Date: Mon, 16 Jun 2003 03:48:22 -0700 (PDT) From: Don Lewis <truckman@FreeBSD.org> To: bde@zeta.org.au Cc: freebsd-arch@FreeBSD.org Subject: Re: Message buffer and printf reentrancy patch Message-ID: <200306161048.h5GAmMM7048782@gw.catspoiler.org> In-Reply-To: <20030616125941.G26874@gamplex.bde.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 16 Jun, Bruce Evans wrote: > On Sun, 15 Jun 2003, Ian Dowse wrote: > >> In message <200306151826.h5FIPvM7046944@gw.catspoiler.org>, Don Lewis writes: >> > >> >> +#define MSGBUF_SEQNORM(mbp, seq) ((seq) % (mbp)->msg_seqmod + ((seq) < 0 ? >> >\ >> >> + (mbp)->msg_seqmod : 0)) >> >> +#define MSGBUF_SEQ_TO_POS(mbp, seq) ((int)((u_int)(seq) % \ >> >> + (u_int)(mbp)->msg_size)) >> >> +#define MSGBUF_SEQSUB(mbp, seq1, seq2) (MSGBUF_SEQNORM(mbp, (seq1) - (seq2) >> >)) >> >> + > > Sorry I didn't reply to Ian's provate mail about all this last month. I'll > try to get back to it. > >> >According to my copy of K&R, there is no guarantee that ((negative_int % >> >postive_int) <= 0) on all platforms, though this is generally true. > > C99 guarantees this perfect brokenness of the % operator. Division should > give remainders that have the same sign as the divisor, which corresponds > to rounding towards minus infinity for positive divisors, but is now > specified to be bug for bug compatible with most hardware and most C > implementations (round towards zero). > > MSGBUF_SEQ_TO_POS() does extra work to get nonnegative remainders. > > This problem and many casts could be avoided by using unsigned types > for most of the msgbuf fields. I forget the details of why we changed > them back to signed. The log message for msgbuf.h 1.19 says that this > is because we perform signed arithmetic on them. The details for this, > can probably be handled by the macros now. Using unsigned types was the first thing that I thought of. I was wondering if the reason that this wasn't done was some sort of portability problem with the atomic operations. It looks like MSGBUF_SEQNORM() could avoid the conditional code and any questions about signed remainders if it was defined like this: #define MSGBUF_SEQNORM(mbp, seq) (((seq) + (mbp)->msg_seqmod) % \ (mbp)->msg_seqmod) as long as msg_seqmod < INT_MAX/2. MSGBUF_SEQNORM() could be simplified further if msg_seqmod was added by the caller (such as MSGBUF_SEQSUB()) if the argument could be negative.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200306161048.h5GAmMM7048782>