On Thu, Jul 13, 2017 at 10:57:59PM +0200, Arnd Bergmann wrote: > Thanks for testing it! > > That means we did not copy any data and the kernel continues with > an uninitialized buffer, right? The problem may be the definition of > > struct kib_immediate_msg { > struct lnet_hdr ibim_hdr; /* portals header */ > char ibim_payload[0]; /* piggy-backed payload */ > } WIRE_ATTR; > > The check that Al added will try to ensure that we don't write > beyond the size of the ibim_payload[] array, which unfortunately > is defined as a zero-byte array, so I can see why it will now > fail. However, it's already broken in mainline now, with or without > my patch. > > Are you able to come up with a fix that avoids the warning in > 'allmodconfig' and makes the function do something reasonable > again? Might make sense to try and use valid C99 for "array of indefinite size as the last member", i.e. struct kib_immediate_msg { struct lnet_hdr ibim_hdr; /* portals header */ char ibim_payload[]; /* piggy-backed payload */ } WIRE_ATTR; Zero-sized array as the last member is gcc hack predating that; looks like gcc gets confused into deciding that it knows the distance from the end of object... Said that, are we really guaranteed the IBLND_MSG_SIZE bytes in there?