similar to: [PATCH][next] drm: Replace zero-length array with flexible-array member

The current codebase makes use of the zero-length array language extension to the C90 standard, but the preferred mechanism to declare variable-length types such as these ones is a flexible array member[1][2], introduced in C99: struct foo { int stuff; struct boo array[]; }; By making use of the mechanism above, we will get a compiler warning in case the flexible array does not

The current codebase makes use of the zero-length array language extension to the C90 standard, but the preferred mechanism to declare variable-length types such as these ones is a flexible array member[1][2], introduced in C99: struct foo { int stuff; struct boo array[]; }; By making use of the mechanism above, we will get a compiler warning in case the flexible array does not

In preparation to enabling -Wimplicit-fallthrough, mark switch cases where we are expecting to fall through. This patch fixes the following warning: drivers/gpu/drm/nouveau/nouveau_bo.c:1434:53: warning: this statement may fall through [-Wimplicit-fallthrough=] Warning level 3 was used: -Wimplicit-fallthrough=3 This patch is part of the ongoing efforts to enabling -Wimplicit-fallthrough.

In case memory resources for *bl_desc* were allocated, release them before return. Addresses-Coverity-ID: 1472021 ("Resource leak") Fixes: 0d466901552a ("drm/nouveau/secboot/acr: Remove VLA usage") Signed-off-by: Gustavo A. R. Silva <gustavo at embeddedor.com> --- drivers/gpu/drm/nouveau/nvkm/subdev/secboot/acr_r352.c | 1 + 1 file changed, 1 insertion(+) diff --git

On 8/2/18 12:51 PM, Gustavo A. R. Silva wrote: > Hi all, > > Friendly ping! Who can take this? > > Thanks > -- > Gustavo > > On 07/24/2018 08:27 AM, Gustavo A. R. Silva wrote: >> In case memory resources for *bl_desc* were allocated, release >> them before return. >> >> Addresses-Coverity-ID: 1472021 ("Resource leak") >> Fixes:

Make use of the struct_size() helper instead of an open-coded version in order to avoid any potential type mistakes, in particular in the context in which this code is being used. So, replace the following form: sizeof(*kind) + sizeof(*kind->data) * mmu->kind_nr; with: struct_size(kind, data, mmu->kind_nr) This code was detected with the help of Coccinelle. Signed-off-by: Gustavo A.

From: Colin Ian King <colin.king at canonical.com> The NOUVEAU_GETPARAM_PCI_DEVICE case is missing a break statement and falls through to the following NOUVEAU_GETPARAM_BUS_TYPE case and may end up re-assigning the getparam->value to an undesired value. Fix this by adding in the missing break. Detected by CoverityScan, CID#1460507 ("Missing break in switch") Fixes:

On 14 March 2018 at 21:08, Thierry Reding <thierry.reding at gmail.com> wrote: > On Tue, Mar 13, 2018 at 11:24:11AM -0500, Gustavo A. R. Silva wrote: >> In preparation to enabling -Wvla, remove VLA. In this particular >> case directly use macro NVKM_MSGQUEUE_CMDLINE_SIZE instead of local >> variable cmdline_size. Also, remove cmdline_size as it is not >> actually

In preparation to enabling -Wvla, remove VLA. In this particular case directly use macro NVKM_MSGQUEUE_CMDLINE_SIZE instead of local variable cmdline_size. Also, remove cmdline_size as it is not actually useful anymore. The use of stack Variable Length Arrays needs to be avoided, as they can be a vector for stack exhaustion, which can be both a runtime bug or a security flaw. Also, in general, as

On Thu, Apr 26, 2018 at 4:25 PM, Kees Cook <keescook at chromium.org> wrote: > On Thu, Mar 15, 2018 at 7:05 PM, Ben Skeggs <skeggsb at gmail.com> wrote: >> On 14 March 2018 at 21:08, Thierry Reding <thierry.reding at gmail.com> wrote: >>> On Tue, Mar 13, 2018 at 11:24:11AM -0500, Gustavo A. R. Silva wrote: >>>> In preparation to enabling -Wvla,

One of the more common cases of allocation size calculations is finding the size of a structure that has a zero-sized array at the end, along with memory for some number of elements for that array. For example: struct virtio_scsi { ... struct virtio_scsi_vq req_vqs[]; }; Make use of the struct_size() helper instead of an open-coded version in order to avoid any potential type mistakes.

