On Fri, 23 Jul 2010 15:48:37 +0930
Rusty Russell <rusty@xxxxxxxxxxxxxxx> wrote:
Note that commit 686d363786a53ed28ee875b84ef24e6d5126ef6f,
which caused this problem, is already queued for -stable,
so it should either be removed or this should be sent for
-stable as well.
> From: "Michael S. Tsirkin" <mst@xxxxxxxxxx>
>
> virtio ring was changed to return an error code on OOM,
> but one caller was missed and still checks for vq->vring.num.
> The fix is just to check for <0 error code.
>
> Long term it might make sense to change goto add_head to
> just return an error on oom instead, but let's apply
> a minimal fix for 2.6.35.
>
> Reported-by: Chris Mason <chris.mason@xxxxxxxxxx>
> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx>
> Signed-off-by: Rusty Russell <rusty@xxxxxxxxxxxxxxx>
> Tested-by: Chris Mason <chris.mason@xxxxxxxxxx>
> ---
>
> diff --git a/drivers/virtio/virtio_ring.c b/drivers/virtio/virtio_ring.c
> index dd35b34..bffec32 100644
> --- a/drivers/virtio/virtio_ring.c
> +++ b/drivers/virtio/virtio_ring.c
> @@ -164,7 +164,8 @@ int virtqueue_add_buf_gfp(struct virtqueue *_vq,
> gfp_t gfp)
> {
> struct vring_virtqueue *vq = to_vvq(_vq);
> - unsigned int i, avail, head, uninitialized_var(prev);
> + unsigned int i, avail, uninitialized_var(prev);
> + int head;
>
> START_USE(vq);
>
> @@ -174,8 +175,8 @@ int virtqueue_add_buf_gfp(struct virtqueue *_vq,
> * buffers, then go indirect. FIXME: tune this threshold */
> if (vq->indirect && (out + in) > 1 && vq->num_free) {
> head = vring_add_indirect(vq, sg, out, in, gfp);
> - if (head != vq->vring.num)
> + if (likely(head >= 0))
> goto add_head;
> }
>
> BUG_ON(out + in > vq->vring.num);
> --
_______________________________________________
Virtualization mailing list
Virtualization@xxxxxxxxxxxxxxxxxxxxxxxxxx
https://lists.linux-foundation.org/mailman/listinfo/virtualization
