Bug 146414

Summary:

Compile warning (-Wsign-compare) on 32-bits at WebCore/platform/FileSystem.cpp

Product:

WebKit

Reporter:

Carlos Alberto Lopez Perez <clopez>

Component:

WebCore Misc.

Assignee:

youenn fablet <youennf>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

benjamin, cmarcelo, commit-queue, darin, dbates, oliver, youennf

Priority:

Version:

528+ (Nightly build)

Hardware:

Unspecified

OS:

Unspecified

Attachments:

Description	Flags
Patch	none
WTF::isInBounds version	none
Patch	none
Trying to fix build, adding tests and convertSafely	none
Another try at fixing mac build	none
Fixing EFL build	none

Carlos Alberto Lopez Perez

Reported 2015-06-29 11:55:19 PDT

When building WebKitGTK+ on Linux/32-bits the following warning appears: [2644/5687] Building CXX object Source/WebCore/CMakeFiles/WebCore.dir/platform/FileSystem.cpp.o ../../Source/WebCore/platform/FileSystem.cpp: In constructor ‘WebCore::MappedFileData::MappedFileData(const WTF::String&, bool&)’: ../../Source/WebCore/platform/FileSystem.cpp:154:50: warning: comparison between signed and unsigned integer expressions [-Wsign-compare] if (fileStat.st_size < 0 || fileStat.st_size > std::numeric_limits<unsigned>::max()) { ^ https://build.webkit.org/builders/GTK%20Linux%2032-bit%20Release/builds/53808/steps/compile-webkit/logs/stdio bug 101458 can give some hints about the issue.

Attachments
Patch (1.48 KB, patch) 2015-07-10 00:04 PDT, youenn fablet	no flags	Details Formatted Diff Diff
WTF::isInBounds version (3.26 KB, patch) 2015-07-12 07:02 PDT, youenn fablet	no flags	Details Formatted Diff Diff
Patch (5.98 KB, patch) 2015-07-30 08:27 PDT, youenn fablet	no flags	Details Formatted Diff Diff
Trying to fix build, adding tests and convertSafely (7.65 KB, patch) 2015-07-31 00:01 PDT, youenn fablet	no flags	Details Formatted Diff Diff
Another try at fixing mac build (13.65 KB, patch) 2015-08-03 08:15 PDT, youenn fablet	no flags	Details Formatted Diff Diff
Fixing EFL build (13.65 KB, patch) 2015-08-03 08:50 PDT, youenn fablet	no flags	Details Formatted Diff Diff
Show Obsolete (5) View All Add attachment proposed patch, testcase, etc.

youenn fablet

Comment 1 2015-07-10 00:04:22 PDT

Created attachment 256568 [details] Patch

youenn fablet

Comment 2 2015-07-10 00:06:21 PDT

(In reply to comment #0) > When building WebKitGTK+ on Linux/32-bits the following warning appears: I have not tested it on 32-bits systems but I hope the uploaded patch removes the warning.

Darin Adler

Comment 3 2015-07-10 09:32:10 PDT

Comment on attachment 256568 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=256568&action=review > Source/WebCore/platform/FileSystem.cpp:154 > + if (fileStat.st_size < 0 || static_cast<size_t>(fileStat.st_size) > std::numeric_limits<unsigned>::max()) { If we got the typecast to exactly the right unsigned type, one guaranteed to be the same size as off_t, then the check against 0 becomes dead code, because negative numbers are guaranteed to turn into large unsigned numbers. It’s not obvious to me that size_t is guaranteed to be the right type. I would write this: if (static_cast<std::make_unsigned<off_t>::type>(fileStat.st_size) > std::numeric_limits<unsigned>::max()) {

Darin Adler

Comment 4 2015-07-10 09:34:04 PDT

Comment on attachment 256568 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=256568&action=review >> Source/WebCore/platform/FileSystem.cpp:154 >> + if (fileStat.st_size < 0 || static_cast<size_t>(fileStat.st_size) > std::numeric_limits<unsigned>::max()) { > > If we got the typecast to exactly the right unsigned type, one guaranteed to be the same size as off_t, then the check against 0 becomes dead code, because negative numbers are guaranteed to turn into large unsigned numbers. It’s not obvious to me that size_t is guaranteed to be the right type. I would write this: > > if (static_cast<std::make_unsigned<off_t>::type>(fileStat.st_size) > std::numeric_limits<unsigned>::max()) { Here’s an even more bulletproof way to write this: template<typename T> static inline makeUnsigned(T integer) { return static_cast<std::make_unsigned<T>::type>(integer); } if (makeUnsigned(fileState.st_size) > std::numeric_limits<unsigned>::max()) {

