Re: [PATCH -tip] x86: smp_scan_config - use signed long as scanarea size
From: Cyrill Gorcunov
Date: Fri Aug 21 2009 - 12:50:07 EST
[Ingo Molnar - Fri, Aug 21, 2009 at 06:04:26PM +0200]
|
| * Cyrill Gorcunov <gorcunov@xxxxxxxxxx> wrote:
|
| > Unsigned value potentially could be overlapped
| > if length parameter is that: length % 16 != 0.
| >
| > This is not a problem at moment since all values
| > we pass now are 16 divisible (0x400 and 0x10000).
| >
| > Though there is no need unsigned value anyway.
| > Max range pointed out by MP specification is
| > in kilobytes so plain "signed long" is enough.
| >
| > This allow us to be on a safe side.
| >
| > Signed-off-by: Cyrill Gorcunov <gorcunov@xxxxxxxxxx>
| > ---
| >
...
|
| Hm, does a BUILD_BUG_ON((length & 15) != 0) line catch incorrectly
| aligned length parameters?
|
| Ingo
|
For my gcc it doesn't (gcc (Ubuntu 4.3.3-5ubuntu4) 4.3.3). Perhaps
some clever future gcc version would be able to note that constant is passed as argument
and catch it. But at moment it doesn't. (Or maybe there is some cmd option
which force compiler to inspect calls more precisely?)
We could use BUG_ON as well here but I think it doesn't worth it.
0xefffffff is enough to scan 1G of physical memory which we hard
to believe ever do (note 16 byte step size here). And code is not
getting bigger.
Ingo, current situation is not a problem since we know which
values we're passing so I thought about possible (if ever) errors
only.
Also we could introduce inline helper to check the size alignment
(in this case gcc will recognize constants I believe and catch
nits on build time). But I really doubt it is worth thing to do.
-- Cyrill
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/