Re: [PATCH v2] rust: time: add Ktime
From: Boqun Feng
Date: Thu Apr 11 2024 - 14:40:28 EST
On Thu, Apr 11, 2024 at 06:21:43PM +0200, Alice Ryhl wrote:
> On Thu, Apr 11, 2024 at 5:57 PM Boqun Feng <boqun.feng@xxxxxxxxx> wrote:
> >
> > On Fri, Mar 22, 2024 at 08:59:38AM +0000, Alice Ryhl wrote:
> > > + /// Returns the number of milliseconds.
> > > + #[inline]
> > > + pub fn to_ms(self) -> i64 {
> > > + self.divns_constant::<NSEC_PER_MSEC>()
> > > + }
> > > +}
> > > +
> > > +/// Returns the number of milliseconds between two ktimes.
> > > +#[inline]
> > > +pub fn ktime_ms_delta(later: Ktime, earlier: Ktime) -> i64 {
> > > + (later - earlier).to_ms()
> > > +}
> > > +
> > > +impl core::ops::Sub for Ktime {
> > > + type Output = Ktime;
> > > +
> > > + #[inline]
> > > + fn sub(self, other: Ktime) -> Ktime {
> > > + Self {
> > > + inner: self.inner - other.inner,
> >
> > Nit: although we use "Release mode" to compile Rust code in kernel, so
> > i64 substraction behaves as 2's complement wrap, I think it's better we
> > use wrapping_sub here:
> >
> > self.inner.wrapping_sub(other.inner)
> >
> > however it's not a correctness issue for now, so with or without it,
>
> We enable overflow checks even on release mode right now. But I don't
Oh, I was missing that, then we actually have to skip the overflow
checking with wrapping_sub() to mirror what C side does, for performance
reasons and for avoiding panics.
Regards,
Boqun
> understand this nit because we only have an overflow condition if the
> two ktimes differ by more than 2^31, and if that happens then that's a
> *legitimate* overflow that we would want to catch. Or is there
> something I am missing?
>
> Alice