If the allocation order is 16, then the u16 index will overflow and wrap to zero instead of being equal or greater than 1 << 16. The loop condition will always be true, and the loop will run until all the memory resources are depleted. Change the type of index 'i' to u32, so that it is large enough to store a value equal or greater than 1 << 16. Signed-off-by: Allen Hubbe <Allen.Hubbe@xxxxxxx> --- drivers/dma/ioat/dma.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/dma/ioat/dma.c b/drivers/dma/ioat/dma.c index a5630966834e..7435585dbbd6 100644 --- a/drivers/dma/ioat/dma.c +++ b/drivers/dma/ioat/dma.c @@ -372,7 +372,7 @@ static bool reshape_ring(struct ioatdma_chan *ioat_chan, int order) const u16 active = ioat_ring_active(ioat_chan); const u32 new_size = 1 << order; struct ioat_ring_ent **ring; - u16 i; + u32 i; if (order > ioat_get_max_alloc_order()) return false; -- 2.5.0.rc1 -- To unsubscribe from this list: send the line "unsubscribe dmaengine" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
