Re: [PATCH] divide by 3*sizeof(u32) when computing array_size
From: Russell King (Oracle)
Date: Tue Jul 13 2021 - 08:35:39 EST
On Tue, Jul 13, 2021 at 12:20:26PM +0000, David Laight wrote:
> > > For big structures it is worth adding a compile-time check of
> > > the structure size - but not really for three u32.
> >
> > Sorry, structure size has absolutely nothing to do with whether it's
> > a good idea to have a compile-time check. The deciding factor is
> > whether the code relies on some property such as it being a certain
> > size. Such as in this exact case. If you grep for "BUILD_BUG_ON.*sizeof"
> > in fs/ for example, this illustrates the point rather well.
>
> I'd not bother if the size is obviously going to be correct.
That's fine if you assume that the structure isn't going to be changed.
In this case, you can't do that - the structure looks to be a driver
internal structure. It certainly doesn't look like an interface to
anything that matters.
The code as written relies on the assumption that an array of
struct stm32_breakinput can be directly mapped to an array of u32,
where every third element of the u32 array falls on the first member
of each stm32_breakinput member. That is a _significant_ assumption
that the code _should_ be checking for.
> I did get some odd bugs a few years ago from a compiler that aligned
> all structures on 4-byte boundaries.
> I had to change a structure of two u16 into an array :-)
ARM OABI will do exactly that.
--
RMK's Patch system: https://www.armlinux.org.uk/developer/patches/
FTTP is here! 40Mbps down 10Mbps up. Decent connectivity at last!