Re: [PATCH v1 1/1] libceph: Amend checking to fix `make W=1` build breakage

From: Viacheslav Dubeyko
Date: Mon Nov 10 2025 - 14:28:58 EST

Next message: André Draszik: "[PATCH v4 00/20] Samsung S2MPG10 regulator and S2MPG11 PMIC drivers"
Previous message: syzbot ci: "[syzbot ci] Re: make vmalloc gfp flags usage more apparent"
In reply to: Andy Shevchenko: "[PATCH v1 1/1] libceph: Amend checking to fix `make W=1` build breakage"
Next in thread: andriy.shevchenko@xxxxxxxxxxxxxxx: "Re: [PATCH v1 1/1] libceph: Amend checking to fix `make W=1` build breakage"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 2025-11-10 at 15:46 +0100, Andy Shevchenko wrote:
> In a few cases the code compares 32-bit value to a SIZE_MAX derived
> constant which is much higher than that value on 64-bit platforms,
> Clang, in particular, is not happy about this
>
> net/ceph/osdmap.c:1441:10: error: result of comparison of constant 4611686018427387891 with expression of type 'u32' (aka 'unsigned int') is always false [-Werror,-Wtautological-constant-out-of-range-compare]
> 1441 | if (len > (SIZE_MAX - sizeof(*pg)) / sizeof(u32))
> | ~~~ ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> net/ceph/osdmap.c:1624:10: error: result of comparison of constant 2305843009213693945 with expression of type 'u32' (aka 'unsigned int') is always false [-Werror,-Wtautological-constant-out-of-range-compare]
> 1624 | if (len > (SIZE_MAX - sizeof(*pg)) / (2 * sizeof(u32)))
> | ~~~ ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> fs/ceph/snap.c:377:10: error: result of comparison of constant 2305843009213693948 with expression of type 'u32' (aka 'unsigned int') is always false [-Werror,-Wtautological-constant-out-of-range-compare]
> 377 | if (num > (SIZE_MAX - sizeof(*snapc)) / sizeof(u64))
> | ~~~ ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> Fix this by casting to size_t. Note, that possible replacement of SIZE_MAX
> by U32_MAX may lead to the behaviour changes on the corner cases.
>
> Signed-off-by: Andy Shevchenko <andriy.shevchenko@xxxxxxxxxxxxxxx>
> ---
> net/ceph/osdmap.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/net/ceph/osdmap.c b/net/ceph/osdmap.c
> index 295098873861..8e7cb2fde6f1 100644
> --- a/net/ceph/osdmap.c
> +++ b/net/ceph/osdmap.c
> @@ -1438,7 +1438,7 @@ static struct ceph_pg_mapping *__decode_pg_temp(void **p, void *end,
> ceph_decode_32_safe(p, end, len, e_inval);
> if (len == 0 && incremental)
> return NULL; /* new_pg_temp: [] to remove */
> - if (len > (SIZE_MAX - sizeof(*pg)) / sizeof(u32))
> + if ((size_t)len > (SIZE_MAX - sizeof(*pg)) / sizeof(u32))
> return ERR_PTR(-EINVAL);
>
> ceph_decode_need(p, end, len * sizeof(u32), e_inval);
> @@ -1621,7 +1621,7 @@ static struct ceph_pg_mapping *__decode_pg_upmap_items(void **p, void *end,
> u32 len, i;

I am guessing... What if we change the declaration of len on size_t, then could
it be more clear solution here? For example, let's consider this for both cases:

size_t len, i;

Could it eliminate the issue and to make the Clang happy? Or could it introduce
another warnings/issues?

Thanks,
Slava.

>
> ceph_decode_32_safe(p, end, len, e_inval);
> - if (len > (SIZE_MAX - sizeof(*pg)) / (2 * sizeof(u32)))
> + if ((size_t)len > (SIZE_MAX - sizeof(*pg)) / (2 * sizeof(u32)))
> return ERR_PTR(-EINVAL);
>
> ceph_decode_need(p, end, 2 * len * sizeof(u32), e_inval);

Next message: André Draszik: "[PATCH v4 00/20] Samsung S2MPG10 regulator and S2MPG11 PMIC drivers"
Previous message: syzbot ci: "[syzbot ci] Re: make vmalloc gfp flags usage more apparent"
In reply to: Andy Shevchenko: "[PATCH v1 1/1] libceph: Amend checking to fix `make W=1` build breakage"
Next in thread: andriy.shevchenko@xxxxxxxxxxxxxxx: "Re: [PATCH v1 1/1] libceph: Amend checking to fix `make W=1` build breakage"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]