Message ID | CAA=40849KSFkpG3kkppAruwxfqtQwTw0KsV-LXR5wODdspxDWw@mail.gmail.com |
---|---|
State | Superseded, archived |
Headers | show |
On Wed, Mar 30, 2016 at 10:29:55PM +0530, Navin P.S wrote: > Hi, > This fixes bugs 114701 and 112161 at bugzilla.kernel.org > It is caused due to left shift by a negative value which is undefined. > Since these values are not used after a negative shift the change > introduces a break. > > Signed-off-by: Navin P.S <navinp1912@gmail.com> Thanks, I've applied http://patchwork.ozlabs.org/patch/599805/ http://patchwork.ozlabs.org/patch/599804/ To address this problem. - Ted -- To unsubscribe from this list: send the line "unsubscribe linux-ext4" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/fs/ext4/mballoc.c b/fs/ext4/mballoc.c index 50e05df..8ccfcf7 100644 --- a/fs/ext4/mballoc.c +++ b/fs/ext4/mballoc.c @@ -1278,6 +1278,8 @@ static int mb_find_order_for_block(struct ext4_buddy *e4b, int block) /* this block is part of buddy of order 'order' */ return order; } + if (order > e4b->bd_blkbits) + break; bb += 1 << (e4b->bd_blkbits - order); order++;
Hi, This fixes bugs 114701 and 112161 at bugzilla.kernel.org It is caused due to left shift by a negative value which is undefined. Since these values are not used after a negative shift the change introduces a break. Signed-off-by: Navin P.S <navinp1912@gmail.com> --- fs/ext4/mballoc.c | 4 ++++ 1 file changed, 4 insertions(+) } @@ -2616,6 +2618,8 @@ int ext4_mb_init(struct super_block *sb) do { sbi->s_mb_offsets[i] = offset; sbi->s_mb_maxs[i] = max; + if (i > sb->s_blocksize_bits) + break; offset += 1 << (sb->s_blocksize_bits - i); max = max >> 1; i++;