Date: Mon, 14 Dec 1998 20:20:01 -0800 From: Mike Smith <mike@smith.net.au> To: Eivind Eklund <eivind@yes.no> Cc: Mike Smith <mike@smith.net.au>, cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG Subject: Re: cvs commit: src/sys/i386/isa labpc.c Message-ID: <199812150420.UAA02573@dingo.cdrom.com> In-Reply-To: Your message of "Tue, 15 Dec 1998 04:51:11 %2B0100." <19981215045111.B46780@follo.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> On Mon, Dec 14, 1998 at 05:19:28PM -0800, Mike Smith wrote:
> > > eivind 1998/12/13 15:25:29 PST
> > >
> > > Modified files:
> > > sys/i386/isa labpc.c
> > > Log:
> > > Fix typo - sizeof(struct crtl *) -> sizeof(struct ctrl *).
> > >
> > > XXX This still assume that bzero() over a field create null-pointers,
> > > which seems a chancy proposition at best.
> >
> > This is assumed by many portions of the kernel; you're welcome to point
> > out a system where we're likely to run and on which this isn't a valid
> > assumption.
>
> We could e.g. want to run on segmented setup with NULL-pointers not
> equal to bitwise zero.
Examples?
> However, if we are to assume that NULL pointers are all-bits-zero -
> where would we document this? Is there _any_ available document
> saying which assumptions we make WRT portability? If there isn't and
> nobody step forward to make one, I'm going to keep using ANSI C as my
> goal, and consider it a Bad Thing whenever something break it.
ANSI C is too restrictive.
> > You might also want to consider it in the context of my last comment
> > about structure field initialisers...
>
> Oh, the ones our compiler have to support because they're used all of
> 10 or so places in the kernel?
They're used to avoid the assumption that bzero gives zero values (and
to avoid the overhead of calling it when you just want to set some of
the structure).
> (I've run verifiers that _screams_
> when these are used and gone through all their output over the last
> week - we don't have that many parts where structure field
> initializers or union initializers are used, though the abuse in
> sys/dev/ppbus/ and sys/i386/i386/userconfig.c does pull up the
> instance-count pretty heftily.)
Sounds like you need better verifiers, or at least ones with extendable
syntaxes.
Short of implementing a generalised constructor/destructor mechanism
for structures, either bzero or field initialisers are kinda
unavoidable.
We don't have to be too fancy when it comes to the constructor either;
just having a convention of:
struct foo {
int a;
void *b;
};
#define STRUCT_FOO_INIT {0, NULL}
might be adequate; I think that
struct foo z = STRUCT_FOO_INIT;
wouldn't hurt much more than the explicit initialisation (which always
sucks because the declaration and initialisation are separated).
Of course now you're going to tell me that your checkers don't like
implicit structure copies...
--
\\ Sometimes you're ahead, \\ Mike Smith
\\ sometimes you're behind. \\ mike@smith.net.au
\\ The race is long, and in the \\ msmith@freebsd.org
\\ end it's only with yourself. \\ msmith@cdrom.com
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199812150420.UAA02573>