Attention is currently required from: Jakub Czapiga, Jérémy Compostella.

Nico Huber has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/79946?usp=email )

Change subject: [RFC] region: Turn region_end() into an inclusive region_last() ......................................................................

Patch Set 5:

(2 comments)

File src/commonlib/include/commonlib/region.h:

https://review.coreboot.org/c/coreboot/+/79946/comment/8d4ba0ae_01ea740f : PS5, Line 127: return region_offset(r) + region_sz(r) - 1;

Isn't overflow still possible here? Should 1 be subtracted from size first? So like that: `return re […]

Well, in C the order doesn't matter (for unsigned operations), it would just wrap around twice. But I can change it ofc.

(We still need to decide if we want to allow a size of 0, but it looks like we won't.)

File tests/commonlib/region-test.c:

https://review.coreboot.org/c/coreboot/+/79946/comment/4f8d6289_a06107ca : PS5, Line 338: assert_true((uintptr_t)backing <= SIZE_MAX);

What is the purpose of this assert? `backing` is a buffer, not size. […]

Ah, sorry, didn't mean to commit this. I ran into a problem here with an intermediate code state and wanted to make sure that such common assumptions are true (because that the stack is below SIZE_MAX is not guaranteed by C; it is though in the usual data models).

I'll leave this open and clean it up on the next iteration.