On Thu, 8 Jan 2026 at 14:50, Maxime Coquelin <[email protected]> wrote: > > When max_queue_pairs is set to VHOST_MAX_QUEUE_PAIRS (128), VDUSE > calculates total_queues as max_queue_pairs * 2 + 1 = 257 to account > for the control queue. However, the virtqueue array was sized as > VHOST_MAX_QUEUE_PAIRS * 2, causing an out-of-bounds array access. > > Fix by defining VHOST_MAX_VRING to explicitly account for the control > queue (VHOST_MAX_QUEUE_PAIRS * 2 + 1) and using it for the virtqueue > array size. > > Fixes: f0a37cc6a1e2 ("vhost: add multiqueue support to VDUSE") > Cc: [email protected] > > Signed-off-by: Maxime Coquelin <[email protected]>
Reviewed-by: David Marchand <[email protected]> -- David Marchand
