Before, the eBPF JIT allowed up to MAX_TAIL_CALL_CNT + 1 tail calls. Now, precisely MAX_TAIL_CALL_CNT is allowed, which is in line with the behaviour of the interpreter. Verified with the test_bpf test suite on qemu-system-arm. Signed-off-by: Johan Almbladh <johan.almbladh@xxxxxxxxxxxxxxxxx> --- arch/arm/net/bpf_jit_32.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/arch/arm/net/bpf_jit_32.c b/arch/arm/net/bpf_jit_32.c index a951276f0547..200ae9d24205 100644 --- a/arch/arm/net/bpf_jit_32.c +++ b/arch/arm/net/bpf_jit_32.c @@ -1180,12 +1180,12 @@ static int emit_bpf_tail_call(struct jit_ctx *ctx) /* tmp2[0] = array, tmp2[1] = index */ - /* if (tail_call_cnt > MAX_TAIL_CALL_CNT) + /* if (tail_call_cnt >= MAX_TAIL_CALL_CNT) * goto out; * tail_call_cnt++; */ - lo = (u32)MAX_TAIL_CALL_CNT; - hi = (u32)((u64)MAX_TAIL_CALL_CNT >> 32); + lo = (u32)(MAX_TAIL_CALL_CNT - 1); + hi = (u32)((u64)(MAX_TAIL_CALL_CNT - 1) >> 32); tc = arm_bpf_get_reg64(tcc, tmp, ctx); emit(ARM_CMP_I(tc[0], hi), ctx); _emit(ARM_COND_EQ, ARM_CMP_I(tc[1], lo), ctx); -- 2.25.1
