Re: [PATCH v8 14/21] mm/mmap: Avoid zeroing vma tree in mmap_region()

[Lorenzo Stoakes <lorenzo.stoakes@oracle.com>]

On Fri, Oct 04, 2024 at 03:26:26PM +0100, Lorenzo Stoakes wrote:
> On Fri, Oct 04, 2024 at 03:23:37PM +0100, Lorenzo Stoakes wrote:
> > On Fri, Oct 04, 2024 at 11:35:44AM +0200, Bert Karwatzki wrote:
> > > Here's the log procduced by this kernel:
> > >
> > > c9e7f76815d3 (HEAD -> maple_tree_debug_4) hack: set of info stuff v5
> > > 7e3bb072761a mm: correct error handling in mmap_region()
> > > 77df9e4bb222 (tag: next-20241001, origin/master, origin/HEAD, master) Add linux-next specific files for 20241001
> > >
> > > Again it took two attempts to trigger the bug.
> > >
> > > Bert Karwatzki
> > >
> >

[snip]

OK please try the _actual_ fix, shown below.

It may be a little unstable as I am still working on this but it'd be good
to confirm it fixes the issue for you!

Thanks, Lorenzo

----8<----
From b9a8b45e62ad2749dd4066a828bd2efc109e87e5 Mon Sep 17 00:00:00 2001
From: Lorenzo Stoakes <lorenzo.stoakes@oracle.com>
Date: Fri, 4 Oct 2024 15:18:58 +0100
Subject: [PATCH] fix v2

---
 lib/maple_tree.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/lib/maple_tree.c b/lib/maple_tree.c
index 37abf0fe380b..2ce24349f53a 100644
--- a/lib/maple_tree.c
+++ b/lib/maple_tree.c
@@ -3527,6 +3527,7 @@ static bool mas_wr_walk(struct ma_wr_state *wr_mas)
 	return true;
 }

+// Return whether the node actually contains entries at or greater than wr_mas->mas->index.
 static bool mas_wr_walk_index(struct ma_wr_state *wr_mas)
 {
 	struct ma_state *mas = wr_mas->mas;
@@ -3536,7 +3537,8 @@ static bool mas_wr_walk_index(struct ma_wr_state *wr_mas)
 		wr_mas->content = mas_slot_locked(mas, wr_mas->slots,
 						  mas->offset);
 		if (ma_is_leaf(wr_mas->type))
-			return true;
+			return mas->index <= wr_mas->pivots[mas->offset];
+
 		mas_wr_walk_traverse(wr_mas);

 	}
@@ -3696,6 +3698,7 @@ static noinline void mas_wr_spanning_store(struct ma_wr_state *wr_mas)
 	struct maple_big_node b_node;
 	struct ma_state *mas;
 	unsigned char height;
+	bool r_populated;

 	/* Left and Right side of spanning store */
 	MA_STATE(l_mas, NULL, 0, 0);
@@ -3737,7 +3740,7 @@ static noinline void mas_wr_spanning_store(struct ma_wr_state *wr_mas)
 		r_mas.last++;

 	r_mas.index = r_mas.last;
-	mas_wr_walk_index(&r_wr_mas);
+	r_populated = mas_wr_walk_index(&r_wr_mas);
 	r_mas.last = r_mas.index = mas->last;

 	/* Set up left side. */
@@ -3759,9 +3762,12 @@ static noinline void mas_wr_spanning_store(struct ma_wr_state *wr_mas)

 	memset(&b_node, 0, sizeof(struct maple_big_node));
 	/* Copy l_mas and store the value in b_node. */
+
 	mas_store_b_node(&l_wr_mas, &b_node, l_mas.end);
+
 	/* Copy r_mas into b_node. */
-	if (r_mas.offset <= r_mas.end)
+
+	if (r_populated && r_mas.offset <= r_mas.end)
 		mas_mab_cp(&r_mas, r_mas.offset, r_mas.end,
 			   &b_node, b_node.b_end + 1);
 	else
--
2.46.2