From bb3f21b41eec5588974e69d775d6f0f2fea7e2d4 Mon Sep 17 00:00:00 2001
From: Marsman1996 <lqliuyuwei@outlook.com>
Date: Fri, 20 Jun 2025 15:45:05 +0800
Subject: [PATCH] Fix integer overflow in futex wake

---
 kernel/src/process/posix_thread/futex.rs | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/kernel/src/process/posix_thread/futex.rs b/kernel/src/process/posix_thread/futex.rs
index af2a82fc1..99015fb16 100644
--- a/kernel/src/process/posix_thread/futex.rs
+++ b/kernel/src/process/posix_thread/futex.rs
@@ -195,7 +195,13 @@ impl FutexWakeOpEncode {
 
     fn calculate_new_val(&self, old_val: u32) -> u32 {
         let oparg = if self.is_oparg_shift {
-            1 << self.oparg
+            if self.oparg > 31 {
+                // Linux might return EINVAL in the future
+                // Reference: https://elixir.bootlin.com/linux/v6.15.2/source/kernel/futex/waitwake.c#L211-L222
+                warn!("futex_wake_op: program tries to shift op by {}", self.oparg);
+            }
+
+            1 << (self.oparg & 31)
         } else {
             self.oparg
         };