Subject: Re: CMSG_* problems
To: None <tech-userlevel@NetBSD.org, tech-kern@NetBSD.org>
From: der Mouse <mouse@Rodents.Montreal.QC.CA>
Date: 02/11/2007 23:23:45
>> [...] requiring that the msg_control buffer be suitably aligned for
>> a struct cmsghdr, which basically means that it must be malloc()ed,
> (Well, there's a lot in that "basically"; there are ways other than
> malloc to ensure alignment.)
Not many, unless you're willing to go machine-dependent or
compiler-dependent. Vide infra.
> Why is it not sufficient to say the API guarantees suitable
It can't. The buffer is provided by the client of the API; the API
does not have the opportunity to guarantee anything about it.
You could just say the API *requires* suitable alignment; that is
probably the easiest "fix", but it really doesn't fix anything - it
just documents it, leaving the application author holding the bag, same
as the current mess.
> Surely it's better to align the buffers when contructed in such a way
> that they are easily accessible than to burden the client with
> possible bus errors.
Except, that can't really be done. The buffer alignment is determined
by the code that sets up the struct msghdr (msg_control in particular)
before calling sendmsg/recvmsg, and is therefore beyond the control of
the code backing the API.
> As I read RFC 2292 (today, for the first time) istm that was the
> authors' intent. The suggested implementations use an
> "implementation defined" ALIGN() macro.
Indeed. But they all assume the buffer is *already* aligned, which is
my point - that ALIGN does nothing but maintain the existing alignment
(and not even that, if it starts out misaligned on an architecture that
errors on unaligned accesses). The 2292 interface completely ignores
the issue of buffer alignment, which is one of the reasons I think it
is broken - it's usable only on machines with no alignment constraints,
or with malloc()ed buffers, or with various ugly hacks to ensure
alignment. (The only way I can think of to ensure alignment suitable
for a struct cmsghdr, without machine- or compiler-dependent hackery,
is to allocate the buffer as an array of struct cmsghdr, and that still
doesn't ensure the buffer is suitably aligned for the data fields of
the control messages.)
/~\ The ASCII der Mouse
\ / Ribbon Campaign
X Against HTML email@example.com
/ \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B