Sergey: This patch updates API interface. I still need to verify its functionality on other tool chain. I will give you feedback after I am done.
Thanks Liming >-----Original Message----- >From: Laszlo Ersek [mailto:[email protected]] >Sent: Friday, May 19, 2017 4:16 PM >To: Sergei Temerkhanov <[email protected]> >Cc: Gao, Liming <[email protected]>; [email protected] >Subject: Re: [edk2] [PATCH] MdePkg: Fix undefined behavior on variadic >parameters > >On 05/19/17 04:45, Sergei Temerkhanov wrote: >> On Thu, May 18, 2017 at 1:19 PM, Laszlo Ersek <[email protected]> wrote: >>> On 05/16/17 14:10, Sergei Temerkhanov wrote: >>>> On Tue, May 16, 2017 at 8:10 AM, Gao, Liming <[email protected]> >wrote: >>>>> Sergey: >>>>> Could you give more detail on the undefined behavior on variadic >parameters? >>>>> >>>>> I see https://bugzilla.tianocore.org/show_bug.cgi?id=410 describe this >issues found in the latest CLANG tool chain. Do you find other tool chain >reports it? >>>> >>>> Yes, this is exactly the bug this patch fixes. >>>> >>>> As per the C99 standard: >>>> "The parameter parmN is the identifier of the rightmost parameter in >>>> the variable parameter list in the function definition (the one just >>>> before the , ...). If the parameter parmN is declared with the >>>> register storage class, with a function or array type, or with a type >>>> that is not compatible with the type that results after application of >>>> the default argument promotions, the behavior is undefined." >>>> >>>> That's exactly the case here since BOOLEAN is a typedef for unsigned >>>> char. It undergoes a promotion to an unsigned int >>> >>> Side topic: >>> >>> It is promoted, but not to "unsigned int". >>> >>> The standard says, in "6.3.1.1 Boolean, characters, and integers", >>> paragraph 2, >>> >>> The following may be used in an expression wherever an /int/ or >>> /unsigned int/ may be used: >>> >>> — An object or expression with an integer type whose integer >>> conversion rank is less than or equal to the rank of /int/ and >>> /unsigned int/. >>> — A bit-field of type /_Bool/, /int/, /signed int/, or >>> /unsigned int/. >>> >>> If an /int/ can represent all values of the original type, the value >>> is converted to an /int/; otherwise, it is converted to an >>> /unsigned int/. These are called the /integer promotions/. [...] >>> >>> On all supported edk2 platforms, "unsigned char"'s range is 0..255 >>> inclusive, which can be represented by "int" (again on all supported >>> edk2 platforms). So the promotion occurs to "int", not "unsigned int" >>> >>> >>> Furthermore, in place of the suggested UINTN type (which is fine), the >>> following further types would be correct: INT32, UINT32, INT64, UINT64, >>> INTN. >> >> On 32-bit architectures, using 64-bit types here may change the ABI. Which >might >> affect some corner cases like linking precompiled object files to the >> library in question. > >True. > >I missed the fact that in edk2 you can have binary-only library >instances. I should have remembered, after all I had filed ><https://bugzilla.tianocore.org/show_bug.cgi?id=463> :) > >So yes, UINTN is the best choice; it keeps binary compat beyond >everything else. > >Thanks! >Laszlo > >> >>> The reason is that all of these map to standard C types, on all >>> edk2 platforms, whose integer conversion ranks are not less than that of >>> "int" and "unsigned int". Hence they are all unaffected by the integer >>> promotions. >>> >>> (This digression does not affect your main point, which remains correct; >>> I just wanted to be precise here, since we're quoting the standard.) >>> >>> Thanks >>> Laszlo >>> >>>> which is not a >>>> compatible type for unsigned char. Correct me if I'm wrong. >>>> >>>> Regards, >>>> Sergey >>>> >>>>> >>>>> Thanks >>>>> Liming >>>>>> -----Original Message----- >>>>>> From: edk2-devel [mailto:[email protected]] On Behalf >Of Sergey Temerkhanov >>>>>> Sent: Tuesday, May 16, 2017 10:57 AM >>>>>> To: [email protected] >>>>>> Subject: [edk2] [PATCH] MdePkg: Fix undefined behavior on variadic >parameters >>>>>> >>>>>> Fix undefined behavior by avoiding parameter type promotion >>>>>> >>>>>> Signed-off-by: Sergey Temerkhanov <[email protected]> >>>>>> --- >>>>>> MdePkg/Include/Library/UefiLib.h | 2 +- >>>>>> MdePkg/Library/UefiLib/UefiLib.c | 2 +- >>>>>> 2 files changed, 2 insertions(+), 2 deletions(-) >>>>>> >>>>>> diff --git a/MdePkg/Include/Library/UefiLib.h >b/MdePkg/Include/Library/UefiLib.h >>>>>> index 0b14792..4e4697c 100644 >>>>>> --- a/MdePkg/Include/Library/UefiLib.h >>>>>> +++ b/MdePkg/Include/Library/UefiLib.h >>>>>> @@ -818,7 +818,7 @@ CHAR8 * >>>>>> EFIAPI >>>>>> GetBestLanguage ( >>>>>> IN CONST CHAR8 *SupportedLanguages, >>>>>> - IN BOOLEAN Iso639Language, >>>>>> + IN UINTN Iso639Language, >>>>>> ... >>>>>> ); >>>>>> >>>>>> diff --git a/MdePkg/Library/UefiLib/UefiLib.c >b/MdePkg/Library/UefiLib/UefiLib.c >>>>>> index a7eee01..74528ec 100644 >>>>>> --- a/MdePkg/Library/UefiLib/UefiLib.c >>>>>> +++ b/MdePkg/Library/UefiLib/UefiLib.c >>>>>> @@ -1514,7 +1514,7 @@ CHAR8 * >>>>>> EFIAPI >>>>>> GetBestLanguage ( >>>>>> IN CONST CHAR8 *SupportedLanguages, >>>>>> - IN BOOLEAN Iso639Language, >>>>>> + IN UINTN Iso639Language, >>>>>> ... >>>>>> ) >>>>>> { >>>>>> -- >>>>>> 2.7.4 >>>>>> >>>>>> _______________________________________________ >>>>>> edk2-devel mailing list >>>>>> [email protected] >>>>>> https://lists.01.org/mailman/listinfo/edk2-devel >>>> _______________________________________________ >>>> edk2-devel mailing list >>>> [email protected] >>>> https://lists.01.org/mailman/listinfo/edk2-devel >>>> >>> _______________________________________________ edk2-devel mailing list [email protected] https://lists.01.org/mailman/listinfo/edk2-devel
