On Thu, 22 Feb 2024 at 09:36, Daniel Latypov <dlatypov@xxxxxxxxxx> wrote:
>
> Copying the line for context, it's about `p-r` where
> p = memchr_inv(&r[1], 0, sizeof(r) - sizeof(r[0]));
> `p-r` should never be negative unless something has gone horribly
> horribly wrong.
Sure it would - if 'p' is NULL.
Of course, then a negative value wouldn't be helpful either, and in
this case that's what the EXPECT_PTR_EQ checking is testing in the
first place, so it's a non-issue.
IOW, in practice clearly the sign should simply not matter here.
I do think that the default case for pointer differences should be
that they are signed, because they *can* be.
Just because of that "default case", unless there's some actual reason
to use '%tu', I think '%td' should be seen as the normal case to use.
That said, just as a quick aside: be careful with pointer differences
in the kernel.
For this particular case, when we're talking about just 'char *', it's
not a big deal, but we've had code where people didn't think about
what it means to do a pointer difference in C, and how it can be often
unnecessarily expensive due to the implied "divide by the size of the
pointed object".
Sometimes it's actually worth writing the code in ways that avoids
pointer differences entirely (which might involve passing around
indexes instead of pointers).
Linus
