Page History

...

Ordinarily, all of the mantissa bits are used to express significant figures, in addition to a leading 1, which is implied and , as consequently omitted. As a result, left out. Floats, consequently, floats have 24 significant bits of precision, and doubles have 53 significant bits of precision. Such numbers are called normalized numbers.

When the value to be represented is too small to encode normally, it is encoded in denormalized form, indicated by an exponent value of Float.MIN_EXPONENT - 1 or Double.MIN_EXPONENT - 1. Denormalized floating-point numbers have an assumed 0 in the ones' place and have one or more leading zeros in the represented portion of their mantissa. These leading zero bits no longer function as significant bits of precision; consequently, the total precision of denormalized floating-point numbers is less than that of normalized floating-point numbers. Note that even using normalized numbers where precision is required can pose a risk. See rule NUM04-J . Do not use floating-point numbers if precise computation is required for more information.

Using denormalized numbers can severely impair the precision of floating-point calculations; as a result, denormalized numbers must not be used.

...

The following code tests whether a float value is denormalized in strictfp mode or for platforms that lack extended range support. Testing for denormalized numbers in the presence of extended range support is platform-dependent; see rule NUM06-J . Use the strictfp modifier for floating-point calculation consistency across platforms for additional information.

strictfp public static boolean isDenormalized(float val) {
  if (val == 0) {
    return false;
  }
  if ((val > -Float.MIN_NORMAL) && (val < Float.MIN_NORMAL)) {
    return true;
  }
  return false;
}

...

Noncompliant Code Example

This noncompliant code example attempts to reduce a floating-point number to a denormalized value and then restore the value.

float x = 1/3.0f;
System.out.println("Original      : " + x);
x = x * 7e-45f;
System.out.println("Denormalized  : " + x);
x = x / 7e-45f;
System.out.println("Restored      : " + x);

This Because this operation is imprecise. The , this code produces the following output:

...

double x = 1/3.0;
System.out.println("Original      : " + x);
x = x * 7e-45;
System.out.println("Denormalized  : " + x);
x = x / 7e-45;
System.out.println("Restored      : " + x);

This code produces the following output:

...

NUM05-EX0: Denormalized numbers are acceptable when competent suitable numerical analysis demonstrates that the computed values meet all accuracy and behavioral requirements that are appropriate to the application.

...

Floating-point numbers are an approximation; denormalized floating-point numbers are a less precise approximation. Use of denormalized numbers can cause unexpected loss of precision, possibly leading to incorrect or unexpected results. Although the severity stated below for violations of this rule is low, applications that require accurate results should consider the severity of this violation to be highmake every attempt to comply.

Related Vulnerabilities

CVE-2010-4476 ( [CVE 2008 ) ] reports a vulnerability in the Double.parseDouble() method in Java 1.6 update 23 and earlier, Java 1.5 update 27 and earlier, and 1.4.2_29 and earlier. This vulnerability causes a denial of service DoS when this method is fed passed a certain crafted string argument. The value 2.2250738585072012e-308 is close to the minimum normalized positive , positiv,e double-precision floating-point number, and when encoded as a string, it triggers an infinite loop of estimations during conversion to a normalized or denormalized double.

...

...