One of the more common cases of allocation size calculations is finding the size of a structure that has a zero-sized array at the end, along with memory for some number of elements for that array. For example: struct virtio_scsi { ... struct virtio_scsi_vq req_vqs[]; }; Make use of the struct_size() helper instead of an open-coded version in order to avoid any potential type mistakes.

Hi, Please drop this, as I have included this fix into the following patch, which addresses all the expected fall-throughs in drivers/gpu/drm: https://lore.kernel.org/patchwork/patch/1042856/ Thanks -- Gustavo On 2/11/19 12:58 PM, Gustavo A. R. Silva wrote: > In preparation to enabling -Wimplicit-fallthrough, mark switch > cases where we are expecting to fall through. > > This

Hi all, While doing some static analysis I ran into the following piece of code at drivers/gpu/drm/nouveau/nvkm/subdev/mmu/vmm.c:957: 957#define node(root, dir) ((root)->head.dir == &vmm->list) ? NULL : \ 958 list_entry((root)->head.dir, struct nvkm_vma, head) 959 960void 961nvkm_vmm_unmap_region(struct nvkm_vmm *vmm, struct nvkm_vma *vma) 962{

In preparation to enabling -Wimplicit-fallthrough, mark switch cases where we are expecting to fall through. Warning level 3 was used: -Wimplicit-fallthrough=3 Notice that, in some cases, the code comment is modified in accordance with what GCC is expecting to find. This patch is part of the ongoing efforts to enable -Wimplicit-fallthrough. Signed-off-by: Gustavo A. R. Silva <gustavo at

Add null check before dereferencing pointer asyc Addresses-Coverity-ID: 1397932 Signed-off-by: Gustavo A. R. Silva <garsilva at embeddedor.com> --- drivers/gpu/drm/nouveau/nv50_display.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/gpu/drm/nouveau/nv50_display.c b/drivers/gpu/drm/nouveau/nv50_display.c index a766324..052a60a 100644 ---

More arrays (and arguments) for dcpd were set to 16, when it looks like DP_RECEIVER_CAP_SIZE (15) should be used. Fix the remaining cases, seen with GCC 13: ../drivers/gpu/drm/nouveau/nvif/outp.c: In function 'nvif_outp_acquire_dp': ../include/linux/fortify-string.h:57:33: warning: array subscript 'unsigned char[16][0]' is partly outside array bounds of 'u8[15]' {aka

In preparation to enabling -Wimplicit-fallthrough, mark switch cases where we are expecting to fall through. This patch aims to suppress 29 missing-break-in-switch false positives. Addresses-Coverity-ID: 1456891 ("Missing break in switch") Addresses-Coverity-ID: 1324063 ("Missing break in switch") Addresses-Coverity-ID: 1324063 ("Missing break in switch")

Both Coverity and GCC with -Wstringop-overflow noticed that nvif_outp_acquire_dp() accidentally defined its second argument with 1 additional element: drivers/gpu/drm/nouveau/dispnv50/disp.c: In function 'nv50_pior_atomic_enable': drivers/gpu/drm/nouveau/dispnv50/disp.c:1813:17: error: 'nvif_outp_acquire_dp' accessing 16 bytes in a region of size 15 [-Werror=stringop-overflow=]

Sorry! I've been pretty busy until now, this is: Reviewed-by: Lyude Paul <lyude at redhat.com> Let me know if you've pushed it already or if you want me to push it to drm- misc On Wed, 2023-01-25 at 12:15 -0800, Kees Cook wrote: > Ping. I'll take this via my tree unless someone else wants to take it... > > On Sun, Nov 27, 2022 at 10:30:41AM -0800, Kees Cook wrote: