Date: Mon, 1 Jun 2015 10:59:13 +0300 From: Slawa Olhovchenkov <slw@zxy.spb.ru> To: Bruce Evans <brde@optusnet.com.au> Cc: Baptiste Daroussin <bapt@freebsd.org>, svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org Subject: Re: svn commit: r283842 - head/usr.sbin/pw Message-ID: <20150601075913.GA58397@zxy.spb.ru> In-Reply-To: <20150601143951.J863@besplex.bde.org> References: <201505312207.t4VM73Vh015383@svn.freebsd.org> <20150601143951.J863@besplex.bde.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jun 01, 2015 at 03:36:58PM +1000, Bruce Evans wrote: > On Sun, 31 May 2015, Baptiste Daroussin wrote: > > > Log: > > Remove useless cast in printf and printf-like functions: > > use %u for uid_t and gid_t > > The cast was not useless. It was to avoid the assumption that the default > promotion of uid_t and gid_t is anything in particular. Now it is assumed > that the default promotion is unsigned (int works too, but this is subtler). > > uids and gids are only guaranteed to have non-negative values. In > POSIX before about 2001, uid_t and gid_t can be any type that can > represent all the values taken on, so can be floating point. Floating > point was rarely used for POSIX types, and most programs make too many > assumptions about types, so POSIX now requires uid_t and gid_t to be > integer types. Then can still be signed integer types IIRC. Nornally > it is a bug to print signed integer types with unsigned integer formats, > but since uids and gids are guaranteed to be non-negative both formats > work. (pids require different handling since they are overloaded to > hold process group ids as negative values, so pid_t is signed and %u > format is very broken for printing general pids.) > > The program assumed that uids and gids are not too large to be represented > by unsigned long. This was the only way to print them in C90 and before. > C99 broke this by breaking the promise that unsigned long is the largest > unsigned integer type. This broke all code that does careful casts to > unsigned long. However, unsigned long is usually large enough in practice. > Careful code now has to cast to uintmax_t, but that is usually excessive > (but doesn't actually work for __uint128_t). Even plain unsigned usually > works on vaxes. And I again remind about negative uids in some system parts https://lists.freebsd.org/pipermail/svn-src-all/2015-January/098144.html
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20150601075913.GA58397>