From: Liam R. Howlett <Liam.Howlett@oracle.com>
Date: Wed, 2 Mar 2022 18:54:22 +0000 (-0500)
Subject: test_maple_tree: Add check for node overflow from fuzzer
X-Git-Url: https://www.infradead.org/git/?a=commitdiff_plain;h=a75ae8cd64aaecfdefb73ec7ca9cff57243d82bb;p=users%2Fjedix%2Flinux-maple.git

test_maple_tree: Add check for node overflow from fuzzer

Signed-off-by: Liam R. Howlett <Liam.Howlett@oracle.com>
---

diff --git a/lib/test_maple_tree.c b/lib/test_maple_tree.c
index 3647a6f98aa2..0bfa8c0894f9 100644
--- a/lib/test_maple_tree.c
+++ b/lib/test_maple_tree.c
@@ -37164,6 +37164,30 @@ static noinline void check_fuzzer(struct maple_tree *mt)
 	mtree_test_erase(mt, 4); // 0x9
 	mtree_test_load(mt, 5); // (nil)
 	mtree_test_erase(mt, 0); // 0x1
+	mtree_destroy(mt);
+
+	/*
+	 * 3. Cause a node overflow on copy
+	 * Fixed by using the correct check for node size in mas_wr_modify()
+	 * Also discovered issue with metadata setting.
+	 */
+	mt_init_flags(mt, 0);
+	mtree_test_store_range(mt, 0, 18446744073709551615UL, (void*)0x1); // 0
+	mtree_test_store(mt, 4, (void*)0x9); // 0
+	mtree_test_erase(mt, 5); // 0x1
+	mtree_test_erase(mt, 0); // 0x1
+	mtree_test_erase(mt, 4); // 0x9
+	mtree_test_store(mt, 5, (void*)0xb); // 0
+	mtree_test_erase(mt, 5); // 0xb
+	mtree_test_store(mt, 5, (void*)0xb); // 0
+	mtree_test_erase(mt, 5); // 0xb
+	mtree_test_erase(mt, 4); // (nil)
+	mtree_test_store(mt, 4, (void*)0x9); // 0
+	mtree_test_store(mt, 444, (void*)0x379); // 0
+	mtree_test_store(mt, 0, (void*)0x1); // 0
+	mtree_test_load(mt, 0); // 0x1
+	mtree_test_store(mt, 5, (void*)0xb); // 0
+	mtree_test_erase(mt, 0);
 }
 
 static DEFINE_MTREE(tree);