Skip to content

CLN: use integer parsing functions from stdlib #62658

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 65 commits into from
Oct 16, 2025
Merged

CLN: use integer parsing functions from stdlib #62658

Changes from 2 commits
Commits
Show all changes
65 commits
Select commit Hold shift + click to select a range
c3cc4a1
refactor(parser): use integer parsing functions from stdlib
Alvaro-Kothe Oct 11, 2025
2459313
perf: use a local buffer to store the processed string
Alvaro-Kothe Oct 13, 2025
d8a454e
fix: use macro to fix MSVC build error
Alvaro-Kothe Oct 13, 2025
87789e6
fix: use `bool`
Alvaro-Kothe Oct 13, 2025
2287944
refactor: don't pass PROCESSED_WORD_CAPACITY as a separate argument
Alvaro-Kothe Oct 13, 2025
2bea3c2
perf: write in chunks
Alvaro-Kothe Oct 13, 2025
fb38679
hack: try bigger buffer size for arm error
Alvaro-Kothe Oct 13, 2025
f9ede5c
fix: solution without manipulating the string
Alvaro-Kothe Oct 13, 2025
798c263
some cleanup
Alvaro-Kothe Oct 13, 2025
2f06f19
fix: use ptrdiff_t to fix MSVC build error
Alvaro-Kothe Oct 13, 2025
280b55e
add other exponent cases for completion
Alvaro-Kothe Oct 14, 2025
d85aaf0
fix: use builtin overflow check verification
Alvaro-Kothe Oct 14, 2025
9046ecc
fix: change std to c2x
Alvaro-Kothe Oct 14, 2025
a4e2fb8
Revert previous commits
Alvaro-Kothe Oct 14, 2025
ef82cf4
refactor: move overflow check to header
Alvaro-Kothe Oct 14, 2025
5afeb11
refactor: use overflow check from numpy
Alvaro-Kothe Oct 14, 2025
0ef47a7
fix: handle negative check
Alvaro-Kothe Oct 14, 2025
c840ef0
fix: add test for thousand separator with negative number
Alvaro-Kothe Oct 14, 2025
132342b
move to portable
Alvaro-Kothe Oct 14, 2025
e6977cc
perf: use builtin unsigned long overflow check
Alvaro-Kothe Oct 14, 2025
8120eea
refactor: combine builting and gnuc branches
Alvaro-Kothe Oct 14, 2025
1f5d506
don't assign null
Alvaro-Kothe Oct 14, 2025
479a2ab
fix: perform bound check
Alvaro-Kothe Oct 14, 2025
c37c355
fix: assign error if doesn't have a digit after tsep
Alvaro-Kothe Oct 14, 2025
7d55283
fix: go back to buffer solution
Alvaro-Kothe Oct 14, 2025
ffe50ce
refactor: undo refactor in np_datetime.c
Alvaro-Kothe Oct 14, 2025
af5ad71
fix: fix undefined behavior
Alvaro-Kothe Oct 14, 2025
9211704
fix: fix leftover undefined behaviour
Alvaro-Kothe Oct 14, 2025
d026b01
rewrite `copy_string_without_char`
Alvaro-Kothe Oct 14, 2025
d76ff5f
fix: change solution to safe guard against end_ptr
Alvaro-Kothe Oct 14, 2025
b523a19
test: add some edge cases tests with thousand separator
Alvaro-Kothe Oct 14, 2025
6265172
Update pandas/_libs/src/parser/tokenizer.c
Alvaro-Kothe Oct 14, 2025
abed6c1
fix: error to -1
Alvaro-Kothe Oct 14, 2025
8616f9f
fix: leftover status check
Alvaro-Kothe Oct 14, 2025
c4e0e25
fix: remove duplicate nbytes declaration
Alvaro-Kothe Oct 14, 2025
0b19208
fix: use memchr to find if need to process the word
Alvaro-Kothe Oct 15, 2025
29d74f7
chore: add comment explaining why 128 bytes for capacity
Alvaro-Kothe Oct 15, 2025
b5b8f3b
rename bytes_read to bytes_written
Alvaro-Kothe Oct 15, 2025
803a8bf
chore: move errno assignment
Alvaro-Kothe Oct 15, 2025
31f26cf
fix: fix error logic by comparing pointers
Alvaro-Kothe Oct 15, 2025
171b553
fix: use pointers
Alvaro-Kothe Oct 15, 2025
30f6bdc
fix: keep track on how many bytes to read
Alvaro-Kothe Oct 15, 2025
554675b
chore: cast to size_t
Alvaro-Kothe Oct 15, 2025
7ea4454
fix: cast pointer to fix Wc++-compat warning
Alvaro-Kothe Oct 15, 2025
82dc037
fix: remove casts for -Weverything
Alvaro-Kothe Oct 15, 2025
627df4c
fix: move remaining_bytes_to_read to the start of loop
Alvaro-Kothe Oct 15, 2025
1b3eba0
fix: consolidate it even further
Alvaro-Kothe Oct 15, 2025
e1667fa
fix: move right definition
Alvaro-Kothe Oct 15, 2025
bee776a
chore: remove superfluous comments
Alvaro-Kothe Oct 15, 2025
d693345
fix: add const qualifier
Alvaro-Kothe Oct 15, 2025
593c614
fix: remove unnecessary NULL and null-byte checks
Alvaro-Kothe Oct 15, 2025
ff4d48b
fix: remove unnecessary errno verification
Alvaro-Kothe Oct 15, 2025
e3a88d3
chore: remove NULL assignment
Alvaro-Kothe Oct 15, 2025
b135738
fix: don't recompute strlen
Alvaro-Kothe Oct 15, 2025
ba8c9b3
chore: add some comments back to simplify diff
Alvaro-Kothe Oct 15, 2025
818921f
fix: reset errno after handling it
Alvaro-Kothe Oct 15, 2025
3e067f7
fix: put back const char p
Alvaro-Kothe Oct 15, 2025
c0ed83c
fix: improve diff for sign handling
Alvaro-Kothe Oct 15, 2025
cb60adb
fix: improve diff for trailing whitespace
Alvaro-Kothe Oct 15, 2025
5117e89
chore: remove newline to simplify diff even more
Alvaro-Kothe Oct 15, 2025
e1e327a
chore: drop another superfluous comment
Alvaro-Kothe Oct 15, 2025
ffcb7c2
test: xfail python engine with consecutive thousand separators
Alvaro-Kothe Oct 15, 2025
47b87f9
fix: move errno handling to avoid polution and early return
Alvaro-Kothe Oct 16, 2025
cd536fb
chore: rename to number for diff
Alvaro-Kothe Oct 16, 2025
1ef9259
chore: add comment explaining consecutive thousand separators in C en…
Alvaro-Kothe Oct 16, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
273 changes: 119 additions & 154 deletions pandas/_libs/src/parser/tokenizer.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,10 +23,13 @@ GitHub. See Python Software Foundation License and BSD licenses for these.
#include <float.h>
#include <math.h>
#include <stdbool.h>
#include <stdlib.h>

