+ use_strtod = strlen(suffixd) < strlen(suffixu);
+
+ /*
+ * Parse @nptr both as a double and as a uint64_t, then use
the method
+ * which consumes more characters.
+ */
The comment is in a funny place. I'd put it right before the
qemu_strtod_finite() line.
+ if (use_strtod) {
+ suffix = suffixd;
+ retval = retd;
+ } else {
+ suffix = suffixu;
+ retval = retu;
+ }
- retval = qemu_strtod_finite(nptr, &endptr, &val);
if (retval) {
goto out;
}
This is even more subtle than it looks.
A close reading of the function contracts leads to three cases for each
conversion:
* parse error (including infinity and NaN)
@retu / @retd is -EINVAL
@valu / @vald is uninitialized
@suffixu / @suffixd is @nptr
* range error
@retu / @retd is -ERANGE
@valu / @vald is our best approximation of the conversion result
@suffixu / @suffixd points to the first character not consumed
by the
conversion.
Sub-cases:
- uint64_t overflow
We know the conversion result exceeds UINT64_MAX.
- double overflow
we know the conversion result's magnitude exceeds the largest
representable finite double DBL_MAX.
- double underflow
we know the conversion result is close to zero (closer than
DBL_MIN,
the smallest normalized positive double).
* success
@retu / @retd is 0
@valu / @vald is the conversion result
@suffixu / @suffixd points to the first character not consumed
by the
conversion.
This leads to a matrix (parse error, uint64_t overflow, success) x
(parse error, double overflow, double underflow, success). We need to
check the code does what we want for each element of this matrix, and
document any behavior that's not perfectly obvious.
(success, success): we pick uint64_t if qemu_strtou64() consumed more
characters than qemu_strtod_finite(), else double. "More" is important
here; when they consume the same characters, we *need* to use the
uint64_t result. Example: for "18446744073709551615", we need to use
uint64_t 18446744073709551615, not double 18446744073709551616.0. But
for "18446744073709551616.", we need to use the double. Good.