Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Eliminate fake flexible arrays from the kernel ("variable length" one-element and zero-length arrays) #21

Closed
11 tasks done
kees opened this issue Nov 19, 2019 · 13 comments
Closed
11 tasks done

Eliminate fake flexible arrays from the kernel ("variable length" one-element and zero-length arrays) #21

kees opened this issue Nov 19, 2019 · 13 comments
Assignees
@GustavoARSilva @kees
Labels
compiler Needs compiler support [Idiom] fake flexible array [Linux] v6.12 Released in Linux kernel v6.12

Comments

@kees
Copy link

kees commented Nov 19, 2019
edited
Loading

Dependent bugs:

There is a regular need in the kernel to provide a way to declare having a
dynamically sized set of trailing elements in a structure. Kernel code should
always use “flexible array members” for these cases. The older style of
one-element or zero-length arrays should no longer be used.

In older C code, dynamically sized trailing elements were done by specifying
a one-element array at the end of a structure:

struct something {
        size_t count;
        struct foo items[1];
};

This led to fragile size calculations via sizeof() (which would need to remove
the size of the single trailing element to get a correct size of the “header”).
A GNU C extension was introduced to allow for zero-length arrays, to avoid
these kinds of size problems:

struct something {
        size_t count;
        struct foo items[0];
};

But this led to other problems, and didn’t solve some problems shared by both
styles, like not being able to detect when such an array is accidentally being
used not at the end of a structure (which could happen directly, or when
such a struct was in unions, structs of structs, etc).

C99 introduced “flexible array members”, which lacks a numeric size for the
array declaration entirely:

struct something {
        size_t count;
        struct foo items[];
};

This is the way the kernel expects dynamically sized trailing elements to be
declared. It allows the compiler to generate errors when the flexible array
does not occur last in the structure, which helps to prevent some kind of
undefined behavior bugs from being inadvertently introduced to the codebase.
It also allows the compiler to correctly analyze array sizes (via sizeof(),
CONFIG_FORTIFY_SOURCE, and CONFIG_UBSAN_BOUNDS). For instance, there is no
mechanism that warns us that the following application of the sizeof() operator
to a zero-length array always results in zero:

struct something {
        size_t count;
        struct foo items[0];
};

struct something *instance;

instance = kmalloc(struct_size(instance, items, count), GFP_KERNEL);
instance->count = count;

size = sizeof(instance->items) * instance->count;
memcpy(instance->items, source, size);

At the last line of code above, size turns out to be zero, when one might have
thought it represents the total size in bytes of the dynamic memory recently
allocated for the trailing array items. Here are a couple examples of this
issue: link 1, link 2. Instead, flexible array members have incomplete type, and so the
sizeof() operator may not be applied, so any misuse of such operators will
be immediately noticed at build time.

With respect to one-element arrays, one has to be acutely aware that such
arrays occupy at least as much space as a single object of the type, hence they
contribute to the size of the enclosing structure. This is prone to error every
time people want to calculate the total size of dynamic memory to allocate for
a structure containing an array of this kind as a member:

struct something {
        size_t count;
        struct foo items[1];
};

struct something *instance;

instance = kmalloc(struct_size(instance, items, count - 1), GFP_KERNEL);
instance->count = count;

size = sizeof(instance->items) * instance->count;
memcpy(instance->items, source, size);

In the example above, we had to remember to calculate count - 1 when using the
struct_size() helper, otherwise we would have –unintentionally– allocated memory
for one too many items objects. The cleanest and least error-prone way to
implement this is through the use of a flexible array member, instead:

struct something {
        size_t count;
        struct foo items[];
};

struct something *instance;

instance = kmalloc(struct_size(instance, items, count), GFP_KERNEL);
instance->count = count;

size = sizeof(instance->items[0]) * instance->count;
memcpy(instance->items, source, size);
@kees kees added the [PATCH] Exists A patch exists to address the issue label Nov 21, 2019
@kees
Copy link
Author

kees commented Nov 21, 2019

treewide patch from Gustavo via Coccinelle: https://git.kernel.org/pub/scm/linux/kernel/git/gustavoars/linux.git/commit/?h=for-next/fam

@kees
Copy link
Author

kees commented Nov 21, 2019

Additionally, Documentation/process/deprecated.rst should be updated and a test added to scripts/checkpatch.pl.

@kees
Copy link
Author

kees commented Nov 21, 2019

/cc @GustavoARSilva

@kees
Copy link
Author

kees commented Dec 5, 2019

It would be nice if the compiler had a mode to warn about [0] and [1]-sized arrays.

@kees kees added the compiler Needs compiler support label Dec 5, 2019
fengguang pushed a commit to 0day-ci/linux that referenced this issue Jan 17, 2020
@GustavoARSilva @intel-lab-lkp
net: sched: cls_u32: Use flexible-array member
af8e8e5 
Old code in the kernel uses 1-byte and 0-byte arrays to indicate the
presence of a "variable length array":

struct something {
    int length;
    u8 data[1];
};

struct something *instance;

instance = kmalloc(sizeof(*instance) + size, GFP_KERNEL);
instance->length = size;
memcpy(instance->data, source, size);

There is also 0-byte arrays. Both cases pose confusion for things like
sizeof(), CONFIG_FORTIFY_SOURCE, etc.[1] Instead, the preferred mechanism
to declare variable-length types such as the one above is a flexible array
member[2] which need to be the last member of a structure and empty-sized:

struct something {
        int stuff;
        u8 data[];
};

Also, by making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
unadvertenly introduced[3] to the codebase from now on.

[1] KSPP#21
[2] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
fengguang pushed a commit to 0day-ci/linux that referenced this issue Jan 17, 2020
@GustavoARSilva @intel-lab-lkp
USB: serial: garmin_gps: Use flexible-array member
19f6358 
Old code in the kernel uses 1-byte and 0-byte arrays to indicate the
presence of a "variable length array":

struct something {
    int length;
    u8 data[1];
};

struct something *instance;

instance = kmalloc(sizeof(*instance) + size, GFP_KERNEL);
instance->length = size;
memcpy(instance->data, source, size);

There is also 0-byte arrays. Both cases pose confusion for things like
sizeof(), CONFIG_FORTIFY_SOURCE, etc.[1] Instead, the preferred mechanism
to declare variable-length types such as the one above is a flexible array
member[2] which need to be the last member of a structure and empty-sized:

struct something {
        int stuff;
        u8 data[];
};

Also, by making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
unadvertenly introduced[3] to the codebase from now on.

