Austin Group Defect Tracker

Aardvark Mark III


Viewing Issue Simple Details Jump to Notes ] Issue History ] Print ]
ID Category Severity Type Date Submitted Last Update
0001197 [1003.1(2016)/Issue7+TC2] System Interfaces Objection Omission 2018-07-30 19:19 2018-08-03 18:27
Reporter shware_systems View Status public  
Assigned To
Priority normal Resolution Open  
Status New  
Name Mark Ziegast
Organization SHware Systems Dev.
User Reference
Section abs, imaxabs, labs, llabs
Page Number p567 ff
Line Number L19829 ff
Interp Status ---
Final Accepted Text
Summary 0001197: Omission from 1108: LONG_MIN must be <= -2147483648
Description In the resolution to 1108, Note 4041, while twos-complement arithmetic is adequate to describe how the result arises, it overlooks that from a mathematical and set theory standpoint the operation is also a range error for the *_MIN values, in that the "correct" result is outside the range *_MIN to *_MAX. This should be indicated in errno with ERANGE, raise SIGFPE with Code FPE_INTOVF if not masked, or both.

Given *_MIN and *_MAX are independent values (with constraints) in both the C and POSIX <limits.h>, leaving the behavior completely undefined in the C standard can be considered a defect. It should at least require ERANGE be set, imo. Assuming a 24-bit width for short, SHORT_MIN could be -1000000 and SHORT_MAX still 32767 and this would be considered conforming, if pretty asymmetric. This range error would be triggered for each value between -1000000 and -32768 inclusive, not just -32768.

Note with this potential asymmetry EDOM errors should also be accounted for, but the appropriate signal code, FPE_INTTRAP or FPE_INTDOM, is missing from <signal.h>.
Desired Action From #1108, Change for abs(), other interfaces with similar wording:
On P567 L19829 (abs), replace

    If the result cannot be represented, the behavior is undefined.

with

    <CX>If the result cannot be represented, the result shall be i, unchanged, and errno shall be set to ERANGE.</CX><XSI> Additionally, the function shall raise SIGFPE with code FPE_INTOVF after setting errno.</XSI>


On P567 L19838 (abs), replace

    In two's-complement representation, the absolute value of the negative integer with largest magnitude {INT_MIN} might not be representable.

with

    <CX>Since POSIX.1 requires a two's complement representation of int, the absolute value of the negative integer with the largest magnitude {INT_MIN} is always not representable; the rules of negation in two's complement arithmetic ensure that {INT_MIN} is returned when the value is -pow(2,{WORD_BIT}-1) but may produce positive trap representations for values between {INT_MIN} and negative {INT_MAX} otherwise.</CX>
Tags No tags attached.
Attached Files

- Relationships
child of 0001108Resolved LONG_MIN must be <= -2147483648 

-  Notes
(0004065)
shware_systems (reporter)
2018-07-30 19:31
edited on: 2018-07-30 19:31

Note the example related to SHORT_MIN in the Description would apply to an sabs(short i) interface, not abs() or labs() specifically. A similar example where LONG_BIT > WORD_BIT > 32 could be contrived to show it applies to abs(), but the constants would be larger.

(0004066)
eblake (manager)
2018-07-30 20:29

Except that abs() has no value reserved for indication of error, and setting errno is not something that historical implementations have done (even if ERANGE would make sense if we were designing from scratch). I'd rather leave abs(INT_MIN) undefined than nail down any specific behavior, particularly one that does not have historical precedent.
(0004067)
shware_systems (reporter)
2018-07-31 01:41
edited on: 2018-07-31 01:43

This is a matter of correctness of the C abstract machine, not what implementations have or haven't done in the past. Just because most implementations have elected to use symmetry and hide the issue doesn't make it less wrong; it's an issue that should have been addressed in C99 but has slipped through the cracks. What made that wording adequate for C89 being buggy no longer holds true; C99 fixed it, but didn't propagate the fix to these interfaces.

I used short in the example because 32768 as a result is representable as a 32-bit int, due to argument promotion, but will be a range error when assigned to a 16-bit short, whose maximum INT_MAX is limited to 32767. By C99/C11 6.3.1.3p3 the permitted behavior for this is "either the result is implementation-defined or an implementation-defined signal is raised", not truncate as in C89 or undefined. This applies to promotions used internally by functions like abs() also, to me, to handle permitted asymmetric ranges for the abstract machine to be consistent, so setting errno would be part of the implementation-defined result. It's the same in theory also, to me, as in <math.h> for many interfaces, if a result f(x) for a finite x cannot be represented it's required to be a range error and reported accordingly, so requiring it with these interfaces is more consistent than not.

(0004069)
Vincent Lefevre (reporter)
2018-08-03 18:27

<math.h> is for floating point, while abs(), labs() and llabs() are functions on integers, from <stdlib.h>. These functions not much different from +, -, *, / on integers, which do not signal a range error, for performance reasons.

- Issue History
Date Modified Username Field Change
2018-07-30 19:19 shware_systems New Issue
2018-07-30 19:19 shware_systems Name => Mark Ziegast
2018-07-30 19:19 shware_systems Organization => SHware Systems Dev.
2018-07-30 19:19 shware_systems Section => abs, imaxabs, labs, llabs
2018-07-30 19:19 shware_systems Page Number => p567 ff
2018-07-30 19:19 shware_systems Line Number => L19829 ff
2018-07-30 19:31 shware_systems Note Added: 0004065
2018-07-30 19:31 shware_systems Note Edited: 0004065
2018-07-30 20:29 eblake Relationship added child of 0001108
2018-07-30 20:29 eblake Note Added: 0004066
2018-07-31 01:41 shware_systems Note Added: 0004067
2018-07-31 01:43 shware_systems Note Edited: 0004067
2018-08-03 18:27 Vincent Lefevre Note Added: 0004069


Mantis 1.1.6[^]
Copyright © 2000 - 2008 Mantis Group
Powered by Mantis Bugtracker