From 84c34df158cf215b0cd1475ab3b8e6f212f81f23 Mon Sep 17 00:00:00 2001
From: "Matthew Wilcox (Oracle)" <willy@infradead.org>
Date: Tue, 13 Oct 2020 08:46:29 -0400
Subject: XArray: Fix xas_create_range for ranges above 4 billion

The 'sibs' variable would be shifted as a 32-bit integer, so if 'shift'
is more than 32, this is undefined behaviour.  In practice, this doesn't
happen because the page cache is the only user and nobody uses 16TB pages.

Signed-off-by: Matthew Wilcox (Oracle) <willy@infradead.org>
---
 lib/xarray.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'lib/xarray.c')

diff --git a/lib/xarray.c b/lib/xarray.c
index 1fa5c5658e63..2046d676ab41 100644
--- a/lib/xarray.c
+++ b/lib/xarray.c
@@ -703,7 +703,7 @@ void xas_create_range(struct xa_state *xas)
 	unsigned char shift = xas->xa_shift;
 	unsigned char sibs = xas->xa_sibs;
 
-	xas->xa_index |= ((sibs + 1) << shift) - 1;
+	xas->xa_index |= ((sibs + 1UL) << shift) - 1;
 	if (xas_is_node(xas) && xas->xa_node->shift == xas->xa_shift)
 		xas->xa_offset |= sibs;
 	xas->xa_shift = 0;
-- 
cgit