On Thu, Aug 3, 2023 at 8:25 AM Michał Mirosław <emmir@xxxxxxxxxx> wrote:
>
> On Thu, 3 Aug 2023 at 17:09, Andrei Vagin <avagin@xxxxxxxxx> wrote:
> > On Thu, Jul 27, 2023 at 02:36:34PM +0500, Muhammad Usama Anjum wrote:
> [...]
> > > + n_pages = (*end - addr) / PAGE_SIZE;
> > > + if (check_add_overflow(p->found_pages, n_pages, &total_pages) ||
> > > + total_pages > p->arg.max_pages) {
> >
> > why do we need to use check_add_overflow here?
> >
> > > + size_t n_too_much = total_pages - p->arg.max_pages;
> >
> > it is unsafe to use total_pages if check_add_overflow returns non-zero.
>
> Since we're adding unsigned integers, this is well defined even after overflow.
The description of check_add_overflow declares that is unsafe:
https://elixir.bootlin.com/linux/latest/source/include/linux/overflow.h#L62
It actually doesn't matter, because it should be impossible to
overflow total_pages
and we can consider not to use check_add_overflow here.
>
> Best Regards
> Michał Mirosław
