From: Alex Williamson <alex@shazbot.org>
To: <mhonap@nvidia.com>
Cc: <dmatlack@google.com>, <dave.jiang@intel.com>,
<ankita@nvidia.com>, <kjaju@nvidia.com>, <kvm@vger.kernel.org>,
<linux-kernel@vger.kernel.org>, <linux-kselftest@vger.kernel.org>,
<stable@vger.kernel.org>,
alex@shazbot.org
Subject: Re: [PATCH] vfio: selftests: Fix VLA initialisation in vfio_pci_irq_set()
Date: Fri, 20 Mar 2026 15:17:26 -0600 [thread overview]
Message-ID: <20260320151726.4db61e9f@shazbot.org> (raw)
In-Reply-To: <20260318145323.7e9831a4@nvidia.com>
On Wed, 18 Mar 2026 14:53:23 -0600
Alex Williamson <alwilliamson@nvidia.com> wrote:
> On Tue, 17 Mar 2026 10:44:02 +0530
> <mhonap@nvidia.com> wrote:
>
> > From: Manish Honap <mhonap@nvidia.com>
> >
> > C does not permit an initialiser expression on a variable-length array
> > (C99 Section 6.7.9 constraint: "The type of the entity to be initialized
> > shall not be a variable length array type").
> >
> > vfio_pci_irq_set() declared:
> >
> > u8 buf[sizeof(struct vfio_irq_set) + sizeof(int) * count] = {};
> >
> > where `count` is a runtime function parameter, making `buf` a VLA.
> >
> > GCC rejects this with (tried with GCC-9.4.0):
> >
> > error: variable-sized object may not be initialized
> >
> > Fix by removing the `= {}` initialiser and inserting an explicit
> > memset() immediately after the declaration. memset() on a VLA is
> > perfectly legal and achieves the same zero-initialisation on all
> > conforming C implementations.
> >
> > Fixes: 19faf6fd969c ("vfio: selftests: Add a helper library for VFIO selftests")
> > Cc: stable@vger.kernel.org
> > Reviewed-by: Dave Jiang <dave.jiang@intel.com>
> > Reviewed-by: David Matlack <dmatlack@google.com>
> > Signed-off-by: Manish Honap <mhonap@nvidia.com>
> > ---
> >
> > This fix is self-contained: it touches only the existing vfio selftest
> > helper library and carries no dependency on any other patch. It was
> > originally included as PATCH 20/20 in the CXL Type-2 VFIO passthrough
> > RFC series [1] but belongs on the vfio list independently, as noted by
> > Dave Jiang.
> >
> > [1] https://lore.kernel.org/all/20260311203440.752648-1-mhonap@nvidia.com/
> >
> > tools/testing/selftests/vfio/lib/vfio_pci_device.c | 4 +++-
> > 1 file changed, 3 insertions(+), 1 deletion(-)
> >
> > diff --git a/tools/testing/selftests/vfio/lib/vfio_pci_device.c b/tools/testing/selftests/vfio/lib/vfio_pci_device.c
> > index fac4c0ecadef..3258e814f450 100644
> > --- a/tools/testing/selftests/vfio/lib/vfio_pci_device.c
> > +++ b/tools/testing/selftests/vfio/lib/vfio_pci_device.c
> > @@ -26,8 +26,10 @@
> > static void vfio_pci_irq_set(struct vfio_pci_device *device,
> > u32 index, u32 vector, u32 count, int *fds)
> > {
> > - u8 buf[sizeof(struct vfio_irq_set) + sizeof(int) * count] = {};
> > + u8 buf[sizeof(struct vfio_irq_set) + sizeof(int) * count];
> > struct vfio_irq_set *irq = (void *)&buf;
> > +
> > + memset(buf, 0, sizeof(buf));
> > int *irq_fds = (void *)&irq->data;
> >
> > irq->argsz = sizeof(buf);
> > --
> > 2.25.1
> >
>
> This unnecessarily split the declaration block. Without objection,
> I'll commit this with the following change:
>
> diff --git a/tools/testing/selftests/vfio/lib/vfio_pci_device.c b/tools/testing/selftests/vfio/lib/vfio_pci_device.c
> index d306ab81123a..fc75e04ef010 100644
> --- a/tools/testing/selftests/vfio/lib/vfio_pci_device.c
> +++ b/tools/testing/selftests/vfio/lib/vfio_pci_device.c
> @@ -32,9 +32,9 @@ static void vfio_pci_irq_set(struct vfio_pci_device *device,
> {
> u8 buf[sizeof(struct vfio_irq_set) + sizeof(int) * count];
> struct vfio_irq_set *irq = (void *)&buf;
> + int *irq_fds = (void *)&irq->data;
>
> memset(buf, 0, sizeof(buf));
> - int *irq_fds = (void *)&irq->data;
>
> irq->argsz = sizeof(buf);
> irq->flags = VFIO_IRQ_SET_ACTION_TRIGGER;
Applied with this fix to vfio next branch for v7.1. Thanks,
Alex
prev parent reply other threads:[~2026-03-20 21:19 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-17 5:14 [PATCH] vfio: selftests: Fix VLA initialisation in vfio_pci_irq_set() mhonap
2026-03-18 20:53 ` Alex Williamson
2026-03-20 21:17 ` Alex Williamson [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260320151726.4db61e9f@shazbot.org \
--to=alex@shazbot.org \
--cc=ankita@nvidia.com \
--cc=dave.jiang@intel.com \
--cc=dmatlack@google.com \
--cc=kjaju@nvidia.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=mhonap@nvidia.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.