From mboxrd@z Thu Jan 1 00:00:00 1970 From: Claude Code Review Bot To: dri-devel-reviews@example.com Subject: Claude review: drm/etnaviv: use kzalloc_flex Date: Sun, 22 Mar 2026 03:59:28 +1000 Message-ID: In-Reply-To: <20260320010757.32158-1-rosenp@gmail.com> References: <20260320010757.32158-1-rosenp@gmail.com> <20260320010757.32158-1-rosenp@gmail.com> X-Mailer: Claude Code Patch Reviewer Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Patch Review **Correctness: OK** The conversion is semantically correct: - The old code computed the size manually via `size_vstruct(nr_bos, sizeof(= submit->bos[0]), sizeof(*submit))` and passed it to `kzalloc(sz, GFP_KERNEL= )`. - The new code `kzalloc_flex(*submit, bos, nr_bos)` expands (via `__alloc_f= lex`) to use `struct_size_t()` for the same computation, and `default_gfp()= ` with no extra args defaults to `GFP_KERNEL` =E2=80=94 matching the origin= al behavior. - `bos` is indeed the trailing flexible array member of `struct etnaviv_gem= _submit` (declared as `struct etnaviv_gem_submit_bo bos[];` at `etnaviv_gem= .h:108`). - The removed `size_vstruct()` has no other callers in the etnaviv driver a= fter this change, so its removal is safe. **Overflow handling difference (minor):** The old `size_vstruct()` returned= 0 on overflow, which would cause `kzalloc(0, GFP_KERNEL)` to return `ZERO_= SIZE_PTR` =E2=80=94 a non-NULL pointer that faults on dereference (a latent= bug, though practically unreachable). The new `kzalloc_flex` uses `struct_= size_t()` which returns `SIZE_MAX` on overflow, causing `kzalloc` to return= NULL =E2=80=94 which is actually the safer and correct behavior. So this i= s a minor improvement. **Additional benefit:** `__alloc_flex` also calls `__set_flex_counter()` wh= ich, if the `bos` member is annotated with `__counted_by()`, will automatic= ally set the counter field. This is a nice bonus for future hardening. **Nit:** The commit message says "A local helper was developed previously f= or struct_size" =E2=80=94 this is slightly inaccurate; the helper (`size_vs= truct`) predates `struct_size` and is a hand-rolled size calculation, not b= uilt on `struct_size`. The message could be clearer, but it's not a blockin= g issue. **Reviewed-by worthy: Yes.** The patch is a clean, correct conversion to th= e preferred kernel API. --- Generated by Claude Code Patch Reviewer