From owner-cvs-src@FreeBSD.ORG Sat Sep 22 11:21:02 2007 Return-Path: Delivered-To: cvs-src@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 44E1316A417; Sat, 22 Sep 2007 11:21:02 +0000 (UTC) (envelope-from brde@optusnet.com.au) Received: from mail16.syd.optusnet.com.au (mail16.syd.optusnet.com.au [211.29.132.197]) by mx1.freebsd.org (Postfix) with ESMTP id CD41113C44B; Sat, 22 Sep 2007 11:21:01 +0000 (UTC) (envelope-from brde@optusnet.com.au) Received: from besplex.bde.org (c220-239-235-248.carlnfd3.nsw.optusnet.com.au [220.239.235.248]) by mail16.syd.optusnet.com.au (8.13.1/8.13.1) with ESMTP id l8MBKm7G003244 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sat, 22 Sep 2007 21:20:51 +1000 Date: Sat, 22 Sep 2007 21:20:48 +1000 (EST) From: Bruce Evans X-X-Sender: bde@besplex.bde.org To: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= In-Reply-To: <86r6krqbrd.fsf@ds4.des.no> Message-ID: <20070922202914.B90809@besplex.bde.org> References: <200709220230.l8M2UiRK020609@repoman.freebsd.org> <86r6krqbrd.fsf@ds4.des.no> MIME-Version: 1.0 Content-Type: MULTIPART/MIXED; BOUNDARY="0-1574293470-1190460048=:90809" Cc: cvs-src@FreeBSD.org, src-committers@FreeBSD.org, cvs-all@FreeBSD.org, Sean Farley Subject: Re: cvs commit: src/lib/libc/stdlib getenv.c X-BeenThere: cvs-src@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: CVS commit messages for the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 22 Sep 2007 11:21:02 -0000 This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. --0-1574293470-1190460048=:90809 Content-Type: TEXT/PLAIN; charset=X-UNKNOWN; format=flowed Content-Transfer-Encoding: QUOTED-PRINTABLE On Sat, 22 Sep 2007, [utf-8] Dag-Erling Sm=C3=B8rgrav wrote: > Sean Farley writes: >> Log: >> The precision for a string argument in a call to warnx() needs to be c= ast >> to an int to remove the warning from using a size_t variable on 64-bit >> platforms. > > s/to remove the warning/to actually work/ Please be precise :-). s/to remove the warning ... on 64-bit platforms/to avoid undefined behaviou= r on platforms where size_t is not u_int, and to avoid having to make a delicate analysis to show that the behaviour is defined and correct on all other platforms/. Delicate analysis: - size_t is always an unsigned type, but the required type is int, so size_t is never compatible with the required type. - on platforms where size_t is smaller than int, the arg type is nevertheless compatible with int, since warnx() is variadic and the arg is one of the variadic args; the default promotions thus apply and the arg is passed as an int whether or not you cast it explicitly to int (but casting it to a type larger than int would break it). FreeBSD doesn't support any platforms in this class. - on platforms where size_t is u_int, the arg is passed as a u_int. The analysis for this case is too delicate to give in full here. Partial analysis: - the size_t variable must have a small value that is representable as an int (else casting it to int would be a bug and/or printing a line of that length would be a style bug). - the behaviour seems to have been undefined in C90, since va_arg() requires strict type compatibility in C90 and warnx() is implemented using va_arg(ap, int) which gave UB on u_int's. Similarly for function calls, except the wording is less clear/strict. - UB in C90 was a bug in C90. This is fixed in C99. Now both va_arg() and function call args are specifically required to work if one type is a signed integer type, the [promotion of the] other type is the corresponding unsigned integer type, and the value is representable in both types. Compatibility of the representation of integers and unsigned integers probably also requires this, but the specification of this in C90 is probably to fuzzy to override the parts that specify UB. Everyone just knows that this case has to work. Bruce --0-1574293470-1190460048=:90809--