From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754665AbbKCB6v (ORCPT ); Mon, 2 Nov 2015 20:58:51 -0500 Received: from mail-ob0-f177.google.com ([209.85.214.177]:33952 "EHLO mail-ob0-f177.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752296AbbKCB6t (ORCPT ); Mon, 2 Nov 2015 20:58:49 -0500 MIME-Version: 1.0 In-Reply-To: References: <20151027.233235.1641084823622810663.davem@davemloft.net> <5637C8DF.800@kernel.org> <1446512176.17404.30.camel@kernel.crashing.org> From: Andy Lutomirski Date: Mon, 2 Nov 2015 17:58:29 -0800 Message-ID: Subject: Re: [GIT] Networking To: Linus Torvalds Cc: Benjamin Herrenschmidt , Andy Lutomirski , David Miller , Hannes Frederic Sowa , Andrew Morton , Network Development , Linux Kernel Mailing List , Sasha Levin Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Nov 2, 2015 at 5:54 PM, Linus Torvalds wrote: > > The biggest problem - and where the compiler could actually help us - > tends to be multiplication overflows. We have several (not *many*, but > certainly more than just a couple) cases where we simply check by > dividing MAX_INT or something. > > See for example kmalloc_array(), which does > > if (size != 0 && n > SIZE_MAX / size) > return NULL; > > exactly to avoid the overflow when it does the "n*size" allocation. > > So for multiplication, we really *could* use overflow logic. It's not > horribly common, but it definitely happens. > Based in part on an old patch by Sasha, what if we relied on CSE: if (mul_would_overflow(size, n)) return NULL; do_something_with(size * n); I haven't checked, but it would be sad if gcc couldn't optimize this correctly if we use the builtins. The downside is that I don't see off the top of my head how this could be implemented using inline asm if we want a fast fallback when the builtins aren't available. --Andy