Hi Julien, > -----Original Message----- > From: Julien Grall <[email protected]> > Subject: Re: [PATCH v2 3/4] xen/arm: Defer GICv2 CPU interface mapping until > the first access > > > gfn_to_gaddr(gfn) >= d->arch.vgic.cbase || > > gfn_to_gaddr(gfn) < d->arch.vgic.cbase + d->arch.vgic.csize > > ... use the size in the check. With the || switch to &&, my preference > would be to use: > > ((d->arch.vgic.cbase - gfn_to_addr(gfn)) < d->arch.vgic.csize) > > to avoid a potential overflow in the unlikely case the CPU interface is > at the top of the address space.
Oh I like the idea of using the "minus approach" to avoid the overflow very much. Thanks! I will keep this in mind in my future development. One more question, since this "minus approach" is directly derived from `gfn_to_gaddr(gfn) < d->arch.vgic.cbase + d->arch.vgic.csize`, shouldn't it be `(gfn_to_addr(gfn) - d->arch.vgic.cbase) < d->arch.vgic.csize` instead? Otherwise I think `d->arch.vgic.cbase - gfn_to_addr(gfn)` will produce a huge u64 and this check would always fail? Kind regards, Henry > > Cheers, > > -- > Julien Grall
