This is an archive of the discontinued LLVM Phabricator instance.

Differential D145556

[compiler-rt] Avoid signed shift overflow in __muloXi4 and __mulvXi3
ClosedPublic

Authored by Ka-Ka on Mar 8 2023, 1:27 AM.

Details

Reviewers
atrosinenko
MaskRay
Commits
rG3032189c0b73: [compiler-rt] Avoid signed shift overflow in __muloXi4 and __mulvXi3
Summary

When compiling compiler-rt with -fsanitize=undefined and running testcases you
end up with the following warning:

UBSan: int_mulo_impl.inc:21:36: left shift of 1 by 63 places cannot be represented in type 'di_int' (aka 'long long')

This can be avoided by simply doing the shift in a matching unsigned variant of
the type.

The same kind of pattern seems to exist in int_mulv_impl.inc

This was found in an out of tree target.

Diff Detail

Event Timeline

Ka-Ka created this revision.Mar 8 2023, 1:27 AM
Herald added a project: Restricted Project. · View Herald TranscriptMar 8 2023, 1:27 AM
Herald added subscribers: Enna1, dberris. · View Herald Transcript
Ka-Ka requested review of this revision.Mar 8 2023, 1:27 AM
Herald added a project: Restricted Project. · View Herald TranscriptMar 8 2023, 1:27 AM
Herald added a subscriber: Restricted Project. · View Herald Transcript
uabelho added a subscriber: uabelho.Mar 8 2023, 1:44 AM
Harbormaster completed remote builds in B218019: Diff 503259.Mar 8 2023, 1:51 AM
bjope added a subscriber: bjope.Mar 8 2023, 2:09 AM
Ka-Ka added inline comments.Mar 8 2023, 2:24 AM
compiler-rt/lib/builtins/int_mulo_impl.inc
20–22

An alternative implementation would be to change MIN and MAX into:

const fixint_t MAX = (fixint_t)((~(fixuint_t)0) / 2);
const fixint_t MIN = -MAX - 1;

as this code pattern is used in another part of compiler-rt in compiler-rt/lib/builtins/fp_fixint_impl.inc

bjope added a reviewer: MaskRay.Mar 8 2023, 3:17 AM
MaskRay accepted this revision.Mar 8 2023, 4:02 PM
This revision is now accepted and ready to land.Mar 8 2023, 4:02 PM
Closed by commit rG3032189c0b73: [compiler-rt] Avoid signed shift overflow in __muloXi4 and __mulvXi3 (authored by Ka-Ka). · Explain WhyMar 8 2023, 11:44 PM
This revision was automatically updated to reflect the committed changes.
Ka-Ka added a commit: rG3032189c0b73: [compiler-rt] Avoid signed shift overflow in __muloXi4 and __mulvXi3.

Revision Contents

PathSize
compiler-rt/
lib/
builtins/
2 lines
2 lines
1 line
1 line
1 line
1 line
1 line
1 line

Diff 503647

compiler-rt/lib/builtins/int_mulo_impl.inc

Show All 11 Lines
#include "int_lib.h" #include "int_lib.h"
// Returns: a * b // Returns: a * b
// Effects: sets *overflow to 1 if a * b overflows // Effects: sets *overflow to 1 if a * b overflows
static __inline fixint_t __muloXi4(fixint_t a, fixint_t b, int *overflow) { static __inline fixint_t __muloXi4(fixint_t a, fixint_t b, int *overflow) {
const int N = (int)(sizeof(fixint_t) * CHAR_BIT); const int N = (int)(sizeof(fixint_t) * CHAR_BIT);
const fixint_t MIN = (fixint_t)1 << (N - 1); const fixint_t MIN = (fixint_t)((fixuint_t)1 << (N - 1));
const fixint_t MAX = ~MIN; const fixint_t MAX = ~MIN;
Ka-KaAuthorUnsubmitted
Not Done
ReplyInline Actions

An alternative implementation would be to change MIN and MAX into:

const fixint_t MAX = (fixint_t)((~(fixuint_t)0) / 2);
const fixint_t MIN = -MAX - 1;

as this code pattern is used in another part of compiler-rt in compiler-rt/lib/builtins/fp_fixint_impl.inc

Ka-Ka: An alternative implementation would be to change MIN and MAX into: const fixint_t MAX =…
*overflow = 0; *overflow = 0;
fixint_t result = a * b; fixint_t result = a * b;
if (a == MIN) { if (a == MIN) {
if (b != 0 && b != 1) if (b != 0 && b != 1)
*overflow = 1; *overflow = 1;
return result; return result;
} }
if (b == MIN) { if (b == MIN) {
Show All 19 Lines

compiler-rt/lib/builtins/int_mulv_impl.inc

Show All 12 Lines
#include "int_lib.h" #include "int_lib.h"
// Returns: a * b // Returns: a * b
// Effects: aborts if a * b overflows // Effects: aborts if a * b overflows
static __inline fixint_t __mulvXi3(fixint_t a, fixint_t b) { static __inline fixint_t __mulvXi3(fixint_t a, fixint_t b) {
const int N = (int)(sizeof(fixint_t) * CHAR_BIT); const int N = (int)(sizeof(fixint_t) * CHAR_BIT);
const fixint_t MIN = (fixint_t)1 << (N - 1); const fixint_t MIN = (fixint_t)((fixuint_t)1 << (N - 1));
const fixint_t MAX = ~MIN; const fixint_t MAX = ~MIN;
if (a == MIN) { if (a == MIN) {
if (b == 0 || b == 1) if (b == 0 || b == 1)
return a * b; return a * b;
compilerrt_abort(); compilerrt_abort();
} }
if (b == MIN) { if (b == MIN) {
if (a == 0 || a == 1) if (a == 0 || a == 1)
Show All 18 Lines

