 
                            | Note | ||
|---|---|---|
| 
 | ||
| This rule may be deprecated and replaced by a similar guideline. 06/28/2014 -- Version 1.0 | 
The Java language provides two primitive floating-point types, float and double, which are associated with the single-precision 32-bit and double-precision 64-bit format values and operations specified by IEEE 754 [IEEE 754]. Each of the floating-point types has a fixed, limited number of mantissa bits. Consequently, it is impossible to precisely represent any irrational number (for example, pi). Further, because these types use a binary mantissa, they cannot precisely represent many finite decimal numbers, such as 0.1, because these numbers have repeating binary representations.
When precise computation is necessary, such as when performing currency calculations, floating-point types must not be used. Instead, use an alternative representation that can completely represent the necessary values.
When precise computation is unnecessary, floating-point representations may be used. In these cases, you must carefully and methodically estimate the maximum cumulative error of the computations to ensure that the resulting error is within acceptable tolerances. Consider using numerical analysis to properly understand the problem. See Goldberg's work for an introduction to this topic [Goldberg 1991]
| Wiki Markup | 
|---|
| The Java language provides two primitive types, {{float}} and {{double}}, which "are conceptually associated with the single-precision 32-bit and double-precision 64-bit format IEEE 754 values and operations as specified in _IEEE Standard for Binary Floating-Point Arithmetic_, ANSI/IEEE Standard 754-1985 (IEEE, New York)" (\[[JLS 2005|AA.Bibliography#JLS 05]\]. [Section 4.2.3|http://java.sun.com/docs/books/jls/third_edition/html/typesValues.html#4.2.3] "Floating-Point Types, Formats, and Values"). Each of the floating point types has a fixed, limited number of mantissa bits. Consequently, it is impossible to precisely represent any irrational number (_e.g._ pi). Further, because these types use a binary mantissa, they cannot precisely represent many finite decimal numbers, such as 1/10, because these numbers have repeating binary representations. | 
Wiki Markup 
Noncompliant Code Example
This noncompliant code example performs some basic currency calculations.:
| Code Block | ||
|---|---|---|
| 
 | ||
| double dollar = 1.000; double dime = 0.110; int number = 7; System.out.println( ("A dollar less " + number + " dimes is $" + (dollar - number * dime) ); | 
Unfortunately, because of the 1/10 cannot be represented precisely in any binary floating point format, this program prints:
Because the value 0.10 lacks an exact representation in Java floating-point type (or any floating-point format that uses a binary mantissa), on most platforms, this program prints the following:
| Code Block | 
|---|
| A dollar less 7 dimes is $0.29999999999999993
 | 
...
Compliant Solution
This compliant solution uses an integer type (such as long int) and works in with cents rather than dollars.:
| Code Block | ||
|---|---|---|
| 
 | ||
| longint dollar = 100; longint dime = 10; int number = 7; System.out.println( ( "A dollar less " + number + " dimes is $0." + (dollar - number * dime) + " cents" ); | 
This code correctly outputs the following:
| Code Block | 
|---|
| A dollar less 7 dimes is $0.30 | 
...
| 
 | 
Compliant Solution
An alternative approach is to use This compliant solution uses the BigDecimal type, though it is less efficient., which provides exact representation of decimal values. Note that on most platforms, computations performed using BigDecimal are less efficient than those performed using primitive types. 
| Code Block | ||
|---|---|---|
| 
 | ||
| 
import java.math.BigDecimal;
BigDecimal dollar = new BigDecimal("1.0");
BigDecimal dime = new BigDecimal("0.1");
int number = 7;
System.out.println ("A dollar less " + number + " dimes is $" +
	(dollar.subtract(new BigDecimal(number).multiply(dime) )) );
 | 
This code outputs the following:
| Code Block | 
|---|
| A dollar less 7 dimes is $0.3 | 
Risk Assessment
Using a representation other than floating point may allow for more precision and accuracy for critical arithmetic.-point representations when precise computation is required can result in a loss of precision and incorrect values.
| Rule | 
|---|
| Severity | Likelihood | Detectable | 
|---|
| Repairable | Priority | Level | 
|---|
| NUM04-J | 
| Low | Probable | 
| No | 
| No | P2 | L3 | 
Automated Detection
Automated detection of floating-point arithmetic is straight-forward; straightforward. However, determining which code suffers from insufficient precision is not feasible in the general case. Heuristic checks, such as flagging floating-point literals that cannot be represented precisely, may could be useful.
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this guideline on the CERT website.
Other Languages
...
| Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Parasoft Jtest | 
 | CERT.NUM04.UBD | Do not use "float" and "double" if exact answers are required | 
Related Guidelines
...
...
...
...
| ISO/IEC TR 24772:2010 | Floating-Point Arithmetic [PLF] | 
Android Implementation Details
The use of floating-point on Android is not recommended for performance reasons.
Bibliography
| Item 48, "Avoid  | |
| Puzzle 2, "Time for a Change" | |
| [IEEE 754] | |
| [JLS 2015] | |
| [Seacord 2015] | 
...
Bibliography
| Wiki Markup | 
|---|
| \[[Bloch 2008|AA. Bibliography#Bloch 08]\] Item 48: Avoid {{float}} and {{double}} if exact answers are required
\[[Bloch 2005|AA. Bibliography#Bloch 05]\] Puzzle 2: Time for a Change
\[[Goldberg 1991|AA. Bibliography#Goldberg 91]\]
\[[JLS 2005|AA. Bibliography#JLS 05]\] [Section 4.2.3, Floating-Point Types, Formats, and Values|http://java.sun.com/docs/books/jls/third_edition/html/typesValues.html#4.2.3] | 
07. Floating Point (FLP) 07. Floating Point (FLP) FLP01-J. Take care in rearranging floating point expressions