Re: [RFC v2 1/2] compiler: use compiler to detect integer overflows

From: Linus Torvalds
Date: Sat Nov 29 2014 - 13:08:26 EST


On Sat, Nov 29, 2014 at 7:07 AM, Sasha Levin <sasha.levin@xxxxxxxxxx> wrote:
>
> Since we can't just change those to unsigned

Sure we can. Just cast them. A signed start/len is bogus crap, it's a
random wrong type.

If you want to, add a "if (len < 0) return -EINVAL;" before the cast,
but treating negative numbers as big positive numbers sounds fine too.

> we'd still need to do an overflow
> check with signed integers somewhere.

Why? It's just a type. User space can't care, and signed values make
no sense anyway.

Linus
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/