[1] KSPP#21
[2] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
fengguang pushed a commit to 0day-ci/linux that referenced this issue Jan 17, 2020
@GustavoARSilva @jhovold
USB: serial: garmin_gps: Use flexible-array member
50c3c5e 
Old code in the kernel uses 1-byte and 0-byte arrays to indicate the
presence of a "variable length array":

struct something {
    int length;
    u8 data[1];
};

struct something *instance;

instance = kmalloc(sizeof(*instance) + size, GFP_KERNEL);
instance->length = size;
memcpy(instance->data, source, size);

There is also 0-byte arrays. Both cases pose confusion for things like
sizeof(), CONFIG_FORTIFY_SOURCE, etc.[1] Instead, the preferred mechanism
to declare variable-length types such as the one above is a flexible array
member[2] which need to be the last member of a structure and empty-sized:

struct something {
        int stuff;
        u8 data[];
};

Also, by making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
unadvertenly introduced[3] to the codebase from now on.

[1] KSPP#21
[2] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Signed-off-by: Johan Hovold <[email protected]>
fengguang pushed a commit to 0day-ci/linux that referenced this issue Jan 23, 2020
@GustavoARSilva @intel-lab-lkp
tty: n_hdlc: Use flexible-array member
a7ed6c8 
Old code in the kernel uses 1-byte and 0-byte arrays to indicate the
presence of a "variable length array":

struct something {
    int length;
    u8 data[1];
};

struct something *instance;

instance = kmalloc(sizeof(*instance) + size, GFP_KERNEL);
instance->length = size;
memcpy(instance->data, source, size);

There is also 0-byte arrays. Both cases pose confusion for things like
sizeof(), CONFIG_FORTIFY_SOURCE, etc.[1] Instead, the preferred mechanism
to declare variable-length types such as the one above is a flexible array
member[2] which need to be the last member of a structure and empty-sized:

struct something {
        int stuff;
        u8 data[];
};

Also, by making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
unadvertenly introduced[3] to the codebase from now on.

[1] KSPP#21
[2] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
fengguang pushed a commit to 0day-ci/linux that referenced this issue Jan 23, 2020
@GustavoARSilva @intel-lab-lkp
char: hpet: Use flexible-array member
8868232 
Old code in the kernel uses 1-byte and 0-byte arrays to indicate the
presence of a "variable length array":

struct something {
    int length;
    u8 data[1];
};

struct something *instance;

instance = kmalloc(sizeof(*instance) + size, GFP_KERNEL);
instance->length = size;
memcpy(instance->data, source, size);

There is also 0-byte arrays. Both cases pose confusion for things like
sizeof(), CONFIG_FORTIFY_SOURCE, etc.[1] Instead, the preferred mechanism
to declare variable-length types such as the one above is a flexible array
member[2] which need to be the last member of a structure and empty-sized:

struct something {
        int stuff;
        u8 data[];
};

Also, by making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
unadvertenly introduced[3] to the codebase from now on.

[1] KSPP#21
[2] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
fengguang pushed a commit to 0day-ci/linux that referenced this issue Jan 24, 2020
@GustavoARSilva @intel-lab-lkp
tty: n_hdlc: Use flexible-array member and struct_size() helper
cbaec98 
Old code in the kernel uses 1-byte and 0-byte arrays to indicate the
presence of a "variable length array":

struct something {
    int length;
    u8 data[1];
};

struct something *instance;

instance = kmalloc(sizeof(*instance) + size, GFP_KERNEL);
instance->length = size;
memcpy(instance->data, source, size);

There is also 0-byte arrays. Both cases pose confusion for things like
sizeof(), CONFIG_FORTIFY_SOURCE, etc.[1] Instead, the preferred mechanism
to declare variable-length types such as the one above is a flexible array
member[2] which need to be the last member of a structure and empty-sized:

struct something {
        int stuff;
        u8 data[];
};

Also, by making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertenly introduced[3] to the codebase from now on.

Lastly, make use of the struct_size() helper to safely calculate the
allocation size for instances of struct n_hdlc_buf and avoid any potential
type mistakes[4][5].

[1] KSPP#21
[2] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")
[4] https://lore.kernel.org/lkml/[email protected]/
[5] commit 553d66c ("iommu/vt-d: Use struct_size() helper")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
fengguang pushed a commit to 0day-ci/linux that referenced this issue Jan 24, 2020
@GustavoARSilva @gregkh
tty: n_hdlc: Use flexible-array member and struct_size() helper
85f4c95 
Old code in the kernel uses 1-byte and 0-byte arrays to indicate the
presence of a "variable length array":

struct something {
    int length;
    u8 data[1];
};

struct something *instance;

instance = kmalloc(sizeof(*instance) + size, GFP_KERNEL);
instance->length = size;
memcpy(instance->data, source, size);

There is also 0-byte arrays. Both cases pose confusion for things like
sizeof(), CONFIG_FORTIFY_SOURCE, etc.[1] Instead, the preferred mechanism
to declare variable-length types such as the one above is a flexible array
member[2] which need to be the last member of a structure and empty-sized:

struct something {
        int stuff;
        u8 data[];
};

Also, by making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertenly introduced[3] to the codebase from now on.

Lastly, make use of the struct_size() helper to safely calculate the
allocation size for instances of struct n_hdlc_buf and avoid any potential
type mistakes[4][5].

[1] KSPP#21
[2] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")
[4] https://lore.kernel.org/lkml/[email protected]/
[5] commit 553d66c ("iommu/vt-d: Use struct_size() helper")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Reviewed-by: Jiri Slaby <[email protected]>
Link: https://lore.kernel.org/r/20200121172138.GA3162@embeddedor
Signed-off-by: Greg Kroah-Hartman <[email protected]>
fengguang pushed a commit to 0day-ci/linux that referenced this issue Jan 25, 2020
@GustavoARSilva @gregkh
char: hpet: Use flexible-array member
987f028 
Old code in the kernel uses 1-byte and 0-byte arrays to indicate the
presence of a "variable length array":

struct something {
    int length;
    u8 data[1];
};

struct something *instance;

instance = kmalloc(sizeof(*instance) + size, GFP_KERNEL);
instance->length = size;
memcpy(instance->data, source, size);

There is also 0-byte arrays. Both cases pose confusion for things like
sizeof(), CONFIG_FORTIFY_SOURCE, etc.[1] Instead, the preferred mechanism
to declare variable-length types such as the one above is a flexible array
member[2] which need to be the last member of a structure and empty-sized:

struct something {
        int stuff;
        u8 data[];
};

Also, by making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
unadvertenly introduced[3] to the codebase from now on.

[1] KSPP#21
[2] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Signed-off-by: Greg Kroah-Hartman <[email protected]>
tiwai pushed a commit to tiwai/sound that referenced this issue Feb 12, 2020
@GustavoARSilva @tiwai
ALSA: core: Replace zero-length array with flexible-array member
9478bd4 
The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertenly introduced[3] to the codebase from now on.

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Link: https://lore.kernel.org/r/20200211193910.GA4596@embeddedor
Signed-off-by: Takashi Iwai <[email protected]>
tiwai pushed a commit to tiwai/sound that referenced this issue Feb 12, 2020
@GustavoARSilva @tiwai
ALSA: usb-midi: Replace zero-length array with flexible-array member
6c8019d 
The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertenly introduced[3] to the codebase from now on.

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Link: https://lore.kernel.org/r/20200211194224.GA9383@embeddedor
Signed-off-by: Takashi Iwai <[email protected]>
tiwai pushed a commit to tiwai/sound that referenced this issue Feb 12, 2020
@GustavoARSilva @tiwai
ALSA: hda/ca0132 - Replace zero-length array with flexible-array member
7650195 
The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertenly introduced[3] to the codebase from now on.

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Link: https://lore.kernel.org/r/20200211194403.GA10318@embeddedor
Signed-off-by: Takashi Iwai <[email protected]>
tiwai pushed a commit to tiwai/sound that referenced this issue Feb 12, 2020
@GustavoARSilva @tiwai
ALSA: hda_codec: Replace zero-length array with flexible-array member
bb80b96 
The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertenly introduced[3] to the codebase from now on.

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Link: https://lore.kernel.org/r/20200211200739.GA12948@embeddedor
Signed-off-by: Takashi Iwai <[email protected]>
fengguang pushed a commit to 0day-ci/linux that referenced this issue Feb 12, 2020
@GustavoARSilva @gregkh
misc: vexpress: Replace zero-length array with flexible-array member
d0cff8a 
The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertenly introduced[3] to the codebase from now on.

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Link: https://lore.kernel.org/r/20200211211010.GA32239@embeddedor
Signed-off-by: Greg Kroah-Hartman <[email protected]>
fengguang pushed a commit to 0day-ci/linux that referenced this issue Feb 12, 2020
@GustavoARSilva @gregkh
mei: bus: replace zero-length array with flexible-array member
6736041 
The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertenly introduced[3] to the codebase from now on.

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Link: https://lore.kernel.org/r/20200211210822.GA31368@embeddedor
Signed-off-by: Greg Kroah-Hartman <[email protected]>
fengguang pushed a commit to 0day-ci/linux that referenced this issue Feb 12, 2020
@GustavoARSilva @gregkh
staging: unisys: visorinput: Replace zero-length array with flexible-…
1f9d6a3 
…array member

The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertenly introduced[3] to the codebase from now on.

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Link: https://lore.kernel.org/r/20200211211722.GA1640@embeddedor
Signed-off-by: Greg Kroah-Hartman <[email protected]>
fengguang pushed a commit to 0day-ci/linux that referenced this issue Feb 12, 2020
@GustavoARSilva @gregkh
staging: greybus: Replace zero-length array with flexible-array member
8acd7c5 
The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertenly introduced[3] to the codebase from now on.

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Link: https://lore.kernel.org/r/20200211211219.GA673@embeddedor
Signed-off-by: Greg Kroah-Hartman <[email protected]>
fengguang pushed a commit to 0day-ci/linux that referenced this issue Feb 12, 2020
@GustavoARSilva @gregkh
tty/serial: 8250_exar: Replace zero-length array with flexible-array …
00d963a 
…member

The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertenly introduced[3] to the codebase from now on.

Also, notice that, dynamic memory allocations won't be affected by
this change:

"Flexible array members have incomplete type, and so the sizeof operator
may not be applied. As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Link: https://lore.kernel.org/r/20200212193700.GA29715@embeddedor
Signed-off-by: Greg Kroah-Hartman <[email protected]>
ruscur pushed a commit to ruscur/linux that referenced this issue Feb 13, 2020
@GustavoARSilva @groeck
hwmon: (ibmaem) Replace zero-length array with flexible-array member
2b4496c 
The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertenly introduced[3] to the codebase from now on.

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Link: https://lore.kernel.org/r/20200211234237.GA26971@embeddedor
Signed-off-by: Guenter Roeck <[email protected]>
morimoto pushed a commit to morimoto/linux that referenced this issue Feb 13, 2020
@GustavoARSilva @broonie
ASoC: wm0010: Replace zero-length array with flexible-array member
681c896 
The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertenly introduced[3] to the codebase from now on.

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Acked-by: Charles Keepax <[email protected]>
Link: https://lore.kernel.org/r/20200211200549.GA12072@embeddedor
Signed-off-by: Mark Brown <[email protected]>
FireBurn pushed a commit to FireBurn/linux that referenced this issue Feb 13, 2020
@GustavoARSilva @kraxel
drm/qxl: replace zero-length array with flexible-array member
0f06586 
The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertenly introduced[3] to the codebase from now on.

Also, notice that, dynamic memory allocations won't be affected by
this change:

"Flexible array members have incomplete type, and so the sizeof operator
may not be applied. As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP/linux#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Link: http://patchwork.freedesktop.org/patch/msgid/20200212193344.GA27929@embeddedor
Signed-off-by: Gerd Hoffmann <[email protected]>
jtlayton pushed a commit to ceph/ceph-client that referenced this issue Feb 13, 2020
@GustavoARSilva @jtlayton
ceph: Replace zero-length array with flexible-array member
e9d719c 
The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertently introduced[3] to the codebase from now on.

Also, notice that, dynamic memory allocations won't be affected by
this change:

"Flexible array members have incomplete type, and so the sizeof operator
may not be applied. As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP/linux#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Signed-off-by: Jeff Layton <[email protected]>
fengguang pushed a commit to 0day-ci/linux that referenced this issue Feb 14, 2020
@GustavoARSilva @intel-lab-lkp
treewide: Replace zero-length arrays with flexible-array member
e636fd7 
The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
unadvertenly introduced[3] to the codebase from now on.

All these instances of code were found with the help of the following
Coccinelle script:

@@
identifier S, member, array;
type T1, T2;
@@

struct S {
  ...
  T1 member;
  T2 array[
- 0
  ];
};

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

NOTE: I'll carry this in my -next tree for the v5.6 merge window.

Signed-off-by: Gustavo A. R. Silva <[email protected]>
ruscur pushed a commit to ruscur/linux that referenced this issue Feb 14, 2020
@GustavoARSilva @gregkh
USB: atm: Replace zero-length array with flexible-array member
6a9746f 
The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertenly introduced[3] to the codebase from now on.

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Link: https://lore.kernel.org/r/20200211232148.GA20644@embeddedor
Signed-off-by: Greg Kroah-Hartman <[email protected]>
ruscur pushed a commit to ruscur/linux that referenced this issue Feb 14, 2020
@GustavoARSilva @gregkh
tty: n_gsm: Replace zero-length array with flexible-array member
2f202d0 
The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertenly introduced[3] to the codebase from now on.

Also, notice that, dynamic memory allocations won't be affected by
this change:

"Flexible array members have incomplete type, and so the sizeof operator
may not be applied. As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Link: https://lore.kernel.org/r/20200212193523.GA28826@embeddedor
Signed-off-by: Greg Kroah-Hartman <[email protected]>
1582130940 pushed a commit to 1582130940/android_kernel_xiaomi_sdm660 that referenced this issue Mar 7, 2025
@GustavoARSilva @1582130940
treewide: Replace zero-length array with flexible-array member
b505ca8 
The current codebase makes use of the zero-length array language extension
to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning in
case the flexible array does not occur last in the structure, which will
help us prevent some kind of undefined behavior bugs from being
inadvertently introduced[3] to the codebase from now on.

