WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED FIXED
224797
[clang] Remove implicit cast related warnings.
https://bugs.webkit.org/show_bug.cgi?id=224797
Summary
[clang] Remove implicit cast related warnings.
Basuke Suzuki
Reported
2021-04-19 20:05:21 PDT
WTF/Headers\wtf/CheckedArithmetic.h:836:58: warning: implicit conversion from 'std::numeric_limits<unsigned long>::_Ty' (aka 'unsigned long') to 'double' changes value from 18446744073709551615 to 18446744073709551616 [-Wimplicit-const-int-float-conversion] if (!(std::numeric_limits<T>::min() <= result && std::numeric_limits<T>::max() >= result)) ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ ../../Tools/TestWebKitAPI/Tests/WTF/CheckedArithmeticOperations.cpp:511:10: note: in instantiation of member function 'WTF::Checked<uint64_t, WTF::RecordOverflow>::operator/=' requested here size /= 10.5; ^ 1 warning generated. In file included from WebCore/DerivedSources/unified-sources/UnifiedSource-043dd90b-5.cpp:8: ../../Source/WebCore\rendering/RenderBlockFlow.cpp:1785:25: warning: implicit conversion from 'const int' to 'const float' changes value from 33554431 to 33554432 [-Wimplicit-const-int-float-conversion] logicalOffset = intMaxForLayoutUnit; ~ ^~~~~~~~~~~~~~~~~~~ 1 warning generated.
Attachments
PATCH
(3.41 KB, patch)
2021-04-19 20:09 PDT
,
Basuke Suzuki
no flags
Details
Formatted Diff
Diff
PATCH
(1.83 KB, patch)
2021-04-20 16:51 PDT
,
Basuke Suzuki
no flags
Details
Formatted Diff
Diff
Show Obsolete
(1)
View All
Add attachment
proposed patch, testcase, etc.
Basuke Suzuki
Comment 1
2021-04-19 20:09:43 PDT
Created
attachment 426513
[details]
PATCH
Basuke Suzuki
Comment 2
2021-04-19 20:25:44 PDT
Checked::operator /= () is only used in this TestWTF file and using long double wont affect in actual codebase.
Darin Adler
Comment 3
2021-04-19 21:46:40 PDT
Comment on
attachment 426513
[details]
PATCH View in context:
https://bugs.webkit.org/attachment.cgi?id=426513&action=review
> Source/WTF/wtf/CheckedArithmetic.h:820 > + long double result = rhs * m_value;
This looks like a costly solution to this problem, and possibly not portable. Is there a way to do this checking without involving a "long double".
> Source/WebCore/ChangeLog:10 > + Added explicit cast for compatibility. > + > + No new tests because there's no practical change.
I don’t understand what "compatibility" means here. Compatibility with what?
Basuke Suzuki
Comment 4
2021-04-19 22:39:52 PDT
Comment on
attachment 426513
[details]
PATCH View in context:
https://bugs.webkit.org/attachment.cgi?id=426513&action=review
>> Source/WTF/wtf/CheckedArithmetic.h:820 >> + long double result = rhs * m_value; > > This looks like a costly solution to this problem, and possibly not portable. Is there a way to do this checking without involving a "long double".
As the warning says: "'unsigned long') to 'double' changes value from 18446744073709551615 to 18446744073709551616", double is not as precise as to hold unsigned long. What if the value is 18446744073709551616, then the value will pass through this check and won't overflow. I cannot judge what range of error can be allowed from this generic implementation, so that it has to be strict. But I didn't think about the portability. Humm, I don't have other solution right now. Let's think about this.
>> Source/WebCore/ChangeLog:10 >> + No new tests because there's no practical change. > > I don’t understand what "compatibility" means here. Compatibility with what?
I mean it it compatible with the result of implicit cast with explicit cast. That's why technically there's no change in the compilation result.
Darin Adler
Comment 5
2021-04-20 08:23:47 PDT
Comment on
attachment 426513
[details]
PATCH View in context:
https://bugs.webkit.org/attachment.cgi?id=426513&action=review
>>> Source/WTF/wtf/CheckedArithmetic.h:820 >>> + long double result = rhs * m_value; >> >> This looks like a costly solution to this problem, and possibly not portable. Is there a way to do this checking without involving a "long double". > > As the warning says: "'unsigned long') to 'double' changes value from 18446744073709551615 to 18446744073709551616", double is not as precise as to hold unsigned long. What if the value is 18446744073709551616, then the value will pass through this check and won't overflow. I cannot judge what range of error can be allowed from this generic implementation, so that it has to be strict. But I didn't think about the portability. Humm, I don't have other solution right now. Let's think about this.
Comment above says "unsigned long" but this is about 64-bit unsigned integers; "unsigned long" is a 32-bit integer. - We don’t want to use long double when the underlying type is a 32-bit integer. That would hurt efficiency in that case without helping correctness. - We need to add test cases that demonstrate this working incorrectly before we start making changes that aren’t tested. - Do we actually use these function with uint64_t? Instead of making this less efficient and less portable for cases we actually do use, maybe instead we should find a way to make this not compile at all when T is 64-bit for now, while we seek a better result.
