From patchwork Mon Oct 10 06:00:51 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Aurelien Jarno X-Patchwork-Id: 1687928 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=sourceware.org (client-ip=8.43.85.97; helo=sourceware.org; envelope-from=libc-alpha-bounces+incoming=patchwork.ozlabs.org@sourceware.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; secure) header.d=aurel32.net header.i=@aurel32.net header.a=rsa-sha256 header.s=202004.hall header.b=0mNJQPZr; dkim-atps=neutral Received: from sourceware.org (server2.sourceware.org [8.43.85.97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4Mm7Zx5Gspz23jn for ; Mon, 10 Oct 2022 17:01:29 +1100 (AEDT) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 342363858425 for ; Mon, 10 Oct 2022 06:01:25 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from hall.aurel32.net (hall.aurel32.net [IPv6:2001:bc8:30d7:100::1]) by sourceware.org (Postfix) with ESMTPS id C63363858D37 for ; Mon, 10 Oct 2022 06:01:16 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org C63363858D37 Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=aurel32.net Authentication-Results: sourceware.org; spf=none smtp.mailfrom=aurel32.net DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=aurel32.net ; s=202004.hall; h=Content-Transfer-Encoding:MIME-Version:Message-Id:Date: Subject:Cc:To:From:Content-Type:From:Reply-To:Subject:Content-ID: Content-Description:In-Reply-To:References:X-Debbugs-Cc; bh=Zn5jbrS4BisrKYe5YEmw2uvBV2FTYse7bpJi/dT3m6o=; b=0mNJQPZr3a7MJR2sHBgcS/j5Co evkLNGT51WYX1OpmLhXcu0JT2onG40jzi+63Z3zKhMECmgQ4NM2Qa/Thri2BbCs15GLxmZa7N5MAM RXli42xcKwJyPNW+YIA7RPE0sZ5h7tsW6WSCO3WzmWqR+Etf0hroRrUFz3vLfC+IfLRn+7LZ8p5eH lJfWwlsOLYF1yH1GIGDEb+INDvx1LhKyVPnJS91YWl66vzuRTMR2TaQxxj+aUxwlOP9jwfBMy/7SI XHoApkrFnmuI3ExRvN480bRso22rarT2MYYJ7FrnYJ91BuNxu3L/EzpkGH7WptWOxqFMX2KoJALHI 5gB1uGCw==; Received: from [2a01:e34:ec5d:a741:8a4c:7c4e:dc4c:1787] (helo=ohm.rr44.fr) by hall.aurel32.net with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1ohlqk-003BGX-Ji; Mon, 10 Oct 2022 08:01:14 +0200 Received: from aurel32 by ohm.rr44.fr with local (Exim 4.96) (envelope-from ) id 1ohlqk-00FhYO-0d; Mon, 10 Oct 2022 08:01:14 +0200 From: Aurelien Jarno To: libc-alpha@sourceware.org Subject: [PATCH v3] Avoid undefined behaviour in ibm128 implementation of llroundl (BZ #29488) Date: Mon, 10 Oct 2022 08:00:51 +0200 Message-Id: <20221010060050.3741173-1-aurelien@aurel32.net> X-Mailer: git-send-email 2.35.1 MIME-Version: 1.0 X-Spam-Status: No, score=-13.5 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, SPF_HELO_PASS, SPF_NONE, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Aurelien Jarno Errors-To: libc-alpha-bounces+incoming=patchwork.ozlabs.org@sourceware.org Sender: "Libc-alpha" Detecting an overflow edge case depended on signed overflow of a long long. Replace the additions and the overflow checks by __builtin_add_overflow(). Reviewed-by: Tulio Magno Quites Machado Filho --- sysdeps/ieee754/ldbl-128ibm/s_llroundl.c | 21 +++++++++------------ 1 file changed, 9 insertions(+), 12 deletions(-) This patch is based on the original patch from Michael Hudson-Doyle, using __builtin_add_overflow() as suggested by Florian Weimer It passes all tests on ppc64el with gcc 12 with both -O2 and -O3. diff --git a/sysdeps/ieee754/ldbl-128ibm/s_llroundl.c b/sysdeps/ieee754/ldbl-128ibm/s_llroundl.c index d85154e73a..d8c0de1faf 100644 --- a/sysdeps/ieee754/ldbl-128ibm/s_llroundl.c +++ b/sysdeps/ieee754/ldbl-128ibm/s_llroundl.c @@ -66,38 +66,35 @@ __llroundl (long double x) /* Peg at max/min values, assuming that the above conversions do so. Strictly speaking, we can return anything for values that overflow, but this is more useful. */ - res = hi + lo; - - /* This is just sign(hi) == sign(lo) && sign(res) != sign(hi). */ - if (__glibc_unlikely (((~(hi ^ lo) & (res ^ hi)) < 0))) + if (__glibc_unlikely (__builtin_add_overflow (hi, lo, &res))) goto overflow; xh -= lo; ldbl_canonicalize (&xh, &xl); - hi = res; if (xh > 0.5) { - res += 1; + if (__glibc_unlikely (__builtin_add_overflow (res, 1, &res))) + goto overflow; } else if (xh == 0.5) { if (xl > 0.0 || (xl == 0.0 && res >= 0)) - res += 1; + if (__glibc_unlikely (__builtin_add_overflow (res, 1, &res))) + goto overflow; } else if (-xh > 0.5) { - res -= 1; + if (__glibc_unlikely (__builtin_add_overflow (res, -1, &res))) + goto overflow; } else if (-xh == 0.5) { if (xl < 0.0 || (xl == 0.0 && res <= 0)) - res -= 1; + if (__glibc_unlikely (__builtin_add_overflow (res, -1, &res))) + goto overflow; } - if (__glibc_unlikely (((~(hi ^ (res - hi)) & (res ^ hi)) < 0))) - goto overflow; - return res; } else