youenn fablet

Comment 5 2015-07-12 07:01:09 PDT

Comment on attachment 256568 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=256568&action=review >>> Source/WebCore/platform/FileSystem.cpp:154 >>> + if (fileStat.st_size < 0 || static_cast<size_t>(fileStat.st_size) > std::numeric_limits<unsigned>::max()) { >> >> If we got the typecast to exactly the right unsigned type, one guaranteed to be the same size as off_t, then the check against 0 becomes dead code, because negative numbers are guaranteed to turn into large unsigned numbers. It’s not obvious to me that size_t is guaranteed to be the right type. I would write this: >> >> if (static_cast<std::make_unsigned<off_t>::type>(fileStat.st_size) > std::numeric_limits<unsigned>::max()) { > > Here’s an even more bulletproof way to write this: > > template<typename T> static inline makeUnsigned(T integer) { return static_cast<std::make_unsigned<T>::type>(integer); } > > if (makeUnsigned(fileState.st_size) > std::numeric_limits<unsigned>::max()) { If we want to further improve readability, we might want to write "if (!WTF::isInBounds<unsigned>(fileState.st_size))" Integrating your suggestion in WTF::isInBounds might be useful then.

youenn fablet

Comment 6 2015-07-12 07:02:20 PDT

Created attachment 256678 [details] WTF::isInBounds version

youenn fablet

Comment 7 2015-07-12 08:36:50 PDT

Comment on attachment 256678 [details] WTF::isInBounds version Putting r? This patch is missing unit tests to ensure everything is working fine. I will do that when going back to WebKit in a few weeks.

youenn fablet

Comment 8 2015-07-30 08:27:38 PDT

Created attachment 257833 [details] Patch

youenn fablet

Comment 9 2015-07-30 08:29:18 PDT

(In reply to comment #8) > Created attachment 257833 [details] > Patch Adding unit tests and adding a small fix to BoundsCheckElider.

Oliver Hunt

Comment 10 2015-07-30 09:55:48 PDT

Comment on attachment 257833 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=257833&action=review > Source/WebCore/platform/FileSystem.cpp:154 > - if (fileStat.st_size < 0 || fileStat.st_size > std::numeric_limits<unsigned>::max()) { > + if (!WTF::isInBounds<unsigned>(fileStat.st_size)) { Random question, why unsigned here? > Tools/TestWebKitAPI/Tests/WTF/CheckedArithmeticOperations.cpp:434 > + EXPECT_FALSE(WTF::isInBounds<uint32_t>((int32_t)-1)); > + EXPECT_FALSE(WTF::isInBounds<uint16_t>((int32_t)-1)); > + EXPECT_FALSE(WTF::isInBounds<uint32_t>((int16_t)-1)); Can you also add tests for 1, and max<int32,uint32,int16,...> etc? and verify that there hasn't been any behaviour change?

youenn fablet

Comment 11 2015-07-30 23:51:07 PDT

Comment on attachment 257833 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=257833&action=review >> Source/WebCore/platform/FileSystem.cpp:154 >> + if (!WTF::isInBounds<unsigned>(fileStat.st_size)) { > > Random question, why unsigned here? We do a conversion from off_t to unsigned just after the "if", unsigned being what is expected by SharedBuffer at the end. It might be nice to refactor this in a WTF::convertSafely routine that would do the inbound check as well as the static_cast. >> Tools/TestWebKitAPI/Tests/WTF/CheckedArithmeticOperations.cpp:434 >> + EXPECT_FALSE(WTF::isInBounds<uint32_t>((int16_t)-1)); > > Can you also add tests for 1, and max<int32,uint32,int16,...> etc? and verify that there hasn't been any behaviour change? OK

youenn fablet

Comment 12 2015-07-31 00:01:57 PDT

Created attachment 257908 [details] Trying to fix build, adding tests and convertSafely

youenn fablet

Comment 13 2015-08-03 08:15:53 PDT

Created attachment 258060 [details] Another try at fixing mac build

youenn fablet

Comment 14 2015-08-03 08:50:19 PDT

Created attachment 258062 [details] Fixing EFL build

WebKit Commit Bot

Comment 15 2015-08-10 03:05:59 PDT

Comment on attachment 258062 [details] Fixing EFL build Clearing flags on attachment: 258062 Committed r188210: <http://trac.webkit.org/changeset/188210>

WebKit Commit Bot

Comment 16 2015-08-10 03:06:05 PDT

All reviewed patches have been landed. Closing bug.

Note You need to log in before you can comment on or make changes to this bug.