| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 30 Oct 2018 17:33:33 -0300
From: Shayenne Moura <shayenneluzmoura@...il.com>
To: Julia Lawall <julia.lawall@...6.fr>
Cc: Himanshu Jha <himanshujha199640@...il.com>,
Sasha Levin <sashal@...nel.org>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Hans de Goede <hdegoede@...hat.com>,
Michael Thayer <michael.thayer@...cle.com>,
devel@...verdev.osuosl.org, linux-kernel@...r.kernel.org,
outreachy-kernel@...glegroups.com
Subject: Re: [Outreachy kernel] [RESEND PATCH 2/2] staging: vboxvideo: Use
unsigned int instead bool
On 10/30, Julia Lawall wrote:
>
> On Tue, 30 Oct 2018, Shayenne Moura wrote:
>
> > Hi,
> >
> > > On Sun, 28 Oct 2018, Himanshu Jha wrote:
> > >
> > > > On Sun, Oct 28, 2018 at 09:47:15AM +0100, Julia Lawall wrote:
> > > > > > The "possible alignement issues" in CHECK report is difficult to figure
> > > > > > out by just doing a glance analysis. :)
> > > > > >
> > > > > > Linus also suggested to use bool as the base type i.e., `bool x:1` but
> > > > > > again sizeof(_Bool) is implementation defined ranging from 1-4 bytes.
> > > > >
> > > > > If bool x:1 has the size of bool, then wouldn't int x:1 have the size of
> > > > > int? But my little experiments suggest that the size is the smallest that
> > > > > fits the requested bits and alignment chosen by the compiler, regardless of
> > > > > the type.
> > > >
> > > > Yes, correct!
> > > > And we can't use sizeof on bitfields *directly*, nor reference it using a
> > > > pointer.
> > > >
> > > > It can be applied only when these bitfields are wrapped in a structure.
> > > >
> > > > Testing:
> > > >
> > > > #include <stdio.h>
> > > > #include <stdbool.h>
> > > >
> > > > struct S {
> > > > bool a:1;
> > > > bool b:1;
> > > > bool c:1;
> > > > bool d:1;
> > > > };
> > > >
> > > > int main(void)
> > > > {
> > > > printf("%zu\n", sizeof(struct S));
> > > > }
> > > >
> > > > Output: 1
> > > >
> > > > If I change all bool to unsigned int, output is: *4*.
> > > >
> > > > So, conclusion is compiler doesn't squeeze the size less than
> > > > native size of the datatype i.e., if we changed all members to
> > > > unsigned int:1,
> > > > total width = 4 bits
> > > > padding = 4 bits
> > > >
> > > > Therefore, total size should have been = 1 byte!
> > > > But since sizeof(unsigned int) == 4, it can't be squeezed to
> > > > less than it.
> > >
> > > This conclusion does not seem to be correct, if you try the following
> > > program. I get 4 for everything, meaning that the four unsigned int bits
> > > are getting squeezed into one byte when it is convenient.
> > >
> > > #include <stdio.h>
> > > #include <stdbool.h>
> > >
> > > struct S1 {
> > > bool a:1;
> > > bool b:1;
> > > bool c:1;
> > > bool d:1;
> > > char a1;
> > > char a2;
> > > char a3;
> > > };
> > >
> > > struct S2 {
> > > unsigned int a:1;
> > > unsigned int b:1;
> > > unsigned int c:1;
> > > unsigned int d:1;
> > > char a1;
> > > char a2;
> > > char a3;
> > > };
> > >
> > > int main(void)
> > > {
> > > printf("%zu\n", sizeof(struct S1));
> > > printf("%zu\n", sizeof(struct S2));
> > > printf("%zu\n", sizeof(unsigned int));
> > > }
> > >
> > > > Well, int x:1 can either have 0..1 or -1..0 range due implementation
> > > > defined behavior as I said in the previous reply.
> > > >
> > > > If you really want to consider negative values, then make it explicit
> > > > using `signed int x:1` which make range guaranteed to be -1..0
> > >
> > > The code wants booleans, not negative values.
> > >
> > > julia
> >
> > Thank you all for the discussion!
> >
> > However, I think I do not understand the conclusion.
> >
> > It means that the best way is to use only boolean instead of use unsigned
> > int with bitfield? I mean specifically in the case of my patch, where there
> > are some boolean variables are mixed with other variables types.
>
> To my recollection, your code had a bool with larger types on either side.
> In that case, I think bool is fine. The compiler it likely to align those
> larger typed values such that the field with the bool type will get more
> than one byte no matter what type you use. If there are several fields
> with very small types adjacent, there might be some benefit to thinking
> about what the type should be.
>
> julia
Got it! Thank you!
Powered by blists - more mailing lists