From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-3.0 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED,RCVD_IN_MSPIKE_H4, RCVD_IN_MSPIKE_WL autolearn=ham autolearn_force=no version=3.4.4 Received: from second.openwall.net (second.openwall.net [193.110.157.125]) by inbox.vuxu.org (Postfix) with SMTP id B382921F31 for ; Fri, 12 Apr 2024 04:34:42 +0200 (CEST) Received: (qmail 13840 invoked by uid 550); 12 Apr 2024 02:34:28 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Reply-To: musl@lists.openwall.com Received: (qmail 13808 invoked from network); 12 Apr 2024 02:34:28 -0000 Date: Thu, 11 Apr 2024 22:34:41 -0400 From: Rich Felker To: Peter Ammon Cc: musl@lists.openwall.com Message-ID: <20240412023440.GD4163@brightrain.aerifal.cx> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.21 (2010-09-15) Subject: Re: [musl] [PATCH] Fix printf hex float formatting with precision On Thu, Apr 11, 2024 at 06:17:25PM -0700, Peter Ammon wrote: > printf hex formatting with precision may emit excess digits on > targets where long double is an alias of double. For example, on > ARMv7, the expression `printf("%.12a", M_PI)` outputs 13 digits past > the decimal, instead of 12. > > I believe the cause is a bogus rounding calculation in fmt_fp: > > if (p<0 || p>=LDBL_MANT_DIG/4-1) re=0; > else re=LDBL_MANT_DIG/4-1-p; > if (re) { > round *= 1<<(LDBL_MANT_DIG%4); > while (re--) round*=16; > ... > > I wasn't able to justify the calculation of `re`; I think it suffers > from trying to round in terms of number of hex digits, which is > tricky because the number of fractional mantissa bits may not be a > multiple of 4. > > I propose to fix it by working in bits instead of hex digits, as follows: > > if (p>=0 && p<(LDBL_MANT_DIG-1+3)/4) { > int re = LDBL_MANT_DIG-1-(p*4); > long double round = 1ULL< .... > > This is justified as follows: > > - The value to format has been scaled to the range [1, 2), so there > is exactly one bit before the radix. Thus, the fractional portion of > the mantissa may be printed at full precision with LDBL_MANT_DIG-1, > divided by 4, rounding up; thus `(LDBL_MANT_DIG-1+3)/4` > - The caller has requested a precision of p hex digits, so p*4 bits. > - `re` is then the number of bits to round off, as LDBL_MANT_DIG-1-(p*4) > - Thus we compute `round` as 2**re. Adding `round` will lose `re` > bits of precision, rounding per the fp mode; subtracting this again > will round the original value. > > I also removed an initial factor of 8 from the `round` as it seemed > incorrect to me; for example we may want to round only the last bit, > in which case the min round of 8 would be too big. > > I am by no means a numerics expert, so I very much welcome another > pair of eyes. I will be happy to contribute a test. Aside from one minor fix, this code dates back to the initial check-in of musl, and based on the behavior and the initial value 8 for round, I'm pretty sure it was written assuming we want the digit before the radix point to be in the range [8,F] rather than 1, to pack the max amount of precision into the output. For some reason, I decided this was not the best behavior, but must have failed to compensate for that in the rounding logic. There may be pre-0.5.0 trees somewhere I could excavate to figure out exactly what happened, but that's my best guess. FWIW the bug seems to be fixed by making it do y*=8; e2-=3; Offhand without delving deep into it, your fix sounds correct. It could probably be factored as two parts, first just fixing the bug (I think the only actual bug is the 8), and a second switching to your better algorithm for computing the rounding term. Rich