Both offset and len are signed integers who's overflow isn't defined. Use unsigned addition to avoid the issue. Signed-off-by: Sasha Levin <sasha.levin@xxxxxxxxxx> --- mm/fadvise.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mm/fadvise.c b/mm/fadvise.c index 3bcfd81d..762cb63 100644 --- a/mm/fadvise.c +++ b/mm/fadvise.c @@ -67,7 +67,7 @@ SYSCALL_DEFINE4(fadvise64_64, int, fd, loff_t, offset, loff_t, len, int, advice) } /* Careful about overflows. Len == 0 means "as much as possible" */ - endbyte = offset + len; + endbyte = offset + (u64)len; if (!len || endbyte < len) endbyte = -1; else -- 1.7.10.4 -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxx. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>