compiler-rt/lib/builtins/mulodi4.c

//===-- mulodi4.c - Implement __mulodi4 -----------------------------------===// //===-- mulodi4.c - Implement __mulodi4 -----------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// This file implements __mulodi4 for the compiler_rt library. // This file implements __mulodi4 for the compiler_rt library.
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
#define fixint_t di_int #define fixint_t di_int
#define fixuint_t du_int
#include "int_mulo_impl.inc" #include "int_mulo_impl.inc"
// Returns: a * b // Returns: a * b
// Effects: sets *overflow to 1 if a * b overflows // Effects: sets *overflow to 1 if a * b overflows
COMPILER_RT_ABI di_int __mulodi4(di_int a, di_int b, int *overflow) { COMPILER_RT_ABI di_int __mulodi4(di_int a, di_int b, int *overflow) {
return __muloXi4(a, b, overflow); return __muloXi4(a, b, overflow);
} }

compiler-rt/lib/builtins/mulosi4.c

//===-- mulosi4.c - Implement __mulosi4 -----------------------------------===// //===-- mulosi4.c - Implement __mulosi4 -----------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// This file implements __mulosi4 for the compiler_rt library. // This file implements __mulosi4 for the compiler_rt library.
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
#define fixint_t si_int #define fixint_t si_int
#define fixuint_t su_int
#include "int_mulo_impl.inc" #include "int_mulo_impl.inc"
// Returns: a * b // Returns: a * b
// Effects: sets *overflow to 1 if a * b overflows // Effects: sets *overflow to 1 if a * b overflows
COMPILER_RT_ABI si_int __mulosi4(si_int a, si_int b, int *overflow) { COMPILER_RT_ABI si_int __mulosi4(si_int a, si_int b, int *overflow) {
return __muloXi4(a, b, overflow); return __muloXi4(a, b, overflow);
} }

compiler-rt/lib/builtins/muloti4.c

Show All 13 Lines
#ifdef CRT_HAS_128BIT #ifdef CRT_HAS_128BIT
// Returns: a * b // Returns: a * b
// Effects: sets *overflow to 1 if a * b overflows // Effects: sets *overflow to 1 if a * b overflows
#define fixint_t ti_int #define fixint_t ti_int
#define fixuint_t tu_int
#include "int_mulo_impl.inc" #include "int_mulo_impl.inc"
COMPILER_RT_ABI ti_int __muloti4(ti_int a, ti_int b, int *overflow) { COMPILER_RT_ABI ti_int __muloti4(ti_int a, ti_int b, int *overflow) {
return __muloXi4(a, b, overflow); return __muloXi4(a, b, overflow);
} }
#endif // CRT_HAS_128BIT #endif // CRT_HAS_128BIT

compiler-rt/lib/builtins/mulvdi3.c

//===-- mulvdi3.c - Implement __mulvdi3 -----------------------------------===// //===-- mulvdi3.c - Implement __mulvdi3 -----------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// This file implements __mulvdi3 for the compiler_rt library. // This file implements __mulvdi3 for the compiler_rt library.
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
#define fixint_t di_int #define fixint_t di_int
#define fixuint_t du_int
#include "int_mulv_impl.inc" #include "int_mulv_impl.inc"
// Returns: a * b // Returns: a * b
// Effects: aborts if a * b overflows // Effects: aborts if a * b overflows
COMPILER_RT_ABI di_int __mulvdi3(di_int a, di_int b) { return __mulvXi3(a, b); } COMPILER_RT_ABI di_int __mulvdi3(di_int a, di_int b) { return __mulvXi3(a, b); }

compiler-rt/lib/builtins/mulvsi3.c

//===-- mulvsi3.c - Implement __mulvsi3 -----------------------------------===// //===-- mulvsi3.c - Implement __mulvsi3 -----------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// This file implements __mulvsi3 for the compiler_rt library. // This file implements __mulvsi3 for the compiler_rt library.
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
#define fixint_t si_int #define fixint_t si_int
#define fixuint_t su_int
#include "int_mulv_impl.inc" #include "int_mulv_impl.inc"
// Returns: a * b // Returns: a * b
// Effects: aborts if a * b overflows // Effects: aborts if a * b overflows
COMPILER_RT_ABI si_int __mulvsi3(si_int a, si_int b) { return __mulvXi3(a, b); } COMPILER_RT_ABI si_int __mulvsi3(si_int a, si_int b) { return __mulvXi3(a, b); }

compiler-rt/lib/builtins/mulvti3.c

Show All 13 Lines
#ifdef CRT_HAS_128BIT #ifdef CRT_HAS_128BIT
// Returns: a * b // Returns: a * b
// Effects: aborts if a * b overflows // Effects: aborts if a * b overflows
#define fixint_t ti_int #define fixint_t ti_int
#define fixuint_t tu_int
#include "int_mulv_impl.inc" #include "int_mulv_impl.inc"
COMPILER_RT_ABI ti_int __mulvti3(ti_int a, ti_int b) { return __mulvXi3(a, b); } COMPILER_RT_ABI ti_int __mulvti3(ti_int a, ti_int b) { return __mulvXi3(a, b); }
#endif // CRT_HAS_128BIT #endif // CRT_HAS_128BIT