From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-wr1-x42b.google.com (mail-wr1-x42b.google.com [IPv6:2a00:1450:4864:20::42b]) by sourceware.org (Postfix) with ESMTPS id ED8493860C37 for ; Wed, 24 Mar 2021 19:30:09 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org ED8493860C37 Received: by mail-wr1-x42b.google.com with SMTP id c8so12714190wrq.11 for ; Wed, 24 Mar 2021 12:30:09 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:from:to:references:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=V0g2E0Tc1cmcnpuWqfnLF1bp5c146YOpOV9q7SVgkQk=; b=qb4uGpdiFs36sclBc5xjuK92djSPIFuyKOuHKik6Lv0zAs0H27e6mvRwfmKt//ff3n Lwor/wxnS38DYcOzRs3IOkEFWARQookjhr/kIsucQ4qALsgArZH+Su8yG2Xe9Qcxpw/i ChAJ85NZd5fVEuQDZbvLfEjMoSdXs9p0jV9JKbcvSXzCWwLgRCBcANwQCH1HLsw6mevn Pnb82G0Nch0kZxOeIGP/swGR7xBDe9DRKxirXgWOLm7Z2UdoV/Zy7B9L2H8/GBZRNq9U SdZIA4JgHe8B1sfL6la2QoalOBfvqIQIa71m+kTg8dOOkcr3SrEIuQAxw7cC4JqFSX5h DOuw== X-Gm-Message-State: AOAM5311FPmvjsv8N9v1D4UCv+ajWMSCfOljkQk0HSV0Q0YKr8VZu4xN nirKrtT1+QHB1aPl9Hl+jrNJv53T7DI= X-Google-Smtp-Source: ABdhPJzNIk1bg8hITVwJd8ac3gzZa2OaMkFgwmCiFwvUufmE3nDAz6Vks858ZwGFfoPxSVc4jvLr6w== X-Received: by 2002:a5d:4b06:: with SMTP id v6mr5247763wrq.41.1616614208968; Wed, 24 Mar 2021 12:30:08 -0700 (PDT) Received: from [192.168.0.160] ([170.253.36.171]) by smtp.gmail.com with ESMTPSA id a13sm4398705wrp.31.2021.03.24.12.30.08 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 24 Mar 2021 12:30:08 -0700 (PDT) Subject: Re: printf_arginfo_size_function error handling From: "Alejandro Colomar (man-pages)" To: GNU C Library References: Message-ID: Date: Wed, 24 Mar 2021 20:30:07 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.8.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-5.8 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, KAM_SHORT, NICE_REPLY_A, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Mar 2021 19:30:11 -0000 Hi, On 3/24/21 5:39 PM, Alejandro Colomar (man-pages) wrote: > Hi, > > I've been re-reading the docs for printf_register_specifier(), and > there's something in an example code that doesn't make much sense: > > > [[ > > int > print_widget_arginfo (const struct printf_info *info, size_t n, > int *argtypes) > { > /* We always take exactly one argument and this is a pointer to the > structure.. */ > if (n > 0) > argtypes[0] = PA_POINTER; > return 1; > } > > ]] > > In the code above there is a check that n>0, but: > > What can a user do if n<=0 ? There's no error reporting method, is there? > And, is it possible for such a case to happen? What to do there? > > I think either using an assert() or not checking at all might make more > sense (depending on how possible is n<=0 to happen). The current check > continues as if everything was fine, just without setting argtypes[0], > so if there's an error, it will be carried to some future stage, where > nasal daemons might unexpectedly happen. After reading the sources, I see a few things: - There's an undocumented error handling mechanism: you can return a negative value to signify an error. However, I couldn't understand what exactly happens when you report an error. Does the printf_function get called? - n seems to be nonnegative: it's called in three places (, , and stdio-common/printf-prs.c:94), and all of them make sure n is positive, so the test in the example is useless. - I could't understand how n>1 could be used from reading the (obfuscated) sources. And there's no documentation. Is it really supported? And how? Would you mind documenting that? Maybe with an example that makes use of the non-obvious features of this API. - Even though printf_arginfo_size_function supposedly handles the case of n>1, printf_function doesn't seem to handle it. It gets the array of arguments, but it doesn't get the size of the array, so the only valid assumption is that the array is of size 1; anything else might fail silently. If you use the misterious feature of multiple arguments for a single specifier, how do you guarantee that you'll receive as many slots in the array as you want? By checking it in the arginfo function and reporting an error if n is not big enough? Will that guarantee that printf_function is not called? Again, I see no documentation at all about this, and the sources are not the easiest to read. Thanks, Alex -- Alejandro Colomar Linux man-pages comaintainer; https://www.kernel.org/doc/man-pages/ http://www.alejandro-colomar.es/