There are few places where a virPCIDeviceAddress typed variable is allocated on the stack but it's not initialized. This can lead to random values of its members which in turn can lead to a random behaviour. Generated with help of the following spatch: @@ identifier I; @@ - virPCIDeviceAddress I; + virPCIDeviceAddress I = { 0 }; And then fixing bhyveAssignDevicePCISlots() which does declare the variable and then explicitly zero it by calling memset() only to set a specific member afterwards. Signed-off-by: Michal Privoznik <mprivozn@redhat.com> --- src/bhyve/bhyve_device.c | 5 +---- src/conf/domain_addr.c | 2 +- src/conf/node_device_conf.c | 4 ++-- src/hypervisor/domain_driver.c | 6 +++--- src/node_device/node_device_udev.c | 2 +- src/qemu/qemu_domain_address.c | 4 ++-- src/util/virpci.c | 2 +- 7 files changed, 11 insertions(+), 14 deletions(-) diff --git a/src/bhyve/bhyve_device.c b/src/bhyve/bhyve_device.c index 36b93c0d4c..5654028ca5 100644 --- a/src/bhyve/bhyve_device.c +++ b/src/bhyve/bhyve_device.c @@ -83,10 +83,7 @@ bhyveAssignDevicePCISlots(virDomainDef *def, virDomainPCIAddressSet *addrs) { size_t i; - virPCIDeviceAddress lpc_addr; - - memset(&lpc_addr, 0, sizeof(lpc_addr)); - lpc_addr.slot = 0x1; + virPCIDeviceAddress lpc_addr = { .slot = 0x1 }; /* If the user didn't explicitly specify slot 1 for some of the devices, reserve it for LPC, even if there's no LPC device configured. diff --git a/src/conf/domain_addr.c b/src/conf/domain_addr.c index 49745ba881..49ca775a52 100644 --- a/src/conf/domain_addr.c +++ b/src/conf/domain_addr.c @@ -1181,7 +1181,7 @@ virDomainPCIAddressReserveNextAddr(virDomainPCIAddressSet *addrs, virDomainPCIConnectFlags flags, int function) { - virPCIDeviceAddress addr; + virPCIDeviceAddress addr = { 0 }; if (virDomainPCIAddressGetNextAddr(addrs, &addr, flags, dev->isolationGroup, function) < 0) diff --git a/src/conf/node_device_conf.c b/src/conf/node_device_conf.c index 61c8715037..8b20a7bee9 100644 --- a/src/conf/node_device_conf.c +++ b/src/conf/node_device_conf.c @@ -2947,7 +2947,7 @@ virNodeDeviceGetPCIIOMMUGroupCaps(virNodeDevCapPCIDev *pci_dev) { size_t i; int tmpGroup; - virPCIDeviceAddress addr; + virPCIDeviceAddress addr = { 0 }; /* this could be a refresh, so clear out the old data */ for (i = 0; i < pci_dev->nIommuGroupDevices; i++) @@ -3018,7 +3018,7 @@ static int virNodeDeviceGetPCIVPDDynamicCap(virNodeDevCapPCIDev *devCapPCIDev) { g_autoptr(virPCIDevice) pciDev = NULL; - virPCIDeviceAddress devAddr; + virPCIDeviceAddress devAddr = { 0 }; g_autoptr(virPCIVPDResource) res = NULL; devAddr.domain = devCapPCIDev->domain; diff --git a/src/hypervisor/domain_driver.c b/src/hypervisor/domain_driver.c index 2083f06287..bb1da7ac6b 100644 --- a/src/hypervisor/domain_driver.c +++ b/src/hypervisor/domain_driver.c @@ -375,7 +375,7 @@ virDomainDriverNodeDeviceReset(virNodeDevicePtr dev, virHostdevManager *hostdevMgr) { g_autoptr(virPCIDevice) pci = NULL; - virPCIDeviceAddress devAddr; + virPCIDeviceAddress devAddr = { 0 }; g_autoptr(virNodeDeviceDef) def = NULL; g_autofree char *xml = NULL; g_autoptr(virConnect) nodeconn = NULL; @@ -421,7 +421,7 @@ virDomainDriverNodeDeviceReAttach(virNodeDevicePtr dev, virHostdevManager *hostdevMgr) { g_autoptr(virPCIDevice) pci = NULL; - virPCIDeviceAddress devAddr; + virPCIDeviceAddress devAddr = { 0 }; g_autoptr(virNodeDeviceDef) def = NULL; g_autofree char *xml = NULL; g_autoptr(virConnect) nodeconn = NULL; @@ -466,7 +466,7 @@ virDomainDriverNodeDeviceDetachFlags(virNodeDevicePtr dev, const char *driverName) { g_autoptr(virPCIDevice) pci = NULL; - virPCIDeviceAddress devAddr; + virPCIDeviceAddress devAddr = { 0 }; g_autoptr(virNodeDeviceDef) def = NULL; g_autofree char *xml = NULL; g_autoptr(virConnect) nodeconn = NULL; diff --git a/src/node_device/node_device_udev.c b/src/node_device/node_device_udev.c index 3d5e25424a..b0a5e6302c 100644 --- a/src/node_device/node_device_udev.c +++ b/src/node_device/node_device_udev.c @@ -366,7 +366,7 @@ udevProcessPCI(struct udev_device *device, virNodeDevCapPCIDev *pci_dev = &def->caps->data.pci_dev; virPCIEDeviceInfo *pci_express = NULL; virPCIDevice *pciDev = NULL; - virPCIDeviceAddress devAddr; + virPCIDeviceAddress devAddr = { 0 }; int ret = -1; char *p; bool privileged = false; diff --git a/src/qemu/qemu_domain_address.c b/src/qemu/qemu_domain_address.c index 4e7095d3a7..dd0680f57f 100644 --- a/src/qemu/qemu_domain_address.c +++ b/src/qemu/qemu_domain_address.c @@ -1743,7 +1743,7 @@ qemuDomainValidateDevicePCISlotsPIIX3(virDomainDef *def, virDomainPCIAddressSet *addrs) { size_t i; - virPCIDeviceAddress tmp_addr; + virPCIDeviceAddress tmp_addr = { 0 }; g_autofree char *addrStr = NULL; virDomainPCIConnectFlags flags = (VIR_PCI_CONNECT_AUTOASSIGN | VIR_PCI_CONNECT_TYPE_PCI_DEVICE); @@ -1853,7 +1853,7 @@ qemuDomainValidateDevicePCISlotsQ35(virDomainDef *def, virDomainPCIAddressSet *addrs) { size_t i; - virPCIDeviceAddress tmp_addr; + virPCIDeviceAddress tmp_addr = { 0 }; g_autofree char *addrStr = NULL; virDomainPCIConnectFlags flags = VIR_PCI_CONNECT_TYPE_PCIE_DEVICE; diff --git a/src/util/virpci.c b/src/util/virpci.c index adc255f438..d141fde814 100644 --- a/src/util/virpci.c +++ b/src/util/virpci.c @@ -1865,7 +1865,7 @@ virPCIDeviceAddressIOMMUGroupIterate(virPCIDeviceAddress *orig, } while ((direrr = virDirRead(groupDir, &ent, groupPath)) > 0) { - virPCIDeviceAddress newDev; + virPCIDeviceAddress newDev = { 0 }; if (virPCIDeviceAddressParse(ent->d_name, &newDev) < 0) { virReportError(VIR_ERR_INTERNAL_ERROR, -- 2.34.1