At level >> 2, unknown numeric arguments are assumed to have the minimum >> representable value for signed types with a precision greater than 1, >> and the maximum representable value otherwise. Unknown string >> arguments whose length cannot be assumed to be bounded either by the >> directive’s precision, or by a finite set of string literals they may >> evaluate to, or the character array they may point to, are assumed to >> be 1 character long. > > Signed-off-by: Akihiko Odaki > Reviewed-by: Peter Maydell > Message-ID: <[email protected]> > Signed-off-by: Philippe Mathieu-Daudé > --- > meson.build | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/meson.build b/meson.build > index 102f0cbb13e..f45885f05a1 100644 > --- a/meson.build > +++ b/meson.build > @@ -694,6 +694,7 @@ warn_flags = [ >'-Wempty-body', >'-Wendif-labels', >'-Wexpansion-to-defined', > + '-Wformat-overflow=2', >'-Wformat-security', >'-Wformat-y2k', >'-Wignored-qualifiers', This gives me: ../tests/qtest/ast2700-sgpio-test.c: In function ‘test_output_pins’: ../tests/qtest/ast2700-sgpio-test.c:27:33: error: ‘sprintf’ may write a terminating nul past the end of the destination [-Werror=format-overflow=] ../tests/qtest/ast2700-sgpio-test.c: In function ‘test_irq_level_high’: ../tests/qtest/ast2700-sgpio-test.c:85:33: error: ‘sprintf’ may write a terminating nul past the end of the destination [-Werror=format-overflow=] ../tests/qtest/arm-cpu-features.c: In function ‘test_query_cpu_model_expansion_kvm’: ../tests/qtest/arm-cpu-features.c:578:35: error: ‘%u’ directive writing between 1 and 10 bytes into a region of size 5 [-Werror=format-overflow=] ../configure --target-list=x86_64-softmmu,i386-softmmu,aarch64-softmmu,arm-softmmu,ppc64-softmmu,s390x-softmmu,riscv64-softmmu,aarch64-linux-user,loongarch64-softmmu --disable-plugins --enable-modules --enable-werror --enable-trace-backends=log,dtrace --enable-debug --enable-docs --enable-rust --enable-strict-rust-lints gcc version 7.5.0 (SUSE Linux)
