Date: Thu, 1 Mar 2012 23:45:54 +0100 From: Tijl Coosemans <tijl@freebsd.org> To: Bruce Evans <brde@optusnet.com.au> Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org Subject: Re: svn commit: r232261 - in head/sys: amd64/include i386/include pc98/include x86/include Message-ID: <201203012346.00228.tijl@freebsd.org> In-Reply-To: <20120229071721.G989@besplex.bde.org> References: <201202281815.q1SIFSbB082030@svn.freebsd.org> <20120229071721.G989@besplex.bde.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--nextPart2527463.E7el3J74Ju Content-Type: Text/Plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable On Wednesday 29 February 2012 00:26:43 Bruce Evans wrote: > On Tue, 28 Feb 2012, Tijl Coosemans wrote: >=20 >> Log: >> Copy amd64 _types.h to x86 and merge with i386 _types.h. Replace existi= ng >> amd64/i386/pc98 _types.h with stubs. >=20 > I don't like this much. It gives 2 layers of convolutions for readers > (humans and compilers) to slowly untangle. There is another layer of > include files for compatibility (but both layers are still used by > default), and lots of ifdefs. The whole point of 1 file per arch was > to avoid such ifdefs. This might be OK if arches were actually identical > for the APIs in these files, but for types there are lots of differences > between 32-bit and 64-bit machines. amd64 isn't just a 64-bit machine. i386 support is one of its core features. In hindsight, I believe it was a mistake to create a separate amd64 include directory. There wouldn't be any stub headers if the original i386 headers had been extended instead, as was done for powerpc64 and powerpc. But so be it. Eventually, hopefully, x86 will be installed as the machine directory and then the stub layer will disappear. =46or now, the approach I'm taking is to only merge headers that can be included by user code. I don't want to stuff too many changes in one commit, which means the current batch of patches are pure merges and little else. The resulting headers are bug for bug compatible with the original headers. I also try to keep the number of ifdefs down but to keep diffs small and easier to review I don't want to excessively rearrange files just to eliminate an extra ifdef. The resulting headers are meant to be similar to existing powerpc and mips headers. Once that's done we can look into fixing any bugs and structural problems for all architectures. Changing some of the type definitions like you suggest below is something that can be discussed, but it requires a lot more thought and testing than what I'm currently trying to accomplish which is to make cc -m32 work and to prevent further deviations between amd64 and i386 such as __clock_t. I've also been working on mapping out all the ISO C and POSIX library requirements which should give me a better idea of how to organise the headers. Currently the C (and C++) standards are done and I've started with the various POSIX standards. So far it seems a lot can be moved to sys because many type definitions (and their limits) aren't machine dependent but LP64/ILP32 dependent. With several architectures (x86, powerpc, mips and armv8 in the future?) already supporting both, there's a lot of duplication that can be removed by supporting both from sys instead. It would remove some of the stubs like _inttypes.h and _stdint.h, maybe _limits.h. > The differences can be reduced by spelling 32/64-bit types as > [unsigned] long and by always using the basic type instead of a > derived type. Old code (e.g., FreeBSD-3) did this, but now almost > everything is declared using the derived fixed-width types > int32_t/int64_t etc., so there is always a spelling difference for > 32/64-bit types. The only exceptions are floating point types, and > the broken __clock_t type. > clock_t is unsigned long on i386, but is int32_t on amd64. This > is backwards at best. I think this brokenness came from NetBSD. > _BSD_CLOCK_T_ was correct (unsigned long) for all arches in 4.4BSD, > and i386 just didn't break this. But now __clock_t is broken for > all arches except i386: it is __uint32_t on arm and powerpc, which > is just a different spelling for the 32-bit case and is at least > ABI-compatible for the 64-bit case, but for all other