Re: [PATCH] drivers/xen/grant-table.c: Be sure of unsigned value never comparing with 0
From: Chen Gang
Date: Tue Aug 26 2014 - 15:43:05 EST
On 08/27/2014 01:03 AM, David Vrabel wrote:
> On 26/08/14 16:38, Chen Gang wrote:
>> In grow_gnttab_list(), 'i' is 'unsigned int', and 'nr_glist_frames' may
>> be 0 because 'nr_grant_frames' may be 0. So 'i' may never be less than
>> 'nr_glist_frames' in failure processing, which cause infinite looping.
>
> nr_grant_frames is at least 1. See gnttab_init().
>
OK, thanks, that sounds reasonable to me, it is not a real wold bug, it
is my fault. :-)
>> --- a/drivers/xen/grant-table.c
>> +++ b/drivers/xen/grant-table.c
>> @@ -592,8 +592,8 @@ static int grow_gnttab_list(unsigned int more_frames)
>> return 0;
>>
>> grow_nomem:
>> - for ( ; i >= nr_glist_frames; i--)
>> - free_page((unsigned long) gnttab_list[i]);
>> + while (i > nr_glist_frames)
>> + free_page((unsigned long) gnttab_list[--i]);
>
> while (i-- > nr_glist_frames)
> ...
>
> Would have been better.
>
OK, thanks, that sounds reasonable to me.
If necessary to send patch v2 (change comments and contents), please
let me know, and I shall send.
Thanks.
--
Chen Gang
Open share and attitude like air water and life which God blessed
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/