[PATCH] D158821: [builtins] Fix signed integer overflows in divmodsi4.c, divmoddi4.c and divmodti4.c
Karl-Johan Karlsson via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Fri Aug 25 00:41:18 PDT 2023
Ka-Ka created this revision.
Ka-Ka added reviewers: MaskRay, phosek.
Herald added a subscriber: Enna1.
Herald added a project: All.
Ka-Ka requested review of this revision.
Herald added a project: Sanitizers.
Herald added a subscriber: Sanitizers.
When compiling the builtins with the undefined behavior sanitizer and running testcases you end up with the following warning:
UBSan: divmodsi4.c:22:17: signed integer overflow: 2147483647 - -1 cannot be represented in type 'si_int' (aka 'long')
This can be avoided by doing the subtract in a matching unsigned variant of the type.
The same kind of pattern is found in divmoddi4.c and divmodti4.c
This was found in an out of tree target.
Repository:
rG LLVM Github Monorepo
https://reviews.llvm.org/D158821
Files:
compiler-rt/lib/builtins/divmoddi4.c
compiler-rt/lib/builtins/divmodsi4.c
compiler-rt/lib/builtins/divmodti4.c
Index: compiler-rt/lib/builtins/divmodti4.c
===================================================================
--- compiler-rt/lib/builtins/divmodti4.c
+++ compiler-rt/lib/builtins/divmodti4.c
@@ -20,8 +20,8 @@
const int bits_in_tword_m1 = (int)(sizeof(ti_int) * CHAR_BIT) - 1;
ti_int s_a = a >> bits_in_tword_m1; // s_a = a < 0 ? -1 : 0
ti_int s_b = b >> bits_in_tword_m1; // s_b = b < 0 ? -1 : 0
- a = (a ^ s_a) - s_a; // negate if s_a == -1
- b = (b ^ s_b) - s_b; // negate if s_b == -1
+ a = (tu_int)(a ^ s_a) - s_a; // negate if s_a == -1
+ b = (tu_int)(b ^ s_b) - s_b; // negate if s_b == -1
s_b ^= s_a; // sign of quotient
tu_int r;
ti_int q = (__udivmodti4(a, b, &r) ^ s_b) - s_b; // negate if s_b == -1
Index: compiler-rt/lib/builtins/divmodsi4.c
===================================================================
--- compiler-rt/lib/builtins/divmodsi4.c
+++ compiler-rt/lib/builtins/divmodsi4.c
@@ -19,8 +19,8 @@
const int bits_in_word_m1 = (int)(sizeof(si_int) * CHAR_BIT) - 1;
si_int s_a = a >> bits_in_word_m1; // s_a = a < 0 ? -1 : 0
si_int s_b = b >> bits_in_word_m1; // s_b = b < 0 ? -1 : 0
- a = (a ^ s_a) - s_a; // negate if s_a == -1
- b = (b ^ s_b) - s_b; // negate if s_b == -1
+ a = (su_int)(a ^ s_a) - s_a; // negate if s_a == -1
+ b = (su_int)(b ^ s_b) - s_b; // negate if s_b == -1
s_b ^= s_a; // sign of quotient
su_int r;
si_int q = (__udivmodsi4(a, b, &r) ^ s_b) - s_b; // negate if s_b == -1
Index: compiler-rt/lib/builtins/divmoddi4.c
===================================================================
--- compiler-rt/lib/builtins/divmoddi4.c
+++ compiler-rt/lib/builtins/divmoddi4.c
@@ -18,8 +18,8 @@
const int bits_in_dword_m1 = (int)(sizeof(di_int) * CHAR_BIT) - 1;
di_int s_a = a >> bits_in_dword_m1; // s_a = a < 0 ? -1 : 0
di_int s_b = b >> bits_in_dword_m1; // s_b = b < 0 ? -1 : 0
- a = (a ^ s_a) - s_a; // negate if s_a == -1
- b = (b ^ s_b) - s_b; // negate if s_b == -1
+ a = (du_int)(a ^ s_a) - s_a; // negate if s_a == -1
+ b = (du_int)(b ^ s_b) - s_b; // negate if s_b == -1
s_b ^= s_a; // sign of quotient
du_int r;
di_int q = (__udivmoddi4(a, b, &r) ^ s_b) - s_b; // negate if s_b == -1
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D158821.553397.patch
Type: text/x-patch
Size: 2801 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20230825/2e14f14c/attachment.bin>
More information about the llvm-commits
mailing list