#include "pandas/portable.h"
#include "pandas/vendored/klib/khash.h" // for kh_int64_t, kh_destroy_int64

static const int PROCESSED_WORD_CAPACITY = 128;

void coliter_setup(coliter_t *self, parser_t *parser, int64_t i,
int64_t start) {
// column i, starting at 0
Expand Down Expand Up @@ -1834,201 +1837,163 @@ int uint64_conflict(uint_state *self) {
return self->seen_uint && (self->seen_sint || self->seen_null);
}

int64_t str_to_int64(const char *p_item, int64_t int_min, int64_t int_max,
int *error, char tsep) {
const char *p = p_item;
// Skip leading spaces.
while (isspace_ascii(*p)) {
++p;
/**
* @brief Check if the character in the pointer indicates a number.
* It expects that you consumed all leading whitespace.
*
* @param p_item Pointer to verify
* @return Non-zero integer indicating that has a digit 0 otherwise.
*/
static inline int has_digit_int(const char *str) {
Copy link
Member

@WillAyd WillAyd Oct 13, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
static inline int has_digit_int(const char *str) {
static inline bool has_digit_int(const char *str) {

We are far enough removed from C89 that we can use the bool type :-)

Copy link
Member Author

@Alvaro-Kothe Alvaro-Kothe Oct 13, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done in 87789e6

if (!str || *str == '\0') {
return 0;
}

// Handle sign.
const bool isneg = *p == '-' ? true : false;
// Handle sign.
if (isneg || (*p == '+')) {
p++;
switch (*str) {
case '0':
case '1':
case '2':
case '3':
case '4':
case '5':
case '6':
case '7':
case '8':
case '9':
return 1;
case '+':
case '-':
return isdigit_ascii(str[1]);
Copy link
Member

@WillAyd WillAyd Oct 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This will violate bounds checking if you pass a string of + or -

default:
return 0;
}
}

// Check that there is a first digit.
if (!isdigit_ascii(*p)) {
// Error...
*error = ERROR_NO_DIGITS;
return 0;
static inline int has_only_spaces(const char *str) {
while (*str != '\0' && isspace_ascii(*str)) {
str++;
}
return *str == '\0';
}

int64_t number = 0;
if (isneg) {
// If number is greater than pre_min, at least one more digit
// can be processed without overflowing.
int dig_pre_min = -(int_min % 10);
int64_t pre_min = int_min / 10;

// Process the digits.
char d = *p;
if (tsep != '\0') {
while (1) {
if (d == tsep) {
d = *++p;
continue;
} else if (!isdigit_ascii(d)) {
break;
}
if ((number > pre_min) ||
((number == pre_min) && (d - '0' <= dig_pre_min))) {
number = number * 10 - (d - '0');
d = *++p;
} else {
*error = ERROR_OVERFLOW;
return 0;
}
}
} else {
while (isdigit_ascii(d)) {
if ((number > pre_min) ||
((number == pre_min) && (d - '0' <= dig_pre_min))) {
number = number * 10 - (d - '0');
d = *++p;
} else {
*error = ERROR_OVERFLOW;
return 0;
}
}
/* Copy a string without `char_to_remove` into `output`,
* while ensuring it's null terminated.
*/
static void copy_string_without_char(char *output, const char *str,
Copy link
Member

@WillAyd WillAyd Oct 13, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
static void copy_string_without_char(char *output, const char *str,
static void copy_string_without_char(char output[PROCESSED_WORD_CAPACITY], const char *str,

Don't think you need to pass this capacity as a separate argument, since it is always the same value

Copy link
Member Author

@Alvaro-Kothe Alvaro-Kothe Oct 13, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done in 2287944

char char_to_remove, size_t output_size) {
size_t i = 0;
for (const char *src = str; *src != '\0' && i < output_size; src++) {
Copy link
Member

@WillAyd WillAyd Oct 13, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It would be great to avoid character-by-character writes if we can, especially since this is a relatively sparse character to search for.

You might be limited with what you can do without some of the larger changes I suggested, but maybe even just finding a region and writing multiple bytes at once will be more performant.

Copy link
Member

@WillAyd WillAyd Oct 13, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Perhaps something like:

size_t pos = 0;
const char* oldptr = p_item;
while (const char* newptr = strchr(oldptr, tsep) != NULL) {
    size_t len = newptr - oldptr;
    memcpy(output[pos], oldptr, len);
    oldptr = newptr + 1;
    pos += len;
}
output[startpos + 1] = '\0';

Might be an off by one and probably worth bounds checking. You might also want to use strchrnul instead of strchr to avoid a buffer overrun

Just some brief unchecked thoughts - hope they help

Copy link
Member Author

@Alvaro-Kothe Alvaro-Kothe Oct 13, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I couldn't make strchr work, because I couldn't know where the null terminator would be. I tried your suggestion in 2bea3c2.

if (*src != char_to_remove) {
output[i++] = *src;
}
}
if (i < output_size) {
Copy link
Member

@WillAyd WillAyd Oct 13, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is pretty wasteful to continually write null bytes. You could either memset the buffer before you send it, or ideally short circuit when you've processed all the necessary bytes

Copy link
Member Author

@Alvaro-Kothe Alvaro-Kothe Oct 13, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

continually write null bytes

Actually, it wasn't continually writing null bytes. Just once after copying src. Anyway, I changed to use memset.

output[i] = '\0';
} else {
// If number is less than pre_max, at least one more digit
// can be processed without overflowing.
int64_t pre_max = int_max / 10;
int dig_pre_max = int_max % 10;

// Process the digits.
char d = *p;
if (tsep != '\0') {
while (1) {
if (d == tsep) {
d = *++p;
continue;
} else if (!isdigit_ascii(d)) {
break;
}
if ((number < pre_max) ||
((number == pre_max) && (d - '0' <= dig_pre_max))) {
number = number * 10 + (d - '0');
d = *++p;
// str is too big, probably would overflow
errno = ERANGE;
}
}

} else {
*error = ERROR_OVERFLOW;
return 0;
}
}
} else {
while (isdigit_ascii(d)) {
if ((number < pre_max) ||
((number == pre_max) && (d - '0' <= dig_pre_max))) {
number = number * 10 + (d - '0');
d = *++p;
int64_t str_to_int64(const char *p_item, int64_t int_min, int64_t int_max,
int *error, char tsep) {
if (!p_item || *p_item == '\0') {
Copy link
Member

@WillAyd WillAyd Oct 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it necessary to add this? I don't think we should be special-casing behavior for null or the null byte; I expect the former is undefined (since its not a string) and the latter would be handled naturally by the rest of the logic (?)

Copy link
Member Author

@Alvaro-Kothe Alvaro-Kothe Oct 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Indeed, not necessary. The null byte is already handled below.

*error = ERROR_NO_DIGITS;
return 0;
}

} else {
*error = ERROR_OVERFLOW;
return 0;
}
}
}
while (isspace_ascii(*p_item)) {
++p_item;
}

if (!has_digit_int(p_item)) {
*error = ERROR_NO_DIGITS;
return 0;
}

// Skip trailing spaces.
while (isspace_ascii(*p)) {
++p;
errno = 0;
Copy link
Member

@WillAyd WillAyd Oct 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we need to check that the errno isn't set already before just clearing?

Copy link
Member Author

@Alvaro-Kothe Alvaro-Kothe Oct 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It doesn't seem necessary, this is just parsing a new number and error handling is done in parsers.pyx

Copy link
Member

@WillAyd WillAyd Oct 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think you can remove this now, right? Generally I'd advise against clearing errno without good reason. This currently is equivalent to doing a try ... except Exception in Python and blindly continuing along, so it should be avoided

Copy link
Member Author

@Alvaro-Kothe Alvaro-Kothe Oct 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The errno should be reset. I added a comment explaining why. Mainly because strtoll assign its value and I want to reset before calling it, so that parsing previous words don't pollute the verification below.

if (tsep != '\0' && strchr(p_item, tsep) != NULL) {
Copy link
Member

@WillAyd WillAyd Oct 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you use memchr here for consistency?

char buffer[PROCESSED_WORD_CAPACITY];
copy_string_without_char(buffer, p_item, tsep, PROCESSED_WORD_CAPACITY);
p_item = buffer;
}

// Did we use up all the characters?
if (*p) {
*error = ERROR_INVALID_CHARS;
if (errno == ERANGE) {
Copy link
Member

@WillAyd WillAyd Oct 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is lost in a refactor right? I don't think errno will be set by anything preceding this?

Copy link
Member Author

@Alvaro-Kothe Alvaro-Kothe Oct 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Indeed, I forgot to remove it.

*error = ERROR_OVERFLOW;
return 0;
}

*error = 0;
return number;
char *endptr = NULL;
Copy link
Member

@WillAyd WillAyd Oct 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
char *endptr = NULL;
char *endptr;

int64_t result = strtoll(p_item, &endptr, 10);

if (!has_only_spaces(endptr)) {
// Check first for invalid characters because we may
// want to skip integer parsing if we find one.
*error = ERROR_INVALID_CHARS;
result = 0;
} else if (errno == ERANGE || result > int_max || result < int_min) {
Copy link
Member

@WillAyd WillAyd Oct 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I suppose this is unrelated to your PR but why does this function accept int_max and int_min as arguments? Assuming those are actually set to INT64_MAX and INT64_MIN this is a no-op, and potentially waste of cycles if the compiler can't optimize it away

Copy link
Member Author

@Alvaro-Kothe Alvaro-Kothe Oct 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Indeed, it's unnecessary. It's set to INT64_MAX and INT64_MIN.

pandas/pandas/_libs/parsers.pyx

Lines 1930 to 1931 in 066a4f7

data[i] = str_to_int64(word, INT64_MIN, INT64_MAX,
&error, parser.thousands)

Should I just check errno or I should also change the function signature?

