On Mon, 3 Nov 2025 20:16:46 +0200 Andy Shevchenko <[email protected]> wrote:
> On Mon, Nov 03, 2025 at 04:41:41PM +0200, Andy Shevchenko wrote: > > On Mon, Nov 03, 2025 at 01:22:13PM +0000, David Laight wrote: > > > On Mon, 3 Nov 2025 19:07:24 +0800 > > > Kuan-Wei Chiu <[email protected]> wrote: > > > > On Mon, Nov 03, 2025 at 11:24:35AM +0100, Andy Shevchenko wrote: > > > > > On Fri, Oct 31, 2025 at 09:09:47PM -0700, Andrew Morton wrote: > > > > > > On Wed, 29 Oct 2025 18:17:25 +0800 Guan-Chun Wu > > > > > > <[email protected]> wrote: > > ... > > > > > > > Looks like wonderful work, thanks. And it's good to gain a selftest > > > > > > for this code. > > > > > > > > > > > > > This improves throughput by ~43-52x. > > > > > > > > > > > > Well that isn't a thing we see every day. > > > > > > > > > > I agree with the judgement, the problem is that this broke > > > > > drastically a build: > > > > > > > > > > lib/base64.c:35:17: error: initializer overrides prior initialization > > > > > of this subobject [-Werror,-Winitializer-overrides] > > > > > 35 | [BASE64_STD] = BASE64_REV_INIT('+', '/'), > > > > > | ^~~~~~~~~~~~~~~~~~~~~~~~~ > > > > > lib/base64.c:26:11: note: expanded from macro 'BASE64_REV_INIT' > > > > > 26 | ['A'] = 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, > > > > > 11, 12, \ > > > > > | ^ > > > > > lib/base64.c:35:17: note: previous initialization is here > > > > > 35 | [BASE64_STD] = BASE64_REV_INIT('+', '/'), > > > > > | ^~~~~~~~~~~~~~~~~~~~~~~~~ > > > > > lib/base64.c:25:16: note: expanded from macro 'BASE64_REV_INIT' > > > > > 25 | [0 ... 255] = -1, \ > > > > > | ^~ > > > > > ... > > > > > fatal error: too many errors emitted, stopping now [-ferror-limit=] > > > > > 20 errors generated. > > > > > > > > > Since I didn't notice this build failure, I guess this happens during a > > > > W=1 build? Sorry for that. Maybe I should add W=1 compilation testing > > > > to my checklist before sending patches in the future. I also got an > > > > email from the kernel test robot with a duplicate initialization > > > > warning from the sparse tool [1], pointing to the same code. > > > > > > > > This implementation was based on David's previous suggestion [2] to > > > > first default all entries to -1 and then set the values for the 64 > > > > character entries. This was to avoid expanding the large 256 * 3 table > > > > and improve code readability. > > > > > > > > Since I believe many people test and care about W=1 builds, > > > > > > Last time I tried a W=1 build it failed horribly because of 'type-limits'. > > > The kernel does that all the time - usually for its own error tests inside > > > #define and inline functions. > > > Certainly some of the changes I've seen to stop W=1 warnings are really > > > a bad idea - but that is a bit of a digression. > > > > > > Warnings can be temporarily disabled using #pragma. > > > That might be the best thing to do here with this over-zealous warning. > > > > > > This compiles on gcc and clang (even though the warnings have different > > > names): > > > #pragma GCC diagnostic push > > > #pragma GCC diagnostic ignored "-Woverride-init" > > > int x[16] = { [0 ... 15] = -1, [5] = 5}; > > > #pragma GCC diagnostic pop > > > > > > > I think we need to find another way to avoid this warning? > > > > Perhaps we could consider what you suggested: > > > > > > > > #define BASE64_REV_INIT(val_plus, val_comma, val_minus, val_slash, > > > > val_under) { \ > > > > [ 0 ... '+'-1 ] = -1, \ > > > > [ '+' ] = val_plus, val_comma, val_minus, -1, val_slash, \ > > > > [ '0' ] = 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, \ > > > > [ '9'+1 ... 'A'-1 ] = -1, \ > > > > [ 'A' ] = 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, \ > > > > 23, 24, 25, 26, 27, 28, 28, 30, 31, 32, 33, 34, 35, \ > > > > [ 'Z'+1 ... '_'-1 ] = -1, \ > > > > [ '_' ] = val_under, \ > > > > [ '_'+1 ... 'a'-1 ] = -1, \ > > > > [ 'a' ] = 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, \ > > > > 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, \ > > > > [ 'z'+1 ... 255 ] = -1 \ > > > > } > > > > > > I just checked, neither gcc nor clang allow empty ranges (eg [ 6 ... 5 ] > > > = -1). > > > Which means the coder has to know which characters are adjacent as well > > > as getting the order right. > > > Basically avoiding the warning sucks. > > > > > > > Or should we just expand the 256 * 3 table as it was before? > > > > > > That has much the same issue - IIRC it relies on three big sequential > > > lists. > > > > > > The #pragma may be best - but doesn't solve sparse (unless it processes > > > them as well). > > > > Pragma will be hated. They have been used in a few other places. and to disable more 'useful' warnings. > > I believe there is a better way to do what you want. Let me cook a PoC. > > I tried locally several approaches and the best I can come up with is the > pre-generated > (via Python script) pieces of C code that we can copy'n'paste instead of that > shortened > form. So basically having a full 256 tables in the code is my suggestion to > fix the build > issue. Alternatively we can generate that at run-time (on the first run) in > the similar way how prime_numbers.c does. The downside of such an approach is > loosing > the const specifier, which I consider kinda important. > > Btw, in the future here might be also the side-channel attack concerns > appear, which would > require to reconsider the whole algo to get it constant-time execution. The array lookup version is 'reasonably' time constant. One option is to offset all the array entries by 1 and subtract 1 after reading the entry. That means that the 'error' characters have zero in the array (not -1). At least the compiler won't error that! The extra 'subtract 1' is probably just measurable. But I'd consider raising a bug on gcc :-) One of the uses of ranged designated initialisers for arrays is to change the default value - as been done here. It shouldn't cause a warning. David > > > > > [1]: > > > > https://lore.kernel.org/oe-kbuild-all/[email protected]/ > > > > [2]: https://lore.kernel.org/lkml/20250928195736.71bec9ae@pumpkin/ >
