lwip-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [lwip-devel] LWIP_U32_DIFF is unnecessarily complex

From: Mike Kleshov
Subject: Re: [lwip-devel] LWIP_U32_DIFF is unnecessarily complex
Date: Wed, 23 Nov 2011 23:23:49 +0400 
On 23 November 2011 17:37, David Brown <address@hidden> wrote:
> Since unsigned addition cannot overflow, nor can unsigned subtraction.

It makes sense. I only wanted to see the exact quote from the standard
to clearly support this. It appears there is none. Although, the
intent of the standard appears to be: subtraction of unsigned integers
is as well-behaved as addition.

> Since unsigned addition cannot overflow, nor can unsigned subtraction. So
> the macro LWIP_U32_DIFF should be defined simply:
>
> #define LWIP_U32_DIFF(a, b) ((a) - (b))
>
> assuming the comment "'a' is expected to be higher than 'b'" is valid.
>
> If that comment is not valid, a better definition would be:
>
> #define LWIP_U32_DIFF(a, b) (((a) >= (b)) ? ((a) - (b)) : ((b) - (a)))

This last define is so wrong. You seem to misunderstand the phrase
"'a' is expected to be higher than 'b'". It assumes that a and b are
snapshots of a free-running 32-bit timer, so 'a' would be later than
'b'. They can easily be (a > b) or (a < b) in unsigned arithmetic
sense.

Regards,

- mike
reply via email to
[Prev in Thread] Current Thread [Next in Thread]