Kevin Wolf <kw...@redhat.com> writes: > Am 25.11.2015 um 09:18 hat Markus Armbruster geschrieben: >> John Snow <js...@redhat.com> writes: >> >> > Trivial: this array should be allocated to have ID_MAX entries always. >> > Otherwise if someone were to forget to expand this table, the assertion >> > in the id generator won't actually trigger; it will read junk data. >> >> You mean this one: >> >> assert(id < ID_MAX); >> >> The assertion is crap, because it fails to protect array access >> id_subsys_str[id]. Here's one that does: >> >> assert(0 <= id && id < ARRAY_SIZE(id_subsys_str)); > > Or without the kraxelism id >= 0. However, depending on whether enums > are signed or unsigned, I seem to remember that this could trigger > compiler warnings (comparison is always true). And this one should be > unsigned with gcc because it doesn't include negative values.
Whatever it takes to express the range check in a way the compiler likes. Since ARRAY_SIZE()'s value is size_t, and size_t is unsigned, the comparison with 0 can simply be omitted.
