2009-08-08

printf with size_t (in C)

When you print out a size_t data with printf, 32bit and 64bit has an issue. This is described at, for instance,

http://www.mpi-inf.mpg.de/~hitoshi/otherprojects/tips/bugs/articles/11printftrap.shtml

The horror of this problem is that it is just a one character typo and the output becomes not only incorrect, but also it could crash the program. Especially under above pages condition, usual compiler can not detects the problem.

The conclusion is 'use stream,' then the problem itself does not happens unless you have a huge text data (but even so...).

But there is an another question for this. Why float and double have %g and %f only? One of my colleague (D.S.) asked this question.

The problem is caused by the size of size_t alters according to the environment, but the printf only see the format string and operates the stack memory (via va_args), therefore, if you have a mistake in the format string, the memory operation can't be right. Then, why float and double, their size of is 32bit and 64bit, respectively, have no problem?

Because, va_args has a concept of promotion in C language. If a function has va_args, char becomes int, float becomes double. This is called promotion. float is always becomes double before a function is called in va_args. This is explained in K&R books (at the explanation of va_arg). If you are interested in further, OpenBSD's man pages http://www.openbsd.org/cgi-bin/man.cgi?query=va_arg, or, see gcc's manual, Calling Variadic Functions (http://www.chemie.fu-berlin.de/chemnet/use/info/libc/libc_28.html)

But the conclusion is the same, it is better to use stream. I think it is better to do if I could make the problem itself impossible.

The reason I wrote this is that: a DCC software called 3ds*** crashes under some condition because of this one character typo. I follows this conclusion, so this is not my code, but one of my job is debug this software. OK, this is my job, so maybe it is fine, I get some money for this. But, there are customers who paid to this software, if they know someone just lazy and do not care the robustness, that crashes their data, scene, and their time, ... I am afraid they got angry. I should not say this as a software developer: I want to make our software robust and stable instead of adding unstable new features. But our manages always say without unstable new features, customers never buy our software.

No comments: