Hi Matthew! On Mon, Mar 04, 2024 at 03:22:24PM +0000, Matthew Wilcox wrote: > On Mon, Mar 04, 2024 at 04:09:26PM +0100, Alejandro Colomar wrote: > > Depending on the width of those types, the sum may be performed as > > 'loff_t' if `sizeof(loff_t) > sizeof(size_t)`, or as 'size_t' if > > `sizeof(loff_t) <= sizeof(size_t)`. Since 'loff_t' is a 64-bit type, > > but 'size_t' can be either 32-bit or 64-bit, the former is possible. > > > > In those platforms in which loff_t is wider, the addends are promoted to > > 'loff_t' before the sum. And a sum of positive signed values can never > > be negative. If the sum overflows (and the program above triggers > > such an overflow), the behavior is undefined. > > Linux is compiled with -fwrapv so it is defined. Hmmm; thanks! Still, I'm guessing that's used as a caution to avoid opening Hell's doors, rather than a declaration that the kernel doesn't care about signed-integer overflow bugs. Otherwise, all the macros in <linux/kernel/overflow.h> wouldn't make much sense, right? Have a lovely day! Alex -- <https://www.alejandro-colomar.es/> Looking for a remote C programming job at the moment.
Attachment:
signature.asc
Description: PGP signature