arches > including all 64-bit ones, it broken to __int32_t. Perhaps the > difference is explained by "long" being bad for ABI compatibility. > Old code like 4.4BSD-Lite1 used long excessively (since technically, > int might be only 16 bits). Even pid_t was long in 4.4BSD-Lite1. > NetBSD changed many of these longs to ints or int32_t's for ABI > compatibility and/or because 64 bit longs are just too wide, and > FreeBSD eventually picked up these changes (mostly via 4.4BSD-Lite2 > for general typedefs and directly from NetBSD for 64-bit arches). > So pid_t is now int32_t and clock_t is mostly broken. clock_t > really needs all 64 bits if they are readily available, but has > been reduced to 31, especially when 64 are readily available. > OTOH, if you just want ABI and API compatibility for clock_t, > then it should have been changed to uint32_t for all arches and > not defined in any MD types file. There is now a minor API > compatibility for printing clock_t's -- %lu format must be used > on i386, %u on others, and %d on most. Except for the gratuitous > loss of unsignedness, this is just a special case of printing > a typedefed types. clock_t may also be a floating point type, > so the only good way to print it is to convert it to [long] double > and then worry about the correct floating point format (how much > precision should it have?...). The __clock_t case is a perfect example of how duplication leads to differentiation and differentiation to portability issues. Currently clock(3) only starts to return negative values after about six months of cpu time, so I think it's relative safe to change the type to uint32_t. I haven't checked the other cases where this type is used though. >> Copied and modified: head/sys/x86/include/_types.h (from r232259, head/s= ys/amd64/include/_types.h) >> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D >> --- head/sys/amd64/include/_types.h Tue Feb 28 15:52:01 2012 (r232259, c= opy source) >> +++ head/sys/x86/include/_types.h Tue Feb 28 18:15:28 2012 (r232261) >> @@ -54,19 +54,41 @@ typedef short __int16_t; >> typedef unsigned short __uint16_t; >> typedef int __int32_t; >> typedef unsigned int __uint32_t; >> +#ifdef _LP64 >> typedef long __int64_t; >> typedef unsigned long __uint64_t; >=20 > This is about the only ifdef that is really needed. >=20 >> +#else >> +#ifndef lint >> +__extension__ >=20 > An old bug -- work around broken lints. Although messy, this is not > messy enough to be correct -- __extension__ is a hard-coded gccism. > Elsewhere, in much less important code than this, there are messy > ifdefs to avoid hard-coded gccisms. Maybe define __extension for lint and various compilers in cdefs.h? >> +#endif >> +/* LONGLONG */ >=20 > long long has only been standard for 13 years now, so broken lints > still need this messy markup. Personally, I would just remove lint. Modern compilers produce many of the same warnings if not more in case of clang. It has been marked obsolete in SUSv2 (1997) and removed in SUSv3 (2001). And it only supports C90 so with C99 and now C11 it's becoming more and more difficult/messy to hide new language features from it. >> +typedef long long __int64_t; >> +#ifndef lint >> +__extension__ >> +#endif >> +/* LONGLONG */ >> +typedef unsigned long long __uint64_t; >> +#endif >=20 > I ifdefed all this correctly 15+ years ago so that it compiled (but > didn't run if *int64_t was used) for a non-gcc K&R compiler. The > long long abomination was not used, and __attribute__(()) was used > to declare *int64_t, but only under a gcc ifdef. This wasn't broken > until 8 Jan 2011 by, erm, us. We also added the __extensions__. > The justification was that long long is now standard. But there > are still the old messes for lint, and new breakage for non-gcc to > support C90. I don't remember the exact details but I think the non-gcc case already used long long and we made the gcc case use long long as well because LL and ULL suffixes were used in limits and INT64_C macros anyway. >> /* >> * Standard type definitions. >> */ >> +#ifdef _LP64 >> typedef __int32_t __clock_t; /* clock()... */ >> typedef __int64_t __critical_t; >> typedef double __double_t; >> typedef float __float_t; >> typedef __int64_t __intfptr_t; >> -typedef __int64_t __intmax_t; >> typedef __int64_t __intptr_t; >> +#else >> +typedef unsigned long __clock_t; >> +typedef __int32_t __critical_t; >> +typedef long double __double_t; >> +typedef long double __float_t; >> +typedef __int32_t __intfptr_t; >> +typedef __int32_t __intptr_t; >> +#endif >=20 > [unsigned] long would work without ifdefs for everything except to > preserve the broken __clock_t, and the FP types. Except for i386's > with correctly-sized longs (64 bits). We may have discussed these > too. >=20 >> @@ -75,6 +97,7 @@ typedef __int8_t __int_least8_t; >> typedef __int16_t __int_least16_t; >> typedef __int32_t __int_least32_t; >> typedef __int64_t __int_least64_t; >> +#ifdef _LP64 >> typedef __int64_t __ptrdiff_t; /* ptr1 - ptr2 */ >> typedef __int64_t __register_t; >> typedef __int64_t __segsz_t; /* segment size (in pages) */ >> @@ -82,8 +105,18 @@ typedef __uint64_t __size_t; /* sizeof( >> typedef __int64_t __ssize_t; /* byte count or error */ >> typedef __int64_t __time_t; /* time()... */ >> typedef __uint64_t __uintfptr_t; >> -typedef __uint64_t __uintmax_t; >> typedef __uint64_t __uintptr_t; >> +#else >> +typedef __int32_t __ptrdiff_t; >> +typedef __int32_t __register_t; >> +typedef __int32_t __segsz_t; >> +typedef __uint32_t __size_t; >> +typedef __int32_t __ssize_t; >> +typedef __int32_t __time_t; >> +typedef __uint32_t __uintfptr_t; >> +typedef __uint32_t __uintptr_t; >> +#endif >=20 > [unsigned] long would work without ifdefs for all of these, since all > these expanded naturally to the register width. Perhaps a better way, > which also works for i386's with correctly-sized longs, is to define > almost everything in terms of registers -- as __[u]register_t. register_t is a machine dependent type and the others are LP64/ILP32 dependent, so they're not strictly related. MIPS N32 is an example of that. As for using long, I'm not sure. It has the same size as int, but they aren't the same in format strings. >> +typedef __uint64_t __uintmax_t; >> typedef __uint32_t __uint_fast8_t; >> typedef __uint32_t __uint_fast16_t; >> typedef __uint32_t __uint_fast32_t; >> @@ -92,12 +125,23 @@ typedef __uint8_t __uint_least8_t; >> typedef __uint16_t __uint_least16_t; >> typedef __uint32_t __uint_least32_t; >> typedef __uint64_t __uint_least64_t; >> +#ifdef _LP64 >> typedef __uint64_t __u_register_t; >> typedef __uint64_t __vm_offset_t; >> -typedef __int64_t __vm_ooffset_t; >> typedef __uint64_t __vm_paddr_t; >> -typedef __uint64_t __vm_pindex_t; >> typedef __uint64_t __vm_size_t; >> +#else >> +typedef __uint32_t __u_register_t; >> +typedef __uint32_t __vm_offset_t; >> +#ifdef PAE >> +typedef __uint64_t __vm_paddr_t; >> +#else >> +typedef __uint32_t __vm_paddr_t; >> +#endif >> +typedef __uint32_t __vm_size_t; >> +#endif >> +typedef __int64_t __vm_ooffset_t; >> +typedef __uint64_t __vm_pindex_t; >=20 > Similarly. The patch, and possibly the ifdefs, are hard to read here. > There's a nested ifdef for PAE. PAE doesn't apply for amd64. The > above assumes that the cases where it doesn't apply are classified > by !_LP64. I'm not sure yet about what should happen with these vm types. I'm not entirely convinced yet that all these "invisible" types are really necessary at all. > x86/include didn't have many files in it before this and similar > commits in the same batch, and the first file that I looked at in > it has various new and old convolutions and bugs: >=20 > x86/include/_align.h: > % /* > % * Round p (pointer or byte index) up to a correctly-aligned value > % * for all data types (int, long, ...). The result is unsigned int > % * and must be cast to any desired pointer type. > % */ >=20 > This comment was blindly copied from i386. It doesn't match the > code below. >=20 > % #define _ALIGNBYTES (sizeof(register_t) - 1) > % #define _ALIGN(p) (((uintptr_t)(p) + _ALIGNBYTES) & ~_ALIGNBYTES) >=20 > This code is broken, since it uses register_t and uintptr_t which are not > necessarily defined here. Old code was careful to use only basic types, > so that no undocumented prerequisites are required and so that this not > broken when the undocumented prerequisites are not accidentally supplied. >=20 > The type of the result is actually uintptr_t. On