| Message ID | ZYDi1bWIKRSs2NpH@work (mailing list archive) |
|---|---|
| State | Mainlined |
| Commit | 4c26dea1c096138b6e7c49c4886e68fbf6013217 |
| Headers | show |
| Series | [next] bcachefs: Replace zero-length array with flex-array member and use __counted_by | expand |
On Mon, Dec 18, 2023 at 06:24:53PM -0600, Gustavo A. R. Silva wrote: > Fake flexible arrays (zero-length and one-element arrays) are > deprecated, and should be replaced by flexible-array members. > So, replace zero-length array with a flexible-array member in > `struct bch_ioctl_fsck_offline`. > > Also annotate array `devs` with `__counted_by()` to prepare for the > coming implementation by GCC and Clang of the `__counted_by` attribute. > Flexible array members annotated with `__counted_by` can have their > accesses bounds-checked at run-time via `CONFIG_UBSAN_BOUNDS` (for > array indexing) and `CONFIG_FORTIFY_SOURCE` (for strcpy/memcpy-family > functions). > > This fixes the following -Warray-bounds warnings: > fs/bcachefs/chardev.c: In function 'bch2_ioctl_fsck_offline': > fs/bcachefs/chardev.c:363:34: warning: array subscript 0 is outside array bounds of '__u64[0]' {aka 'long long unsigned int[]'} [-Warray-bounds=] > 363 | if (copy_from_user(devs, &user_arg->devs[0], sizeof(user_arg->devs[0]) * arg.nr_devs)) { > | ^~~~~~~~~~~~~~~~~~ > In file included from fs/bcachefs/chardev.c:5: > fs/bcachefs/bcachefs_ioctl.h:400:33: note: while referencing 'devs' > 400 | __u64 devs[0]; > > This results in no differences in binary output. > > Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org> Applied
diff --git a/fs/bcachefs/bcachefs_ioctl.h b/fs/bcachefs/bcachefs_ioctl.h index 21f81b16f24e..4b8fba754b1c 100644 --- a/fs/bcachefs/bcachefs_ioctl.h +++ b/fs/bcachefs/bcachefs_ioctl.h @@ -397,7 +397,7 @@ struct bch_ioctl_fsck_offline { __u64 flags; __u64 opts; /* string */ __u64 nr_devs; - __u64 devs[0]; + __u64 devs[] __counted_by(nr_devs); }; /*
Fake flexible arrays (zero-length and one-element arrays) are deprecated, and should be replaced by flexible-array members. So, replace zero-length array with a flexible-array member in `struct bch_ioctl_fsck_offline`. Also annotate array `devs` with `__counted_by()` to prepare for the coming implementation by GCC and Clang of the `__counted_by` attribute. Flexible array members annotated with `__counted_by` can have their accesses bounds-checked at run-time via `CONFIG_UBSAN_BOUNDS` (for array indexing) and `CONFIG_FORTIFY_SOURCE` (for strcpy/memcpy-family functions). This fixes the following -Warray-bounds warnings: fs/bcachefs/chardev.c: In function 'bch2_ioctl_fsck_offline': fs/bcachefs/chardev.c:363:34: warning: array subscript 0 is outside array bounds of '__u64[0]' {aka 'long long unsigned int[]'} [-Warray-bounds=] 363 | if (copy_from_user(devs, &user_arg->devs[0], sizeof(user_arg->devs[0]) * arg.nr_devs)) { | ^~~~~~~~~~~~~~~~~~ In file included from fs/bcachefs/chardev.c:5: fs/bcachefs/bcachefs_ioctl.h:400:33: note: while referencing 'devs' 400 | __u64 devs[0]; This results in no differences in binary output. Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org> --- fs/bcachefs/bcachefs_ioctl.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)