| Message ID | 20221110072459.23656-1-richard.weiyang@gmail.com (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | [RFC] maple_tree: should get pivots boundary by type | expand |
* Wei Yang <richard.weiyang@gmail.com> [221110 02:25]: > If my understanding is correct, we should get pivots boundary by type. > Thank you, yes - you are correct. This is a bug, and should have: Fixes: 54a611b60590 (Maple Tree: add new data structure) Please fix your commit message and add the fixes line and resend. Reviewed-by: Liam R. Howlett <Liam.Howlett@oracle.com> > Signed-off-by: Wei Yang <richard.weiyang@gmail.com> > CC: Liam R. Howlett <Liam.Howlett@Oracle.com> > > --- > * kernel build looks good > --- > lib/maple_tree.c | 5 +++-- > 1 file changed, 3 insertions(+), 2 deletions(-) > > diff --git a/lib/maple_tree.c b/lib/maple_tree.c > index 73e2e6434e2f..2123d1930a9b 100644 > --- a/lib/maple_tree.c > +++ b/lib/maple_tree.c > @@ -669,12 +669,13 @@ static inline unsigned long mte_pivot(const struct maple_enode *mn, > unsigned char piv) > { > struct maple_node *node = mte_to_node(mn); > + enum maple_type type = mte_node_type(mn); > > - if (piv >= mt_pivots[piv]) { > + if (piv >= mt_pivots[type]) { > WARN_ON(1); > return 0; > } > - switch (mte_node_type(mn)) { > + switch (type) { > case maple_arange_64: > return node->ma64.pivot[piv]; > case maple_range_64: > -- > 2.33.1 >
On Thu, Nov 10, 2022 at 04:14:31PM +0000, Liam Howlett wrote: >* Wei Yang <richard.weiyang@gmail.com> [221110 02:25]: >> If my understanding is correct, we should get pivots boundary by type. >> > >Thank you, yes - you are correct. This is a bug, and should have: Thanks. I am curious why this doesn't trigger a problem yet? From code, it seems we may access the out of boundary array. > >Fixes: 54a611b60590 (Maple Tree: add new data structure) > >Please fix your commit message and add the fixes line and resend. > >Reviewed-by: Liam R. Howlett <Liam.Howlett@oracle.com> >
* Wei Yang <richard.weiyang@gmail.com> [221110 21:20]: > On Thu, Nov 10, 2022 at 04:14:31PM +0000, Liam Howlett wrote: > >* Wei Yang <richard.weiyang@gmail.com> [221110 02:25]: > >> If my understanding is correct, we should get pivots boundary by type. > >> > > > >Thank you, yes - you are correct. This is a bug, and should have: > > Thanks. I am curious why this doesn't trigger a problem yet? > > From code, it seems we may access the out of boundary array. yes, it would likely access the array out of bounds. This code is not used by the mm code right now. > > > > >Fixes: 54a611b60590 (Maple Tree: add new data structure) > > > >Please fix your commit message and add the fixes line and resend. > > > >Reviewed-by: Liam R. Howlett <Liam.Howlett@oracle.com> > > > > -- > Wei Yang > Help you, Help me
diff --git a/lib/maple_tree.c b/lib/maple_tree.c index 73e2e6434e2f..2123d1930a9b 100644 --- a/lib/maple_tree.c +++ b/lib/maple_tree.c @@ -669,12 +669,13 @@ static inline unsigned long mte_pivot(const struct maple_enode *mn, unsigned char piv) { struct maple_node *node = mte_to_node(mn); + enum maple_type type = mte_node_type(mn); - if (piv >= mt_pivots[piv]) { + if (piv >= mt_pivots[type]) { WARN_ON(1); return 0; } - switch (mte_node_type(mn)) { + switch (type) { case maple_arange_64: return node->ma64.pivot[piv]; case maple_range_64:
If my understanding is correct, we should get pivots boundary by type. Signed-off-by: Wei Yang <richard.weiyang@gmail.com> CC: Liam R. Howlett <Liam.Howlett@Oracle.com> --- * kernel build looks good --- lib/maple_tree.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-)