riscv32 EXT4 splat, 6.8 regression?
Theodore Ts'o
tytso at mit.edu
Sat Apr 13 19:04:57 PDT 2024
On Sat, Apr 13, 2024 at 07:46:03PM -0600, Andreas Dilger wrote:
> This looks like a straight-forward mathematical substitution of "dlimit"
> with "search_buf + buf_size" and rearranging of the terms to make the
> while loop offset "zero based" rather than "address based" and would
> avoid overflow if "search_buf" was within one 4kB block of overflow:
>
> dlimit = search_buf + buf_size = 0xfffff000 + 0x1000 = 0x00000000
Umm... maybe, but does riscv32 actually have a memory map where a
kernel page would actually have an address in high memory like that?
That seems.... unusual.
If we have a reliable reproduction, can someone actually printk the
address or test to see if this theory is correct?
- Ted
More information about the linux-riscv
mailing list