[RFC] maple_tree: should get pivots boundary by type

Message ID 20221110072459.23656-1-richard.weiyang@gmail.com
State New
Headers
Series [RFC] maple_tree: should get pivots boundary by type |

Commit Message

Wei Yang Nov. 10, 2022, 7:24 a.m. UTC
  If my understanding is correct, we should get pivots boundary by type.

Signed-off-by: Wei Yang <richard.weiyang@gmail.com>
CC: Liam R. Howlett <Liam.Howlett@Oracle.com>

---
* kernel build looks good
---
 lib/maple_tree.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)
  

Comments

Liam R. Howlett Nov. 10, 2022, 4:14 p.m. UTC | #1
* Wei Yang <richard.weiyang@gmail.com> [221110 02:25]:
> If my understanding is correct, we should get pivots boundary by type.
> 

Thank you, yes - you are correct.  This is a bug, and should have:

Fixes: 54a611b60590 (Maple Tree: add new data structure)

Please fix your commit message and add the fixes line and resend.

Reviewed-by: Liam R. Howlett <Liam.Howlett@oracle.com>

> Signed-off-by: Wei Yang <richard.weiyang@gmail.com>
> CC: Liam R. Howlett <Liam.Howlett@Oracle.com>
> 
> ---
> * kernel build looks good
> ---
>  lib/maple_tree.c | 5 +++--
>  1 file changed, 3 insertions(+), 2 deletions(-)
> 
> diff --git a/lib/maple_tree.c b/lib/maple_tree.c
> index 73e2e6434e2f..2123d1930a9b 100644
> --- a/lib/maple_tree.c
> +++ b/lib/maple_tree.c
> @@ -669,12 +669,13 @@ static inline unsigned long mte_pivot(const struct maple_enode *mn,
>  				 unsigned char piv)
>  {
>  	struct maple_node *node = mte_to_node(mn);
> +	enum maple_type type = mte_node_type(mn);
>  
> -	if (piv >= mt_pivots[piv]) {
> +	if (piv >= mt_pivots[type]) {
>  		WARN_ON(1);
>  		return 0;
>  	}
> -	switch (mte_node_type(mn)) {
> +	switch (type) {
>  	case maple_arange_64:
>  		return node->ma64.pivot[piv];
>  	case maple_range_64:
> -- 
> 2.33.1
>
  
Wei Yang Nov. 11, 2022, 2:20 a.m. UTC | #2
On Thu, Nov 10, 2022 at 04:14:31PM +0000, Liam Howlett wrote:
>* Wei Yang <richard.weiyang@gmail.com> [221110 02:25]:
>> If my understanding is correct, we should get pivots boundary by type.
>> 
>
>Thank you, yes - you are correct.  This is a bug, and should have:

Thanks. I am curious why this doesn't trigger a problem yet?

From code, it seems we may access the out of boundary array.

>
>Fixes: 54a611b60590 (Maple Tree: add new data structure)
>
>Please fix your commit message and add the fixes line and resend.
>
>Reviewed-by: Liam R. Howlett <Liam.Howlett@oracle.com>
>
  
Liam R. Howlett Nov. 11, 2022, 5:13 p.m. UTC | #3
* Wei Yang <richard.weiyang@gmail.com> [221110 21:20]:
> On Thu, Nov 10, 2022 at 04:14:31PM +0000, Liam Howlett wrote:
> >* Wei Yang <richard.weiyang@gmail.com> [221110 02:25]:
> >> If my understanding is correct, we should get pivots boundary by type.
> >> 
> >
> >Thank you, yes - you are correct.  This is a bug, and should have:
> 
> Thanks. I am curious why this doesn't trigger a problem yet?
> 
> From code, it seems we may access the out of boundary array.

yes, it would likely access the array out of bounds.  This code is not
used by the mm code right now.

> 
> >
> >Fixes: 54a611b60590 (Maple Tree: add new data structure)
> >
> >Please fix your commit message and add the fixes line and resend.
> >
> >Reviewed-by: Liam R. Howlett <Liam.Howlett@oracle.com>
> >
> 
> -- 
> Wei Yang
> Help you, Help me
  

Patch

diff --git a/lib/maple_tree.c b/lib/maple_tree.c
index 73e2e6434e2f..2123d1930a9b 100644
--- a/lib/maple_tree.c
+++ b/lib/maple_tree.c
@@ -669,12 +669,13 @@  static inline unsigned long mte_pivot(const struct maple_enode *mn,
 				 unsigned char piv)
 {
 	struct maple_node *node = mte_to_node(mn);
+	enum maple_type type = mte_node_type(mn);
 
-	if (piv >= mt_pivots[piv]) {
+	if (piv >= mt_pivots[type]) {
 		WARN_ON(1);
 		return 0;
 	}
-	switch (mte_node_type(mn)) {
+	switch (type) {
 	case maple_arange_64:
 		return node->ma64.pivot[piv];
 	case maple_range_64: