On 8/28/25 11:42, Jan Beulich wrote:
> On 28.08.2025 10:17, Dmytro Prokopchuk1 wrote:
>> Resolve infinite loop issue in the 'fail:' cleanup path of the function
>> 'assign_shared_memory()'. The issue was caused by an 'unsigned long' type
>> for the loop counter 'i', which could underflow and wrap around, violating
>> termination conditions.
>> Change 'i' to a signed data type ('long') to ensure safe termination of
>> the 'while (--i >= 0)' loop.
>
> If I was a maintainer of this code, I would strongly object to such a change.
> A signed type variable used as (effectively) an array index is almost always
> conceptually wrong. Plus i continues to be compared to nr_pages, which still
> is of an unsigned type.
>
> What imo wants changing instead is the use of the variable:
>
> fail:
> while ( i-- > 0 )
> put_page_nr(page + i, nr_borrowers);
>
> or yet more simply
>
> fail:
> while ( i-- )
> put_page_nr(page + i, nr_borrowers);
>
> See e.g. prepare_staticmem_pages() for a similar case.
>
> Jan
I had the such thought...
Thanks for advice. I will change it.
Dmytro.
