This is an archive of the discontinued LLVM Phabricator instance.

Differential D90218

Fix PR47973: Addressing integer division edge case with INT_MIN
ClosedPublic

Authored by akuran on Oct 27 2020, 4:16 AM.

Details

Reviewers
sepavloff
atrosinenko
Commits
rG55ec2ba4bc36: Fix PR47973: Addressing integer division edge case with INT_MIN
Summary

Adjustment to integer division in int_div_impl.inc to avoid undefined behaviour that can occur as a result of having INT_MIN as one of the parameters.

Diff Detail

Event Timeline

akuran created this revision.Oct 27 2020, 4:16 AM
Herald added a project: Restricted Project. · View Herald TranscriptOct 27 2020, 4:16 AM
Herald added a subscriber: Restricted Project. · View Herald Transcript
akuran retitled this revision from Addressing integer division edge case with INT_MIN to Addressing integer division edge case with INT_MIN Fix PR47973.Oct 27 2020, 4:24 AM
akuran edited the summary of this revision. (Show Details)
akuran retitled this revision from Addressing integer division edge case with INT_MIN Fix PR47973 to Fix PR47973: Addressing integer division edge case with INT_MIN.
akuran published this revision for review.Oct 27 2020, 4:28 AM
Harbormaster completed remote builds in B76527: Diff 300940.Oct 27 2020, 4:49 AM
thopre added a subscriber: llvm-commits.Oct 27 2020, 4:52 AM
thopre added a subscriber: thopre.
akuran updated this revision to Diff 301222.Oct 28 2020, 3:53 AM

Restart build

akuran added reviewers: sepavloff, atrosinenko.Oct 28 2020, 3:55 AM
Harbormaster completed remote builds in B76699: Diff 301222.Oct 28 2020, 4:23 AM
akuran added a comment.Nov 9 2020, 7:00 AM

Ping

Herald added a subscriber: oontvoo. · View Herald TranscriptNov 9 2020, 7:00 AM
sepavloff added inline comments.Nov 9 2020, 11:06 PM
compiler-rt/lib/builtins/int_div_impl.inc
77

What is the purpose of using addition+negation instead of subtraction?

akuran added inline comments.Nov 10 2020, 2:40 AM
compiler-rt/lib/builtins/int_div_impl.inc
77

(fixuint_t)a^s_a will always be some unsigned value, and with just subtraction we have <unsigned> - s_a. And when s_a = -1, s_a will get promoted to an unsigned value UINT_MAX, resulting in <unsigned> - UINT_MAX which can result in undefined behaviour. By negating s_a first we'd ensure that the operation there is always just either +0 or +1.

sepavloff accepted this revision.Nov 10 2020, 4:22 AM

LGTM

This revision is now accepted and ready to land.Nov 10 2020, 4:22 AM
This revision was landed with ongoing or failed builds.Nov 10 2020, 7:57 AM
Closed by commit rG55ec2ba4bc36: Fix PR47973: Addressing integer division edge case with INT_MIN (authored by akuran, committed by thopre). · Explain Why
This revision was automatically updated to reflect the committed changes.
thopre added a commit: rG55ec2ba4bc36: Fix PR47973: Addressing integer division edge case with INT_MIN.

Revision Contents

PathSize
compiler-rt/
lib/
builtins/
24 lines

Diff 304192

compiler-rt/lib/builtins/int_div_impl.inc

Show First 20 LinesShow All 66 Lines▼ Show 20 Lines for (; sr > 0; --sr) {
r -= d & s; r -= d & s;
} }
return r; return r;
} }
#ifdef COMPUTE_UDIV #ifdef COMPUTE_UDIV
static __inline fixint_t __divXi3(fixint_t a, fixint_t b) { static __inline fixint_t __divXi3(fixint_t a, fixint_t b) {
const int N = (int)(sizeof(fixint_t) * CHAR_BIT) - 1; const int N = (int)(sizeof(fixint_t) * CHAR_BIT) - 1;
fixint_t s_a = a >> N; // s_a = a < 0 ? -1 : 0 fixint_t s_a = a >> N; // s_a = a < 0 ? -1 : 0
fixint_t s_b = b >> N; // s_b = b < 0 ? -1 : 0 fixint_t s_b = b >> N; // s_b = b < 0 ? -1 : 0
a = (a ^ s_a) - s_a; // negate if s_a == -1 fixuint_t a_u = (fixuint_t)(a ^ s_a) + (-s_a); // negate if s_a == -1
sepavloffUnsubmitted
Not Done
ReplyInline Actions

What is the purpose of using addition+negation instead of subtraction?

sepavloff: What is the purpose of using addition+negation instead of subtraction?
akuranAuthorUnsubmitted
Done
ReplyInline Actions

(fixuint_t)a^s_a will always be some unsigned value, and with just subtraction we have <unsigned> - s_a. And when s_a = -1, s_a will get promoted to an unsigned value UINT_MAX, resulting in <unsigned> - UINT_MAX which can result in undefined behaviour. By negating s_a first we'd ensure that the operation there is always just either +0 or +1.

akuran: (fixuint_t)a^s_a will always be some unsigned value, and with just subtraction we have…
b = (b ^ s_b) - s_b; // negate if s_b == -1 fixuint_t b_u = (fixuint_t)(b ^ s_b) + (-s_b); // negate if s_b == -1
s_a ^= s_b; // sign of quotient s_a ^= s_b; // sign of quotient
return (COMPUTE_UDIV(a, b) ^ s_a) - s_a; // negate if s_a == -1 return (COMPUTE_UDIV(a_u, b_u) ^ s_a) + (-s_a); // negate if s_a == -1
} }
#endif // COMPUTE_UDIV #endif // COMPUTE_UDIV
#ifdef ASSIGN_UMOD #ifdef ASSIGN_UMOD
static __inline fixint_t __modXi3(fixint_t a, fixint_t b) { static __inline fixint_t __modXi3(fixint_t a, fixint_t b) {
const int N = (int)(sizeof(fixint_t) * CHAR_BIT) - 1; const int N = (int)(sizeof(fixint_t) * CHAR_BIT) - 1;
fixint_t s = b >> N; // s = b < 0 ? -1 : 0 fixint_t s = b >> N; // s = b < 0 ? -1 : 0
b = (b ^ s) - s; // negate if s == -1 fixuint_t b_u = (fixuint_t)(b ^ s) + (-s); // negate if s == -1
s = a >> N; // s = a < 0 ? -1 : 0 s = a >> N; // s = a < 0 ? -1 : 0
a = (a ^ s) - s; // negate if s == -1 fixuint_t a_u = (fixuint_t)(a ^ s) + (-s); // negate if s == -1
fixuint_t res; fixuint_t res;
ASSIGN_UMOD(res, a, b); ASSIGN_UMOD(res, a_u, b_u);
return (res ^ s) - s; // negate if s == -1 return (res ^ s) + (-s); // negate if s == -1
} }
#endif // ASSIGN_UMOD #endif // ASSIGN_UMOD