Copy link
Member

@WillAyd WillAyd Oct 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changing the function signature is fine (let's do as a separate PR)

*error = ERROR_OVERFLOW;
result = 0;
} else {
*error = 0;
}

return result;
}

uint64_t str_to_uint64(uint_state *state, const char *p_item, int64_t int_max,
uint64_t uint_max, int *error, char tsep) {
const char *p = p_item;
// Skip leading spaces.
while (isspace_ascii(*p)) {
++p;
if (!p_item || *p_item == '\0') {
*error = ERROR_NO_DIGITS;
return 0;
}

while (isspace_ascii(*p_item)) {
Copy link
Member

@WillAyd WillAyd Oct 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think you removed the const char *p = p_item assignment as a cleanup and not for any type of functionality, but if that's true its inflating the diff. Should move cleanup items like that to a separate PR

Copy link
Member Author

@Alvaro-Kothe Alvaro-Kothe Oct 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've made several changes that complicate a lot the diff. I'll put back the const char *p assignment, and also remove the need for some auxiliary functions created.

Copy link
Member

@WillAyd WillAyd Oct 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great - thanks!

++p_item;
}

// Handle sign.
if (*p == '-') {
if (*p_item == '-') {
state->seen_sint = 1;
*error = 0;
return 0;
} else if (*p == '+') {
p++;
} else if (*p_item == '+') {
p_item++;
}

// Check that there is a first digit.
if (!isdigit_ascii(*p)) {
// Error...
if (!isdigit_ascii(*p_item)) {
*error = ERROR_NO_DIGITS;
return 0;
}

// If number is less than pre_max, at least one more digit
// can be processed without overflowing.
//
// Process the digits.
uint64_t number = 0;
const uint64_t pre_max = uint_max / 10;
const uint64_t dig_pre_max = uint_max % 10;
char d = *p;
if (tsep != '\0') {
while (1) {
if (d == tsep) {
d = *++p;
continue;
} else if (!isdigit_ascii(d)) {
break;
}
if ((number < pre_max) ||
((number == pre_max) && ((uint64_t)(d - '0') <= dig_pre_max))) {
number = number * 10 + (d - '0');
d = *++p;

} else {
*error = ERROR_OVERFLOW;
return 0;
}
}
} else {
while (isdigit_ascii(d)) {
if ((number < pre_max) ||
((number == pre_max) && ((uint64_t)(d - '0') <= dig_pre_max))) {
number = number * 10 + (d - '0');
d = *++p;

} else {
*error = ERROR_OVERFLOW;
return 0;
}
}
errno = 0;
if (tsep != '\0' && strchr(p_item, tsep) != NULL) {
char buffer[PROCESSED_WORD_CAPACITY];
Copy link
Member

@WillAyd WillAyd Oct 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this is undefined behavior, at least according to https://stackoverflow.com/a/79330647/621736. You may need to move the buffer declaration outside of this branch (can run ASAN/UBSAN to check)

Copy link
Member Author

@Alvaro-Kothe Alvaro-Kothe Oct 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It fixes it.

copy_string_without_char(buffer, p_item, tsep, PROCESSED_WORD_CAPACITY);
p_item = buffer;
}

// Skip trailing spaces.
while (isspace_ascii(*p)) {
++p;
if (errno == ERANGE) {
*error = ERROR_OVERFLOW;
return 0;
}

// Did we use up all the characters?
if (*p) {
char *endptr = NULL;
uint64_t result = strtoull(p_item, &endptr, 10);

if (!has_only_spaces(endptr)) {
*error = ERROR_INVALID_CHARS;
return 0;
result = 0;
} else if (errno == ERANGE || result > uint_max) {
*error = ERROR_OVERFLOW;
result = 0;
} else {
*error = 0;
}

if (number > (uint64_t)int_max) {
if (result > (uint64_t)int_max) {
state->seen_uint = 1;
}

*error = 0;
return number;
return result;
}
Loading