Re: [PATCH] divide by 3*sizeof(u32) when computing array_size

From: Russell King (Oracle)
Date: Tue Jul 13 2021 - 05:20:10 EST

Next message: kernel test robot: "[tip:core/urgent 1/1] kernel/smpboot.c:50:20: warning: duplicate 'inline' declaration specifier"
Previous message: Hayes Wang: "[PATCH net-next 2/2] r8152: separate the r8152.c into r8152_main.c and r8152_fw.c"
In reply to: Uwe Kleine-König: "Re: [PATCH] divide by 3*sizeof(u32) when computing array_size"
Next in thread: David Laight: "RE: [PATCH] divide by 3*sizeof(u32) when computing array_size"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Jul 13, 2021 at 08:30:53AM +0200, Uwe Kleine-König wrote:
> Hello Salah,
>
> On Tue, Jul 13, 2021 at 12:19:10AM +0100, Salah Triki wrote:
> > Divide by 3*sizeof(u32) when computing array_size, since stm32_breakinput
> > has 3 fields of type u32.
> >
> > Signed-off-by: Salah Triki <salah.triki@xxxxxxxxx>
> > ---
> > drivers/pwm/pwm-stm32.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/drivers/pwm/pwm-stm32.c b/drivers/pwm/pwm-stm32.c
> > index 794ca5b02968..fb21bc2b2dd6 100644
> > --- a/drivers/pwm/pwm-stm32.c
> > +++ b/drivers/pwm/pwm-stm32.c
> > @@ -544,7 +544,7 @@ static int stm32_pwm_probe_breakinputs(struct stm32_pwm *priv,
> > return -EINVAL;
> >
> > priv->num_breakinputs = nb;
> > - array_size = nb * sizeof(struct stm32_breakinput) / sizeof(u32);
> > + array_size = nb * sizeof(struct stm32_breakinput) / (3 * sizeof(u32));
> > ret = of_property_read_u32_array(np, "st,breakinput",
> > (u32 *)priv->breakinputs, array_size);
> > if (ret)
>
> I agree with Philipp here; this looks strange and needs a better
> description.
>
> Looking a bit more in details:
>
> - priv->breakinputs has type struct stm32_breakinput[MAX_BREAKINPUT]
> - nb is in [0 .. MAX_BREAKINPUT]
> - sizeof(struct stm32_breakinput) == 3 * sizeof(u32)
> - of_property_read_u32_array reads $array_size u32 quantities
>
> so to read $nb members of type stm32_breakinput array_size must be a
> multiple of 3 which isn't given any more after your patch. This makes me
> believe your suggested change to be wrong.

I concur with your analysis. "array_size" is the number of u32 values
to read from DT. It is not the number of entries in priv->breakinputs.

I would also note that the code relies on there being no padding in
struct stm32_breakinput - it should be noted that a strict
interpretation of the C standard allows padding to be added anywhere
to a structure - at the start, end or between members.

Some further thoughts... DT is effectively an interface (we maintain
definitions of what we expect.) The way the code is structured,
"struct stm32_breakinput" defines that interface. Maybe this should
be commented, and maybe there should be a build time assert that
"sizeof(struct stm32_breakinput)" is "3 * sizeof(u32)" since the
code is relying on that property?

--
RMK's Patch system: https://www.armlinux.org.uk/developer/patches/
FTTP is here! 40Mbps down 10Mbps up. Decent connectivity at last!

Next message: kernel test robot: "[tip:core/urgent 1/1] kernel/smpboot.c:50:20: warning: duplicate 'inline' declaration specifier"
Previous message: Hayes Wang: "[PATCH net-next 2/2] r8152: separate the r8152.c into r8152_main.c and r8152_fw.c"
In reply to: Uwe Kleine-König: "Re: [PATCH] divide by 3*sizeof(u32) when computing array_size"
Next in thread: David Laight: "RE: [PATCH] divide by 3*sizeof(u32) when computing array_size"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]