On 2014/12/11 19:29, Paolo Bonzini wrote:
On 11/12/2014 04:02, Tiejun Chen wrote:
We already check 'len' above to make sure it already isn't
negative here, so indeed, (addr + len < addr) should never be happened.
... except if there is an overflow.
Sorry, I'm confused. 'addr' is u64 and now 'len' would always be '>=0',
what's your a so-called overflow here? And we also have such a check
below, (addr + len > dev->zone.addr + dev->zone.size), so can this
guarantee an overflow?
Thanks
Tiejun
Paolo
Signed-off-by: Tiejun Chen <tiejun.chen@xxxxxxxxx>
---
virt/kvm/coalesced_mmio.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/virt/kvm/coalesced_mmio.c b/virt/kvm/coalesced_mmio.c
index 00d8642..60f59cd 100644
--- a/virt/kvm/coalesced_mmio.c
+++ b/virt/kvm/coalesced_mmio.c
@@ -30,8 +30,6 @@ static int coalesced_mmio_in_range(struct kvm_coalesced_mmio_dev *dev,
*/
if (len < 0)
return 0;
- if (addr + len < addr)
- return 0;
if (addr < dev->zone.addr)
return 0;
if (addr + len > dev->zone.addr + dev->zone.size)
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
