maple_tree: Fix double free error.

There was a double free which raced with the rcu free so it was not
detected all the time.

Signed-off-by: Liam R. Howlett <Liam.Howlett@Oracle.com>

diff --git a/lib/maple_tree.c b/lib/maple_tree.c
index 7a3970ea8cad948b407489732e170868ae06a721..cd3b099b5058d46d4003caba66576e72efbad90a 100644 (file)
--- a/lib/maple_tree.c
+++ b/lib/maple_tree.c
@@ -1028,7 +1028,8 @@ static inline int ma_split(struct ma_state *mas, unsigned char slot)
        }
 
        // Free the full node.
-       mt_free(mt_to_node(full));
+       if (old_parent != full)
+               mt_free(mt_to_node(full));
        return split;
 }