On Thu, 22 Feb 2024 at 09:36, Daniel Latypov dlatypov@google.com wrote:
Copying the line for context, it's about `p-r` where p = memchr_inv(&r[1], 0, sizeof(r) - sizeof(r[0])); `p-r` should never be negative unless something has gone horribly horribly wrong.
Sure it would - if 'p' is NULL.
Of course, then a negative value wouldn't be helpful either, and in this case that's what the EXPECT_PTR_EQ checking is testing in the first place, so it's a non-issue.
IOW, in practice clearly the sign should simply not matter here.
I do think that the default case for pointer differences should be that they are signed, because they *can* be.
Just because of that "default case", unless there's some actual reason to use '%tu', I think '%td' should be seen as the normal case to use.
That said, just as a quick aside: be careful with pointer differences in the kernel.
For this particular case, when we're talking about just 'char *', it's not a big deal, but we've had code where people didn't think about what it means to do a pointer difference in C, and how it can be often unnecessarily expensive due to the implied "divide by the size of the pointed object".
Sometimes it's actually worth writing the code in ways that avoids pointer differences entirely (which might involve passing around indexes instead of pointers).
Linus