radix-tree: fix sibling entry insertion

The subtraction was the wrong way round, leading to undefined behaviour
(shift by an amount larger than the size of the type).

Signed-off-by: Matthew Wilcox <[email protected]>
Reviewed-by: Ross Zwisler <[email protected]>
Cc: Konstantin Khlebnikov <[email protected]>
Cc: Kirill Shutemov <[email protected]>
Cc: Jan Kara <[email protected]>
Cc: Neil Brown <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>

diff --git a/lib/radix-tree.c b/lib/radix-tree.c
index 585965afc80847259775fb371d35310d8b441f0f..c0366d1d2613e788f07a46f1224fff99d94bef80 100644 (file)
--- a/lib/radix-tree.c
+++ b/lib/radix-tree.c
@@ -526,8 +526,8 @@ int __radix_tree_create(struct radix_tree_root *root, unsigned long index,
 
 #ifdef CONFIG_RADIX_TREE_MULTIORDER
        /* Insert pointers to the canonical entry */
-       if ((shift - order) > 0) {
-               int i, n = 1 << (shift - order);
+       if (order > shift) {
+               int i, n = 1 << (order - shift);
                offset = offset & ~(n - 1);
                slot = ptr_to_indirect(&node->slots[offset]);
                for (i = 0; i < n; i++) {