| From: | Noah Misch <noah(at)leadboat(dot)com> |
|---|---|
| To: | Andres Freund <andres(at)2ndquadrant(dot)com> |
| Cc: | Robert Haas <robertmhaas(at)gmail(dot)com>, David Rowley <dgrowleyml(at)gmail(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | signed vs. unsigned in TYPEALIGN (was Re: space reserved for WAL record does not match what was written: panic on windows) |
| Date: | 2013-10-17 22:04:34 |
| Message-ID: | 20131017220434.GA352489@tornado.leadboat.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers pgsql-www |
On Thu, Oct 17, 2013 at 08:27:01PM +0200, Andres Freund wrote:
> On 2013-10-17 12:33:45 -0400, Noah Misch wrote:
> > > 1. Is there any guarantee that sizeof(intptr_t) >= sizeof(size_t)?
> > > (Note that Size is just a typedef for size_t, in c.h)
> >
> > C99 doesn't require it, but I have never heard of a platform where it is
> > false. sizeof(intptr_t) > sizeof(size_t) systems have existed.
>
> Either way, both have to be at least 4byte on 32bit platforms and 8byte
> on 64bit ones. So I as well think we're good.
C99 does not have concepts like "32bit platform" and "64bit platform", so it
cannot make such a constraint. Nonetheless, I agree we're good with respect
to implementations actually worth anticipating.
> > > 2. If intptr_t is a signed type, as it appears to be, and size_t is an
> > > unsigned type, as I believe it to be, then is it safe to use the
> > > macros written for the signed type with a value of the unsigned type?
> > > Off-hand I can't see a problem there, but I'm not certain I'm not
> > > missing something.
> >
> > Yes; we do that all the time, e.g. the MAXALIGN call in AllocSetAlloc().
> > Looping back to my question above, I think it doesn't matter (on a two's
> > complement system) whether the macro uses a signed type or an unsigned type.
> > It changes the type of the result; that's all. Nonetheless, we should be
> > consistent about signedness between the regular and 64-bit macro variants.
>
> I am not all that comfortable on relying on 2s complement here. Maybe we
> want to compile without -fwrapv one day which would make signed overflow
> undefined again. I don't think there are too many situations where the
> compiler would have the required knowledge to optimize stuff away,
> but...
Here is my position statement on that issue:
http://www.postgresql.org/message-id/20130220025819.GB6791@tornado.leadboat.com
> So I vote for only using unsigned arithmetic. I don't see anything
> preventing that?
TYPEALIGN has used signed math since the dawn of history, and TYPEALIGN64
departed from that precedent without comment. That led me to think of the
situation as prompting a fix for the oversight in TYPEALIGN64:
--- a/src/include/c.h
+++ b/src/include/c.h
@@ -560,3 +560,3 @@ typedef NameData *Name;
#define TYPEALIGN64(ALIGNVAL,LEN) \
- (((uint64) (LEN) + ((ALIGNVAL) - 1)) & ~((uint64) ((ALIGNVAL) - 1)))
+ (((int64) (LEN) + ((ALIGNVAL) - 1)) & ~((int64) ((ALIGNVAL) - 1)))
Having said that, changing the ancient macros to use uintptr_t does have the
advantage you mention, and I'm failing to think of a disadvantage.
--
Noah Misch
EnterpriseDB http://www.enterprisedb.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andres Freund | 2013-10-17 22:10:17 | Re: signed vs. unsigned in TYPEALIGN (was Re: space reserved for WAL record does not match what was written: panic on windows) |
| Previous Message | Peter Eisentraut | 2013-10-17 21:41:03 | Re: removing old ports and architectures |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andres Freund | 2013-10-17 22:10:17 | Re: signed vs. unsigned in TYPEALIGN (was Re: space reserved for WAL record does not match what was written: panic on windows) |
| Previous Message | Andres Freund | 2013-10-17 18:27:01 | Re: space reserved for WAL record does not match what was written: panic on windows |