i386, uintptr_t is > just a different spelling of unsigned int. On amd64, it is different. >=20 > This file shouldn't exist. >=20 > {amd64,i386,pc98}/include/_align.h just include x86/include/_align.h. > They shouldn't exist either. I agree, but I want to finish mapping out the various POSIX standards first before looking into where the FreeBSD specific headers fit in. > i386/include/param.h: > % #include <machine/_align.h> >=20 > This include is misplaced (outside of the idempotency ifdef for this > file). The definitions used to be here for technical reasons in > their correct implementation. There used to be an ifdef here so that > this file could be included to define only the alignment macros so > as to not get namespace pollution in unusual cases. This was > "cleaned up" for the unusual cases to pessimize the usual cases. > The cleanups have rotted, so they now have not just 1, but 2 layers > of nested includes of _align.h to untangle to see what this file is > doing. 2 layers give about the same level of obfuscation as the > correct implementation, plus more inefficiencies than only 1 layer. >=20 > %=20 > % #ifndef _I386_INCLUDE_PARAM_H_ > % #define _I386_INCLUDE_PARAM_H_ > %=20 > % /* > % * Machine dependent constants for Intel 386. > % */ > %=20 > % /* > % * Round p (pointer or byte index) up to a correctly-aligned value > % * for all data types (int, long, ...). The result is unsigned int > % * and must be cast to any desired pointer type. > % */ >=20 > The comment is still correct for the definitions here. >=20 > % #ifndef _ALIGNBYTES > % #define _ALIGNBYTES (sizeof(int) - 1) > % #endif > % #ifndef _ALIGN > % #define _ALIGN(p) (((unsigned)(p) + _ALIGNBYTES) & ~_ALIGNBYTES) > % #endif >=20 > But these definitions are unreachable, since <machine/_align.h> is > included unconditionally, and it defines the alignment macros > unconditionally. >=20 > %=20 > % >=20 > Mistakes near here also added this style bug (extra blank line). >=20 > % #define __HAVE_ACPI >=20 > amd64/include/param.h: > % * $FreeBSD: src/sys/amd64/include/param.h,v 1.37 2011/07/19 13:00:30 a= ttilio Exp $ > % */ > %=20 > % >=20 > Extra blank lines are scattered randomly and happen to be in different > places. >=20 > % #ifndef _AMD64_INCLUDE_PARAM_H_ > % #define _AMD64_INCLUDE_PARAM_H_ > %=20 > % #include <machine/_align.h> >=20 > Unlike for i386, this is placed almost correctly. It is inside the > idempotency ifdef... >=20 > %=20 > % /* > % * Machine dependent constants for AMD64. > % */ >=20 > ... but not inside the comment that should describe everything in this > file. >=20 > %=20 > % >=20 > Another random extra blank line. Or not so random. >=20 > Unlike for i386, the old definitions are not kept here. They used to > be placed up where the include is now on i386 (outside of the idempotency > ifdef). They used to use u_long to avoid prerequisites and have a > correct comment for them. For i386 there are now 2 correct comments > about them (but with confusing spelling in one), while for amd64 there > is only 1 incorrect comment. >=20 > % ... > % #define ALIGNBYTES _ALIGNBYTES > % #define ALIGN(p) _ALIGN(p) >=20 > These (and ALIGNED_POINTER()) are the primary APIs for these macros > (the APIs with underscores are just to keep them out of the namespace > in POSIX headers). The above definitions of the primary APIs are > completely MI once the underscored versions are defined, so they > shouldn't be defined here or in any other MD header. >=20 > Just about all of the amd64 and i386 param.h are the same, although > not as MI as ALIGNBYTES etc. I don't really want the definitions > moved to x86 though. They are bad enough where they are. OK. I don't think this header is important to user code. > Other bugs in them include: > - amd64_btop() and amd64_ptob() are named gratuitously differently > than i386_btop() and i386_ptob(). Names like md_btop() and > md_btop() or just btop() and btop() would be better. Not having > these APIs might be better still. There is considerable confusion > between these APIs and others that give the same results, and since > the results are the same and there is no type checking, it is > unlikely that the logically correct API is always used: > - the corresponding "MI" APIs are ctob() and btoc(). These are > ancient. 