Fix incorrect check in fpm_shm_free() (#13797)

nielsdos · web-flow · commit dd3aa1854579 · 2024-03-24T13:57:08.000+01:00
`if (fpm_shm_size - size > 0)` will be rewritten by the compiler as this: `if (fpm_shm_size != size)`, which is undesirable. The reason this happens is that both variables are size_t, so subtracting them cannot be negative. The only way it can be not > 0, is if they're equal because the result will then be 0. This means that the else branch won't work properly. E.g. if `fpm_shm_size == 50` and `size == 51`, then `fpm_shm_size` will wraparound instead of becoming zero. To showcase that the compiler actually does this, take a look at this isolated case: https://godbolt.org/z/azobdWcrY. Here we can see the usage of the compare instruction + cmove, so the "then" branch is only done if the variables are equal.
diff --git a/sapi/fpm/fpm/fpm_shm.c b/sapi/fpm/fpm/fpm_shm.c
@@ -50,7 +50,7 @@ int fpm_shm_free(void *mem, size_t size) /* {{{ */
 		return 0;
 	}
 
-	if (fpm_shm_size - size > 0) {
+	if (fpm_shm_size > size) {
 		fpm_shm_size -= size;
 	} else {
 		fpm_shm_size = 0;

Original file line number	Diff line number	Diff line change
`@@ -50,7 +50,7 @@ int fpm_shm_free(void mem, size_t size) / {{{ */`
`50`	`50`	`return 0;`
`51`	`51`	`}`
`52`	`52`
`53`		`- if (fpm_shm_size - size > 0) {`
	`53`	`+ if (fpm_shm_size > size) {`
`54`	`54`	`fpm_shm_size -= size;`
`55`	`55`	`} else {`
`56`	`56`	`fpm_shm_size = 0;`