-
Notifications
You must be signed in to change notification settings - Fork 6.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
sys: util: Prevent multiple definitions of ARRAY_SIZE #50239
Conversation
Similar PR was closed without merging: #49831 |
What is the reasoning to not allow this, but do the same thing for other macros? Every single implementation of |
Please read the comments of the linked PR and see if you can satisfy what has been voiced there. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Add tests here, please.
https://github.com/zephyrproject-rtos/zephyr/blob/main/tests/unit/util/test.inc
Unless it can be proven that there is some sort of security threat by doing so, I see absolutely no reason not to ack here.
On a side note, we probably do want to have a non-unit test that explicitly causes a crash to validate failure modes. IIRC, it is not possible to do that with a zephyr "unit test" (because they run as native_posix).
There are tests in there that use
If you want something explicit. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's been discussed in a few places a number of times.
This is for 3rd-party code compatibility, so simply avoid a compiler warning that will be promoted to error in twister. We all know the correct fix for this - i.e. use a namespaced As an intermediate step to downstream projects dropping
|
Avoiding warning does not fix problem it makes it just creep in the shadows. I have also gone through something like
which is basically "happy debugging, suckers" case from bash.org, that makes me reluctant to allow different definitions depending on the order of header inclusions.
Then, the warning is the argument in the discussion.
That would be great. |
I wish Zephyr had a namespace. IMO, it's a mistake not to do that when using lots of 3rd party code in-tree (HALs et al.). |
Me too.
Yes. Having our own namespace kinda lets us move out of the way, in most of cases as I must admit that the 3rd party code is not without blame, because using generic names for things is just asking for collisions. |
@mfischer - well, how would you feel ripping the bandaid off? |
Sure, this week is busy. I'll see when I get around to it. During -rc nothing will be merged anyways :) |
What if you include another (third-party) header that does the same thing after the Zephyr header? These re-definitions only fail because the re-definition is different from the original definition (compiler will not complain for the identical re-definition) -- that IS a problem.
Agreed.
I think |
I kind of like |
@@ -105,6 +106,7 @@ extern "C" { | |||
* | |||
* In C, passing a pointer as @p array causes a compile error. | |||
*/ | |||
#undef ARRAY_SIZE | |||
#define ARRAY_SIZE(array) \ | |||
((size_t) (IS_ARRAY(array) + (sizeof(array) / sizeof((array)[0])))) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In practice this means ARRAY_SIZE implementation will depend on the including order: BAD. Note that since Zephyr seems to be worried about safety, this violates MISRA 20.5 (advisory) as well.
I think we should either:
- Fix offending libraries/3rd party code
- Use a namespace in Zephyr, to protect us from 3rd party code.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In practice this means ARRAY_SIZE implementation will depend on the including order: BAD. Note that since Zephyr seems to be worried about safety, this violates MISRA 20.5 (advisory) as well.
Valid arguments.
I think we should either:
* Fix offending libraries/3rd party code
Yes.
* Use a namespace in Zephyr, to protect us from 3rd party code.
There is always chance for collision, and system should not move out of the way.
Choosing SYS_ or Z_ prefix will fix a problem until other system gets the same idea and some interface header for some library, hal or other thing does the #ifndef/#define thing in interface header again.
Only way to fix header order problem is to avoid having definitions, in headers, that should not be there.
sys/util.h is included specifically for the definitions it provides, so it is not guilty of redefinitions.
Question: how many Zephyr headers include sys/util.h for no reason?
I will also +1 this PR if it evolves into a tree-wide change to This above work is practically as simple as running a grep, awk, and sed one-liner. |
I'm stepping into this thread since the NXP HAL is one of the modules/libraries that @gmarull is trying to change. While the change proposed is not that big, the problem I have is that I have to propagate this change back to the source or I'm burdened with the technical debt of maintaining a patch that has to be applied. Previously, it was header include order that prevented this problem from happening and partially because the NXP HAL definition wrapped the ARRAY_SIZE with an #ifndef. We don't seem to want to do that with the Zephyr version to, I assume, ensure that the system build gets the functionality being defined by our version. The other solution being discussed is to fix this via a namespace prefix. My vote is for a namespace fix. ARRAY_SIZE is a super common define in the embedded space. Below is a quick scan of our current modules/libraries on the frequency of its definition so rather then forcing changes on every HAL/Module/Lib we pull into Zephyr we should just ensure a separate name space for Zephyr's implementation of these various common defines (or just use the #ifndef wrapper). \bootloader\mcuboot\boot\boot_serial\src\zcbor_common.h:#333 |
The zcbor has already been updated with replacement of Unless there is good reason to make such macro public, as in case of zcbor, it should not be visible via hal/lib/module interface and should be guarded by |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
See conversation here: https://discord.com/channels/720317445772017664/1014241011989487716/1032623375228608522
The approach in this PR has been rejected in the different forums where this has been discussed, and instead a completely different strategy is under review: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM on the tests/ end
This commit is the outcome of the discussion that has taken place in multiple forums: Discord: https://discord.com/channels/720317445772017664/1014241011989487716/1032623375228608522 GitHub: zephyrproject-rtos#51371 zephyrproject-rtos#50239 Signed-off-by: Carles Cufi <[email protected]>
This commit is the outcome of the discussion that has taken place in multiple forums: Discord: https://discord.com/channels/720317445772017664/1014241011989487716/1032623375228608522 GitHub: #51371 #50239 Signed-off-by: Carles Cufi <[email protected]>
This commit is the outcome of the discussion that has taken place in multiple forums: Discord: https://discord.com/channels/720317445772017664/1014241011989487716/1032623375228608522 GitHub: zephyrproject-rtos/zephyr#51371 zephyrproject-rtos/zephyr#50239 (cherry picked from commit d095f7d) Original-Signed-off-by: Carles Cufi <[email protected]> GitOrigin-RevId: d095f7d Change-Id: I473d1b1f55da92b34bd429cd60f0cf75488ed5d4 Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/third_party/zephyr/+/4287511 Tested-by: Keith Short <[email protected]> Reviewed-by: Keith Short <[email protected]> Tested-by: Al Semjonovs <[email protected]> Commit-Queue: Al Semjonovs <[email protected]> Tested-by: CopyBot Service Account <[email protected]> Reviewed-by: Al Semjonovs <[email protected]>
This pull request has been marked as stale because it has been open (more than) 60 days with no activity. Remove the stale label or add a comment saying that you would like to have the label removed otherwise this pull request will automatically be closed in 14 days. Note, that you can always re-open a closed pull request at any time. |
Can we close this now? |
Wrap ARRAY_SIZE macro with an #ifndef ARRAY_SIZE to prevent multiple definition issues when dealing with third party libraries that have their own definitions.
Fixes #51371
Signed-off-by: Moritz Fischer [email protected]