Re: [PATCH v2 1/2] KVM: SVM: Fix UBSAN warning when reading avic parameter

[Naveen N Rao]

On Wed, Feb 25, 2026 at 04:50:49PM +0200, Gal Pressman wrote:
> The avic parameter is stored as an int to support the special value -1
> (AVIC_AUTO_MODE), but the cited commit changed it from bool to int while
> keeping param_get_bool() as the getter function.
> This causes UBSAN to report "load of value 255 is not a valid value for
> type '_Bool'" when the parameter is read via sysfs.
> 
> The issue happens in two scenarios:
> 
> 1. During module load: There's a time window between when module
>    parameters are registered, and when avic_hardware_setup() runs to
>    resolve the value, where the value is -1.
> 
> 2. On non-AMD systems: On non-AMD hardware, the kvm_is_svm_supported()
>    check returns early. The avic_hardware_setup() function never runs,
>    so avic remains -1.
> 
> Fix that by implementing a getter function that properly reads and
> converts the -1 value into a string.
> 
> Triggered by sos report:
>   UBSAN: invalid-load in kernel/params.c:323:33
>   load of value 255 is not a valid value for type '_Bool'
>   CPU: 0 UID: 0 PID: 4667 Comm: sos Not tainted 6.19.0-rc5net_mlx5_1e86836 #1 NONE
>   Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014
>   Call Trace:
>    <TASK>
>    dump_stack_lvl+0x69/0xa0
>    ubsan_epilogue+0x5/0x2b
>    __ubsan_handle_load_invalid_value.cold+0x47/0x4c
>    ? lock_acquire+0x219/0x2c0
>    param_get_bool.cold+0xf/0x14
>    param_attr_show+0x51/0x80
>    module_attr_show+0x19/0x30
>    sysfs_kf_seq_show+0xac/0xf0
>    seq_read_iter+0x100/0x410
>    copy_splice_read+0x1b4/0x360
>    splice_direct_to_actor+0xbd/0x270
>    ? wait_for_space+0xb0/0xb0
>    do_splice_direct+0x72/0xb0
>    ? propagate_umount+0x870/0x870
>    do_sendfile+0x3a3/0x470
>    __x64_sys_sendfile64+0x5e/0xe0
>    do_syscall_64+0x70/0x8c0
>    entry_SYSCALL_64_after_hwframe+0x4b/0x53
> 
> Fixes: ca2967de5a5b ("KVM: SVM: Enable AVIC by default for Zen4+ if x2AVIC is support")
> Reviewed-by: Dragos Tatulea <dtatulea@xxxxxxxxxx>
> Signed-off-by: Gal Pressman <gal@xxxxxxxxxx>
> ---
>  arch/x86/kvm/svm/avic.c | 13 ++++++++++++-
>  1 file changed, 12 insertions(+), 1 deletion(-)

LGTM.
Reviewed-by: Naveen N Rao (AMD) <naveen@xxxxxxxxxx>

- Naveen