DF-0069
Signed integer overflow (C UB) in lock range end calculation (caught by guard, no corruption reachable)
Summary
kern_lockf.c:233 end=start+fl->l_len-1 signed 64-bit add can overflow for large l_start/l_len (e.g. l_start=1 l_len=LLONG_MAX). Signed overflow is C UB (C11 6.5). if(end<start) guard :234 effective under 2s-complement wraparound (dangerous cases produce end<=start rejected; benign start=0/l_len=LLONG_MAX -> end=LLONG_MAX-1). Same pattern SEEK_END start=size+fl->l_start :217 mixed uint/int. No memory corruption reachable (guard catches). -fwrapv typical. Code-quality defense-in-depth.