From owner-cvs-src@FreeBSD.ORG Thu Aug 7 10:19:57 2003 Return-Path: Delivered-To: cvs-src@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C179837B401; Thu, 7 Aug 2003 10:19:57 -0700 (PDT) Received: from smtp1.server.rpi.edu (smtp1.server.rpi.edu [128.113.2.1]) by mx1.FreeBSD.org (Postfix) with ESMTP id C170843FB1; Thu, 7 Aug 2003 10:19:56 -0700 (PDT) (envelope-from drosih@rpi.edu) Received: from [128.113.24.47] (gilead.netel.rpi.edu [128.113.24.47]) by smtp1.server.rpi.edu (8.12.9/8.12.9) with ESMTP id h77HJT9t031621; Thu, 7 Aug 2003 13:19:30 -0400 Mime-Version: 1.0 X-Sender: drosih@mail.rpi.edu Message-Id: In-Reply-To: <20030807150151.I1640@beagle.fokus.fraunhofer.de> References: <200308061130.h76BUrPt029894@repoman.freebsd.org> <20030806102544.A91333@grasshopper.cs.duke.edu> <20030806162837.D622@beagle.fokus.fraunhofer.de> <20030807222014.B1480@gamplex.bde.org> <20030807150151.I1640@beagle.fokus.fraunhofer.de> Date: Thu, 7 Aug 2003 13:19:27 -0400 To: Harti Brandt , Bruce Evans From: Garance A Drosihn Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Scanned-By: CanIt (www . canit . ca) cc: cvs-src@FreeBSD.org cc: src-committers@FreeBSD.org cc: cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/dev/en midway.c X-BeenThere: cvs-src@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: CVS commit messages for the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 07 Aug 2003 17:19:58 -0000 At 3:11 PM +0200 8/7/03, Harti Brandt wrote: > >BDE> It also uses the knowledge that the difference is non-negative. >BDE> Why not just print the difference as it is using the natural >BDE> format %td? This makes no difference if the, uhm, difference >BDE> is non-negative, but avoids undefined behaviour if the >BDE> difference is somehow negative. > >By saying 'array index' I suppose the thing to be non-negative >and lesser or equal the size of the array. Otherwise that >wouldn't be a legal array index for the given array. And let's say there is a logic bug such that the value is not what you would suppose it should be. Then this format will just confuse the issue even more, because the reader will see some (undefined) value instead of the actual value. Thus, I find myself back at Bruce's question. Why *not* use the %td? What is *gained* by assuming the value will always be unsigned? >If it is not, well, there is a bigger problem than undefined >printf behaviour, because that would mean that vc->rxslot >points into the wild. Note that this is an KASSERT statement. This line is *only* printed when handling a situation that SHOULD NEVER HAPPEN. Why make assumptions about *any* of these values in that kind of situation? This is a real bad time to be talking about how "you know" what these values "should be", because you also know that SOMETHING is *not* what it "should be". I imagine this sounds a lot more argumentative than I really intend it to be, but I'm just surprised because I really don't understand why %tu is preferable. Does the compiler format- checking think that value is unsigned, thus forcing you to use %tu? Is this array so large that the difference might be legitimately be larger than INT_MAX on some platform? -- Garance Alistair Drosehn = gad@gilead.netel.rpi.edu Senior Systems Programmer or gad@freebsd.org Rensselaer Polytechnic Institute or drosih@rpi.edu