[12] RFR: 8214059: Undefined behaviour in ADLC
Aleksey Shipilev
shade at redhat.com
Mon Nov 19 22:22:19 UTC 2018
On 11/19/18 11:19 PM, Aleksey Shipilev wrote:
> I think the canonical way to perform overflow-sensitive addition involves checking against INT_MAX.
> Or, in this case, Expr::Max. Instead of this "long long" and STATIC_ASSERT mess, we can say:
>
> int Expr::compute_max(const Expr *c1, const Expr *c2) {
> int v1 = c1->_max_value;
> int v2 = c2->_max_value;
>
> // Check for overflow without producing UB. If v2 is positive
> // and not larger than Max, the subtraction cannot underflow.
> assert(0 <= v2 && v2 <= Expr::Max, "sanity");
> if (v1 > Expr::Max - v2) {
> return Expr::Max;
> }
>
> return v1 + v2;
> }
Also, Expr::compute_min seems to have the same problem, but not caught by sanitizer?
-Aleksey
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://mail.openjdk.java.net/pipermail/hotspot-compiler-dev/attachments/20181119/ce9a958c/signature.asc>
More information about the hotspot-compiler-dev
mailing list