On 12/3/25 12:48 PM, Timur Tabi wrote:
On Tue, 2025-12-02 at 21:59 -0800, John Hubbard wrote:
+#[inline(always)]
+pub(crate) const fn const_align_up<const ALIGN: usize>(value: usize) -> usize {
+ build_assert!(ALIGN.is_power_of_two());
+ (value + (ALIGN - 1)) & !(ALIGN - 1)
+}
So this is just like the issue I'm having with .next_multiple_of() in my patch
#10.
Shouldn't you have a check to make sure that value + (ALIGN - 1) doesn't
overflow? Since I need to
align up to the nearest const power of two, I could use this function instead
of align_up() and
avoid testing for an error condition.
Const items are special: they are evaluated at compile time, rather
than at runtime. And so this will fail to compile, for values that
would overflow.
For example:
error[E0080]: evaluation of constant value failed
--> drivers/gpu/nova-core/num.rs:226:5
|
226 | (value + (ALIGN - 1)) & !(ALIGN - 1)
| ^^^^^^^^^^^^^^^^^^^^^ attempt to compute `usize::MAX + 15_usize`,
which would overflow
|
note: inside `const_align_up::<16>`
--> drivers/gpu/nova-core/num.rs:226:5
|
226 | (value + (ALIGN - 1)) & !(ALIGN - 1)
| ^^^^^^^^^^^^^^^^^^^^^
note: inside `_OVERFLOW_TEST`
--> drivers/gpu/nova-core/num.rs:231:31
|
231 | const _OVERFLOW_TEST: usize = const_align_up::<16>(usize::MAX);
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
thanks,
--
John Hubbard
