Re: [PATCH] udf: uint32_t can't be less than zero

From: Denis Vlasenko
Date: Sun Apr 24 2005 - 04:43:58 EST

On Saturday 23 April 2005 21:48, Jesper Juhl wrote:
> Here's a patch that removes a few bits from fs/udf/balloc.c that
> test uint32_t values for being less than zero, which is impossible.
> I know not everyone agree with this sort of cleanup, but I figured I'd do
> the patch in any case, then leave it up to the maintainer to apply it or
> drop it.
> Please keep me on CC: when replying.
> - if (bloc.logicalBlockNum < 0 ||
> - (bloc.logicalBlockNum + count) > UDF_SB_PARTLEN(sb, bloc.partitionReferenceNum))
> + if ((bloc.logicalBlockNum + count) > UDF_SB_PARTLEN(sb, bloc.partitionReferenceNum))

It is not immediately visible here that bloc.logicalBlockNum is unsigned.
One needs to check that by looking at the definition.

Also if later someone changes bloc.logicalBlockNum into signed entity, code
becomes buggy. Not good.

gcc already optimizes out such checks:

# gcc -O2 t.c -S -fomit-frame-pointer
# cat t.c t.s
extern unsigned v;

int f() {
return v<0 || v>100 || v==50;
.file "t.c"
.p2align 2,,3
.globl f
.type f, @function
movl v, %edx
xorl %eax, %eax
cmpl $100, %edx
ja .L3
cmpl $50, %edx
je .L3
.p2align 2,,3
movl $1, %eax
.size f, .-f
.section .note.GNU-stack,"",@progbits
.ident "GCC: (GNU) 3.4.3"

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at