'c' in them means 'clicks' (groups of pages). Groups > of more than one page have never been used in FreeBSD. The > implementation of these macros is sort of backwards, with the > assumption that the group size is always 1 page hard-coded in > their definitions via PAGE_MASK and PAGE_SHIFT. > - atop() and ptoa() may also be "MI", but have MD implementations. > They are confusingly similar to ctob() and btoc(). 'p' (page) > in them always means the same as 'c' (clicks) in practice. 'a' > (address) in them always means the same as 'b' (address in bytes, > or size in bytes) in practice. The logical differences are > subtle. There isn't even a MI API like atop() for for sizes > instead of addresses. > - {amd64,i386}_btop() and {amd64,i386}_ptob() logically handle either > sizes or addresses, and convert to and from pages. They are the > easiest to use provided you assume that the address space is flat > and that the pages aren't grouped into clicks, but they are MD > and have the worse spelling. This is sort of backwards again. It > is MD layers that should use shorter spelling of their variables > and APIs, and hard-code assumptions. i386 mostly uses atop(), and > most of these uses are doubly logically wrong, since they are > mostly for sizes and not for addresses, amd are very MD: > - ctob: 13 instances > - btoc: 0 > - atop: 34 instances (counting its definition). Most are for segment > limits, this are for sizes, thus are abuses. > - ptoa: 13 ... mostly for sizes. Confusion between this and ctob is > apparently perfectly divided. > - i386_ptob: 3 instances. Just 1 use in pmap.c duplicated for xen. > - i386_btop: 9 instances. Just 4+2 uses in pmap.c's, 2 in pmap.h > (in a macros and an inline that expand to many more uses) >=20 > One of the reasons for putting all types declarations in the same file > although this gives inefficiencies by requiring the compiler to read > and parse very large files to get the few definitions that are actually, > is to avoid the convolutions and ifdefs for minimising the declarations. > Convolutions and ifdefs for other purposes defeat this to some extent. > Although I was responsible for some of the tiny _foo.h files like > <sys/_mutex.h> which are used to minimise namespace problems, I don't > like the profileration of such files to handle even tinier problems. > The worst that I have noticed are _null.h (this should be handled in > machine/_types.h, where it used to be possible to handle it without > ifdefs), _align.h, and *stdint.h (there are now 4 layers of convolutions > with internal branches for <stdint.h>: > - /usr/include/stdint.h -> sys/stdint.h (only a symlink) > - sys/stdint.h includes sys/_stdint.h and machine/_stdint.h > - sys/_stdint.h is a mistake to allow sys/types.h to include it > instead of declaring historical pollution for itself, but only > for some pollution that is now standard in <stdint.h> -- types.h > still declares things like u_int8_t unconditionally for itself; > the handling of these is a bit simpler because they don't need > ifdefs to prevent re-declaration in <stdint.h>. Now it is harder > to see what types.h declares. > - machine/_stdint.h was the correct implementation. Now it includes > x86/_stdint.h on amd64 and i386. > - x86/_stdint.h. Most of the details are now here, 4 layers deep, > with ifdefs. >=20 > Ideally, everything would be in <stdint.h> directly. I don't know how > to do it in a layer, but is it too much to ask for only 2 layers? > Hmm, I do know how to do it in 1 layer -- flatten it at install time. > Anyone who cared about efficiency and readability would do this :-). > But I usually read the uninstalled sources. If you allow ifdef _LP64 in sys/stdint.h everything in machine/_stdint.h could be moved there, except the sig_atomic_t limits which seems to be another __clock_t case. --nextPart2527463.E7el3J74Ju Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (FreeBSD) iF4EABEIAAYFAk9P/CcACgkQfoCS2CCgtiuugQD/ZkZVTSuRdfJER363OpF4DoN1 PVR3SpuWq4oRHb+o6v4A/3ouyuJYHkUtcgAfjWSBoN6bfQRqiSHtfaK/sbcNU7lV =mcAP -----END PGP SIGNATURE----- --nextPart2527463.E7el3J74Ju--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201203012346.00228.tijl>