Before, the eBPF JIT allowed up to MAX_TAIL_CALL_CNT + 1 tail calls. Now, precisely MAX_TAIL_CALL_CNT is allowed, which is in line with the behaviour of the interpreter. Verified with the test_bpf test suite on qemu-system-s390x. Signed-off-by: Johan Almbladh <johan.almbladh@xxxxxxxxxxxxxxxxx> --- arch/s390/net/bpf_jit_comp.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/arch/s390/net/bpf_jit_comp.c b/arch/s390/net/bpf_jit_comp.c index 88419263a89a..f6cdf13285ed 100644 --- a/arch/s390/net/bpf_jit_comp.c +++ b/arch/s390/net/bpf_jit_comp.c @@ -1363,7 +1363,7 @@ static noinline int bpf_jit_insn(struct bpf_jit *jit, struct bpf_prog *fp, jit->prg); /* - * if (tail_call_cnt++ > MAX_TAIL_CALL_CNT) + * if (tail_call_cnt++ >= MAX_TAIL_CALL_CNT) * goto out; */ @@ -1377,8 +1377,8 @@ static noinline int bpf_jit_insn(struct bpf_jit *jit, struct bpf_prog *fp, EMIT6_DISP_LH(0xeb000000, 0x00fa, REG_W1, REG_W0, REG_15, off); /* clij %w1,MAX_TAIL_CALL_CNT,0x2,out */ patch_2_clij = jit->prg; - EMIT6_PCREL_RIEC(0xec000000, 0x007f, REG_W1, MAX_TAIL_CALL_CNT, - 2, jit->prg); + EMIT6_PCREL_RIEC(0xec000000, 0x007f, REG_W1, + MAX_TAIL_CALL_CNT - 1, 2, jit->prg); /* * prog = array->ptrs[index]; -- 2.25.1
