On Mon, 2020-05-18 at 14:01 -0500, Gustavo A. R. Silva wrote:
> The current codebase makes use of one-element arrays in the following
> form:
>
> struct something {
> int length;
> u8 data[1];
> };
[]
> This issue has been out there since 2009.
> This issue was found with the help of Coccinelle and fixed _manually_.
[]
> diff --git a/arch/x86/platform/uv/uv_time.c b/arch/x86/platform/uv/uv_time.c
> index 7af31b245636..993a8ae6fdfb 100644
> --- a/arch/x86/platform/uv/uv_time.c
> +++ b/arch/x86/platform/uv/uv_time.c
> @@ -52,7 +52,7 @@ struct uv_rtc_timer_head {
> struct {
> int lcpu; /* systemwide logical cpu number */
> u64 expires; /* next timer expiration for this cpu */
> - } cpu[1];
> + } cpu[];
> };
>
> /*
> @@ -156,9 +156,8 @@ static __init int uv_rtc_allocate_timers(void)
> struct uv_rtc_timer_head *head = blade_info[bid];
>
> if (!head) {
> - head = kmalloc_node(sizeof(struct uv_rtc_timer_head) +
> - (uv_blade_nr_possible_cpus(bid) *
> - 2 * sizeof(u64)),
> + head = kmalloc_node(struct_size(head, cpu,
> + uv_blade_nr_possible_cpus(bid)),
It's probably safer to use kzalloc_node here as well.
> GFP_KERNEL, nid);
> if (!head) {
> uv_rtc_deallocate_timers();
