Attention is currently required from: Jakub Czapiga, Jérémy Compostella.

View Change

2 comments:

• File src/commonlib/include/commonlib/region.h:

  • Patch Set #5, Line 127: return region_offset(r) + region_sz(r) - 1;

    Isn't overflow still possible here? Should 1 be subtracted from size first? So like that: `return re […]

    Well, in C the order doesn't matter (for unsigned operations), it would just
    wrap around twice. But I can change it ofc.

    (We still need to decide if we want to allow a size of 0, but it looks like we
    won't.)

• File tests/commonlib/region-test.c:

  • Patch Set #5, Line 338: assert_true((uintptr_t)backing <= SIZE_MAX);

    What is the purpose of this assert? `backing` is a buffer, not size. […]

    Ah, sorry, didn't mean to commit this. I ran into a problem here
    with an intermediate code state and wanted to make sure that such
    common assumptions are true (because that the stack is below
    SIZE_MAX is not guaranteed by C; it is though in the usual data models).

    I'll leave this open and clean it up on the next iteration.

To view, visit change 79946. To unsubscribe, or for help writing mail filters, visit settings.