From f7137f79c57f228321dde2ab4586015504feaaac Mon Sep 17 00:00:00 2001 From: Matthew Wilcox Date: Mon, 30 Jan 2017 16:22:30 -0500 Subject: [PATCH] radix_tree_iter_resume: Fix out of bounds error The address sanitizer occasionally finds an out of bounds error while running the test-suite. It turned out to be a read of the pointer immediately next to the tree root, but this out of bounds error could have occurred elsewhere. This happens because radix_tree_iter_resume() dereferences 'slot' before checking whether we've come to the end of the chunk. We can just delete this line; the value was never used. Signed-off-by: Matthew Wilcox --- lib/radix-tree.c | 1 - 1 file changed, 1 deletion(-) diff --git a/lib/radix-tree.c b/lib/radix-tree.c index dcb9a2329e65..c1c079ffadcd 100644 --- a/lib/radix-tree.c +++ b/lib/radix-tree.c @@ -1685,7 +1685,6 @@ void **radix_tree_iter_resume(void **slot, struct radix_tree_iter *iter) slot++; iter->index = __radix_tree_iter_add(iter, 1); - node = rcu_dereference_raw(*slot); skip_siblings(&node, slot, iter); iter->next_index = iter->index; iter->tags = 0; -- 2.20.1