stillwater-sc / universal / 25298158905
84%
master: 84%

LAST BUILD BRANCH: ci/issue-1009-ccache-save-gating
DEFAULT BRANCH: master
Ran
Jobs 1
Files 648
Run time 1min
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
coverage: 84.098% (-0.02%) from 84.122%
25298158905

push

github

web-flow 
fix(dfixpnt): handle ndigits >= 20 overflow in to_int64 and operator=(double) (#807)

* fix(dfixpnt): handle ndigits >= 20 overflow in to_int64 and operator=(double)

Two pre-existing UB bugs surfaced by CodeRabbit on PR #803, both reachable
once the conversion paths were marked constexpr (UB silently produces
garbage at runtime; in a constant expression the compiler hard-fails).

Fix 1: to_int64() (~line 559)
  The LSD-first accumulator with `scale *= 10` overflowed `long long` for
  idigits >= 19, since 10^19 already exceeds LLONG_MAX (~9.22e18).
  `dfixpnt<25, 5>` (idigits=20) hit this: scale reached 10^20 -> UB.
  Replaced with MSD-first Horner over `unsigned long long` plus per-step
  overflow detection, then clamp to [LLONG_MIN, LLONG_MAX] on cast.
  Matches the established blockdecimal::to_long_long pattern.

Fix 2: operator=(double) (~line 146)
  Materialized `scaled` (potentially > UINT64_MAX for ndigits >= 20) into
  uint64_t -- C++20 [conv.fpint] says casting an out-of-range float to
  integer is UB.  `dfixpnt<20, 5>` hit this: max_magnitude = 10^20 - 1
  exceeds UINT64_MAX (~1.84e19), so the existing clamp didn't protect the
  cast.
  Replaced the uint64 materialization with FP-domain digit extraction:
    - per iteration: q = v / 10.0; q_floor = (q < 2^53) ? cast/back : q
    - digit = v - 10 * q_floor (clamped to [0, 9] against FP noise)
    - v = q_floor
  10.0 is exactly representable in IEEE 754 double, so multiplication and
  division by 10 introduce no extra rounding error beyond what the source
  double already carried (~16 significant decimal digits).  Constexpr-safe
  for arbitrary ndigits (within double's exponent range, ~308 digits).

Tests added in static/fixpnt/decimal/api/constexpr.cpp:
  * dfixpnt<25,5>(42) and (-7) round-trip through to_int64
  * dfixpnt<25,5>(maxpos/maxneg) clamp to LLONG_MAX/MIN
  * dfixpnt<20,5>(123.5) and (123456789012345.0) -- 15-digit boundary
  * dfixpnt<20,5>(1e15) saturates to maxpos magnitude (ab... (continued)

31 of 33 new or added lines in 1 file covered. (93.94%)

14 existing lines in 4 files now uncovered.

45809 of 54471 relevant lines covered (84.1%)

6501760.72 hits per line

Uncovered Changes

Lines Coverage File
2
96.35
 -0.65% include/sw/universal/number/dfixpnt/dfixpnt_impl.hpp

Coverage Regressions

Lines Coverage File
8
93.48
 -0.48% include/sw/universal/number/cfloat/cfloat_impl.hpp
4
80.58
 -0.89% include/sw/universal/number/posit1/specialized/posit_16_1.hpp
1
90.08
 -0.28% include/sw/universal/number/posito/posito_impl.hpp
1
34.64
 -0.36% include/sw/universal/verification/test_suite_randoms.hpp
Jobs
ID Job ID Ran Files Coverage
1 25298158905.1 648
84.1
 GitHub Action Run
Source Files on build 25298158905