On Fri 22 May 2020 05:14:36 PM CEST, Eric Blake wrote: >> static int coroutine_fn bdrv_aligned_preadv(BdrvChild *child, >> - BdrvTrackedRequest *req, int64_t offset, unsigned int bytes, >> + BdrvTrackedRequest *req, int64_t offset, int64_t bytes, >> int64_t align, QEMUIOVector *qiov, size_t qiov_offset, int flags) [...] >> BlockDriverState *bs = child->bs; >> int64_t total_bytes, max_bytes; >> int ret = 0; >> - uint64_t bytes_remaining = bytes; >> + int64_t bytes_remaining = bytes; >> int max_transfer; >> >> assert(is_power_of_2(align)); >> + assert(offset >= 0 && bytes >= 0); > > Use within the function: > > the new assertion added here does not check for whether offset+bytes is > positive; I would suggest we strengthen it to instead be: > assert(offset >= 0 && (uint64_t) bytes <= INT64_MAX - offset);
But here you would be making 'bytes' unsigned without asserting that it's not negative. Berto