Committed. On Fri, Jan 23, 2026 at 09:21:53AM +0100, Anthonin Bonnefoy wrote: > From my understanding, 'add_size(hp_required, 1)' will never overflow > since size_b was checked for overflow, and hp_size should always be >1 > (except if huge pages of 1 byte exist somewhere).
That's true, but for this sort of thing, I usually prefer to avoid relying on those kinds of assumptions to reason about the correctness of the code. The overflow check costs little, and IIUC this function is run exactly once for the lifetime of the server. > For consistency with CreateAnonymousSegment, using 'add_size(size_b, > hp_size - (size_b % hp_size))' will also check that the final > requested allocation doesn't overflow. *shrug* I don't see a strong reason for consistency here. AFAICT you'd have to be trying to allocate something like 18 exabytes on most systems for there to be a problem, at which point there are probably bigger issues to sort out. Thanks for the patch! -- nathan
