[PATCH] ALSA: Replace zero-length array with flexible-array
The current codebase makes use of the zero-length array language extension to the C90 standard, but the preferred mechanism to declare variable-length types such as these ones is a flexible array member[1][2], introduced in C99:
struct foo { int stuff; struct boo array[]; };
By making use of the mechanism above, we will get a compiler warning in case the flexible array does not occur last in the structure, which will help us prevent some kind of undefined behavior bugs from being inadvertently introduced[3] to the codebase from now on.
Also, notice that, dynamic memory allocations won't be affected by this change:
"Flexible array members have incomplete type, and so the sizeof operator may not be applied. As a quirk of the original implementation of zero-length arrays, sizeof evaluates to zero."[1]
sizeof(flexible-array-member) triggers a warning because flexible array members have incomplete type[1]. There are some instances of code in which the sizeof operator is being incorrectly/erroneously applied to zero-length arrays and the result is zero. Such instances may be hiding some bugs. So, this work (flexible-array member conversions) will also help to get completely rid of those sorts of issues.
This issue was found with the help of Coccinelle.
[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html [2] https://github.com/KSPP/linux/issues/21 [3] commit 76497732932f ("cxgb3/l2t: Fix undefined behaviour")
Signed-off-by: Gustavo A. R. Silva gustavoars@kernel.org --- include/sound/control.h | 2 +- include/sound/intel-nhlt.h | 6 +++--- sound/core/oss/pcm_plugin.h | 2 +- sound/usb/usx2y/usbusx2y.h | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/include/sound/control.h b/include/sound/control.h index 11feeee31e35..aeaed2a05bae 100644 --- a/include/sound/control.h +++ b/include/sound/control.h @@ -75,7 +75,7 @@ struct snd_kcontrol { unsigned long private_value; void *private_data; void (*private_free)(struct snd_kcontrol *kcontrol); - struct snd_kcontrol_volatile vd[0]; /* volatile data */ + struct snd_kcontrol_volatile vd[]; /* volatile data */ };
#define snd_kcontrol(n) list_entry(n, struct snd_kcontrol, list) diff --git a/include/sound/intel-nhlt.h b/include/sound/intel-nhlt.h index f657fd8fc0ad..743c2f442280 100644 --- a/include/sound/intel-nhlt.h +++ b/include/sound/intel-nhlt.h @@ -50,7 +50,7 @@ enum nhlt_device_type {
struct nhlt_specific_cfg { u32 size; - u8 caps[0]; + u8 caps[]; } __packed;
struct nhlt_fmt_cfg { @@ -60,7 +60,7 @@ struct nhlt_fmt_cfg {
struct nhlt_fmt { u8 fmt_count; - struct nhlt_fmt_cfg fmt_config[0]; + struct nhlt_fmt_cfg fmt_config[]; } __packed;
struct nhlt_endpoint { @@ -80,7 +80,7 @@ struct nhlt_endpoint { struct nhlt_acpi_table { struct acpi_table_header header; u8 endpoint_count; - struct nhlt_endpoint desc[0]; + struct nhlt_endpoint desc[]; } __packed;
struct nhlt_resource_desc { diff --git a/sound/core/oss/pcm_plugin.h b/sound/core/oss/pcm_plugin.h index 8d2f7a4e3ab6..46e273bd4a78 100644 --- a/sound/core/oss/pcm_plugin.h +++ b/sound/core/oss/pcm_plugin.h @@ -64,7 +64,7 @@ struct snd_pcm_plugin { char *buf; snd_pcm_uframes_t buf_frames; struct snd_pcm_plugin_channel *buf_channels; - char extra_data[0]; + char extra_data[]; };
int snd_pcm_plugin_build(struct snd_pcm_substream *handle, diff --git a/sound/usb/usx2y/usbusx2y.h b/sound/usb/usx2y/usbusx2y.h index e0f77172ce8f..144b85f57bd2 100644 --- a/sound/usb/usx2y/usbusx2y.h +++ b/sound/usb/usx2y/usbusx2y.h @@ -18,7 +18,7 @@ struct snd_usX2Y_AsyncSeq { struct snd_usX2Y_urbSeq { int submitted; int len; - struct urb *urb[0]; + struct urb *urb[]; };
#include "usx2yhwdeppcm.h"
On Thu, 07 May 2020 21:22:23 +0200, Gustavo A. R. Silva wrote:
The current codebase makes use of the zero-length array language extension to the C90 standard, but the preferred mechanism to declare variable-length types such as these ones is a flexible array member[1][2], introduced in C99:
struct foo { int stuff; struct boo array[]; };
By making use of the mechanism above, we will get a compiler warning in case the flexible array does not occur last in the structure, which will help us prevent some kind of undefined behavior bugs from being inadvertently introduced[3] to the codebase from now on.
Also, notice that, dynamic memory allocations won't be affected by this change:
"Flexible array members have incomplete type, and so the sizeof operator may not be applied. As a quirk of the original implementation of zero-length arrays, sizeof evaluates to zero."[1]
sizeof(flexible-array-member) triggers a warning because flexible array members have incomplete type[1]. There are some instances of code in which the sizeof operator is being incorrectly/erroneously applied to zero-length arrays and the result is zero. Such instances may be hiding some bugs. So, this work (flexible-array member conversions) will also help to get completely rid of those sorts of issues.
This issue was found with the help of Coccinelle.
[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html [2] https://github.com/KSPP/linux/issues/21 [3] commit 76497732932f ("cxgb3/l2t: Fix undefined behaviour")
Signed-off-by: Gustavo A. R. Silva gustavoars@kernel.org
Thanks, applied now to for-next branch.
Takashi
On Thu, May 07, 2020 at 10:31:26PM +0200, Takashi Iwai wrote:
On Thu, 07 May 2020 21:22:23 +0200, Gustavo A. R. Silva wrote:
Signed-off-by: Gustavo A. R. Silva gustavoars@kernel.org
Thanks, applied now to for-next branch.
Thanks, Takashi.
-- Gustavo
participants (2)
-
Gustavo A. R. Silva -
Takashi Iwai