From d25ef1bbcdd8687a94241ed68aab53e404e1cace Mon Sep 17 00:00:00 2001
From: "Liam R. Howlett" <Liam.Howlett@Oracle.com>
Date: Fri, 8 Mar 2019 13:53:10 -0500
Subject: [PATCH] maple_tree: Fix double free error.

There was a double free which raced with the rcu free so it was not
detected all the time.

Signed-off-by: Liam R. Howlett <Liam.Howlett@Oracle.com>
---
 lib/maple_tree.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/maple_tree.c b/lib/maple_tree.c
index 7a3970ea8cad..cd3b099b5058 100644
--- a/lib/maple_tree.c
+++ b/lib/maple_tree.c
@@ -1028,7 +1028,8 @@ static inline int ma_split(struct ma_state *mas, unsigned char slot)
 	}
 
 	// Free the full node.
-	mt_free(mt_to_node(full));
+	if (old_parent != full)
+		mt_free(mt_to_node(full));
 	return split;
 }
 
-- 
2.50.1