- Forums
- Product Forums
- General Purpose MicrocontrollersGeneral Purpose Microcontrollers
- i.MX Forumsi.MX Forums
- QorIQ Processing PlatformsQorIQ Processing Platforms
- Identification and SecurityIdentification and Security
- Power ManagementPower Management
- Wireless ConnectivityWireless Connectivity
- RFID / NFCRFID / NFC
- MCX Microcontrollers
- S32G
- S32K
- S32V
- MPC5xxx
- Other NXP Products
- S12 / MagniV Microcontrollers
- Powertrain and Electrification Analog Drivers
- Sensors
- Vybrid Processors
- Digital Signal Controllers
- 8-bit Microcontrollers
- ColdFire/68K Microcontrollers and Processors
- PowerQUICC Processors
- OSBDM and TBDML
- S32M
-
- Solution Forums
- Software Forums
- MCUXpresso Software and ToolsMCUXpresso Software and Tools
- CodeWarriorCodeWarrior
- MQX Software SolutionsMQX Software Solutions
- Model-Based Design Toolbox (MBDT)Model-Based Design Toolbox (MBDT)
- FreeMASTER
- eIQ Machine Learning Software
- Embedded Software and Tools Clinic
- S32 SDK
- S32 Design Studio
- GUI Guider
- Zephyr Project
- Voice Technology
- Application Software Packs
- Secure Provisioning SDK (SPSDK)
- Processor Expert Software
-
- Topics
- Mobile Robotics - Drones and RoversMobile Robotics - Drones and Rovers
- NXP Training ContentNXP Training Content
- University ProgramsUniversity Programs
- Rapid IoT
- NXP Designs
- SafeAssure-Community
- OSS Security & Maintenance
- Using Our Community
-
- Cloud Lab Forums
-
- Knowledge Bases
- ARM Microcontrollers
- i.MX Processors
- Identification and Security
- Model-Based Design Toolbox (MBDT)
- QorIQ Processing Platforms
- S32 Automotive Processing Platform
- Wireless Connectivity
- CodeWarrior
- MCUXpresso Suite of Software and Tools
- MQX Software Solutions
- RFID / NFC
-
- Home
- :
- Product Forums
- :
- S12 / MagniV Microcontrollers
- :
- Re: sprintf concerns (floating point)
sprintf concerns (floating point)
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
sprintf concerns (floating point)
08-11-2006
01:41 PM
5,398 Views
rhb3
Contributor II
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
In regards to this code below:
Code:
1) Is it necessary to protect ansilibb (banked) library calls from interrupts as shown...I seem to have (odd COP resets otherwise)?
volatile int cnt; char flt_buf[15] = {0}; /* Load the float into a string */ __DI(); if (dp == 1U) { /* Showing tenths */ cnt = sprintf(&flt_buf[0], "%-5.1f", val); /* Override term! */ term = 0U; } else { /* No tenths */ cnt = sprintf(&flt_buf[0], "%-5.0f", val); } __EI();1) Is it necessary to protect ansilibb (banked) library calls from interrupts as shown...I seem to have (odd COP resets otherwise)?
2) Is ansilibb reentrant (if isr code calls a ansilibb function [could be same function] will this fail)?
3) I'm a bit concerned that the width specifier is a "minimum" value and this could be overrun...what are some good ideas to protect against this other that oversizing the buffer?
Thanks!
Reply
5 Replies
08-13-2006
08:17 PM
2,083 Views
CompilerGuru
NXP Employee
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I have a couple of comments.
First, as already suggested, I would not use sprintf in a interrupt handler. It just takes too long.
The default sprintf is not reentrant. But if you really need it to be, then you can change it, there is a switch in libdef.h for this.
To use a reentrant sprintf:
- add lib\hc12c\src\printf.c to your project (before the ansi library in the link tab)
- add "-DLIBDEF_REENTRANT_PRINTF" to your compiler options
Recompile, this should give you a warning that the printf is taken out of your local object file and not out of the ansi lib.
The warning can be ignored (or switched off) (the only way to get rid of the waring otherwise is to rebuild the ansi lib).
About your concern of the buffer overflow, I have to agree. The printf %f format is generating a float number on the format "a.b", e.g. 1.2.
As the integral part is always printed, a float number of 1.0E100 will be writing more than 100 bytes, clearly overflowing your buffer.
Possibilities:
- use %g instead of %f.
- do not use sprintf, but some other float output formatting function.
- use the (non ANSI) vsprintf function. See the sprintf implementation in printf.c how it does, then it is simple to detect a possible buffer overflow.
- do not print huge float numbers (also not very small, negative ones...)
Daniel
First, as already suggested, I would not use sprintf in a interrupt handler. It just takes too long.
The default sprintf is not reentrant. But if you really need it to be, then you can change it, there is a switch in libdef.h for this.
To use a reentrant sprintf:
- add lib\hc12c\src\printf.c to your project (before the ansi library in the link tab)
- add "-DLIBDEF_REENTRANT_PRINTF" to your compiler options
Recompile, this should give you a warning that the printf is taken out of your local object file and not out of the ansi lib.
The warning can be ignored (or switched off) (the only way to get rid of the waring otherwise is to rebuild the ansi lib).
About your concern of the buffer overflow, I have to agree. The printf %f format is generating a float number on the format "a.b", e.g. 1.2.
As the integral part is always printed, a float number of 1.0E100 will be writing more than 100 bytes, clearly overflowing your buffer.
Possibilities:
- use %g instead of %f.
- do not use sprintf, but some other float output formatting function.
- use the (non ANSI) vsprintf function. See the sprintf implementation in printf.c how it does, then it is simple to detect a possible buffer overflow.
- do not print huge float numbers (also not very small, negative ones...)
Daniel
08-14-2006
02:29 PM
2,083 Views
rhb3
Contributor II
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks for the ideas. I'm considering range checking and staying with the %f format...something like:
void dig4_float_to_7seg(float val, unsigned char dp, unsigned char term, unsigned char *buf)
Code:
volatile int len; volatile int cnt; char flt_buf[15] = {0}; /* Limit the float size. This will help protect the buffer for %f format */ if ((val < -9999.5F) || (val > 9999.5F)) { dig4_float_to_7seg_err(&buf[0]); return; } /* No deeper than 1/100s resolution */ if ((val < 0.0F) && (val > -0.01F)) { dig4_float_to_7seg_err(&buf[0]); return; } if ((val < 0.01F) && (val > 0.0F)) { dig4_float_to_7seg_err(&buf[0]); return; } /* Load the float into a string. For small numbers (near zero), %f will * get the first significant digit for both .1 and .0 formats. */ __DI(); /* Showing tenths */ if (dp == 1U) { cnt = sprintf(&flt_buf[0], "%-10.1f", val); /* Override term! */ term = 0U; } /* No tenths */ else { /*lint -e{559} */ cnt = sprintf(&flt_buf[0], "%-10.0f", val); } __EI();I experimented with the %g using significnat digit counts; however, I'm trying to write the "driver" generic for ints and floats for a 4-segment display with whole number and 1/10 display options. I failed to find a way to strip of the tenths (like %-10.0f does) for %g as it is based on significant digits. The fact that I currently am leting sprintf handle negative numbers as well does complicate the range checking a bit as I have to allow zero AND watch out for small numbers and I guess I could pass a variable to indiate the sign (TBD).
I analyzed printf.c but I was hoping you could elaborate on the use of vsprintf and ensuring that the buffer does not overrun...
I envision soemthing like:Code:
char buffer[15];int vspf(char *fmt, ...){ va_list argptr; int cnt; va_start(argptr, fmt); cnt = vsprintf(buffer, fmt, argptr); va_end(argptr); return(cnt);}int main(void){ float fnumber = 90.0F; vspf("%-10.1f", fnumber); printf("%s\n", buffer); return 0;}
Exactly how do I ensure buffer is not overrun? Also, just to clarify...based on your earlier comments there is no reason to protect sprintf with __DI()/__EI(). I never did use it in the isr I just wanted to understand its capabilities.
Thanks again!
08-15-2006
09:00 PM
2,083 Views
CompilerGuru
NXP Employee
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You don`t need to disable interrupts if you do not call ?printf from within an interrupt handler (and if you dont have a preemptative OS which runs multiple tasks using sprintf or ...)
I did implement in the attachment a C99 like snprintf, it's almost the same as sprintf, but it takes as additional argument the size of the destination buffer.
You can directly use it, or you can extract the part you need.
When I look at the details of your problem, I wonder if you should use sprintf with a %f at all.
Basically you only have a very limited float range (-10000..+10000) and you only one one decimal digit after the dot.
To me, this sounds pretty easy to implement with integer (long) arithmetic only. So something like this (pseudocode, never run, never compiled :-):
Bool neg= false;
if (x < 0.0f) { neg= true; x= -x; }
if (x > 10000.0f) { tooBig(); return; }
unsigned long val= (unsigned long)(x * 10.0f + 0.5f);
char buf[30]; // much more than needed :smileyhappy:
int pos=0;
if (neg) {
buf[0]= '-';
pos++;
}
pos += sprintf(buf+pos, "%lu", val / 10);
buf[pos]= '.';
pos++;
if (oneDigMore) {
buf[pos]= (char)((val % 10) + '0');
pos++;
}
buf[pos]= 0;
Well, ok, this also needs some lines, but at least it is straight forward.
Bye
Daniel
I did implement in the attachment a C99 like snprintf, it's almost the same as sprintf, but it takes as additional argument the size of the destination buffer.
You can directly use it, or you can extract the part you need.
When I look at the details of your problem, I wonder if you should use sprintf with a %f at all.
Basically you only have a very limited float range (-10000..+10000) and you only one one decimal digit after the dot.
To me, this sounds pretty easy to implement with integer (long) arithmetic only. So something like this (pseudocode, never run, never compiled :-):
Bool neg= false;
if (x < 0.0f) { neg= true; x= -x; }
if (x > 10000.0f) { tooBig(); return; }
unsigned long val= (unsigned long)(x * 10.0f + 0.5f);
char buf[30]; // much more than needed :smileyhappy:
int pos=0;
if (neg) {
buf[0]= '-';
pos++;
}
pos += sprintf(buf+pos, "%lu", val / 10);
buf[pos]= '.';
pos++;
if (oneDigMore) {
buf[pos]= (char)((val % 10) + '0');
pos++;
}
buf[pos]= 0;
Well, ok, this also needs some lines, but at least it is straight forward.
Bye
Daniel
08-16-2006
09:14 PM
2,083 Views
CompilerGuru
NXP Employee
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Somehow the attachment did not get added, hope this works this time.
08-11-2006
06:13 PM
2,083 Views
alex_spotw
Contributor III
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi:
To avoid problems, I would suggest not to use sprintf calls in your Interrupt Service Routine code. Make the ISR as short as possible.
Regards,
Alex
To avoid problems, I would suggest not to use sprintf calls in your Interrupt Service Routine code. Make the ISR as short as possible.
Regards,
Alex
