[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20241031213208.gzr5jv2kg5eobjuo@quack3>
Date: Thu, 31 Oct 2024 22:32:08 +0100
From: Jan Kara <jack@...e.cz>
To: "Gustavo A. R. Silva" <gustavo@...eddedor.com>
Cc: Jan Kara <jack@...e.cz>, "Gustavo A. R. Silva" <gustavoars@...nel.org>,
Theodore Ts'o <tytso@....edu>, Jan Kara <jack@...e.com>,
linux-ext4@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-hardening@...r.kernel.org
Subject: Re: [PATCH][next] jbd2: Avoid dozens of
-Wflex-array-member-not-at-end warnings
On Thu 31-10-24 09:54:36, Gustavo A. R. Silva wrote:
> On 31/10/24 06:33, Jan Kara wrote:
> > On Fri 25-10-24 13:32:58, Gustavo A. R. Silva wrote:
> > > -Wflex-array-member-not-at-end was introduced in GCC-14, and we
> > > are getting ready to enable it, globally.
> > >
> > > Use the `DEFINE_RAW_FLEX()` helper for an on-stack definition of
> > > a flexible structure (`struct shash_desc`) where the size of the
> > > flexible-array member (`__ctx`) is known at compile-time, and
> > > refactor the rest of the code, accordingly.
> > >
> > > So, with this, fix 77 of the following warnings:
> > >
> > > include/linux/jbd2.h:1800:35: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end]
> > >
> > > Signed-off-by: Gustavo A. R. Silva <gustavoars@...nel.org>
> > > ---
> > > include/linux/jbd2.h | 13 +++++--------
> > > 1 file changed, 5 insertions(+), 8 deletions(-)
> > >
> > > diff --git a/include/linux/jbd2.h b/include/linux/jbd2.h
> > > index 8aef9bb6ad57..ce4560e62d3b 100644
> > > --- a/include/linux/jbd2.h
> > > +++ b/include/linux/jbd2.h
> > > @@ -1796,22 +1796,19 @@ static inline unsigned long jbd2_log_space_left(journal_t *journal)
> > > static inline u32 jbd2_chksum(journal_t *journal, u32 crc,
> > > const void *address, unsigned int length)
> > > {
> > > - struct {
> > > - struct shash_desc shash;
> > > - char ctx[JBD_MAX_CHECKSUM_SIZE];
> > > - } desc;
> > > + DEFINE_RAW_FLEX(struct shash_desc, desc, __ctx, 1);
> >
> > Am I missing some magic here or the 1 above should be
> > JBD_MAX_CHECKSUM_SIZE?
>
> This seems to be 32-bit code, and the element type of the flex-array
> member `__ctx` is `void *`. Therefore, we have:
Why do you think the code is 32-bit? It is used regardless of the
architecture...
> `sizeof(ctx) == 4` when `char ctx[JBD_MAX_CHECKSUM_SIZE];`
>
> To maintain the same size, we tell `DEFINE_RAW_FLEX()` to allocate `1`
> element for the flex array, as in 32-bit `sizeof(void *) == 4`.
So I agree we end up allocating enough space on stack but it is pretty
subtle and if JBD_MAX_CHECKSUM_SIZE definition changes, we have a problem.
I think we need something like (JBD_MAX_CHECKSUM_SIZE + sizeof(*desc->__ctx)
- 1) / sizeof(*desc->__ctx))?
Honza
--
Jan Kara <jack@...e.com>
SUSE Labs, CR
Powered by blists - more mailing lists