Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 16 Jun 2003 03:48:22 -0700 (PDT)
From:      Don Lewis <truckman@FreeBSD.org>
To:        bde@zeta.org.au
Cc:        freebsd-arch@FreeBSD.org
Subject:   Re: Message buffer and printf reentrancy patch 
Message-ID:  <200306161048.h5GAmMM7048782@gw.catspoiler.org>
In-Reply-To: <20030616125941.G26874@gamplex.bde.org>

next in thread | previous in thread | raw e-mail | index | archive | help
On 16 Jun, Bruce Evans wrote:
> On Sun, 15 Jun 2003, Ian Dowse wrote:
> 
>> In message <200306151826.h5FIPvM7046944@gw.catspoiler.org>, Don Lewis writes:
>> >
>> >> +#define MSGBUF_SEQNORM(mbp, seq) ((seq) % (mbp)->msg_seqmod + ((seq) < 0 ?
>> >\
>> >> +    (mbp)->msg_seqmod : 0))
>> >> +#define MSGBUF_SEQ_TO_POS(mbp, seq) ((int)((u_int)(seq) % \
>> >> +    (u_int)(mbp)->msg_size))
>> >> +#define MSGBUF_SEQSUB(mbp, seq1, seq2) (MSGBUF_SEQNORM(mbp, (seq1) - (seq2)
>> >))
>> >> +
> 
> Sorry I didn't reply to Ian's provate mail about all this last month.  I'll
> try to get back to it.
> 
>> >According to my copy of K&R, there is no guarantee that ((negative_int %
>> >postive_int) <= 0) on all platforms, though this is generally true.
> 
> C99 guarantees this perfect brokenness of the % operator.  Division should
> give remainders that have the same sign as the divisor, which corresponds
> to rounding towards minus infinity for positive divisors, but is now
> specified to be bug for bug compatible with most hardware and most C
> implementations (round towards zero).
> 
> MSGBUF_SEQ_TO_POS() does extra work to get nonnegative remainders.
> 
> This problem and many casts could be avoided by using unsigned types
> for most of the msgbuf fields.  I forget the details of why we changed
> them back to signed.  The log message for msgbuf.h 1.19 says that this
> is because we perform signed arithmetic on them.  The details for this,
> can probably be handled by the macros now.

Using unsigned types was the first thing that I thought of.  I was
wondering if the reason that this wasn't done was some sort of
portability problem with the atomic operations.

It looks like MSGBUF_SEQNORM() could avoid the conditional code and any
questions about signed remainders if it was defined like this:

#define MSGBUF_SEQNORM(mbp, seq) (((seq) + (mbp)->msg_seqmod) % \
    (mbp)->msg_seqmod)

as long as msg_seqmod < INT_MAX/2.  MSGBUF_SEQNORM() could be simplified
further if msg_seqmod was added by the caller (such as MSGBUF_SEQSUB())
if the argument could be negative.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200306161048.h5GAmMM7048782>