<html><head><meta http-equiv="Content-Type" content="text/html charset=windows-1252"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;">On May 28, 2014, at 10:27 PM, David Majnemer <<a href="mailto:david.majnemer@gmail.com">david.majnemer@gmail.com</a>> wrote:<br><div><br class="Apple-interchange-newline"><blockquote type="cite"><div dir="ltr">Updated to address review comments.</div></blockquote><div><br></div>LGTM - thanks!</div><div><br></div><div>— Marshall</div><div><br><blockquote type="cite"><div class="gmail_extra"><br><br><div class="gmail_quote">On Wed, May 28, 2014 at 7:23 AM, Marshall Clow <span dir="ltr"><<a href="mailto:mclow.lists@gmail.com" target="_blank">mclow.lists@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word"><div class=""><br><div><div>On May 27, 2014, at 11:44 AM, David Majnemer <<a href="mailto:david.majnemer@gmail.com" target="_blank">david.majnemer@gmail.com</a>> wrote:</div>
<blockquote type="cite"><div class="gmail_extra"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<div style="word-wrap:break-word">On Tue, May 27, 2014 at 7:45 AM, Marshall Clow <span dir="ltr"><<a href="mailto:mclow.lists@gmail.com" target="_blank">mclow.lists@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<div style="word-wrap:break-word"><div><br><div><div>On May 20, 2014, at 2:25 AM, David Majnemer <<a href="mailto:david.majnemer@gmail.com" target="_blank">david.majnemer@gmail.com</a>> wrote:</div><br><blockquote type="cite">
<div dir="ltr">Oops, sent out the wrong version of this patch. Attached is what I intended to send.</div><div class="gmail_extra"><br><br><div class="gmail_quote">On Tue, May 20, 2014 at 12:28 AM, David Majnemer <span dir="ltr"><<a href="mailto:david.majnemer@gmail.com" target="_blank">david.majnemer@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div dir="ltr">random_device::operator() as currently implemented does not correctly handle errors returned by read. This can result in it returning uninitialized data.<br>
<div><br></div><div>To fix this, wrap the call to read in a loop.</div></div></blockquote></div></div></blockquote><br></div></div><div>I like this; but can you think of any way to test it?</div><span><font color="#888888"></font></span></div>
</blockquote></div></blockquote></div></div></blockquote><blockquote type="cite"><br></blockquote><font color="#888888"></font><blockquote type="cite"><div dir="ltr">I've added a test for the EOF case.<div><br></div><div>
I have written a test for EINTR case but I did not included it because it's inherently not reliable. It checks the output of operator() to see if signals resulted in us getting a lot of zero return results.</div></div>
</blockquote><br></div></div><div>I get a couple of signedness warnings when building:</div><div><br></div><div><div>+ for FILE in '../src/*.cpp'</div><div>+ /Sources/LLVM/bin/bin/clang++ -c -g -Os -arch i386 -arch x86_64 -nostdinc++ -std=c++11 -fstrict-aliasing -Wall -Wextra -Wshadow -Wconversion -Wpadded -Wstrict-aliasing=2 -Wstrict-overflow=4 -I../include ../src/random.cpp</div>
<div>../src/random.cpp:78:14: warning: implicit conversion changes signedness: 'ssize_t' (aka 'long') to 'unsigned long' [-Wsign-conversion]</div><div> i += s;</div><div> ~~ ^</div>
<div>1 warning generated.</div><div>../src/random.cpp:78:14: warning: implicit conversion changes signedness: 'ssize_t' (aka 'long') to 'unsigned long' [-Wsign-conversion]</div><div> i += s;</div>
<div> ~~ ^</div><div>1 warning generated.</div></div><div><br></div><div>I get that read can only return -1, 0, and positive numbers, and you’re already checking for -1 and 0, so I think that you can safely cast s to a size_t before doing the addition.</div>
<div><br></div><div><br></div><div>Also, from a readability standpoint, wouldn’t a while loop be better than the for loop?</div><div>Something like this:</div><div><br></div><div><div> while (n > 0)</div><div> {</div>
<div> ssize_t s = read(__f_, p, n);</div><div> if (s == 0)</div><div> __throw_system_error(ENODATA, "random_device got EOF");</div><div> if (s == -1)</div><div> {</div><div>
if (errno != EINTR)</div><div> __throw_system_error(errno, "random_device got an unexpected error");</div><div> continue;</div><div> }</div><div> i -= (size_t) s;</div>
<div> p += (size_t) s;</div><div> }</div></div><div><br></div><div><br></div></div></blockquote></div><br></div>
<span><t.patch></span></blockquote></div><br></body></html>