[llvm] [ARM] Fix undefined behavior in `isLegalAddImmediate` (PR #132219)

Simon Tatham via llvm-commits llvm-commits at lists.llvm.org
Thu Mar 20 07:25:56 PDT 2025 

https://github.com/statham-arm created https://github.com/llvm/llvm-project/pull/132219

Building clang under UBsan, it reported an integer overflow in this function when the input value was -2^63, because it's UB to pass the maximum negative value of an integer type to `std::abs`.

Fixed by adding a new absolute-value function in `MathExtras.h` whose return type is the unsigned version of the argument type, and using that instead.

(This seems like the kind of thing C++ should have already had, but apparently it doesn't, and I couldn't find an existing one in LLVM Support either.)

>From 071c04afe14c0b24da1e091a0db930c45d4ea0d4 Mon Sep 17 00:00:00 2001
From: Simon Tatham <simon.tatham at arm.com>
Date: Thu, 20 Mar 2025 14:13:58 +0000
Subject: [PATCH] [ARM] Fix undefined behavior in `isLegalAddImmediate`

Building clang under UBsan, it reported an integer overflow in this
function when the input value was -2^63, because it's UB to pass the
maximum negative value of an integer type to `std::abs`.

Fixed by adding a new absolute-value function in `MathExtras.h` whose
return type is the unsigned version of the argument type, and using
that instead.

(This seems like the kind of thing C++ should have already had,
but apparently it doesn't, and I couldn't find an existing one in LLVM
Support either.)
---
 llvm/include/llvm/Support/MathExtras.h  | 9 +++++++++
 llvm/lib/Target/ARM/ARMISelLowering.cpp | 2 +-
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/llvm/include/llvm/Support/MathExtras.h b/llvm/include/llvm/Support/MathExtras.h
index 07f7bab0f0a3a..519fcc8fde5d5 100644
--- a/llvm/include/llvm/Support/MathExtras.h
+++ b/llvm/include/llvm/Support/MathExtras.h
@@ -595,6 +595,15 @@ inline int64_t SignExtend64(uint64_t X, unsigned B) {
   return int64_t(X << (64 - B)) >> (64 - B);
 }
 
+/// Return the absolute value of a signed integer, converted to the
+/// corresponding unsigned integer type. Avoids undefined behavior in std::abs
+/// when you pass it INT_MIN or similar.
+template <typename T, typename U = std::make_unsigned_t<T>>
+constexpr U AbsoluteValue(T X) {
+  // If X is negative, cast it to the unsigned type _before_ negating it.
+  return X < 0 ? -static_cast<U>(X) : X;
+}
+
 /// Subtract two unsigned integers, X and Y, of type T and return the absolute
 /// value of the result.
 template <typename U, typename V, typename T = common_uint<U, V>>
diff --git a/llvm/lib/Target/ARM/ARMISelLowering.cpp b/llvm/lib/Target/ARM/ARMISelLowering.cpp
index 234abefe75ee7..c015448ef69d4 100644
--- a/llvm/lib/Target/ARM/ARMISelLowering.cpp
+++ b/llvm/lib/Target/ARM/ARMISelLowering.cpp
@@ -19691,7 +19691,7 @@ bool ARMTargetLowering::isLegalICmpImmediate(int64_t Imm) const {
 /// immediate into a register.
 bool ARMTargetLowering::isLegalAddImmediate(int64_t Imm) const {
   // Same encoding for add/sub, just flip the sign.
-  int64_t AbsImm = std::abs(Imm);
+  uint64_t AbsImm = AbsoluteValue(Imm);
   if (!Subtarget->isThumb())
     return ARM_AM::getSOImmVal(AbsImm) != -1;
   if (Subtarget->isThumb2())

More information about the llvm-commits mailing list