[PATCH] iommufd/selftest: Make it clearer to gcc that the access is not out of bounds

[PATCH] iommufd/selftest: Make it clearer to gcc that the access is not out of bounds

[Jason Gunthorpe]

GCC gets a bit confused and reports:

   In function '_test_cmd_get_hw_info',
       inlined from 'iommufd_ioas_get_hw_info' at iommufd.c:779:3,
       inlined from 'wrapper_iommufd_ioas_get_hw_info' at iommufd.c:752:1:
>> iommufd_utils.h:804:37: warning: array subscript 'struct iommu_test_hw_info[0]' is partly outside array bounds of 'struct iommu_test_hw_info_buffer_smaller[1]' [-Warray-bounds=]
     804 |                         assert(!info->flags);
         |                                 ~~~~^~~~~~~
   iommufd.c: In function 'wrapper_iommufd_ioas_get_hw_info':
   iommufd.c:761:11: note: object 'buffer_smaller' of size 4
     761 |         } buffer_smaller;
         |           ^~~~~~~~~~~~~~

While it is true that "struct iommu_test_hw_info[0]" is partly out of
bounds of the input pointer, it is not true that info->flags is out of
bounds. Unclear why it warns on this.

Reuse an existing properly sized stack buffer and pass a truncated length
instead to test the same thing.

Fixes: af4fde93c319 ("iommufd/selftest: Add coverage for IOMMU_GET_HW_INFO ioctl")
Reported-by: kernel test robot <lkp@intel.com>
Closes: https://lore.kernel.org/oe-kbuild-all/202512032344.kaAcKFIM-lkp@intel.com/
Signed-off-by: Jason Gunthorpe <jgg@nvidia.com>
---
 tools/testing/selftests/iommu/iommufd.c | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/tools/testing/selftests/iommu/iommufd.c b/tools/testing/selftests/iommu/iommufd.c
index 10e051b6f592df..dadad277f4eb2e 100644
--- a/tools/testing/selftests/iommu/iommufd.c
+++ b/tools/testing/selftests/iommu/iommufd.c
@@ -755,9 +755,6 @@ TEST_F(iommufd_ioas, get_hw_info)
 		struct iommu_test_hw_info info;
 		uint64_t trailing_bytes;
 	} buffer_larger;
-	struct iommu_test_hw_info_buffer_smaller {
-		__u32 flags;
-	} buffer_smaller;
 
 	if (self->device_id) {
 		uint8_t max_pasid = 0;
@@ -789,8 +786,9 @@ TEST_F(iommufd_ioas, get_hw_info)
 		 * the fields within the size range still gets updated.
 		 */
 		test_cmd_get_hw_info(self->device_id,
-				     IOMMU_HW_INFO_TYPE_DEFAULT,
-				     &buffer_smaller, sizeof(buffer_smaller));
+				     IOMMU_HW_INFO_TYPE_DEFAULT, &buffer_exact,
+				     offsetofend(struct iommu_test_hw_info,
+						 flags));
 		test_cmd_get_hw_info_pasid(self->device_id, &max_pasid);
 		ASSERT_EQ(0, max_pasid);
 		if (variant->pasid_capable) {

base-commit: 93013488dd77dd2ea8bd23355a5587d9e6dac185
-- 
2.43.0

Re: [PATCH] iommufd/selftest: Make it clearer to gcc that the access is not out of bounds

[Nicolin Chen]

On Fri, Dec 05, 2025 at 08:39:59PM -0400, Jason Gunthorpe wrote:
> GCC gets a bit confused and reports:
> 
>    In function '_test_cmd_get_hw_info',
>        inlined from 'iommufd_ioas_get_hw_info' at iommufd.c:779:3,
>        inlined from 'wrapper_iommufd_ioas_get_hw_info' at iommufd.c:752:1:
> >> iommufd_utils.h:804:37: warning: array subscript 'struct iommu_test_hw_info[0]' is partly outside array bounds of 'struct iommu_test_hw_info_buffer_smaller[1]' [-Warray-bounds=]
>      804 |                         assert(!info->flags);
>          |                                 ~~~~^~~~~~~
>    iommufd.c: In function 'wrapper_iommufd_ioas_get_hw_info':
>    iommufd.c:761:11: note: object 'buffer_smaller' of size 4
>      761 |         } buffer_smaller;
>          |           ^~~~~~~~~~~~~~
> 
> While it is true that "struct iommu_test_hw_info[0]" is partly out of
> bounds of the input pointer, it is not true that info->flags is out of
> bounds. Unclear why it warns on this.
> 
> Reuse an existing properly sized stack buffer and pass a truncated length
> instead to test the same thing.
> 
> Fixes: af4fde93c319 ("iommufd/selftest: Add coverage for IOMMU_GET_HW_INFO ioctl")
> Reported-by: kernel test robot <lkp@intel.com>
> Closes: https://lore.kernel.org/oe-kbuild-all/202512032344.kaAcKFIM-lkp@intel.com/
> Signed-off-by: Jason Gunthorpe <jgg@nvidia.com>
 
Reviewed-by: Nicolin Chen <nicolinc@nvidia.com>

RE: [PATCH] iommufd/selftest: Make it clearer to gcc that the access is not out of bounds

[Tian, Kevin]

> From: Jason Gunthorpe <jgg@nvidia.com>
> Sent: Saturday, December 6, 2025 8:40 AM
> 
> GCC gets a bit confused and reports:
> 
>    In function '_test_cmd_get_hw_info',
>        inlined from 'iommufd_ioas_get_hw_info' at iommufd.c:779:3,
>        inlined from 'wrapper_iommufd_ioas_get_hw_info' at iommufd.c:752:1:
> >> iommufd_utils.h:804:37: warning: array subscript 'struct
> iommu_test_hw_info[0]' is partly outside array bounds of 'struct
> iommu_test_hw_info_buffer_smaller[1]' [-Warray-bounds=]
>      804 |                         assert(!info->flags);
>          |                                 ~~~~^~~~~~~
>    iommufd.c: In function 'wrapper_iommufd_ioas_get_hw_info':
>    iommufd.c:761:11: note: object 'buffer_smaller' of size 4
>      761 |         } buffer_smaller;
>          |           ^~~~~~~~~~~~~~
> 
> While it is true that "struct iommu_test_hw_info[0]" is partly out of
> bounds of the input pointer, it is not true that info->flags is out of
> bounds. Unclear why it warns on this.
> 
> Reuse an existing properly sized stack buffer and pass a truncated length
> instead to test the same thing.
> 
> Fixes: af4fde93c319 ("iommufd/selftest: Add coverage for
> IOMMU_GET_HW_INFO ioctl")
> Reported-by: kernel test robot <lkp@intel.com>
> Closes: https://lore.kernel.org/oe-kbuild-all/202512032344.kaAcKFIM-
> lkp@intel.com/
> Signed-off-by: Jason Gunthorpe <jgg@nvidia.com>

Reviewed-by: Kevin Tian <kevin.tian@intel.com>