I think the previous check was actually more correct.

Signed overflow is undefined behavior in C. To get the compiler to treat it as you expect, you would need to explicitly build bsdgrep with -fwrapv. And it's better to avoid introducing that need.

Why check l values if we already observed an errno?

Maybe: err(2, "context argument must be non-negative");?

More correct, but still wrong in that it should've checked for it following the Aflag adjustment rather than pre-adjustment and LLONG_MAX/10.

A previous version of my change checked Aflag < 0 || Aflag > LLONG_MAX, but I wasn't sure if that would be immediately frowned upon given Aflag being a long long -- I'll re-add this?

I'm not privy to the original details, but I think it was to sufficiently detect overflow/underflow as a result of strtoll -- it's defined to clamp the return to LLONG_MIN/LLONG_MAX to indicate underflow/overflow, *if* strtoll sets ERANGE.

I have no idea why it's checked for EINVAL, though -- strtol(3) does not seem to indicate any kind of useful return value in that case.

I think I was avoiding that, but I don't recall why, so I'll fix it. =)

Don't you have to check for it pre-adjustment, or you may have overflowed?

If we get to this case, we know we are going to multiply by ten. So comparing against LLONG_MAX/10 makes sense to me.

Why check for Aflag < 0 at all? It is impossible (by the C standard). And Aflag > LLONG_MAX is also impossible.

I think the l checks should just be dropped — errno is sufficient and more clear.

Indeed, but in every practical situation I've encountered overflow is represented in one of these two ways.

The previous pre-overflow check had some weird behavior to it -- I'll double check that, though.

Modern C compilers will often do perverse things when you make undefined checks like this (the < 0 one). The least harmful thing they'll do is just remove the check entirely. It can be worse than that, though.

The > LLONG_MAX check will generate a warning and be optimized out. It's defined, just tautalogical.

Not sure we care too much around weird behaviors with 2**63-1 lines of context :-), but it would be good to fix the check that will actually work.

I'll restore it- my main concern is when AFlag == LLONG_MAX / 10 and c - '0' == LLONG_MAX % 10 -- that, too, will result in an overflow, so I will likely add in that condition. It bothers me generally because overflowing the Aflag in particular ends up printing no -A context rather than all the -A context -- this isn't intuitive when you've specified a large number.

Sorry, > LLONG_MAX % 10

We could just check: if (AFlag > LLONG_MAX / 10 - 1). Sure, there are technically some numbers in there that don't overflow, but, I really do not think it matters.

*nod*

I'm more concerned about the overflow chopping off tail context than I am not allowing that much context -- error is OK, deceiving results not so much.

Would errno != 0 be a problem? :-)

Heh, don't see why it would be. =) I was trying to do minimal damage to these lines, though, since my original change to this bit was just s/ULLONG_MAX/LLONG_MAX/

These should retain the existing whitespace formatting.

? I think Phabricator is displaying this strangely (wrong) here- as it is, these comments now line up with all of the other ones using a single tab. The diff downloaded from Phabricator also shows how it should be, I think.

Ah yes.

Aside, I think Phabricator is displaying these lines correctly (there's a single space between long and Aflag) but the bools below are tab-space and are indented strangely.

Right, ok, that makes sense. Anything I need to adjust around here, then? The formatting I ended up with matches mcount and mlimit further down, also long long -- none of these have any hope of lining up with 'color' down below without more spaces, so I'm not sure if there's a good way to handle this =(