[tex-k] Potential bugs in TFM loading in TeX

Karl Berry karl at freefriends.org
Mon Jan 31 00:18:19 CET 2022 

Hi Tyge - there is no single coherent statement of what is checked for
and what is not, so far as I know. I suspect the omission of some checks
was not a deliberate choice (should I add this if statement or not), but
rather a lack of (desire to) test(ing) all possible input values (not
wanting to spend time making all the craziest possible tfms to make sure
TeX can handle them).

In any case, I think the basic answer nowadays is, if it's not already
checked for, Knuth doesn't feel the need to check it.  It would have to
be something truly unusual, relating to more-or-less normal input and
files, for us to pass on such a bug to him.

As for references ...

I believe Knuth discussed not checking for all pathological input cases
in a previous tune-up report. Sorry, I don't remember which one, maybe 2008?

There is the statement of not checking for arithmetic overflow in
tex.web that you already know about, but I'll quote here anyway:

    The present implementation of \TeX\ does not check for overflow when
    @^overflow in arithmetic@>
    dimensions are added or subtracted. This could be done by inserting a
    few dozen tests of the form `\ignorespaces|if x>=@'10000000000 then
    @t\\{report\_overflow}@>|', but the chance of overflow is so remote that
    such tests do not seem worthwhile.

(Also mentioned at https://tug.org/texmfbug/nobug.html#overflow)

And I asked him recently if it would be ok to change TeX itself to do
overflow checking, and he said that was fine.  I'll incorporate his msg
below. I think adding more overflow checks would be a good thing,
nowadays, and would welcome (very carefully considered :) changes to do so.

Thanks,
Karl


Date: Sat, 22 Jan 2022 20:27:26 -0800
From: DEK
To: Karl Berry <karl at freefriends.org>
Subject: Re: overflow checking as TeX change

Hi Karl,

Yes, it's OK if a change file causes TeX to stop on overflow, the way a
computer would do if it were set to interrupt and abort on such
occasions.

What I mean is, the change file might decide to slow TeX down by
explicitly checking for overflow in places where TeX does not. (For
instance, if after setting z=x+y with x and y positive we get z<x.) In
such cases, it's just like saying we are compensating for an
insufficiency in our hardware. But TeX never intended to define the
results in all cases where a user might push boundaries; it's the user's
problem/responsibility. Even more so, and in myriads of places, with MF.)

Bending that rule, I guess some machines don't abort on overflow, but
they issue warnings. I can't think of any good argument against that
sort of change either.

I just don't want users to be able to crash TeX with "correct" input.

-- Don

More information about the tex-k mailing list.