Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

printing float value causes fmt to panic #11283

Closed
kristoff-it opened this issue Mar 24, 2022 · 2 comments · Fixed by #11380
Closed

printing float value causes fmt to panic #11283

kristoff-it opened this issue Mar 24, 2022 · 2 comments · Fixed by #11380
Labels
bug Observed behavior contradicts documented or intended behavior standard library This issue involves writing Zig code for the standard library.
Milestone
0.10.0

Comments

@kristoff-it
Copy link
Member

kristoff-it commented Mar 24, 2022
edited

Zig Version

0.10.0-dev.768+d811e03fb

Steps to Reproduce

const std = @import("std");

pub fn main() void {
    const float: f64 = 1.000000e+37;
    std.debug.print("value: {}\n", .{float});
}

Expected Behavior

Runs.

Actual Behavior

value: thread 934843 panic: integer overflow
/home/kristoff/zig-master/lib/std/fmt/errol.zig:339:26: 0x24f1af in std.fmt.errol.errolInt (float)
        buffer[buf_index - 1] += @boolToInt(buffer[buf_index] >= '5');
                         ^
...

Context

This error was encountered while trying to print values from a file in the standard library.

zig/lib/std/fmt/errol/lookup.zig

Line 277 in d298719

HP{ .val = 1.000000e+37, .off = 4.612373417978788577e+20 },

The highlighted line corresponds to this precise value.

It might be worth testing the fix against the whole contents of lookup_table.
@kristoff-it kristoff-it added the bug Observed behavior contradicts documented or intended behavior label Mar 24, 2022
@andrewrk andrewrk added the standard library This issue involves writing Zig code for the standard library. label Mar 24, 2022
@andrewrk andrewrk added this to the 0.10.0 milestone Mar 24, 2022
@andrewrk
Copy link
Member

#1299 would be a nice solution to this. I think @tiehuis got pretty far on it but didn't quite finish it.

@ehaas ehaas mentioned this issue Mar 31, 2022
Closed
@ehaas
Copy link
Sponsor Contributor

ehaas commented Apr 1, 2022

I looked into this a little bit. The underlying C library on which the Zig code is based performs an out-of-bounds write with the float value in this issue: this line writes to an address before the start of buf

#include <stdbool.h>
#include "errol.h"

int main(void) {
    char buf[100] = {};
    double val = 1.000000e+37;
    int exp = errol3_dtoa(val, buf);
}

Compile with -fsanitize=address or use zig cc.

This specific issue can be fixed by detecting the underflow and handling it, but the code is pretty opaque and I don't know if that would silently introduce incorrect results in some other cases.

ehaas added a commit to ehaas/zig that referenced this issue Apr 3, 2022
@ehaas
std.fmt: Fix incorrect behavior with large floating point integers.
e1ba450 
I consider this an interim workaround/hack until ziglang#1299 is finished.

There is a bug in the original C implementation of the errol3 (and errol4)
algorithm that can result in undefined behavior or an obviously incorrect
result (leading ':' in the output)

This change checks for those two problems and uses a slower fallback
path if they occur. I can't guarantee that this will always produce
the correct result, but since the workaround is only used if the original
algorithm is guaranteed to fail, it should never turn a previously-correct
result into an incorrect one.

Fixes ziglang#11283
@ehaas ehaas mentioned this issue Apr 3, 2022
Merged
andrewrk pushed a commit that referenced this issue Apr 4, 2022
@ehaas @andrewrk
std.fmt: Fix incorrect behavior with large floating point integers.
b4bf3bd 
I consider this an interim workaround/hack until #1299 is finished.

There is a bug in the original C implementation of the errol3 (and errol4)
algorithm that can result in undefined behavior or an obviously incorrect
result (leading ':' in the output)

This change checks for those two problems and uses a slower fallback
path if they occur. I can't guarantee that this will always produce
the correct result, but since the workaround is only used if the original
algorithm is guaranteed to fail, it should never turn a previously-correct
result into an incorrect one.

Fixes #11283
ikrima pushed a commit to ikrima/zig that referenced this issue Apr 14, 2022
@ehaas
std.fmt: Fix incorrect behavior with large floating point integers.
7e73dbf 
I consider this an interim workaround/hack until ziglang#1299 is finished.

There is a bug in the original C implementation of the errol3 (and errol4)
algorithm that can result in undefined behavior or an obviously incorrect
result (leading ':' in the output)

This change checks for those two problems and uses a slower fallback
path if they occur. I can't guarantee that this will always produce
the correct result, but since the workaround is only used if the original
algorithm is guaranteed to fail, it should never turn a previously-correct
result into an incorrect one.

Fixes ziglang#11283
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Observed behavior contradicts documented or intended behavior standard library This issue involves writing Zig code for the standard library.
Projects
None yet
Milestone
0.10.0
Development

Successfully merging a pull request may close this issue.

std.fmt: Fix incorrect behavior with large floating point integers. ehaas/zig
3 participants
@ehaas @andrewrk @kristoff-it