Re: [bug-gawk] Occasional overflow with gmp

bug-gawk

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [bug-gawk] Occasional overflow with gmp

From:	Andrew J. Schorr
Subject:	Re: [bug-gawk] Occasional overflow with gmp
Date:	Sun, 20 Oct 2019 10:17:54 -0400
User-agent:	Mutt/1.5.21 (2010-09-15)

On Sat, Oct 19, 2019 at 04:18:24PM +1100, James Milne wrote:
> This crashes:
> 
> > echo '' | awk -M '{print 200000000000000000000000000000000000000000 *
> 200000000000000000000000000000000000000000 ^ 2000000000000000000}'
> 
> > gmp: overflow in mpz type
> > breaking.awk: line 3: 197234 Done                    echo ''
> >     197235 Aborted                 (core dumped) | awk -M '{print
> 200000000000000000000000000000000000000000 *
> 200000000000000000000000000000000000000000 ^ 2000000000000000000}'
> 
> 
> Should be noted the crash is a slightly smaller number than the larger.

Here's a simpler example that crashes:

./gawk -M 'BEGIN {print 200000000000000000000000000000000000000000 ^ 
2000000000}'
gmp: overflow in mpz type
Abort (core dumped)

And here's the backtrace:

(gdb) bt
#0  0x00007ffff6c20337 in raise () from /lib64/libc.so.6
#1  0x00007ffff6c21a28 in abort () from /lib64/libc.so.6
#2  0x00007ffff74deffc in __gmpz_realloc () from /lib64/libgmp.so.10
#3  0x00007ffff74dc711 in __gmpz_n_pow_ui () from /lib64/libgmp.so.10
#4  0x00000000004571fa in mpg_pow (t1=t1@entry=0x6c1930, t2=t2@entry=0x6c19e0)
    at mpfr.c:1413
#5  0x00000000004575f6 in mpg_interpret (cp=0x7fffffffd840) at mpfr.c:1567
#6  0x00000000004401cb in h_interpret (code=<optimized out>) at interpret.h:97
#7  0x0000000000407df8 in main (argc=3, argv=0x7fffffffdab8) at main.c:522

Here's mpfr.c:mpg_pow():

static NODE *
mpg_pow(NODE *t1, NODE *t2)
{
        NODE *r;
        int tval;

        if (is_mpg_integer(t1) && is_mpg_integer(t2)) {
                if (mpz_sgn(t2->mpg_i) >= 0 && mpz_fits_ulong_p(t2->mpg_i)) {
                        r = mpg_integer();
                        mpz_pow_ui(r->mpg_i, t1->mpg_i, mpz_get_ui(t2->mpg_i));
                } else {
                        mpfr_ptr p1, p2;
                        p1 = MP_FLOAT(t1);
                        p2 = MP_FLOAT(t2);
                        r = mpg_float();
                        tval = mpfr_pow(r->mpg_numbr, p1, p2, ROUND_MODE);
                        IEEE_FMT(r->mpg_numbr, tval);
                }
        } else {
                r = mpg_float();
                if (is_mpg_integer(t2))
                        tval = mpfr_pow_z(r->mpg_numbr, t1->mpg_numbr, 
t2->mpg_i, ROUND_MODE);
                else {
                        mpfr_ptr p1;
                        p1 = MP_FLOAT(t1);
                        tval = mpfr_pow(r->mpg_numbr, p1, t2->mpg_numbr, 
ROUND_MODE);
                }
                IEEE_FMT(r->mpg_numbr, tval);
        }
        return r;
}

So it's crashing in the call to mpz_pow_ui(). It seems that it's either an
issue with the gmp library's implementation of mpz_pow_ui(), or we are somehow
calling it incorrectly.

There's a similar issue reported for julia here:
   https://github.com/JuliaLang/julia/issues/15293
And that example also crashes with gawk:
   ./gawk -M 'BEGIN {print 2^ 233423411231}'
   gmp: overflow in mpz type
   Abort (core dumped)

So it does seem like a gmp issue.

Regards,
Andy

[Prev in Thread]

Current Thread

[Next in Thread]

[bug-gawk] Occasional overflow with gmp, James Milne, 2019/10/19
- Re: [bug-gawk] Occasional overflow with gmp, arnold, 2019/10/19
- Re: [bug-gawk] Occasional overflow with gmp, Andrew J. Schorr <=
  - Re: [bug-gawk] Occasional overflow with gmp, arnold, 2019/10/20
  - Re: [bug-gawk] Occasional overflow with gmp, James Milne, 2019/10/20

Prev by Date: Re: [bug-gawk] Occasional overflow with gmp
Next by Date: Re: [bug-gawk] Occasional overflow with gmp
Previous by thread: Re: [bug-gawk] Occasional overflow with gmp
Next by thread: Re: [bug-gawk] Occasional overflow with gmp
Index(es):
- Date
- Thread