On Tue 14 Nov 2017 07:41:27 PM CET, Max Reitz wrote: > @mem_size and @offset are both size_t, thus subtracting them from one > another will just return a big size_t if mem_size < offset -- even more > obvious here because the result is stored in another size_t. > > Checking that result to be positive is therefore not sufficient to > excluse the case that offset > mem_size. Thus, we currently sometimes > issue an madvise() over a very large address range. > > This is triggered by iotest 163, but with -m64, this does not result in > tangible problems. But with -m32, this test produces three segfaults, > all of which are fixed by this patch. > > Signed-off-by: Max Reitz <mre...@redhat.com>
Oh, I guess this happens when the page size is larger than the cluster size? Otherwise I don't see how... Reviewed-by: Alberto Garcia <be...@igalia.com> Berto
