diff options
| author | Matthew Wilcox <willy@infradead.org> | 2018-11-01 16:55:19 -0400 |
|---|---|---|
| committer | Matthew Wilcox <willy@infradead.org> | 2018-11-05 14:56:46 -0500 |
| commit | 8229706e03e4147f3e22d1de0d30630cde6d18a9 (patch) | |
| tree | 1994f5ff08f7b5c459eba5e26c868ee182d2392a | |
| parent | 651022382c7f8da46cb4872a545ee1da6d097d2a (diff) | |
XArray: Fix xa_for_each with a single element at 0
The following sequence of calls would result in an infinite loop in
xa_find_after():
xa_store(xa, 0, x, GFP_KERNEL);
index = 0;
xa_for_each(xa, entry, index, ULONG_MAX, XA_PRESENT) { }
xa_find_after() was confusing the situation where we found no entry in
the tree with finding a multiorder entry, so it would look for the
successor entry forever. Just check for this case explicitly. Includes
a few new checks in the test suite to be sure this doesn't reappear.
Signed-off-by: Matthew Wilcox <willy@infradead.org>
| -rw-r--r-- | lib/test_xarray.c | 30 | ||||
| -rw-r--r-- | lib/xarray.c | 2 |
2 files changed, 31 insertions, 1 deletions
diff --git a/lib/test_xarray.c b/lib/test_xarray.c index aa47754150ce..126127658b49 100644 --- a/lib/test_xarray.c +++ b/lib/test_xarray.c | |||
| @@ -702,7 +702,7 @@ static noinline void check_multi_find_2(struct xarray *xa) | |||
| 702 | } | 702 | } |
| 703 | } | 703 | } |
| 704 | 704 | ||
| 705 | static noinline void check_find(struct xarray *xa) | 705 | static noinline void check_find_1(struct xarray *xa) |
| 706 | { | 706 | { |
| 707 | unsigned long i, j, k; | 707 | unsigned long i, j, k; |
| 708 | 708 | ||
| @@ -748,6 +748,34 @@ static noinline void check_find(struct xarray *xa) | |||
| 748 | XA_BUG_ON(xa, xa_get_mark(xa, i, XA_MARK_0)); | 748 | XA_BUG_ON(xa, xa_get_mark(xa, i, XA_MARK_0)); |
| 749 | } | 749 | } |
| 750 | XA_BUG_ON(xa, !xa_empty(xa)); | 750 | XA_BUG_ON(xa, !xa_empty(xa)); |
| 751 | } | ||
| 752 | |||
| 753 | static noinline void check_find_2(struct xarray *xa) | ||
| 754 | { | ||
| 755 | void *entry; | ||
| 756 | unsigned long i, j, index = 0; | ||
| 757 | |||
| 758 | xa_for_each(xa, entry, index, ULONG_MAX, XA_PRESENT) { | ||
| 759 | XA_BUG_ON(xa, true); | ||
| 760 | } | ||
| 761 | |||
| 762 | for (i = 0; i < 1024; i++) { | ||
| 763 | xa_store_index(xa, index, GFP_KERNEL); | ||
| 764 | j = 0; | ||
| 765 | index = 0; | ||
| 766 | xa_for_each(xa, entry, index, ULONG_MAX, XA_PRESENT) { | ||
| 767 | XA_BUG_ON(xa, xa_mk_value(index) != entry); | ||
| 768 | XA_BUG_ON(xa, index != j++); | ||
| 769 | } | ||
| 770 | } | ||
| 771 | |||
| 772 | xa_destroy(xa); | ||
| 773 | } | ||
| 774 | |||
| 775 | static noinline void check_find(struct xarray *xa) | ||
| 776 | { | ||
| 777 | check_find_1(xa); | ||
| 778 | check_find_2(xa); | ||
| 751 | check_multi_find(xa); | 779 | check_multi_find(xa); |
| 752 | check_multi_find_2(xa); | 780 | check_multi_find_2(xa); |
| 753 | } | 781 | } |
diff --git a/lib/xarray.c b/lib/xarray.c index 8b176f009c08..c991ff4523ef 100644 --- a/lib/xarray.c +++ b/lib/xarray.c | |||
| @@ -1829,6 +1829,8 @@ void *xa_find_after(struct xarray *xa, unsigned long *indexp, | |||
| 1829 | entry = xas_find_marked(&xas, max, filter); | 1829 | entry = xas_find_marked(&xas, max, filter); |
| 1830 | else | 1830 | else |
| 1831 | entry = xas_find(&xas, max); | 1831 | entry = xas_find(&xas, max); |
| 1832 | if (xas.xa_node == XAS_BOUNDS) | ||
| 1833 | break; | ||
| 1832 | if (xas.xa_shift) { | 1834 | if (xas.xa_shift) { |
| 1833 | if (xas.xa_index & ((1UL << xas.xa_shift) - 1)) | 1835 | if (xas.xa_index & ((1UL << xas.xa_shift) - 1)) |
| 1834 | continue; | 1836 | continue; |