Also, notice that, dynamic memory allocations won't be affected by this
change:

"Flexible array members have incomplete type, and so the sizeof operator
may not be applied.  As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP/linux#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Change-Id: Iead40005910dc11d0cb8393af802caede31e12f5
Signed-off-by: Andrew Morton <[email protected]>
Cc: Peter Oberparleiter <[email protected]>
Link: http://lkml.kernel.org/r/20200302224851.GA26467@embeddedor
Signed-off-by: Linus Torvalds <[email protected]>
1582130940 pushed a commit to 1582130940/android_kernel_xiaomi_sm8250 that referenced this issue Mar 7, 2025
@GustavoARSilva @1582130940
treewide: Replace zero-length array with flexible-array member
1829691 
The current codebase makes use of the zero-length array language extension
to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning in
case the flexible array does not occur last in the structure, which will
help us prevent some kind of undefined behavior bugs from being
inadvertently introduced[3] to the codebase from now on.

Also, notice that, dynamic memory allocations won't be affected by this
change:

"Flexible array members have incomplete type, and so the sizeof operator
may not be applied.  As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP/linux#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Change-Id: Iead40005910dc11d0cb8393af802caede31e12f5
Signed-off-by: Andrew Morton <[email protected]>
Cc: Peter Oberparleiter <[email protected]>
Link: http://lkml.kernel.org/r/20200302224851.GA26467@embeddedor
Signed-off-by: Linus Torvalds <[email protected]>
1582130940 pushed a commit to 1582130940/android_kernel_xiaomi_sdm660 that referenced this issue Mar 7, 2025
@GustavoARSilva @1582130940
treewide: Replace zero-length array with flexible-array member
dfefd7f 
The current codebase makes use of the zero-length array language extension
to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning in
case the flexible array does not occur last in the structure, which will
help us prevent some kind of undefined behavior bugs from being
inadvertently introduced[3] to the codebase from now on.

Also, notice that, dynamic memory allocations won't be affected by this
change:

"Flexible array members have incomplete type, and so the sizeof operator
may not be applied.  As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP/linux#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Change-Id: Iead40005910dc11d0cb8393af802caede31e12f5
Signed-off-by: Andrew Morton <[email protected]>
Cc: Peter Oberparleiter <[email protected]>
Link: http://lkml.kernel.org/r/20200302224851.GA26467@embeddedor
Signed-off-by: Linus Torvalds <[email protected]>
TIMISONG-dev pushed a commit to TIMISONG-dev/kernel_xiaomi_sm8250 that referenced this issue Mar 8, 2025
@GustavoARSilva @TIMISONG-dev
sched/fair: Replace zero-length array with flexible-array
3780648 
The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertently introduced[3] to the codebase from now on.

Also, notice that, dynamic memory allocations won't be affected by
this change:

"Flexible array members have incomplete type, and so the sizeof operator
may not be applied. As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]

sizeof(flexible-array-member) triggers a warning because flexible array
members have incomplete type[1]. There are some instances of code in
which the sizeof operator is being incorrectly/erroneously applied to
zero-length arrays and the result is zero. Such instances may be hiding
some bugs. So, this work (flexible-array member conversions) will also
help to get completely rid of those sorts of issues.

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP/linux#21
[3] commit 76497732932f ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Signed-off-by: Peter Zijlstra (Intel) <[email protected]>
Link: https://lkml.kernel.org/r/20200507192141.GA16183@embeddedor
Diaz1401 pushed a commit to mengkernel/kernel_xiaomi_sm8250 that referenced this issue Mar 8, 2025
@GustavoARSilva @Diaz1401
BACKPORT: crypto: Replace zero-length array with flexible-array
9d3c12d 
There is a regular need in the kernel to provide a way to declare having a
dynamically sized set of trailing elements in a structure. Kernel code should
always use “flexible array members”[1] for these cases. The older style of
one-element or zero-length arrays should no longer be used[2].

[1] https://en.wikipedia.org/wiki/Flexible_array_member
[2] KSPP/linux#21

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Signed-off-by: UtsavBalar1231 <[email protected]>
Change-Id: I4c5d325e2e7492f7b5b723b44b5bd4b26ec9cb67
Signed-off-by: UtsavBalar1231 <[email protected]>
Signed-off-by: Diaz1401 <[email protected]>
Diaz1401 pushed a commit to mengkernel/kernel_xiaomi_sm8250 that referenced this issue Mar 8, 2025
@GustavoARSilva @Diaz1401
UPSTREAM: ipv6: Replace zero-length array with flexible-array
c710a01 
The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertently introduced[3] to the codebase from now on.

Also, notice that, dynamic memory allocations won't be affected by
this change:

"Flexible array members have incomplete type, and so the sizeof operator
may not be applied. As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]

sizeof(flexible-array-member) triggers a warning because flexible array
members have incomplete type[1]. There are some instances of code in
which the sizeof operator is being incorrectly/erroneously applied to
zero-length arrays and the result is zero. Such instances may be hiding
some bugs. So, this work (flexible-array member conversions) will also
help to get completely rid of those sorts of issues.

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP/linux#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
Signed-off-by: UtsavBalar1231 <[email protected]>
Change-Id: I6b1f8175ad415acbfec92ccf8156738c6ec58b5a
Signed-off-by: UtsavBalar1231 <[email protected]>
Signed-off-by: Diaz1401 <[email protected]>
Diaz1401 pushed a commit to mengkernel/kernel_xiaomi_sm8250 that referenced this issue Mar 8, 2025
@GustavoARSilva @Diaz1401
UPSTREAM: net: atarilance: Replace zero-length array with flexible-array
fa8af4f 
The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertently introduced[3] to the codebase from now on.

Also, notice that, dynamic memory allocations won't be affected by
this change:

"Flexible array members have incomplete type, and so the sizeof operator
may not be applied. As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]

sizeof(flexible-array-member) triggers a warning because flexible array
members have incomplete type[1]. There are some instances of code in
which the sizeof operator is being incorrectly/erroneously applied to
zero-length arrays and the result is zero. Such instances may be hiding
some bugs. So, this work (flexible-array member conversions) will also
help to get completely rid of those sorts of issues.

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP/linux#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
Signed-off-by: UtsavBalar1231 <[email protected]>
Change-Id: I64604722e90b6a6e1e984026f7f30dc8db7fd6e2
Signed-off-by: UtsavBalar1231 <[email protected]>
Signed-off-by: Diaz1401 <[email protected]>
Diaz1401 pushed a commit to mengkernel/kernel_xiaomi_sm8250 that referenced this issue Mar 8, 2025
@GustavoARSilva @Diaz1401
UPSTREAM: team: Replace zero-length array with flexible-array
8260b77 
The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertently introduced[3] to the codebase from now on.

