From mboxrd@z Thu Jan  1 00:00:00 1970
Date: Tue, 16 Sep 1997 13:39:52 -0500
From: G. David Butler gdb@dbSystems.com
Subject: [9fans] Re: Bug in sysrendezvous?
Topicbox-Message-UUID: 6619ab72-eac8-11e9-9e20-41e7f4b1d025
Message-ID: <19970916183952.QCcp2mXHT6C0G0pzbUh25pEaWYIhWwreCXPADegJGSw@z>

From: Amos Shapir <amos@cs.huji.ac.il>
Date: 	Mon, 3 Jun 1996 09:59:36 -0400
>
>The "tag" operand of rendezvous is defined as ulong; but in the
>function sysrendezvous (in sysproc.c), it's copied into an int, which
>is used as an index in a table by the REND macro.  If I'm mistaken
>correctly, this means that if the tag is negative, the resulting
>pointer would point *outside* the table!
>
>I guess this bug was not discovered because the tag is usually an
>address in user space, but nothing in the manual suggests it has to be
>below 0x80000000 (or that it shouldn't be 0xdeadbeef...)
>
>Did anybody else had any trouble with this?

Did you?  I am now getting into the rendezvous stuff and looked back
and found your mail.  Did you do anything about this?  If so, what?

Perhaps just casting the value to a ulong before the hash calc will
work?  All that is really needed is the remainder. (positive of course.)

change

#define REND(p,s) ((p)->rendhash[(s)%RENDHASH])

to

#define REND(p,s) ((p)->rendhash[(ulong)(s)%RENDHASH])

David Butler
gdb@dbSystems.com