On Thu, Jul 13, 2017 at 10:57:59PM +0200, Arnd Bergmann wrote:
> Thanks for testing it!
>
> That means we did not copy any data and the kernel continues with
> an uninitialized buffer, right? The problem may be the definition of
>
> struct kib_immediate_msg {
> struct lnet_hdr ibim_hdr; /* portals header */
> char ibim_payload[0]; /* piggy-backed payload */
> } WIRE_ATTR;
>
> The check that Al added will try to ensure that we don't write
> beyond the size of the ibim_payload[] array, which unfortunately
> is defined as a zero-byte array, so I can see why it will now
> fail. However, it's already broken in mainline now, with or without
> my patch.
>
> Are you able to come up with a fix that avoids the warning in
> 'allmodconfig' and makes the function do something reasonable
> again?
Might make sense to try and use valid C99 for "array of indefinite
size as the last member", i.e.
struct kib_immediate_msg {
struct lnet_hdr ibim_hdr; /* portals header */
char ibim_payload[]; /* piggy-backed payload */
} WIRE_ATTR;
Zero-sized array as the last member is gcc hack predating that;
looks like gcc gets confused into deciding that it knows the distance
from the end of object...
Said that, are we really guaranteed the IBLND_MSG_SIZE bytes
in there?
_______________________________________________
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxx
http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