Also, notice that, dynamic memory allocations won't be affected by
this change:

"Flexible array members have incomplete type, and so the sizeof operator
may not be applied. As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]

sizeof(flexible-array-member) triggers a warning because flexible array
members have incomplete type[1]. There are some instances of code in
which the sizeof operator is being incorrectly/erroneously applied to
zero-length arrays and the result is zero. Such instances may be hiding
some bugs. So, this work (flexible-array member conversions) will also
help to get completely rid of those sorts of issues.

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP/linux#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
Signed-off-by: UtsavBalar1231 <[email protected]>
Change-Id: I6a923c2588b93d44b0f094c8a033965b043b65dd
Signed-off-by: UtsavBalar1231 <[email protected]>
Signed-off-by: Diaz1401 <[email protected]>
Diaz1401 pushed a commit to mengkernel/kernel_xiaomi_sm8250 that referenced this issue Mar 8, 2025
@GustavoARSilva @Diaz1401
UPSTREAM: carl9170: Replace zero-length array with flexible-array
e47dab9 
The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertently introduced[3] to the codebase from now on.

Also, notice that, dynamic memory allocations won't be affected by
this change:

"Flexible array members have incomplete type, and so the sizeof operator
may not be applied. As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]

sizeof(flexible-array-member) triggers a warning because flexible array
members have incomplete type[1]. There are some instances of code in
which the sizeof operator is being incorrectly/erroneously applied to
zero-length arrays and the result is zero. Such instances may be hiding
some bugs. So, this work (flexible-array member conversions) will also
help to get completely rid of those sorts of issues.

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP/linux#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Signed-off-by: Kalle Valo <[email protected]>
Link: https://lore.kernel.org/r/20200507151921.GA5083@embeddedor
Signed-off-by: UtsavBalar1231 <[email protected]>
Change-Id: I6fca939cc2ccb55c31f5a301853f639981df97ca
Signed-off-by: UtsavBalar1231 <[email protected]>
Signed-off-by: Diaz1401 <[email protected]>
Diaz1401 pushed a commit to mengkernel/kernel_xiaomi_sm8250 that referenced this issue Mar 8, 2025
@GustavoARSilva @Diaz1401
UPSTREAM: wil6210: Replace zero-length array with flexible-array
751238b 
The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertently introduced[3] to the codebase from now on.

Also, notice that, dynamic memory allocations won't be affected by
this change:

"Flexible array members have incomplete type, and so the sizeof operator
may not be applied. As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]

sizeof(flexible-array-member) triggers a warning because flexible array
members have incomplete type[1]. There are some instances of code in
which the sizeof operator is being incorrectly/erroneously applied to
zero-length arrays and the result is zero. Such instances may be hiding
some bugs. So, this work (flexible-array member conversions) will also
help to get completely rid of those sorts of issues.

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP/linux#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Signed-off-by: Kalle Valo <[email protected]>
Link: https://lore.kernel.org/r/20200507151120.GA4469@embeddedor
Signed-off-by: UtsavBalar1231 <[email protected]>
Change-Id: I0fedb8c73469694e1b9b62c0fb364e266f9d80d7
Signed-off-by: UtsavBalar1231 <[email protected]>
Signed-off-by: Diaz1401 <[email protected]>
Diaz1401 pushed a commit to mengkernel/kernel_xiaomi_sm8250 that referenced this issue Mar 8, 2025
@GustavoARSilva @Diaz1401
UPSTREAM: iwlegacy: Replace zero-length array with flexible-array
0d96e66 
The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertently introduced[3] to the codebase from now on.

Also, notice that, dynamic memory allocations won't be affected by
this change:

"Flexible array members have incomplete type, and so the sizeof operator
may not be applied. As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]

sizeof(flexible-array-member) triggers a warning because flexible array
members have incomplete type[1]. There are some instances of code in
which the sizeof operator is being incorrectly/erroneously applied to
zero-length arrays and the result is zero. Such instances may be hiding
some bugs. So, this work (flexible-array member conversions) will also
help to get completely rid of those sorts of issues.

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP/linux#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Signed-off-by: Kalle Valo <[email protected]>
Link: https://lore.kernel.org/r/20200507185529.GA14639@embeddedor
Signed-off-by: UtsavBalar1231 <[email protected]>
Change-Id: I61644a2afc4f37614a8fddda85820feea457cb9a
Signed-off-by: UtsavBalar1231 <[email protected]>
Signed-off-by: Diaz1401 <[email protected]>
Diaz1401 pushed a commit to mengkernel/kernel_xiaomi_sm8250 that referenced this issue Mar 8, 2025
@GustavoARSilva @Diaz1401
BACKPORT: iwlwifi: Replace zero-length array with flexible-array
e16cffd 
The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertently introduced[3] to the codebase from now on.

Also, notice that, dynamic memory allocations won't be affected by
this change:

"Flexible array members have incomplete type, and so the sizeof operator
may not be applied. As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]

sizeof(flexible-array-member) triggers a warning because flexible array
members have incomplete type[1]. There are some instances of code in
which the sizeof operator is being incorrectly/erroneously applied to
zero-length arrays and the result is zero. Such instances may be hiding
some bugs. So, this work (flexible-array member conversions) will also
help to get completely rid of those sorts of issues.

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP/linux#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Link: https://lore.kernel.org/r/20200507185538.GA14674@embeddedor
Signed-off-by: Luca Coelho <[email protected]>
Signed-off-by: UtsavBalar1231 <[email protected]>
Change-Id: Ib374d7e7d0b5fca2febbbc5201f3949d4a897349
Signed-off-by: UtsavBalar1231 <[email protected]>
Signed-off-by: Diaz1401 <[email protected]>
Diaz1401 pushed a commit to mengkernel/kernel_xiaomi_sm8250 that referenced this issue Mar 8, 2025
@GustavoARSilva @Diaz1401
UPSTREAM: ipw2x00: Replace zero-length array with flexible-array
1e28bf2 
The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertently introduced[3] to the codebase from now on.

Also, notice that, dynamic memory allocations won't be affected by
this change:

"Flexible array members have incomplete type, and so the sizeof operator
may not be applied. As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]

sizeof(flexible-array-member) triggers a warning because flexible array
members have incomplete type[1]. There are some instances of code in
which the sizeof operator is being incorrectly/erroneously applied to
zero-length arrays and the result is zero. Such instances may be hiding
some bugs. So, this work (flexible-array member conversions) will also
help to get completely rid of those sorts of issues.

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP/linux#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Signed-off-by: Kalle Valo <[email protected]>
Link: https://lore.kernel.org/r/20200507185451.GA14603@embeddedor
Signed-off-by: UtsavBalar1231 <[email protected]>
Change-Id: I2c331f2e9d65abfa2351cdd85be2cda674673ba2
Signed-off-by: UtsavBalar1231 <[email protected]>
Signed-off-by: Diaz1401 <[email protected]>
Diaz1401 pushed a commit to mengkernel/kernel_xiaomi_sm8250 that referenced this issue Mar 8, 2025
@GustavoARSilva @Diaz1401
UPSTREAM: mwl8k: Replace zero-length array with flexible-array
77322d0 
The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertently introduced[3] to the codebase from now on.

Also, notice that, dynamic memory allocations won't be affected by
this change:

"Flexible array members have incomplete type, and so the sizeof operator
may not be applied. As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]

sizeof(flexible-array-member) triggers a warning because flexible array
members have incomplete type[1]. There are some instances of code in
which the sizeof operator is being incorrectly/erroneously applied to
zero-length arrays and the result is zero. Such instances may be hiding
some bugs. So, this work (flexible-array member conversions) will also
help to get completely rid of those sorts of issues.

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP/linux#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Signed-off-by: Kalle Valo <[email protected]>
Link: https://lore.kernel.org/r/20200507185914.GA15124@embeddedor
Signed-off-by: UtsavBalar1231 <[email protected]>
Change-Id: Ie0831060aa80bfa35d6fadf2b2f7e7d2e8183939
Signed-off-by: UtsavBalar1231 <[email protected]>
Signed-off-by: Diaz1401 <[email protected]>
Diaz1401 pushed a commit to mengkernel/kernel_xiaomi_sm8250 that referenced this issue Mar 8, 2025
@GustavoARSilva @Diaz1401
UPSTREAM: prism54: Replace zero-length array with flexible-array
b5c2bb5 
The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertently introduced[3] to the codebase from now on.

Also, notice that, dynamic memory allocations won't be affected by
this change:

"Flexible array members have incomplete type, and so the sizeof operator
may not be applied. As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]

sizeof(flexible-array-member) triggers a warning because flexible array
members have incomplete type[1]. There are some instances of code in
which the sizeof operator is being incorrectly/erroneously applied to
zero-length arrays and the result is zero. Such instances may be hiding
some bugs. So, this work (flexible-array member conversions) will also
help to get completely rid of those sorts of issues.

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP/linux#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Signed-off-by: Kalle Valo <[email protected]>
Link: https://lore.kernel.org/r/20200507190210.GA15375@embeddedor
Signed-off-by: UtsavBalar1231 <[email protected]>
Change-Id: Ib1010ef27d9943a8af7a65614451ae35328b7aa5
Signed-off-by: UtsavBalar1231 <[email protected]>
Signed-off-by: Diaz1401 <[email protected]>
Diaz1401 pushed a commit to mengkernel/kernel_xiaomi_sm8250 that referenced this issue Mar 8, 2025
@GustavoARSilva @Diaz1401
BACKPORT: qtnfmac: Replace zero-length array with flexible-array
516773c 
The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertently introduced[3] to the codebase from now on.

Also, notice that, dynamic memory allocations won't be affected by
this change:

"Flexible array members have incomplete type, and so the sizeof operator
may not be applied. As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]

sizeof(flexible-array-member) triggers a warning because flexible array
members have incomplete type[1]. There are some instances of code in
which the sizeof operator is being incorrectly/erroneously applied to
zero-length arrays and the result is zero. Such instances may be hiding
some bugs. So, this work (flexible-array member conversions) will also
help to get completely rid of those sorts of issues.

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP/linux#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Reviewed-by: Sergey Matyukevich <[email protected]>
Signed-off-by: Kalle Valo <[email protected]>
Link: https://lore.kernel.org/r/20200507191926.GA15970@embeddedor
Signed-off-by: UtsavBalar1231 <[email protected]>
Change-Id: I5d65a2480395e76e8e556f8ce171a30d4955920a
Signed-off-by: UtsavBalar1231 <[email protected]>
Signed-off-by: Diaz1401 <[email protected]>
Diaz1401 pushed a commit to mengkernel/kernel_xiaomi_sm8250 that referenced this issue Mar 8, 2025
@GustavoARSilva @Diaz1401
UPSTREAM: rndis_wlan: Replace zero-length array with flexible-array
71ac2ce 
The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertently introduced[3] to the codebase from now on.

Also, notice that, dynamic memory allocations won't be affected by
this change:

"Flexible array members have incomplete type, and so the sizeof operator
may not be applied. As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]

sizeof(flexible-array-member) triggers a warning because flexible array
members have incomplete type[1]. There are some instances of code in
which the sizeof operator is being incorrectly/erroneously applied to
zero-length arrays and the result is zero. Such instances may be hiding
some bugs. So, this work (flexible-array member conversions) will also
help to get completely rid of those sorts of issues.

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP/linux#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Signed-off-by: Kalle Valo <[email protected]>
Link: https://lore.kernel.org/r/20200507192647.GA16710@embeddedor
Signed-off-by: UtsavBalar1231 <[email protected]>
Change-Id: I26551daf49b09f85b9ee16e378ec2200d446d7ce
Signed-off-by: UtsavBalar1231 <[email protected]>
Signed-off-by: Diaz1401 <[email protected]>
Diaz1401 pushed a commit to mengkernel/kernel_xiaomi_sm8250 that referenced this issue Mar 8, 2025
@GustavoARSilva @Diaz1401
UPSTREAM: scsi: libsas: Replace zero-length array with flexible-array
b054dfb 
The current codebase makes use of the zero-length array language extension
to the C90 standard, but the preferred mechanism to declare variable-length
types such as these ones is a flexible array member[1][2], introduced in
C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning in
case the flexible array does not occur last in the structure, which will
help us prevent some kind of undefined behavior bugs from being
inadvertently introduced[3] to the codebase from now on.

Also, notice that, dynamic memory allocations won't be affected by this
change:

"Flexible array members have incomplete type, and so the sizeof operator
may not be applied. As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]

sizeof(flexible-array-member) triggers a warning because flexible array
members have incomplete type[1]. There are some instances of code in which
the sizeof operator is being incorrectly/erroneously applied to zero-length
arrays and the result is zero. Such instances may be hiding some bugs. So,
this work (flexible-array member conversions) will also help to get
completely rid of those sorts of issues.

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP/linux#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Link: https://lore.kernel.org/r/20200507192147.GA16206@embeddedor
Reviewed-by: John Garry <[email protected]>
Reviewed-by: Jason Yan <[email protected]>
Signed-off-by: Gustavo A. R. Silva <[email protected]>
Signed-off-by: Martin K. Petersen <[email protected]>
Signed-off-by: UtsavBalar1231 <[email protected]>
Change-Id: Id986b46989736dcbc8f24a9b1eddc52a11843c42
Signed-off-by: UtsavBalar1231 <[email protected]>
Signed-off-by: Diaz1401 <[email protected]>
amritokun pushed a commit to PaimonLab/kernel_xiaomi_veux that referenced this issue Mar 8, 2025
@GustavoARSilva @amritokun
BACKPORT: gcov: gcc_4_7: replace zero-length array with flexible-arra…
814e255 
…y member

The current codebase makes use of the zero-length array language extension
to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning in
case the flexible array does not occur last in the structure, which will
help us prevent some kind of undefined behavior bugs from being
inadvertently introduced[3] to the codebase from now on.

Also, notice that, dynamic memory allocations won't be affected by this
change:

"Flexible array members have incomplete type, and so the sizeof operator
may not be applied.  As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP/linux#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Change-Id: I6df2382156a2ae3d918774228f601458a61c1b82
Signed-off-by: Andrew Morton <[email protected]>
Acked-by: Peter Oberparleiter <[email protected]>
Link: http://lkml.kernel.org/r/20200213152241.GA877@embeddedor
Signed-off-by: Linus Torvalds <[email protected]>
Signed-off-by: Diaz1401 <[email protected]>
(cherry picked from commit eaf180a5788e1420c82c9af6f7314bacc4e986f9)
Signed-off-by: TogoFire <[email protected]>
amritokun pushed a commit to PaimonLab/kernel_xiaomi_veux that referenced this issue Mar 8, 2025
@GustavoARSilva @amritokun
BACKPORT: gcov: gcc_3_4: replace zero-length array with flexible-arra…
f37aab7 
…y member

The current codebase makes use of the zero-length array language extension
to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning in
case the flexible array does not occur last in the structure, which will
help us prevent some kind of undefined behavior bugs from being
inadvertently introduced[3] to the codebase from now on.

Also, notice that, dynamic memory allocations won't be affected by this
change:

"Flexible array members have incomplete type, and so the sizeof operator
may not be applied.  As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP/linux#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Change-Id: Ic2c24ba6188807a846255c6015bdeb65aa6eb3c8
Signed-off-by: Andrew Morton <[email protected]>
Cc: Peter Oberparleiter <[email protected]>
Link: http://lkml.kernel.org/r/20200302224501.GA14175@embeddedor
Signed-off-by: Linus Torvalds <[email protected]>
Signed-off-by: Diaz1401 <[email protected]>
(cherry picked from commit 403903906974649f74b9407cc0d1612373cf34fd)
Signed-off-by: TogoFire <[email protected]>
amritokun pushed a commit to PaimonLab/kernel_xiaomi_veux that referenced this issue Mar 8, 2025
@GustavoARSilva @amritokun
BACKPORT: kernel/gcov/fs.c: replace zero-length array with flexible-a…
70cc8d8 
…rray member

The current codebase makes use of the zero-length array language extension
to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning in
case the flexible array does not occur last in the structure, which will
help us prevent some kind of undefined behavior bugs from being
inadvertently introduced[3] to the codebase from now on.

Also, notice that, dynamic memory allocations won't be affected by this
change:

"Flexible array members have incomplete type, and so the sizeof operator
may not be applied.  As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP/linux#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Change-Id: Iead40005910dc11d0cb8393af802caede31e12f5
Signed-off-by: Andrew Morton <[email protected]>
Cc: Peter Oberparleiter <[email protected]>
Link: http://lkml.kernel.org/r/20200302224851.GA26467@embeddedor
Signed-off-by: Linus Torvalds <[email protected]>
Signed-off-by: Diaz1401 <[email protected]>
(cherry picked from commit fe48b41c26d176cdb5fc59595db6f374200e71ae)
Signed-off-by: TogoFire <[email protected]>
amritokun pushed a commit to PaimonLab/kernel_xiaomi_veux that referenced this issue Mar 9, 2025
@GustavoARSilva @amritokun
BACKPORT: gcov: gcc_4_7: replace zero-length array with flexible-arra…
5383b6d 
…y member

The current codebase makes use of the zero-length array language extension
to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning in
case the flexible array does not occur last in the structure, which will
help us prevent some kind of undefined behavior bugs from being
inadvertently introduced[3] to the codebase from now on.

Also, notice that, dynamic memory allocations won't be affected by this
change:

"Flexible array members have incomplete type, and so the sizeof operator
may not be applied.  As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP/linux#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Change-Id: I6df2382156a2ae3d918774228f601458a61c1b82
Signed-off-by: Andrew Morton <[email protected]>
Acked-by: Peter Oberparleiter <[email protected]>
Link: http://lkml.kernel.org/r/20200213152241.GA877@embeddedor
Signed-off-by: Linus Torvalds <[email protected]>
Signed-off-by: Diaz1401 <[email protected]>
(cherry picked from commit eaf180a5788e1420c82c9af6f7314bacc4e986f9)
Signed-off-by: TogoFire <[email protected]>
amritokun pushed a commit to PaimonLab/kernel_xiaomi_veux that referenced this issue Mar 9, 2025
@GustavoARSilva @amritokun
BACKPORT: gcov: gcc_3_4: replace zero-length array with flexible-arra…
44862bc 
…y member

The current codebase makes use of the zero-length array language extension
to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning in
case the flexible array does not occur last in the structure, which will
help us prevent some kind of undefined behavior bugs from being
inadvertently introduced[3] to the codebase from now on.

Also, notice that, dynamic memory allocations won't be affected by this
change:

"Flexible array members have incomplete type, and so the sizeof operator
may not be applied.  As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP/linux#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Change-Id: Ic2c24ba6188807a846255c6015bdeb65aa6eb3c8
Signed-off-by: Andrew Morton <[email protected]>
Cc: Peter Oberparleiter <[email protected]>
Link: http://lkml.kernel.org/r/20200302224501.GA14175@embeddedor
Signed-off-by: Linus Torvalds <[email protected]>
Signed-off-by: Diaz1401 <[email protected]>
(cherry picked from commit 403903906974649f74b9407cc0d1612373cf34fd)
Signed-off-by: TogoFire <[email protected]>
amritokun pushed a commit to PaimonLab/kernel_xiaomi_veux that referenced this issue Mar 9, 2025
@GustavoARSilva @amritokun
BACKPORT: kernel/gcov/fs.c: replace zero-length array with flexible-a…
af7ff96 
…rray member

The current codebase makes use of the zero-length array language extension
to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning in
case the flexible array does not occur last in the structure, which will
help us prevent some kind of undefined behavior bugs from being
inadvertently introduced[3] to the codebase from now on.

