[Rd] Spurious warnings in coercion from double/complex/character to raw
GILLIBERT, Andre
Andre@G||||bert @end|ng |rom chu-rouen@|r
Fri Sep 10 18:36:25 CEST 2021
Hello,
Integer overflow is undefined behavior by the C standard.
For instance, on my computer, with GCC 5.4.0, with the optimization level 2, the following program never stops:
include <stdio.h>
int main(void) {
for(int i=1; i != 0; i++) {
if ((i & 0xFFFFFFF) == 0) {
printf("%d\n", i);
}
}
}
This is due to a compiler optimization, that assumes that the integer can never overflow, and so, can never be equal to zero, and so, the for loop should never stops. You should always be very cautious when adding two integers, to avoid any overflow. There is no problem with unsigned integers.
Similarly, double-to-integer conversions are only safe if the double is in the range [INT_MIN to INT_MAX]
The standard contains:
When a finite value of real floating type is converted to an integer type other than _Bool,
the fractional part is discarded (i.e., the value is truncated toward zero). If the value of
the integral part cannot be represented by the integer type, the behavior is undefined
The easiest solution to avoid a risk when converting, is to check that the double (e.g. vi) is in range [0 to 255] BEFORE converting to an integer.
--
Sincerely
Andr� GILLIBERT
________________________________
De : R-devel <r-devel-bounces using r-project.org> de la part de Duncan Murdoch <murdoch.duncan using gmail.com>
Envoy� : vendredi 10 septembre 2021 18:12:02
� : Herv� Pag�s; r-devel
Objet : Re: [Rd] Spurious warnings in coercion from double/complex/character to raw
ATTENTION: Cet e-mail provient d�une adresse mail ext�rieure au CHU de Rouen. Ne cliquez pas sur les liens ou n'ouvrez pas les pi�ces jointes � moins de conna�tre l'exp�diteur et de savoir que le contenu est s�r. En cas de doute, transf�rer le mail � � DSI, S�curit� � pour analyse. Merci de votre vigilance
On 10/09/2021 11:29 a.m., Herv� Pag�s wrote:
> Hi,
>
> The first warning below is unexpected and confusing:
>
> > as.raw(c(3e9, 5.1))
> [1] 00 05
> Warning messages:
> 1: NAs introduced by coercion to integer range
> 2: out-of-range values treated as 0 in coercion to raw
>
> The reason we get it is that coercion from numeric to raw is currently
> implemented on top of coercion from numeric to int (file
> src/main/coerce.c, lines 700-710):
>
> case REALSXP:
> for (i = 0; i < n; i++) {
> // if ((i+1) % NINTERRUPT == 0) R_CheckUserInterrupt();
> tmp = IntegerFromReal(REAL_ELT(v, i), &warn);
> if(tmp == NA_INTEGER || tmp < 0 || tmp > 255) {
> tmp = 0;
> warn |= WARN_RAW;
> }
> pa[i] = (Rbyte) tmp;
> }
> break;
>
> The first warning comes from the call to IntegerFromReal().
>
> The following code avoids the spurious warning and is also simpler and
> slightly faster:
>
> case REALSXP:
> for (i = 0; i < n; i++) {
> // if ((i+1) % NINTERRUPT == 0) R_CheckUserInterrupt();
> double vi = REAL_ELT(v, i);
> if(ISNAN(vi) || (tmp = (int) vi) < 0 || tmp > 255) {
> tmp = 0;
> warn |= WARN_RAW;
> }
> pa[i] = (Rbyte) tmp;
> }
> break;
Doesn't that give different results in case vi is so large that "(int)
vi" overflows? (I don't know what the C standard says, but some online
references say that behaviour is implementation dependent.)
For example, if
vi = 1.0 + INT_MAX;
wouldn't "(int) vi" be equal to a small integer?
Duncan Murdoch
>
> Coercion from complex to raw has the same problem:
>
> > as.raw(c(3e9+0i, 5.1))
> [1] 00 05
> Warning messages:
> 1: NAs introduced by coercion to integer range
> 2: out-of-range values treated as 0 in coercion to raw
>
> Current implementation (file src/main/coerce.c, lines 711-721):
>
> case CPLXSXP:
> for (i = 0; i < n; i++) {
> // if ((i+1) % NINTERRUPT == 0) R_CheckUserInterrupt();
> tmp = IntegerFromComplex(COMPLEX_ELT(v, i), &warn);
> if(tmp == NA_INTEGER || tmp < 0 || tmp > 255) {
> tmp = 0;
> warn |= WARN_RAW;
> }
> pa[i] = (Rbyte) tmp;
> }
> break;
>
> This implementation has the following additional problem when the
> supplied complex has a nonzero imaginary part:
>
> > as.raw(300+4i)
> [1] 00
> Warning messages:
> 1: imaginary parts discarded in coercion
> 2: out-of-range values treated as 0 in coercion to raw
>
> > as.raw(3e9+4i)
> [1] 00
> Warning messages:
> 1: NAs introduced by coercion to integer range
> 2: out-of-range values treated as 0 in coercion to raw
>
> In one case we get a warning about the discarding of the imaginary part
> but not the other case, which is unexpected. We should see the exact
> same warning (or warnings) in both cases.
>
> With the following fix we only get the warning about the discarding of
> the imaginary part if we are not in a "out-of-range values treated as 0
> in coercion to raw" situation:
>
> case CPLXSXP:
> for (i = 0; i < n; i++) {
> // if ((i+1) % NINTERRUPT == 0) R_CheckUserInterrupt();
> Rcomplex vi = COMPLEX_ELT(v, i);
> if(ISNAN(vi.r) || ISNAN(vi.i) || (tmp = (int) vi.r) < 0 ||
> tmp > 255) {
> tmp = 0;
> warn |= WARN_RAW;
> } else {
> if(vi.i != 0.0)
> warn |= WARN_IMAG;
> }
> pa[i] = (Rbyte) tmp;
> }
> break;
>
> Finally, coercion from character to raw has the same problem and its
> code can be fixed in a similar manner:
>
> > as.raw(c("3e9", 5.1))
> [1] 00 05
> Warning messages:
> 1: NAs introduced by coercion to integer range
> 2: out-of-range values treated as 0 in coercion to raw
>
> Cheers,
> H.
>
>
______________________________________________
R-devel using r-project.org mailing list
https://stat.ethz.ch/mailman/listinfo/r-devel
[[alternative HTML version deleted]]
More information about the R-devel
mailing list