This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH v5 1/3] Add strfromd, strfromf, and strfroml functions


On Wed, 5 Oct 2016 12:07:03 +0000
Joseph Myers <joseph@codesourcery.com> wrote:

> On Wed, 5 Oct 2016, Rical Jasan wrote:
> > Is it considered good style to break out of the default like that?

It occurs fairly throughout the codebase, but I don't know if it's good
style.  Since I'll change the code to abort on such cases, I'll leave
that question unanswered. ;)

> 
> > Actually, what I'm really wondering at this point is whether ignoring
> > invalid format specifiers is good form, instead of indicating some kind
> > of error (perhaps that's in the spec).  If we're going to skip_format
> > for specifiers that are set but don't begin with '%' and set precision=0
> > and specifier='f' for those that do but may be improperly formatted in
> > other ways, I think we should say so in the documentation.  A simple
> > addendum to the format specifier paragraph should suffice: "Invalid
> > format specifiers are silently ignored."  
> 
> We should certainly not document any semantics like that for such 
> undefined behavior.  See 
> <https://sourceware.org/glibc/wiki/Style_and_Conventions#Error_Handling>: 
> "If it's user code invoking undefined behavior, then it should fail early 
> and catastrophically".  So if there are any checks for cases that TS 
> 18661-1 says involve undefined behavior, then calling abort () is better 
> than picking some other default.
> 

Thanks for pointing that out.  I'll make these changes to the code, as
well as the suggested changes to the documentation.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]