Also, notice that, dynamic memory allocations won't be affected by this
change:

"Flexible array members have incomplete type, and so the sizeof operator
may not be applied.  As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP/linux#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Change-Id: Iead40005910dc11d0cb8393af802caede31e12f5
Signed-off-by: Andrew Morton <[email protected]>
Cc: Peter Oberparleiter <[email protected]>
Link: http://lkml.kernel.org/r/20200302224851.GA26467@embeddedor
Signed-off-by: Linus Torvalds <[email protected]>
Signed-off-by: Diaz1401 <[email protected]>
(cherry picked from commit fe48b41c26d176cdb5fc59595db6f374200e71ae)
Signed-off-by: TogoFire <[email protected]>
diphons pushed a commit to diphons/kernel_xiaomi_sm8250 that referenced this issue Mar 9, 2025
@GustavoARSilva @diphons
netfilter: Replace zero-length array with flexible-array member
c881646 
[ Upstream commit 6daf14140129d30207ed6a0a69851fa6a3636bda ]

The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertently introduced[3] to the codebase from now on.

Also, notice that, dynamic memory allocations won't be affected by
this change:

"Flexible array members have incomplete type, and so the sizeof operator
may not be applied. As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]

Lastly, fix checkpatch.pl warning
WARNING: __aligned(size) is preferred over __attribute__((aligned(size)))
in net/bridge/netfilter/ebtables.c

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP/linux#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Signed-off-by: Pablo Neira Ayuso <[email protected]>
Stable-dep-of: 542ed8145e6f ("netfilter: nft_set_hash: unaligned atomic read on struct nft_set_ext")
Signed-off-by: Sasha Levin <[email protected]>
Signed-off-by: Vayruz Rafli <[email protected]>
diphons pushed a commit to diphons/kernel_xiaomi_sm8250 that referenced this issue Mar 9, 2025
@GustavoARSilva @diphons
netfilter: Replace zero-length array with flexible-array member
032c486 
[ Upstream commit 6daf14140129d30207ed6a0a69851fa6a3636bda ]

The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertently introduced[3] to the codebase from now on.

Also, notice that, dynamic memory allocations won't be affected by
this change:

"Flexible array members have incomplete type, and so the sizeof operator
may not be applied. As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]

Lastly, fix checkpatch.pl warning
WARNING: __aligned(size) is preferred over __attribute__((aligned(size)))
in net/bridge/netfilter/ebtables.c

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP/linux#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Signed-off-by: Pablo Neira Ayuso <[email protected]>
Stable-dep-of: 542ed8145e6f ("netfilter: nft_set_hash: unaligned atomic read on struct nft_set_ext")
Signed-off-by: Sasha Levin <[email protected]>
Signed-off-by: Vayruz Rafli <[email protected]>
diphons pushed a commit to diphons/kernel_xiaomi_sm8250 that referenced this issue Mar 9, 2025
@GustavoARSilva @diphons
energy_model.h: Replace zero-length array with flexible-array member
7b72be8 
The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertently introduced[3] to the codebase from now on.

Also, notice that, dynamic memory allocations won't be affected by
this change:

"Flexible array members have incomplete type, and so the sizeof operator
may not be applied. As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP/linux#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Signed-off-by: Divyanshu-Modi <[email protected]>
TogoFire pushed a commit to dev-sm8350/kernel_oneplus_sm8350 that referenced this issue Mar 9, 2025
@GustavoARSilva @TogoFire
BACKPORT: gcov: gcc_4_7: replace zero-length array with flexible-arra…
e2c7263 
…y member

The current codebase makes use of the zero-length array language extension
to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning in
case the flexible array does not occur last in the structure, which will
help us prevent some kind of undefined behavior bugs from being
inadvertently introduced[3] to the codebase from now on.

Also, notice that, dynamic memory allocations won't be affected by this
change:

"Flexible array members have incomplete type, and so the sizeof operator
may not be applied.  As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP/linux#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Change-Id: I6df2382156a2ae3d918774228f601458a61c1b82
Signed-off-by: Andrew Morton <[email protected]>
Acked-by: Peter Oberparleiter <[email protected]>
Link: http://lkml.kernel.org/r/20200213152241.GA877@embeddedor
Signed-off-by: Linus Torvalds <[email protected]>
Signed-off-by: Diaz1401 <[email protected]>
(cherry picked from commit eaf180a5788e1420c82c9af6f7314bacc4e986f9)
Signed-off-by: TogoFire <[email protected]>
TogoFire pushed a commit to dev-sm8350/kernel_oneplus_sm8350 that referenced this issue Mar 9, 2025
@GustavoARSilva @TogoFire
BACKPORT: gcov: gcc_3_4: replace zero-length array with flexible-arra…
9d261b0 
…y member

The current codebase makes use of the zero-length array language extension
to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning in
case the flexible array does not occur last in the structure, which will
help us prevent some kind of undefined behavior bugs from being
inadvertently introduced[3] to the codebase from now on.

Also, notice that, dynamic memory allocations won't be affected by this
change:

"Flexible array members have incomplete type, and so the sizeof operator
may not be applied.  As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP/linux#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Change-Id: Ic2c24ba6188807a846255c6015bdeb65aa6eb3c8
Signed-off-by: Andrew Morton <[email protected]>
Cc: Peter Oberparleiter <[email protected]>
Link: http://lkml.kernel.org/r/20200302224501.GA14175@embeddedor
Signed-off-by: Linus Torvalds <[email protected]>
Signed-off-by: Diaz1401 <[email protected]>
(cherry picked from commit 403903906974649f74b9407cc0d1612373cf34fd)
Signed-off-by: TogoFire <[email protected]>
TogoFire pushed a commit to dev-sm8350/kernel_oneplus_sm8350 that referenced this issue Mar 9, 2025
@GustavoARSilva @TogoFire
BACKPORT: kernel/gcov/fs.c: replace zero-length array with flexible-a…
f5101f5 
…rray member

The current codebase makes use of the zero-length array language extension
to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:

struct foo {
        int stuff;
        struct boo array[];
};

By making use of the mechanism above, we will get a compiler warning in
case the flexible array does not occur last in the structure, which will
help us prevent some kind of undefined behavior bugs from being
inadvertently introduced[3] to the codebase from now on.

Also, notice that, dynamic memory allocations won't be affected by this
change:

"Flexible array members have incomplete type, and so the sizeof operator
may not be applied.  As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]

This issue was found with the help of Coccinelle.

[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] KSPP/linux#21
[3] commit 7649773 ("cxgb3/l2t: Fix undefined behaviour")

Signed-off-by: Gustavo A. R. Silva <[email protected]>
Change-Id: Iead40005910dc11d0cb8393af802caede31e12f5
Signed-off-by: Andrew Morton <[email protected]>
Cc: Peter Oberparleiter <[email protected]>
Link: http://lkml.kernel.org/r/20200302224851.GA26467@embeddedor
Signed-off-by: Linus Torvalds <[email protected]>
Signed-off-by: Diaz1401 <[email protected]>
(cherry picked from commit fe48b41c26d176cdb5fc59595db6f374200e71ae)
Signed-off-by: TogoFire <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@GustavoARSilva GustavoARSilva

@kees kees

Labels
compiler Needs compiler support [Idiom] fake flexible array [Linux] v6.12 Released in Linux kernel v6.12
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@GustavoARSilva @kees