| Message ID | 1353048646-10935-10-git-send-email-tushar.behera@linaro.org |
|---|---|
| State | Rejected |
| Headers | show |
On Fri, Nov 16, 2012 at 12:20:41PM +0530, Tushar Behera wrote: > No need to check whether unsigned variable is less than 0. > > CC: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> Acked-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> > CC: Jeremy Fitzhardinge <jeremy@goop.org> > CC: xen-devel@lists.xensource.com > CC: virtualization@lists.linux-foundation.org > Signed-off-by: Tushar Behera <tushar.behera@linaro.org> > --- > drivers/xen/events.c | 2 +- > 1 files changed, 1 insertions(+), 1 deletions(-) > > diff --git a/drivers/xen/events.c b/drivers/xen/events.c > index 4293c57..cadd7d1 100644 > --- a/drivers/xen/events.c > +++ b/drivers/xen/events.c > @@ -216,7 +216,7 @@ static void xen_irq_info_pirq_init(unsigned irq, > */ > static unsigned int evtchn_from_irq(unsigned irq) > { > - if (unlikely(WARN(irq < 0 || irq >= nr_irqs, "Invalid irq %d!\n", irq))) > + if (unlikely(WARN(irq >= nr_irqs, "Invalid irq %d!\n", irq))) > return 0; > > return info_for_irq(irq)->evtchn; > -- > 1.7.4.1
To be honest I'd nack this kind of patch. The test is only redundant in the most trivial sense that the compiler can easily optimise away. The point of the test is to make sure that the range is OK even if the type subsequently becomes signed (to hold a -ve error, for example). J Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> wrote: >On Fri, Nov 16, 2012 at 12:20:41PM +0530, Tushar Behera wrote: >> No need to check whether unsigned variable is less than 0. >> >> CC: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> > >Acked-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> > >> CC: Jeremy Fitzhardinge <jeremy@goop.org> >> CC: xen-devel@lists.xensource.com >> CC: virtualization@lists.linux-foundation.org >> Signed-off-by: Tushar Behera <tushar.behera@linaro.org> >> --- >> drivers/xen/events.c | 2 +- >> 1 files changed, 1 insertions(+), 1 deletions(-) >> >> diff --git a/drivers/xen/events.c b/drivers/xen/events.c >> index 4293c57..cadd7d1 100644 >> --- a/drivers/xen/events.c >> +++ b/drivers/xen/events.c >> @@ -216,7 +216,7 @@ static void xen_irq_info_pirq_init(unsigned irq, >> */ >> static unsigned int evtchn_from_irq(unsigned irq) >> { >> - if (unlikely(WARN(irq < 0 || irq >= nr_irqs, "Invalid irq %d!\n", >irq))) >> + if (unlikely(WARN(irq >= nr_irqs, "Invalid irq %d!\n", irq))) >> return 0; >> >> return info_for_irq(irq)->evtchn; >> -- >> 1.7.4.1
On 11/16/2012 10:23 PM, Jeremy Fitzhardinge wrote: > To be honest I'd nack this kind of patch. The test is only redundant in the most trivial sense that the compiler can easily optimise away. The point of the test is to make sure that the range is OK even if the type subsequently becomes signed (to hold a -ve error, for example). > > J > The check is on the function argument which is unsigned, so checking '< 0' doesn't make sense. We should force signed check only if the argument is of signed type. In any case, even if irq has been assigned some error value, that would be caught by the check irq >= nr_irqs. > Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> wrote: > >> On Fri, Nov 16, 2012 at 12:20:41PM +0530, Tushar Behera wrote: >>> No need to check whether unsigned variable is less than 0. >>> >>> CC: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> >> >> Acked-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> >> >>> CC: Jeremy Fitzhardinge <jeremy@goop.org> >>> CC: xen-devel@lists.xensource.com >>> CC: virtualization@lists.linux-foundation.org >>> Signed-off-by: Tushar Behera <tushar.behera@linaro.org> >>> --- >>> drivers/xen/events.c | 2 +- >>> 1 files changed, 1 insertions(+), 1 deletions(-) >>> >>> diff --git a/drivers/xen/events.c b/drivers/xen/events.c >>> index 4293c57..cadd7d1 100644 >>> --- a/drivers/xen/events.c >>> +++ b/drivers/xen/events.c >>> @@ -216,7 +216,7 @@ static void xen_irq_info_pirq_init(unsigned irq, >>> */ >>> static unsigned int evtchn_from_irq(unsigned irq) >>> { >>> - if (unlikely(WARN(irq < 0 || irq >= nr_irqs, "Invalid irq %d!\n", >> irq))) >>> + if (unlikely(WARN(irq >= nr_irqs, "Invalid irq %d!\n", irq))) >>> return 0; >>> >>> return info_for_irq(irq)->evtchn; >>> -- >>> 1.7.4.1 >
On Mon, 2012-11-19 at 03:52 +0000, Tushar Behera wrote: > On 11/16/2012 10:23 PM, Jeremy Fitzhardinge wrote: > > To be honest I'd nack this kind of patch. The test is only redundant in the most trivial sense that the compiler can easily optimise away. The point of the test is to make sure that the range is OK even if the type subsequently becomes signed (to hold a -ve error, for example). > > > > J > > > > The check is on the function argument which is unsigned, so checking '< > 0' doesn't make sense. We should force signed check only if the argument > is of signed type. In any case, even if irq has been assigned some error > value, that would be caught by the check irq >= nr_irqs. Jeremy is (I think) arguing that this check is not redundant because someone might change the type of the argument to be signed and until then the compiler can trivially optimise the check away, so what's the harm in it? I'm somewhat inclined to agree with him. Ian.
On 11/19/2012 04:01 PM, Ian Campbell wrote: > On Mon, 2012-11-19 at 03:52 +0000, Tushar Behera wrote: >> On 11/16/2012 10:23 PM, Jeremy Fitzhardinge wrote: >>> To be honest I'd nack this kind of patch. The test is only redundant in the most trivial sense that the compiler can easily optimise away. The point of the test is to make sure that the range is OK even if the type subsequently becomes signed (to hold a -ve error, for example). >>> >>> J >>> >> >> The check is on the function argument which is unsigned, so checking '< >> 0' doesn't make sense. We should force signed check only if the argument >> is of signed type. In any case, even if irq has been assigned some error >> value, that would be caught by the check irq >= nr_irqs. > > Jeremy is (I think) arguing that this check is not redundant because > someone might change the type of the argument to be signed and until > then the compiler can trivially optimise the check away, so what's the > harm in it? > > I'm somewhat inclined to agree with him. > > Ian. > Ok, I don't have much argument against this.
diff --git a/drivers/xen/events.c b/drivers/xen/events.c index 4293c57..cadd7d1 100644 --- a/drivers/xen/events.c +++ b/drivers/xen/events.c @@ -216,7 +216,7 @@ static void xen_irq_info_pirq_init(unsigned irq, */ static unsigned int evtchn_from_irq(unsigned irq) { - if (unlikely(WARN(irq < 0 || irq >= nr_irqs, "Invalid irq %d!\n", irq))) + if (unlikely(WARN(irq >= nr_irqs, "Invalid irq %d!\n", irq))) return 0; return info_for_irq(irq)->evtchn;
No need to check whether unsigned variable is less than 0. CC: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> CC: Jeremy Fitzhardinge <jeremy@goop.org> CC: xen-devel@lists.xensource.com CC: virtualization@lists.linux-foundation.org Signed-off-by: Tushar Behera <tushar.behera@linaro.org> --- drivers/xen/events.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-)