| Message ID | 20200319195046.GA452@embeddedor.com (mailing list archive) |
|---|---|
| State | Mainlined |
| Commit | 4b566406085bc1fd5b6ba309fae70e6f6d6fa94e |
| Headers | show |
| Series | [next] acpi: nfit.h: Replace zero-length array with flexible-array member | expand |
On Thu, Mar 19, 2020 at 9:15 PM Gustavo A. R. Silva <gustavo@embeddedor.com> wrote: > > The current codebase makes use of the zero-length array language > extension to the C90 standard, but the preferred mechanism to declare > variable-length types such as these ones is a flexible array member[1][2], > introduced in C99: > > struct foo { > int stuff; > struct boo array[]; > }; > > By making use of the mechanism above, we will get a compiler warning > in case the flexible array does not occur last in the structure, which > will help us prevent some kind of undefined behavior bugs from being > inadvertently introduced[3] to the codebase from now on. > > Also, notice that, dynamic memory allocations won't be affected by > this change: > > "Flexible array members have incomplete type, and so the sizeof operator > may not be applied. As a quirk of the original implementation of > zero-length arrays, sizeof evaluates to zero."[1] > > This issue was found with the help of Coccinelle. > > [1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html > [2] https://github.com/KSPP/linux/issues/21 > [3] commit 76497732932f ("cxgb3/l2t: Fix undefined behaviour") > > Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com> Dan, I'm assuming that you will take care of this one or please let me know otherwise. Cheers! > --- > drivers/acpi/nfit/nfit.h | 12 ++++++------ > 1 file changed, 6 insertions(+), 6 deletions(-) > > diff --git a/drivers/acpi/nfit/nfit.h b/drivers/acpi/nfit/nfit.h > index 24241941181c..af09143ce403 100644 > --- a/drivers/acpi/nfit/nfit.h > +++ b/drivers/acpi/nfit/nfit.h > @@ -144,32 +144,32 @@ struct nfit_spa { > unsigned long ars_state; > u32 clear_err_unit; > u32 max_ars; > - struct acpi_nfit_system_address spa[0]; > + struct acpi_nfit_system_address spa[]; > }; > > struct nfit_dcr { > struct list_head list; > - struct acpi_nfit_control_region dcr[0]; > + struct acpi_nfit_control_region dcr[]; > }; > > struct nfit_bdw { > struct list_head list; > - struct acpi_nfit_data_region bdw[0]; > + struct acpi_nfit_data_region bdw[]; > }; > > struct nfit_idt { > struct list_head list; > - struct acpi_nfit_interleave idt[0]; > + struct acpi_nfit_interleave idt[]; > }; > > struct nfit_flush { > struct list_head list; > - struct acpi_nfit_flush_address flush[0]; > + struct acpi_nfit_flush_address flush[]; > }; > > struct nfit_memdev { > struct list_head list; > - struct acpi_nfit_memory_map memdev[0]; > + struct acpi_nfit_memory_map memdev[]; > }; > > enum nfit_mem_flags { > -- > 2.23.0 >
On Wed, Mar 25, 2020 at 3:06 AM Rafael J. Wysocki <rafael@kernel.org> wrote: > > On Thu, Mar 19, 2020 at 9:15 PM Gustavo A. R. Silva > <gustavo@embeddedor.com> wrote: > > > > The current codebase makes use of the zero-length array language > > extension to the C90 standard, but the preferred mechanism to declare > > variable-length types such as these ones is a flexible array member[1][2], > > introduced in C99: > > > > struct foo { > > int stuff; > > struct boo array[]; > > }; > > > > By making use of the mechanism above, we will get a compiler warning > > in case the flexible array does not occur last in the structure, which > > will help us prevent some kind of undefined behavior bugs from being > > inadvertently introduced[3] to the codebase from now on. > > > > Also, notice that, dynamic memory allocations won't be affected by > > this change: > > > > "Flexible array members have incomplete type, and so the sizeof operator > > may not be applied. As a quirk of the original implementation of > > zero-length arrays, sizeof evaluates to zero."[1] > > > > This issue was found with the help of Coccinelle. > > > > [1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html > > [2] https://github.com/KSPP/linux/issues/21 > > [3] commit 76497732932f ("cxgb3/l2t: Fix undefined behaviour") > > > > Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com> > > Dan, > > I'm assuming that you will take care of this one or please let me know > otherwise. Yes, this one and the other 2 related libnvdimm fixups are in my queue.
diff --git a/drivers/acpi/nfit/nfit.h b/drivers/acpi/nfit/nfit.h index 24241941181c..af09143ce403 100644 --- a/drivers/acpi/nfit/nfit.h +++ b/drivers/acpi/nfit/nfit.h @@ -144,32 +144,32 @@ struct nfit_spa { unsigned long ars_state; u32 clear_err_unit; u32 max_ars; - struct acpi_nfit_system_address spa[0]; + struct acpi_nfit_system_address spa[]; }; struct nfit_dcr { struct list_head list; - struct acpi_nfit_control_region dcr[0]; + struct acpi_nfit_control_region dcr[]; }; struct nfit_bdw { struct list_head list; - struct acpi_nfit_data_region bdw[0]; + struct acpi_nfit_data_region bdw[]; }; struct nfit_idt { struct list_head list; - struct acpi_nfit_interleave idt[0]; + struct acpi_nfit_interleave idt[]; }; struct nfit_flush { struct list_head list; - struct acpi_nfit_flush_address flush[0]; + struct acpi_nfit_flush_address flush[]; }; struct nfit_memdev { struct list_head list; - struct acpi_nfit_memory_map memdev[0]; + struct acpi_nfit_memory_map memdev[]; }; enum nfit_mem_flags {
The current codebase makes use of the zero-length array language extension to the C90 standard, but the preferred mechanism to declare variable-length types such as these ones is a flexible array member[1][2], introduced in C99: struct foo { int stuff; struct boo array[]; }; By making use of the mechanism above, we will get a compiler warning in case the flexible array does not occur last in the structure, which will help us prevent some kind of undefined behavior bugs from being inadvertently introduced[3] to the codebase from now on. Also, notice that, dynamic memory allocations won't be affected by this change: "Flexible array members have incomplete type, and so the sizeof operator may not be applied. As a quirk of the original implementation of zero-length arrays, sizeof evaluates to zero."[1] This issue was found with the help of Coccinelle. [1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html [2] https://github.com/KSPP/linux/issues/21 [3] commit 76497732932f ("cxgb3/l2t: Fix undefined behaviour") Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com> --- drivers/acpi/nfit/nfit.h | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-)