[PATCH v2] Avoid undefined behaviour in ibm128 implementation of llroundl
Michael Hudson-Doyle
michael.hudson@canonical.com
Mon Aug 22 02:04:20 GMT 2022
Detecting an overflow edge case depended on signed overflow of a long
long. Replace the signed long long with unsigned and cast it back to
unsigned before comparisons (which is implementation defined behaviour,
but I guess glibc does not support any one's complement
architectures...).
BZ #29488
---
v2: added casts to some references to 'res' I missed in v1. This
version passes all tests on ppc64el with gcc 12 with both -O2 and -O3.
---
sysdeps/ieee754/ldbl-128ibm/s_llroundl.c | 11 ++++++-----
1 file changed, 6 insertions(+), 5 deletions(-)
diff --git a/sysdeps/ieee754/ldbl-128ibm/s_llroundl.c b/sysdeps/ieee754/ldbl-128ibm/s_llroundl.c
index d85154e73a..5f54f92767 100644
--- a/sysdeps/ieee754/ldbl-128ibm/s_llroundl.c
+++ b/sysdeps/ieee754/ldbl-128ibm/s_llroundl.c
@@ -28,7 +28,8 @@ long long
__llroundl (long double x)
{
double xh, xl;
- long long res, hi, lo;
+ unsigned long long res;
+ long long hi, lo;
ldbl_unpack (x, &xh, &xl);
@@ -69,7 +70,7 @@ __llroundl (long double x)
res = hi + lo;
/* This is just sign(hi) == sign(lo) && sign(res) != sign(hi). */
- if (__glibc_unlikely (((~(hi ^ lo) & (res ^ hi)) < 0)))
+ if (__glibc_unlikely (((~(hi ^ lo) & (((long long)res) ^ hi)) < 0)))
goto overflow;
xh -= lo;
@@ -82,7 +83,7 @@ __llroundl (long double x)
}
else if (xh == 0.5)
{
- if (xl > 0.0 || (xl == 0.0 && res >= 0))
+ if (xl > 0.0 || (xl == 0.0 && ((long long)res) >= 0))
res += 1;
}
else if (-xh > 0.5)
@@ -91,11 +92,11 @@ __llroundl (long double x)
}
else if (-xh == 0.5)
{
- if (xl < 0.0 || (xl == 0.0 && res <= 0))
+ if (xl < 0.0 || (xl == 0.0 && ((long long)res) <= 0))
res -= 1;
}
- if (__glibc_unlikely (((~(hi ^ (res - hi)) & (res ^ hi)) < 0)))
+ if (__glibc_unlikely (((~(hi ^ (((long long)res) - hi)) & (((long long)res) ^ hi)) < 0)))
goto overflow;
return res;
--
2.34.1
More information about the Libc-alpha
mailing list