From 1a9b16687d54c660c83c8d8554d7b08c3cec6895 Mon Sep 17 00:00:00 2001 From: Andrew Cooper Date: Sat, 13 Aug 2011 10:14:28 +0100 Subject: [PATCH] x86: IRQ fix incorrect logic in __clear_irq_vector In the old code, tmp_mask is the cpu_and of cfg->cpu_mask and cpu_online_map. However, in the usual case of moving an IRQ from one PCPU to another because the scheduler decides its a good idea, cfg->cpu_mask and cfg->old_cpu_mask do not intersect. This causes the old cpu vector_irq table to keep the irq reference when it shouldn't. This leads to a resource leak if a domain is shut down wile an irq has a move pending, which results in Xen's create_irq() eventually failing with -ENOSPC when all vector_irq tables are full of stale references. Signed-off-by: Andrew Cooper --- xen/arch/x86/irq.c | 1 + 1 file changed, 1 insertion(+) diff --git a/xen/arch/x86/irq.c b/xen/arch/x86/irq.c index dfec057b42..8d598c28ca 100644 --- a/xen/arch/x86/irq.c +++ b/xen/arch/x86/irq.c @@ -216,6 +216,7 @@ static void __clear_irq_vector(int irq) if (likely(!cfg->move_in_progress)) return; + cpus_and(tmp_mask, cfg->old_cpu_mask, cpu_online_map); for_each_cpu_mask(cpu, tmp_mask) { for (vector = FIRST_DYNAMIC_VECTOR; vector <= LAST_DYNAMIC_VECTOR; vector++) { -- 2.30.2