Anonymous | Login | 2024-12-02 08:38 UTC |
Main | My View | View Issues | Change Log | Docs |
Viewing Issue Simple Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||
ID | Category | Severity | Type | Date Submitted | Last Update | ||
0001197 | [1003.1(2016/18)/Issue7+TC2] System Interfaces | Objection | Omission | 2018-07-30 19:19 | 2019-03-11 16:01 | ||
Reporter | shware_systems | View Status | public | ||||
Assigned To | |||||||
Priority | normal | Resolution | Rejected | ||||
Status | Closed | ||||||
Name | Mark Ziegast | ||||||
Organization | SHware Systems Dev. | ||||||
User Reference | |||||||
Section | abs, imaxabs, labs, llabs | ||||||
Page Number | p567 ff | ||||||
Line Number | L19829 ff | ||||||
Interp Status | --- | ||||||
Final Accepted Text | |||||||
Summary | 0001197: Omission from 1108: LONG_MIN must be <= -2147483648 | ||||||
Description |
In the resolution to 1108, Note 4041, while twos-complement arithmetic is adequate to describe how the result arises, it overlooks that from a mathematical and set theory standpoint the operation is also a range error for the *_MIN values, in that the "correct" result is outside the range *_MIN to *_MAX. This should be indicated in errno with ERANGE, raise SIGFPE with Code FPE_INTOVF if not masked, or both. Given *_MIN and *_MAX are independent values (with constraints) in both the C and POSIX <limits.h>, leaving the behavior completely undefined in the C standard can be considered a defect. It should at least require ERANGE be set, imo. Assuming a 24-bit width for short, SHORT_MIN could be -1000000 and SHORT_MAX still 32767 and this would be considered conforming, if pretty asymmetric. This range error would be triggered for each value between -1000000 and -32768 inclusive, not just -32768. Note with this potential asymmetry EDOM errors should also be accounted for, but the appropriate signal code, FPE_INTTRAP or FPE_INTDOM, is missing from <signal.h>. |
||||||
Desired Action |
From #1108, Change for abs(), other interfaces with similar wording: On P567 L19829 (abs), replace If the result cannot be represented, the behavior is undefined. with <CX>If the result cannot be represented, the result shall be i, unchanged, and errno shall be set to ERANGE.</CX><XSI> Additionally, the function shall raise SIGFPE with code FPE_INTOVF after setting errno.</XSI> On P567 L19838 (abs), replace In two's-complement representation, the absolute value of the negative integer with largest magnitude {INT_MIN} might not be representable. with <CX>Since POSIX.1 requires a two's complement representation of int, the absolute value of the negative integer with the largest magnitude {INT_MIN} is always not representable; the rules of negation in two's complement arithmetic ensure that {INT_MIN} is returned when the value is -pow(2,{WORD_BIT}-1) but may produce positive trap representations for values between {INT_MIN} and negative {INT_MAX} otherwise.</CX> |
||||||
Tags | No tags attached. | ||||||
Attached Files | |||||||
|
Relationships | ||||||
|
Notes | |
(0004065) shware_systems (reporter) 2018-07-30 19:31 edited on: 2018-07-30 19:31 |
Note the example related to SHORT_MIN in the Description would apply to an sabs(short i) interface, not abs() or labs() specifically. A similar example where LONG_BIT > WORD_BIT > 32 could be contrived to show it applies to abs(), but the constants would be larger. |
(0004066) eblake (manager) 2018-07-30 20:29 |
Except that abs() has no value reserved for indication of error, and setting errno is not something that historical implementations have done (even if ERANGE would make sense if we were designing from scratch). I'd rather leave abs(INT_MIN) undefined than nail down any specific behavior, particularly one that does not have historical precedent. |
(0004067) shware_systems (reporter) 2018-07-31 01:41 edited on: 2018-07-31 01:43 |
This is a matter of correctness of the C abstract machine, not what implementations have or haven't done in the past. Just because most implementations have elected to use symmetry and hide the issue doesn't make it less wrong; it's an issue that should have been addressed in C99 but has slipped through the cracks. What made that wording adequate for C89 being buggy no longer holds true; C99 fixed it, but didn't propagate the fix to these interfaces. I used short in the example because 32768 as a result is representable as a 32-bit int, due to argument promotion, but will be a range error when assigned to a 16-bit short, whose maximum INT_MAX is limited to 32767. By C99/C11 6.3.1.3p3 the permitted behavior for this is "either the result is implementation-defined or an implementation-defined signal is raised", not truncate as in C89 or undefined. This applies to promotions used internally by functions like abs() also, to me, to handle permitted asymmetric ranges for the abstract machine to be consistent, so setting errno would be part of the implementation-defined result. It's the same in theory also, to me, as in <math.h> for many interfaces, if a result f(x) for a finite x cannot be represented it's required to be a range error and reported accordingly, so requiring it with these interfaces is more consistent than not. |
(0004069) Vincent Lefevre (reporter) 2018-08-03 18:27 |
<math.h> is for floating point, while abs(), labs() and llabs() are functions on integers, from <stdlib.h>. These functions not much different from +, -, *, / on integers, which do not signal a range error, for performance reasons. |
(0004305) nick (manager) 2019-03-11 16:01 edited on: 2019-03-11 16:01 |
This was discussed at length in bug 1108, and will break most (all?) existing implementations. See also bugnotes Note: 0004066 and Note: 0004069 |
Mantis 1.1.6[^] Copyright © 2000 - 2008 Mantis Group |