On Tue, Jun 14, 2022 at 11:25 AM Bruce Richardson <bruce.richard...@intel.com> wrote: > > > > - if (unlikely(!src || !dlen)) > > > > + if (unlikely(!src || !dlen || dlen > left)) > > > > return -1; > > > > > > > > > > If this change is omitted, does the compiler still give warnings. Looking > > > through the called code, the dlen parameter can only ever be reduced, not > > > incremented (function rte_vhost_va_from_guest_pa() in rte_vhost.h). > > > > If I promote to_copy and left variables as uint64_t, gcc is still > > unhappy, for the same reason. > > The check on dlen > left seems necessary. > > > > > Ok, just thought I'd ask anyway. I wonder if we need to check for > wrap-around in the reduction case, since we are dealing with unsigned > values. This additional check should catch that anyway if it does occur.
I had a fresh look at this code and went with some splitting / simplification. This makes the code clearer, and there is no added check. I'll send a v2. -- David Marchand
