On 6/24/26 16:08, Denis V. Lunev wrote: > tell_host() ignores the return value of virtqueue_add_outbuf() and goes > on to kick the queue and wait_event() for the host's ack. The comment > claims "We should always be able to add one buffer to an empty queue", > but that does not hold once the virtqueue has been broken (e.g. on > device shutdown): the add then fails with -EIO and the following > wait_event() would block forever on a buffer the host can never return. > > Warn and bail out on failure, mirroring virtballoon_free_page_report(). > > Suggested-by: David Hildenbrand <[email protected]> > Signed-off-by: Denis V. Lunev <[email protected]> > --- > drivers/virtio/virtio_balloon.c | 6 ++++-- > 1 file changed, 4 insertions(+), 2 deletions(-) > > diff --git a/drivers/virtio/virtio_balloon.c b/drivers/virtio/virtio_balloon.c > index 26fc3c40d5b2..0866a8781f0b 100644 > --- a/drivers/virtio/virtio_balloon.c > +++ b/drivers/virtio/virtio_balloon.c > @@ -184,16 +184,18 @@ static void tell_host(struct virtio_balloon *vb, struct > virtqueue *vq) > { > struct scatterlist sg; > unsigned int len; > + int err; > > sg_init_one(&sg, vb->pfns, sizeof(vb->pfns[0]) * vb->num_pfns); > > /* We should always be able to add one buffer to an empty queue. */ > - virtqueue_add_outbuf(vq, &sg, 1, vb, GFP_KERNEL); > + err = virtqueue_add_outbuf(vq, &sg, 1, vb, GFP_KERNEL); > + if (WARN_ON_ONCE(err)) > + return; > virtqueue_kick(vq); > > /* When host has read buffer, this completes via balloon_ack */ > wait_event(vb->acked, virtqueue_get_buf(vq, &len)); > - > }
We have another uncheck instance in stats_handle_request(), what about that one? -- Cheers, David
