On Sat, Apr 13, 2024 at 07:46:03PM -0600, Andreas Dilger wrote: > This looks like a straight-forward mathematical substitution of "dlimit" > with "search_buf + buf_size" and rearranging of the terms to make the > while loop offset "zero based" rather than "address based" and would > avoid overflow if "search_buf" was within one 4kB block of overflow: > > dlimit = search_buf + buf_size = 0xfffff000 + 0x1000 = 0x00000000 Umm... maybe, but does riscv32 actually have a memory map where a kernel page would actually have an address in high memory like that? That seems.... unusual. If we have a reliable reproduction, can someone actually printk the address or test to see if this theory is correct? - Ted
