util: fix undefined behavior in wl_array_for_each

If a wl_array has size zero, wl_array_for_each computes NULL + 0 to get
to the end pointer. This should be fine, and indeed it would be fine in
C++. But the C specification has a mistake here and it is actually
undefined behavior. See
https://davidben.net/2024/01/15/empty-slices.html

Clang's -fsanitize=undefined flags this. I ran into this in Chromium's
build with wayland-scanner on one of our XML files.

../../third_party/wayland/src/src/scanner.c:1853:2: runtime error: applying zero offset to null pointer
    #0 0x55c979b8e02c in emit_code third_party/wayland/src/src/scanner.c:1853:2
    #1 0x55c979b89323 in main third_party/wayland/src/src/scanner.c
    #2 0x7f8dfdb8c6c9 in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
    #3 0x7f8dfdb8c784 in __libc_start_main csu/../csu/libc-start.c:360:3
    #4 0x55c979b70f39 in _start (...)

An empty XML file is sufficient to hit this case, so I've added it as a
test. To reproduce, undo the fix and include only the test, then build
with:

  CC=clang CFLAGS="-fno-sanitize-recover=undefined" meson build/ -Db_sanitize=undefined -Db_lundef=false
  ninja -C build test

Signed-off-by: David Benjamin <davidben@google.com>

tests/data/empty-client.h

@@ -0,0 +1,83 @@
+/* SCANNER TEST */
+
+#ifndef EMPTY_CLIENT_PROTOCOL_H
+#define EMPTY_CLIENT_PROTOCOL_H
+
+#include <stdint.h>
+#include <stddef.h>
+#include "wayland-client.h"
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/**
+ * @page page_empty The empty protocol
+ * @section page_ifaces_empty Interfaces
+ * - @subpage page_iface_empty - 
+ */
+struct empty;
+
+#ifndef EMPTY_INTERFACE
+#define EMPTY_INTERFACE
+/**
+ * @page page_iface_empty empty
+ * @section page_iface_empty_api API
+ * See @ref iface_empty.
+ */
+/**
+ * @defgroup iface_empty The empty interface
+ */
+extern const struct wl_interface empty_interface;
+#endif
+
+#define EMPTY_EMPTY 0
+
+
+/**
+ * @ingroup iface_empty
+ */
+#define EMPTY_EMPTY_SINCE_VERSION 1
+
+/** @ingroup iface_empty */
+static inline void
+empty_set_user_data(struct empty *empty, void *user_data)
+{
+	wl_proxy_set_user_data((struct wl_proxy *) empty, user_data);
+}
+
+/** @ingroup iface_empty */
+static inline void *
+empty_get_user_data(struct empty *empty)
+{
+	return wl_proxy_get_user_data((struct wl_proxy *) empty);
+}
+
+static inline uint32_t
+empty_get_version(struct empty *empty)
+{
+	return wl_proxy_get_version((struct wl_proxy *) empty);
+}
+
+/** @ingroup iface_empty */
+static inline void
+empty_destroy(struct empty *empty)
+{
+	wl_proxy_destroy((struct wl_proxy *) empty);
+}
+
+/**
+ * @ingroup iface_empty
+ */
+static inline void
+empty_empty(struct empty *empty)
+{
+	wl_proxy_marshal_flags((struct wl_proxy *) empty,
+			 EMPTY_EMPTY, NULL, wl_proxy_get_version((struct wl_proxy *) empty), 0);
+}
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif

tests/data/empty-code.c

@@ -0,0 +1,20 @@
+/* SCANNER TEST */
+
+#include <stdlib.h>
+#include <stdint.h>
+#include "wayland-util.h"
+
+
+static const struct wl_interface *empty_types[] = {
+};
+
+static const struct wl_message empty_requests[] = {
+	{ "empty", "", empty_types + 0 },
+};
+
+WL_EXPORT const struct wl_interface empty_interface = {
+	"empty", 1,
+	1, empty_requests,
+	0, NULL,
+};
+

tests/data/empty-server.h

@@ -0,0 +1,58 @@
+/* SCANNER TEST */
+
+#ifndef EMPTY_SERVER_PROTOCOL_H
+#define EMPTY_SERVER_PROTOCOL_H
+
+#include <stdint.h>
+#include <stddef.h>
+#include "wayland-server.h"
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+struct wl_client;
+struct wl_resource;
+
+/**
+ * @page page_empty The empty protocol
+ * @section page_ifaces_empty Interfaces
+ * - @subpage page_iface_empty - 
+ */
+struct empty;
+
+#ifndef EMPTY_INTERFACE
+#define EMPTY_INTERFACE
+/**
+ * @page page_iface_empty empty
+ * @section page_iface_empty_api API
+ * See @ref iface_empty.
+ */
+/**
+ * @defgroup iface_empty The empty interface
+ */
+extern const struct wl_interface empty_interface;
+#endif
+
+/**
+ * @ingroup iface_empty
+ * @struct empty_interface
+ */
+struct empty_interface {
+	/**
+	 */
+	void (*empty)(struct wl_client *client,
+		      struct wl_resource *resource);
+};
+
+
+/**
+ * @ingroup iface_empty
+ */
+#define EMPTY_EMPTY_SINCE_VERSION 1
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif

tests/data/empty.xml

@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<protocol name="empty">
+  <interface name="empty" version="1">
+    <request name="empty">
+    </request>
+  </interface>
+</protocol>

tests/scanner-test-gen.sh

@@ -19,3 +19,7 @@ generate "-c client-header" "small.xml" "small-client-core.h"
 generate "-c server-header" "small.xml" "small-server-core.h"
 
 generate "private-code" "small.xml" "small-private-code.c"
+
+generate "code" "empty.xml" "empty-code.c"
+generate "client-header" "empty.xml" "empty-client.h"
+generate "server-header" "empty.xml" "empty-server.h"

tests/scanner-test.sh

@@ -67,6 +67,10 @@ generate_and_compare "code" "small.xml" "small-code.c"
 generate_and_compare "public-code" "small.xml" "small-code.c"
 generate_and_compare "private-code" "small.xml" "small-private-code.c"
 
+generate_and_compare "code" "empty.xml" "empty-code.c"
+generate_and_compare "client-header" "empty.xml" "empty-client.h"
+generate_and_compare "server-header" "empty.xml" "empty-server.h"
+
 verify_error "bad-identifier-arg.xml" "bad-identifier-arg.log" 7
 verify_error "bad-identifier-entry.xml" "bad-identifier-entry.log" 8
 verify_error "bad-identifier-enum.xml" "bad-identifier-enum.log" 6