fs/userfaultfd: Fix maple state in userfaultfd_register()

When VMAs are split/merged, the maple tree node may be replaced.
Re-walk the tree in such cases by calling mas_pause().

Fixes: a88fae9a5fc2 (userfaultfd: use maple tree iterator to iterate
VMAs)
Signed-off-by: Liam R. Howlett <Liam.Howlett@oracle.com>

diff --git a/fs/userfaultfd.c b/fs/userfaultfd.c
index f4bf95660536fb9c6df8f2c88c89befa4ca3a429..af29e5885ed2fe274a933cec163c7cb6b2a7736f 100644 (file)
--- a/fs/userfaultfd.c
+++ b/fs/userfaultfd.c
@@ -1452,6 +1452,8 @@ static int userfaultfd_register(struct userfaultfd_ctx *ctx,
                                 ((struct vm_userfaultfd_ctx){ ctx }),
                                 anon_vma_name(vma));
                if (prev) {
+                       /* vma_merge() invalidated the mas */
+                       mas_pause(&mas);
                        vma = prev;
                        goto next;
                }
@@ -1459,11 +1461,15 @@ static int userfaultfd_register(struct userfaultfd_ctx *ctx,
                        ret = split_vma(mm, vma, start, 1);
                        if (ret)
                                break;
+                       /* split_vma() invalidated the mas */
+                       mas_pause(&mas);
                }
                if (vma->vm_end > end) {
                        ret = split_vma(mm, vma, end, 0);
                        if (ret)
                                break;
+                       /* split_vma() invalidated the mas */
+                       mas_pause(&mas);
                }
        next:
                /*