From owner-freebsd-arch@FreeBSD.ORG  Tue Jun 17 17:22:44 2003
Return-Path: <owner-freebsd-arch@FreeBSD.ORG>
Delivered-To: freebsd-arch@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id D304437B404; Tue, 17 Jun 2003 17:22:44 -0700 (PDT)
Received: from c104-254.bas1.prp.dublin.eircom.net
	(c104-254.bas1.prp.dublin.eircom.net [159.134.104.254])
	by mx1.FreeBSD.org (Postfix) with SMTP
	id 4EB6343F3F; Tue, 17 Jun 2003 17:22:43 -0700 (PDT)
	(envelope-from iedowse@maths.tcd.ie)
To: Don Lewis <truckman@FreeBSD.org>
In-Reply-To: Your message of "Mon, 16 Jun 2003 21:10:33 PDT."
             <200306170410.h5H4AXM7050537@gw.catspoiler.org> 
Date: Wed, 18 Jun 2003 01:18:59 +0100
From: Ian Dowse <iedowse@maths.tcd.ie>
Message-ID: <200306180119.aa03806@salmon.maths.tcd.ie>
cc: iedowse@maths.tcd.ie
cc: freebsd-arch@FreeBSD.org
Subject: Re: Message buffer and printf reentrancy patch 
X-BeenThere: freebsd-arch@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussion related to FreeBSD architecture
	<freebsd-arch.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-arch>,
	<mailto:freebsd-arch-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-arch>
List-Post: <mailto:freebsd-arch@freebsd.org>
List-Help: <mailto:freebsd-arch-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-arch>,
	<mailto:freebsd-arch-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Jun 2003 00:22:45 -0000

In message <200306170410.h5H4AXM7050537@gw.catspoiler.org>, Don Lewis writes:
>Since MSGBUF_SEQSUB() calls MSGBUF_SEQNORM() on the difference between
>the sequence numbers, a negative value will never be returned.  If you
>want a signed result, you'll probably want to do something more like:
>	tmp = MSGBUF_SEQNORM(mbp, (seq1) - (seq2) + (mbp)->seqmod);
>	return (tmp < ((mbp)->seqmod / 2)) ? tmp : (tmp - (mbp)->seqmod));
>
>and you'll have to use a slightly different function if you are
>comparing indexes.

Oops, you're quite right - MSGBUF_SEQSUB was intended to return
negative values, but got broken somewhere along the way. This appears
not to affect the code that uses it, so I guess that means that the
sequence numbers might as well be unsigned after all.

>> The only minor problem I see with the above is that it is fragile
>> with respect to arbitrary input sequence numbers, in that it could
>> return a negative value. However, the property of guaranteeing to
>> return a normalised sequence number can be achieved by forcing an
>> unsigned division like in MSGBUF_SEQ_TO_POS, i.e.:
>
>Wouldn't it be better to have assertions to detect obviously bogus
>sequence numbers rather than using them to generate a valid pointer to a
>random location in the message buffer?

It would if the assertion didn't trigger a panic that gets written
to the message buffer via the same macros :-)

Ian