From: "Andreas Färber" <afaerber@suse.de>
To: Jay Foad <jay.foad@gmail.com>
Cc: avi@redhat.com, qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] [PATCH 1/3] Add support for 128-bit arithmeticRe: [PATCH 1/3] Add support for 128-bit arithmetic
Date: Sat, 11 Feb 2012 01:53:12 +0100 [thread overview]
Message-ID: <4F35BBF8.4080400@suse.de> (raw)
In-Reply-To: <CANd1uZmBYbJux-9Ro9xAvGemrzvAVRb3EWndiyQYgjo3CfoaGw@mail.gmail.com>
Am 10.02.2012 10:51, schrieb Jay Foad:
> On 30 Oct 2011, Avi Kivity wrote:
>> The memory API supports 64-bit buses (e.g. PCI). A size on such a bus cannot
>> be represented with a 64-bit data type, if both 0 and the entire address
>> space size are to be represented. Futhermore, any address arithemetic may
>> overflow and return unexpected results.
>>
>> Introduce a 128-bit signed integer type for use in such cases. Addition,
>> subtraction, and comparison are the only operations supported.
>>
>> Signed-off-by: Avi Kivity <avi@redhat.com>
>> ---
>> int128.h | 116 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
>> 1 files changed, 116 insertions(+), 0 deletions(-)
>> create mode 100644 int128.h
>>
>> diff --git a/int128.h b/int128.h
>> new file mode 100644
>> index 0000000..b3864b6
>> --- /dev/null
>> +++ b/int128.h
>> @@ -0,0 +1,116 @@
>> +#ifndef INT128_H
>> +#define INT128_H
>> +
>> +typedef struct Int128 Int128;
>> +
>> +struct Int128 {
>> + uint64_t lo;
>> + int64_t hi;
>> +};
>
>> +static inline Int128 int128_add(Int128 a, Int128 b)
>> +{
>> + Int128 r = { a.lo + b.lo, a.hi + b.hi };
>> + r.hi += (r.lo < a.lo) || (r.lo < b.lo);
>> + return r;
>> +}
>
> This is a bit redundant. You only need either:
>
> r.hi += r.lo < a.lo;
>
> or:
>
> r.hi += r.lo < b.lo;
>
> because the way that two's complement addition works means that r.lo
> will always be less than both a.lo and b.lo, or
> greater-than-or-equal-to both of them.
>
>> +static inline bool int128_ge(Int128 a, Int128 b)
>> +{
>> + return int128_nonneg(int128_sub(a, b));
>> +}
>
> This is wrong if you get signed overflow in int128_sub(a, b).
>
>> Regardless, the need for careful coding means subtle bugs,
>
> Indeed :-)
Are these just theoretical issues or does anything in particular break
for you? These functions were introduced to tackle int64_t overflow
issues in the Memory API, not as an arbitrary API AFAIU.
If nothing's broken in practice it would be best if you could just send
a patch with your proposed fix rather than describing it in words. :)
Andreas
--
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg
prev parent reply other threads:[~2012-02-11 0:53 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-02-10 9:51 [Qemu-devel] [PATCH 1/3] Add support for 128-bit arithmeticRe: [PATCH 1/3] Add support for 128-bit arithmetic Jay Foad
2012-02-11 0:53 ` Andreas Färber [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4F35BBF8.4080400@suse.de \
--to=afaerber@suse.de \
--cc=avi@redhat.com \
--cc=jay.foad@gmail.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.