-
-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow mixing of integers and pointers in Crystal::System.print_error
#14149
base: master
Are you sure you want to change the base?
Allow mixing of integers and pointers in Crystal::System.print_error
#14149
Conversation
Making pointer and integers interchangeable seems like a good idea. That should be safe and sound. But I'm worried about treating arbitrary integers as string pointers. This is potentially unsafe and can easily crash the process. I'm not sure if there's a different way to enable the use case with libgc. |
Also I think the refactoring part should be extracted as a separate PR. It's indendent of the designator type related changes. |
I don't think restricting the integer type makes the function any safer, because that implies a C library has to indicate the impossibility of pointers by using a 64-bit type on 32-bit systems but a 32-bit type on 64-bit systems. |
IMO indicating the impossibility of a pointer is not that relevant. If a lib wants to ensure proper usage, they should prevent improper usage of the designator. |
That only affects our own calls to |
Calls from Crystal land might not be the focus of this PR, but it's a use case of this method. And this change indiscriminately enables |
I honestly don't see a problem about that. |
My concern is about the following program: Crystal::System.print_error "%s", 1_i8 On master, it prints |
Exactly. I don't see a problem with allowing |
Yeah, but then it would be explicit. 🤷 Of course we cannot prevent accidental submission of random UInt64 numbers. But we can prevent anything that's not a UInt64 from being erroneously interpreted as a pointer. |
You have to include |
When an external library calls
Crystal::System.print_error
with an argument, we do not have control over the argument type; in the case of Boehm GC, that argument is always an unsigned integer, even though the actual format specifier might be%s
or%p
. This PR makes those argument types interchangeable. (An integer or pointer is interpreted as the address to a null-terminated string for%s
, never the address of a CrystalString
.)Also uses
%p
consistently in our own calls to.print_error
.