All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH] maple_tree: Fix mas_next() when already on the last node entry
@ 2022-05-17 14:59 Liam Howlett
  2022-05-17 15:34 ` Sven Schnelle
  0 siblings, 1 reply; 2+ messages in thread
From: Liam Howlett @ 2022-05-17 14:59 UTC (permalink / raw)
  To: maple-tree, linux-mm, linux-kernel, Andrew Morton

It is possible to return the metadata as the next entry if the last node
entry is already in the maple state and the limit is not reached.  Check
for this condition in mas_next_nentry() where the node end is returned.

Signed-off-by: Liam R. Howlett <Liam.Howlett@oracle.com>
---
 lib/maple_tree.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/lib/maple_tree.c b/lib/maple_tree.c
index 967631055210..751aafd01c42 100644
--- a/lib/maple_tree.c
+++ b/lib/maple_tree.c
@@ -4547,6 +4547,9 @@ static inline void *mas_next_nentry(struct ma_state *mas,
 		return NULL;
 
 	count = ma_data_end(node, type, pivots, mas->max);
+	if (mas->offset > count)
+		return NULL;
+
 	while (mas->offset < count) {
 		pivot = pivots[mas->offset];
 		entry = mas_slot(mas, slots, mas->offset);
-- 
2.35.1

^ permalink raw reply related	[flat|nested] 2+ messages in thread
* Re: [PATCH] maple_tree: Fix mas_next() when already on the last node entry
  2022-05-17 14:59 [PATCH] maple_tree: Fix mas_next() when already on the last node entry Liam Howlett
@ 2022-05-17 15:34 ` Sven Schnelle
  0 siblings, 0 replies; 2+ messages in thread
From: Sven Schnelle @ 2022-05-17 15:34 UTC (permalink / raw)
  To: Liam Howlett; +Cc: maple-tree, linux-mm, linux-kernel, Andrew Morton

Liam Howlett <liam.howlett@oracle.com> writes:

> It is possible to return the metadata as the next entry if the last node
> entry is already in the maple state and the limit is not reached.  Check
> for this condition in mas_next_nentry() where the node end is returned.
>
> Signed-off-by: Liam R. Howlett <Liam.Howlett@oracle.com>

Thanks, that matches my observation from the initial report that we're
returing metadata. I just applied the patch to next-20220516 and i'm no
longer able to trigger the crash. So feel free to add my:

Tested-by: Sven Schnelle <svens@linux.ibm.com>

However, as Heiko already wrote in another mail i would also like to
request that the maple tree code isn't merged with the next merge
window. These patches touch a lot of critical infrastructure, and i would like
to have it in next for at least one development cycle, so we can be sure
that we've seen and fixed most of the issues.

Thanks,
Sven
> ---
>  lib/maple_tree.c | 3 +++
>  1 file changed, 3 insertions(+)
>
> diff --git a/lib/maple_tree.c b/lib/maple_tree.c
> index 967631055210..751aafd01c42 100644
> --- a/lib/maple_tree.c
> +++ b/lib/maple_tree.c
> @@ -4547,6 +4547,9 @@ static inline void *mas_next_nentry(struct ma_state *mas,
>  		return NULL;
>  
>  	count = ma_data_end(node, type, pivots, mas->max);
> +	if (mas->offset > count)
> +		return NULL;
> +
>  	while (mas->offset < count) {
>  		pivot = pivots[mas->offset];
>  		entry = mas_slot(mas, slots, mas->offset);

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-05-17 15:36 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-05-17 14:59 [PATCH] maple_tree: Fix mas_next() when already on the last node entry Liam Howlett
2022-05-17 15:34 ` Sven Schnelle

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.