[12] RFR: 8214059: Undefined behaviour in ADLC
Simon Tooke
stooke at redhat.com
Fri Nov 23 17:49:04 UTC 2018
On 2018-11-20 9:54 a.m., Simon Tooke wrote:
> On 2018-11-19 5:22 p.m., Aleksey Shipilev wrote:
>> On 11/19/18 11:19 PM, Aleksey Shipilev wrote:
>>> I think the canonical way to perform overflow-sensitive addition involves checking against INT_MAX.
>>> Or, in this case, Expr::Max. Instead of this "long long" and STATIC_ASSERT mess, we can say:
>>>
>>> int Expr::compute_max(const Expr *c1, const Expr *c2) {
>>> int v1 = c1->_max_value;
>>> int v2 = c2->_max_value;
>>>
>>> // Check for overflow without producing UB. If v2 is positive
>>> // and not larger than Max, the subtraction cannot underflow.
>>> assert(0 <= v2 && v2 <= Expr::Max, "sanity");
>>> if (v1 > Expr::Max - v2) {
>>> return Expr::Max;
>>> }
>>>
>>> return v1 + v2;
>>> }
>> Also, Expr::compute_min seems to have the same problem, but not caught by sanitizer?
>>
>> -Aleksey
>>
> That's a good catch; since this is a runtime sanitizer, it means that
> code path (meaning the underflow condition) is never triggered. I'll
> add that to my proposed change.
>
> Thanks
> -Simon
>
>
I've incorporated your suggestions both for the overflow issues, and the
C-style cast issues.
Issue: https://bugs.openjdk.java.net/browse/JDK-8214059
Revised fix:
http://cr.openjdk.java.net/~sgehwolf/webrevs/stooke/JDK-8214059/02/webrev/*
*
Thanks for your input,
-Simon
*
*
More information about the hotspot-compiler-dev
mailing list