radix_tree_locate_item() is often returning the wrong index, causing swapoff of shmem to hang because it cannot find the swap entry there. __locate()'s use of base is bogus, it adds an offset twice into index.
Signed-off-by: Hugh Dickins <[email protected]> --- Fix to radix-tree-rewrite-radix_tree_locate_item.patch lib/radix-tree.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) --- 4.6-rc5-mm1/lib/radix-tree.c 2016-04-30 22:55:06.067184898 -0700 +++ linux/lib/radix-tree.c 2016-05-01 18:52:06.668085420 -0700 @@ -1254,15 +1254,14 @@ struct locate_info { static unsigned long __locate(struct radix_tree_node *slot, void *item, unsigned long index, struct locate_info *info) { - unsigned long base, i; + unsigned long i; do { unsigned int shift = slot->shift; - base = index & ~((1UL << shift) - 1); for (i = (index >> shift) & RADIX_TREE_MAP_MASK; i < RADIX_TREE_MAP_SIZE; - i++, index = base + (i << shift)) { + i++, index += (1UL << shift)) { struct radix_tree_node *node = rcu_dereference_raw(slot->slots[i]); if (node == RADIX_TREE_RETRY)