Basuke Suzuki
Comment 6
2021-04-20 14:25:40 PDT
(In reply to Darin Adler from
comment #5
)
> Comment on
attachment 426513
[details]
> PATCH > > View in context: >
https://bugs.webkit.org/attachment.cgi?id=426513&action=review
> > >>> Source/WTF/wtf/CheckedArithmetic.h:820 > >>> + long double result = rhs * m_value; > >> > >> This looks like a costly solution to this problem, and possibly not portable. Is there a way to do this checking without involving a "long double". > > > > As the warning says: "'unsigned long') to 'double' changes value from 18446744073709551615 to 18446744073709551616", double is not as precise as to hold unsigned long. What if the value is 18446744073709551616, then the value will pass through this check and won't overflow. I cannot judge what range of error can be allowed from this generic implementation, so that it has to be strict. But I didn't think about the portability. Humm, I don't have other solution right now. Let's think about this. > > Comment above says "unsigned long" but this is about 64-bit unsigned > integers; "unsigned long" is a 32-bit integer.
Is unsigned long 32-bit on Mac?? It's usually 64-bit on 64-bit architecture. Actually it is Checked<size_t> so it has to be 64-bit.
> - We don’t want to use long double when the underlying type is a 32-bit > integer. That would hurt efficiency in that case without helping correctness.
Agreed. We need to add such case.
> - We need to add test cases that demonstrate this working incorrectly before > we start making changes that aren’t tested.
Ditto.
> - Do we actually use these function with uint64_t? Instead of making this > less efficient and less portable for cases we actually do use, maybe instead > we should find a way to make this not compile at all when T is 64-bit for > now, while we seek a better result.
Okay. I'll create a new bug for that. Removing that from this path.
Darin Adler
Comment 7
2021-04-20 15:29:03 PDT
(In reply to Basuke Suzuki from
comment #6
)
> Is unsigned long 32-bit on Mac??
Yes.
> It's usually 64-bit on 64-bit architecture.
Maybe often, but not "usually".
https://en.wikipedia.org/wiki/64-bit_computing#64-bit_data_models
Windows and all Apple platforms use 32-bit longs (LLP64). I understand that on many Unix platforms the compilers are configured for 64-bit longs (LP64). In part because of this we avoid using the type "long" and "unsigned long" almost all the time in WebKit, because the code would just end up being non-portable. Almost any place it’s used, we should be using "int" or "unsigned" instead; this often happens because of confusion since IDL uses "long" and "unsigned long" for the 32-bit types.
> Actually it is Checked<size_t> so it has to be 64-bit.
OK. On further reflection, it’s possible that long double *is* portable enough in practice for us to use it for this purpose. It’s not guaranteed to be big enough to hold all 64-bit integers, but in practice it probably is on all the platforms we support. This header originally came from another project. Maybe Mozilla? We might want to check how they solved the problem.
Basuke Suzuki
Comment 8
2021-04-20 15:36:25 PDT
Filed.
https://bugs.webkit.org/show_bug.cgi?id=224835
Basuke Suzuki
Comment 9
2021-04-20 16:51:15 PDT
Created
attachment 426615
[details]
PATCH
EWS
Comment 10
2021-04-20 18:43:00 PDT
Committed
r276342
(
236820@main
): <
https://commits.webkit.org/236820@main
> All reviewed patches have been landed. Closing bug and clearing flags on
attachment 426615
[details]
.
Basuke Suzuki
Comment 11
2021-04-20 23:15:53 PDT
(In reply to Darin Adler from
comment #7
)
> (In reply to Basuke Suzuki from
comment #6
) > > Is unsigned long 32-bit on Mac?? > > Yes.
Darin, I wrote a test code and ran on M1 MacBook Air both native and Rosetta. It both says unsigned long is eight byte.
https://gist.github.com/basuke/63dff61dcaf2096f88449408aed90781
So it seems Checked with 64-bit type is already used widely on the codebase.
Darin Adler
Comment 12
2021-04-22 16:39:08 PDT
Embarrassing that I got that wrong! I was totally incorrect. It’s still true that we mostly avoid the type "unsigned long" in our code because of the portability problems on 64-bit Windows, for example. What files did you find where we were using Checked<unsigned long> (as opposed to Checked<size_t> or Checked<uint64_t>?
Radar WebKit Bug Importer
Comment 13
2021-04-23 01:21:11 PDT
<
rdar://problem/77061502
>
Basuke Suzuki
Comment 14
2021-04-24 00:51:49 PDT
(In reply to Darin Adler from
comment #12
)
> Embarrassing that I got that wrong! I was totally incorrect. > > It’s still true that we mostly avoid the type "unsigned long" in our code > because of the portability problems on 64-bit Windows, for example. > > What files did you find where we were using Checked<unsigned long> (as > opposed to Checked<size_t> or Checked<uint64_t>?
Oh, sorry. No, it's not in the code. The compiler deduced the Checked<size_t> to Checked<unsigned long> in the warning message. It's not in the code. Regardless of this,
https://bugs.webkit.org/show_bug.cgi?id=224835
is the actual issue we need to solve.
Darin Adler
Comment 15
2021-04-24 10:15:02 PDT
Agreed.
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug