Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
For bugs related to Red Hat Enterprise Linux 5 product line. The current stable release is 5.10. For Red Hat Enterprise Linux 6 and above, please visit Red Hat JIRA https://issues.redhat.com/secure/CreateIssue!default.jspa?pid=12332745 to report new issues.

Bug 631509

Summary: spice: qxl overruns the release ring
Product: Red Hat Enterprise Linux 5 Reporter: Gerd Hoffmann <kraxel>
Component: kvmAssignee: Gerd Hoffmann <kraxel>
Status: CLOSED NOTABUG QA Contact: Virtualization Bugs <virt-bugs>
Severity: medium Docs Contact:
Priority: low    
Version: 5.5CC: mkenneth, virt-maint, ykaul
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 631502 Environment:
Last Closed: 2010-09-09 09:36:46 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 631502    
Bug Blocks: 580949    

Description Gerd Hoffmann 2010-09-07 19:51:14 UTC 
+++ This bug was initially created as a clone of Bug #631502 +++

Description of problem:
The qxl backend in qemu can overrun the release ring.  The result is that the guest will miss release events, thus will not release the qxl device memory associated with them.  The memory leak may make qxl go out of memory and stop working.

Version-Release number of selected component (if applicable):
qemu-kvm-0.12.1.2-2.113.el6.x86_64

How reproducible:
No reproducer, found by code review.

--- Additional comment from kraxel on 2010-09-07 21:49:04 CEST ---

Created attachment 445768 [details]
fix
Comment 1 Gerd Hoffmann 2010-09-09 09:36:46 UTC 
Patch review figured code is correct as-is.