Re: [GIT PULL] bug fix for devicetree memory parsing

From: Linus Torvalds
Date: Tue Jul 08 2014 - 13:55:50 EST

On Sun, Jul 6, 2014 at 12:24 PM, Linus Torvalds
<torvalds@xxxxxxxxxxxxxxxxxxxx> wrote:
> Why does the code not just do something like
> #define MAX_PHYS_ADDR ((phys_addr_t) ~0)
> and then do
> if (base > MAX_PHYS_ADDR || base + size > MAX_PHYS_ADDR)

Actually, there's an even better model, which is to just check if a
value fits in a type.

You could do something like

#define FITS(type, value) ((value) == (type)(value))

and then you can just use

if (!FITS(phys_addr_t, base) || !FITS(phys_addr_t, base+size))

instead. The compiler will trivially turn the comparisons into no-ops
if the type is sufficient to hold the value.

We already do this in a few places, it might even be worth it making a
generic macro. People have been confused by the "x == x" kind of
comparisons before, see for example fs/buffer.c:grow_buffers(), which

index = block >> sizebits;
if (unlikely(index != block >> sizebits)) {

where "index" is a pgoff_t, but "block >> sizebits" is a sector_t, so
that comparison actually checks that "block >> sizebits" fits in the
type, even though it looks like it compares the same computed value
against itself.

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at