From owner-dev-commits-src-main@freebsd.org  Thu Jul 29 04:01:07 2021
Return-Path: <owner-dev-commits-src-main@freebsd.org>
Delivered-To: dev-commits-src-main@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id DD1D966A4D5;
 Thu, 29 Jul 2021 04:01:07 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4GZxfC5Mn5z4rhx;
 Thu, 29 Jul 2021 04:01:07 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id A14572AB4;
 Thu, 29 Jul 2021 04:01:07 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 16T417Di099166;
 Thu, 29 Jul 2021 04:01:07 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 16T417WC099165;
 Thu, 29 Jul 2021 04:01:07 GMT (envelope-from git)
Date: Thu, 29 Jul 2021 04:01:07 GMT
Message-Id: <202107290401.16T417WC099165@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-main@FreeBSD.org
From: Conrad Meyer <cem@FreeBSD.org>
Subject: git: 7f8f79a5c444 - main - libc qsort(3): Eliminate ambiguous sign
 comparison
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: cem
X-Git-Repository: src
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: 7f8f79a5c444a565a32b0c6578b07f8d496f6c49
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-main@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commit messages for the main branch of the src repository
 <dev-commits-src-main.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-main>, 
 <mailto:dev-commits-src-main-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-main/>
List-Post: <mailto:dev-commits-src-main@freebsd.org>
List-Help: <mailto:dev-commits-src-main-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-main>, 
 <mailto:dev-commits-src-main-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Jul 2021 04:01:07 -0000

The branch main has been updated by cem:

URL: https://cgit.FreeBSD.org/src/commit/?id=7f8f79a5c444a565a32b0c6578b07f8d496f6c49

commit 7f8f79a5c444a565a32b0c6578b07f8d496f6c49
Author:     Conrad Meyer <cem@FreeBSD.org>
AuthorDate: 2021-07-23 18:04:21 +0000
Commit:     Conrad Meyer <cem@FreeBSD.org>
CommitDate: 2021-07-29 03:59:20 +0000

    libc qsort(3): Eliminate ambiguous sign comparison
    
    The left side of the MIN() expression is the (signed) result of pointer
    subtraction (ptrdiff_t).  The right hand side is the also the (signed)
    result of pointer subtraction, additionally subtracting the element size
    ('es'), which is unsigned size_t.  This coerces the right-hand
    expression into an unsigned value.  MIN(signed, unsigned) triggers
    -Wsign-compare.
    
    Sorting elements of size greater than SSIZE_MAX is nonsensical, so we
    can instead treat the element size as ssize_t, leaving the right-hand
    result the same signedness as the left.
    
    Reviewed by:            arichardson, kib
    Differential Revision:  https://reviews.freebsd.org/D31292
---
 lib/libc/stdlib/Makefile.inc | 2 ++
 lib/libc/stdlib/qsort.c      | 7 ++++++-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/lib/libc/stdlib/Makefile.inc b/lib/libc/stdlib/Makefile.inc
index de8d8484e135..361761e73fdd 100644
--- a/lib/libc/stdlib/Makefile.inc
+++ b/lib/libc/stdlib/Makefile.inc
@@ -18,6 +18,8 @@ MISRCS+=C99_Exit.c a64l.c abort.c abs.c atexit.c atof.c atoi.c atol.c atoll.c \
 	strtol.c strtold.c strtoll.c strtoq.c strtoul.c strtonum.c strtoull.c \
 	strtoumax.c strtouq.c system.c tdelete.c tfind.c tsearch.c twalk.c
 
+CFLAGS.qsort.c+= -Wsign-compare
+
 # Work around an issue on case-insensitive file systems.
 # libc has both _Exit.c and _exit.s and they both yield
 # _exit.o (case insensitively speaking).
diff --git a/lib/libc/stdlib/qsort.c b/lib/libc/stdlib/qsort.c
index cfd2d99025f0..5016fff7895f 100644
--- a/lib/libc/stdlib/qsort.c
+++ b/lib/libc/stdlib/qsort.c
@@ -171,7 +171,12 @@ loop:
 	pn = (char *)a + n * es;
 	d1 = MIN(pa - (char *)a, pb - pa);
 	vecswap(a, pb - d1, d1);
-	d1 = MIN(pd - pc, pn - pd - es);
+	/*
+	 * Cast es to preserve signedness of right-hand side of MIN()
+	 * expression, to avoid sign ambiguity in the implied comparison.  es
+	 * is safely within [0, SSIZE_MAX].
+	 */
+	d1 = MIN(pd - pc, pn - pd - (ssize_t)es);
 	vecswap(pb, pn - d1, d1);
 
 	d1 = pb - pa;