On 28/08/2025 09:42, Jan Beulich wrote:
On 28.08.2025 10:17, Dmytro Prokopchuk1 wrote:Resolve infinite loop issue in the 'fail:' cleanup path of the function 'assign_shared_memory()'. The issue was caused by an 'unsigned long' type for the loop counter 'i', which could underflow and wrap around, violating termination conditions. Change 'i' to a signed data type ('long') to ensure safe termination of the 'while (--i >= 0)' loop.If I was a maintainer of this code, I would strongly object to such a change. A signed type variable used as (effectively) an array index is almost always conceptually wrong. Plus i continues to be compared to nr_pages, which still is of an unsigned type. What imo wants changing instead is the use of the variable: fail: while ( i-- > 0 ) put_page_nr(page + i, nr_borrowers); or yet more simply fail: while ( i-- ) put_page_nr(page + i, nr_borrowers); See e.g. prepare_staticmem_pages() for a similar case.
+1 with Jan's comment. Cheers, -- Julien Grall
