Improve handling of non-integer numeric indices (fix #2815)

[nicowilliams]

• require slice indices to be integers when writing
• output null when using slices with non-integer numeric indices to read
• require indices to be integers when writing

[emanuele6]

I don't like that .[1.5] returns null. I would prefer an error, and it just rounded down to .[1].
I prefer rounding down the most.

[emanuele6]

Like for the modulo operator, this is unspecified behaviour if dstart is an integer according to jv_is_integer(), but it is bigger/smaller than INT_MAX/INT_MIN.

I think we should add some jv_int_value() and jv_intmax_value() functions that round and clamp numbers consistently, and use those everywhere we need an integer instead of (int)jv_number_value().

[nicowilliams]

Fixed.

[nicowilliams]

I don't like that .[1.5] returns null. I would prefer an error, and it just rounded down to .[1].
I prefer rounding down the most.

I'm confused. You would prefer an error, but you prefer rounding down. Which is it?

[emanuele6]

I prefer rounding down.
But I think an error would still be better than returning null.

I would prefer an error, and it just rounded down to .[1].

Oops, I meant to write "I would prefer an error, or that it just rounded down to .[1]".

[nicowilliams]

@emanuele6 yeah, I too would prefer either an error or rounding down. I'll pick one!

[itchyny]

+1 for rounding down

[nicowilliams]

Oh, I have to do the rounding down thing.

[wader]

Is it ok to mix a double and INT_MIN/MAX? guaranteed to fit without losing "integer" precision?

[nicowilliams]

Good question. If sizeof(int) is 8 then... no. I'll fix it.

[nicowilliams]

I've pushed a fix for this.

[wader]

Think i prefer rounding down also

[nicowilliams]

Rounding down is what I went with.

[nicowilliams]

Note that for slices we were already rounding the start down and the end up (because it's exclusive) before (in 1.6), and we still are.

[nicowilliams]

Is this ready?

[itchyny]

Previously .[nan] emits null due to the jv_is_integer checking but now we rely on undefined behavior (on my M1 macOS, [1] | .[nan] emits 1 in this branch, previously null). We should check isnan first.

[itchyny]

If you clamp indices into [0, len], you don't need to compare against integer min/max. I think we can simplify as follows.

if (dstart < 0) dstart += len;
if (dstart < 0 || isnan(dstart))
  start = 0;
else if (dstart > len)
  start = len;
else
  start = (int)dstart;

if (dend < 0) dend += len;
if (dend > len || isnan(dend))
  end = len;
else if (dend < start)
  end = start;
else if ((int)dend == dend)
  end = (int)dend;
else
  end = (int)dend + 1;

[nicowilliams]

if (dstart < 0 || isnan(dstart))
  start = 0;

won't do if we want NaN indices to yield null as in 1.6.

[itchyny]

But for slicing,

 $ jq -n '[1,2,3] | .[nan:1]'
[
  1
]

[itchyny]

This behavior might depend on an undefined behavior though. My comment above deals nan as null i.e. .[nan:N] == .[:N] and .[N:nan] == .[N:].

[nicowilliams]

I see jq 1.6 trip an assertion when the start index of an array slice is a NaN:

: ; jq-1.6 -cn '[1,2,3] | .[nan:1]'
jq-1.6: src/jv_aux.c:47: parse_slice: Assertion `0 <= start && start <= end && end <= len' failed.
Abort

But not for the end index:

: ; jq-1.6 -cn '[1,2,3] | .[1:nan]'
[]

So slicing with NaNs was UB in 1.6.

[itchyny]

Looks like slice_for is unused.

as itchyny said, lower bound checking before casting is missing

[nicowilliams]

as itchyny said, lower bound checking before casting is missing

How about now?

[itchyny]

The operator looks misaligned.

[emanuele6]

Thank you!

[nicowilliams]

As this was the last issue/PR open with 1.7 as its milestone, I've force-pushed a new jq-1.7rc2 tag, and that should make a new release.