GNU bug report logs -
#15924
[PATCH] dfa: avoid undefined behavior of "1 << 31"
Previous Next
Reported by: Jim Meyering <jim <at> meyering.net>
Date: Tue, 19 Nov 2013 01:56:02 UTC
Severity: normal
Tags: patch
Done: Jim Meyering <jim <at> meyering.net>
Bug is archived. No further changes may be made.
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 15924 in the body.
You can then email your comments to 15924 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
bug-grep <at> gnu.org:
bug#15924; Package
grep.
(Tue, 19 Nov 2013 01:56:02 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
Jim Meyering <jim <at> meyering.net>:
New bug report received and forwarded. Copy sent to
bug-grep <at> gnu.org.
(Tue, 19 Nov 2013 01:56:03 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
FYI:
[k.txt (text/plain, attachment)]
Information forwarded
to
bug-grep <at> gnu.org:
bug#15924; Package
grep.
(Tue, 19 Nov 2013 02:17:02 GMT)
Full text and
rfc822 format available.
Message #8 received at 15924 <at> debbugs.gnu.org (full text, mbox):
Jim Meyering wrote:
> static int
> tstbit (unsigned int b, charclass const c)
> {
> - return c[b / INTBITS] & 1 << b % INTBITS;
> + return c[b / INTBITS] & 1U << b % INTBITS;
> }
On a machine with 32-bit int and where b % INTBITS is 31,
the expression c[b / INTBITS] & 1U << b % INTBITS
is of type 'unsigned' and can have the value 2**31, and
this will overflow when tstbit converts that value as an int,
leading to implementation-defined behavior, which can include
raising a signal.
Better would be something like this:
static bool
tstbit (unsigned int b, charclass const c)
{
return c[b / INTBITS] >> b % INTBITS & 1;
}
and it'd probably be better to encourage this style in
other places where the problem occurs, e.g., quotearg.
Information forwarded
to
bug-grep <at> gnu.org:
bug#15924; Package
grep.
(Tue, 19 Nov 2013 05:26:02 GMT)
Full text and
rfc822 format available.
Message #11 received at 15924 <at> debbugs.gnu.org (full text, mbox):
On Mon, Nov 18, 2013 at 6:16 PM, Paul Eggert <eggert <at> cs.ucla.edu> wrote:
> Jim Meyering wrote:
>> static int
>> tstbit (unsigned int b, charclass const c)
>> {
>> - return c[b / INTBITS] & 1 << b % INTBITS;
>> + return c[b / INTBITS] & 1U << b % INTBITS;
>> }
>
> On a machine with 32-bit int and where b % INTBITS is 31,
> the expression c[b / INTBITS] & 1U << b % INTBITS
> is of type 'unsigned' and can have the value 2**31, and
> this will overflow when tstbit converts that value as an int,
> leading to implementation-defined behavior, which can include
> raising a signal.
>
> Better would be something like this:
>
> static bool
> tstbit (unsigned int b, charclass const c)
> {
> return c[b / INTBITS] >> b % INTBITS & 1;
> }
>
> and it'd probably be better to encourage this style in
> other places where the problem occurs, e.g., quotearg.
Good point. "bool" is a better return type, too.
I will adjust.
Thanks, Paul.
Information forwarded
to
bug-grep <at> gnu.org:
bug#15924; Package
grep.
(Thu, 21 Nov 2013 05:05:01 GMT)
Full text and
rfc822 format available.
Message #14 received at 15924 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
On Mon, Nov 18, 2013 at 9:25 PM, Jim Meyering <jim <at> meyering.net> wrote:
> On Mon, Nov 18, 2013 at 6:16 PM, Paul Eggert <eggert <at> cs.ucla.edu> wrote:
>> Jim Meyering wrote:
>>> static int
>>> tstbit (unsigned int b, charclass const c)
>>> {
>>> - return c[b / INTBITS] & 1 << b % INTBITS;
>>> + return c[b / INTBITS] & 1U << b % INTBITS;
>>> }
>>
>> On a machine with 32-bit int and where b % INTBITS is 31,
>> the expression c[b / INTBITS] & 1U << b % INTBITS
>> is of type 'unsigned' and can have the value 2**31, and
>> this will overflow when tstbit converts that value as an int,
>> leading to implementation-defined behavior, which can include
>> raising a signal.
>>
>> Better would be something like this:
>>
>> static bool
>> tstbit (unsigned int b, charclass const c)
>> {
>> return c[b / INTBITS] >> b % INTBITS & 1;
>> }
>>
>> and it'd probably be better to encourage this style in
>> other places where the problem occurs, e.g., quotearg.
>
> Good point. "bool" is a better return type, too.
> I will adjust.
Here's an updated patch:
[k.txt (text/plain, attachment)]
Reply sent
to
Jim Meyering <jim <at> meyering.net>:
You have taken responsibility.
(Fri, 22 Nov 2013 16:58:02 GMT)
Full text and
rfc822 format available.
Notification sent
to
Jim Meyering <jim <at> meyering.net>:
bug acknowledged by developer.
(Fri, 22 Nov 2013 16:58:03 GMT)
Full text and
rfc822 format available.
Message #19 received at 15924-done <at> debbugs.gnu.org (full text, mbox):
Pushed.
bug archived.
Request was from
Debbugs Internal Request <help-debbugs <at> gnu.org>
to
internal_control <at> debbugs.gnu.org.
(Sat, 21 Dec 2013 12:24:04 GMT)
Full text and
rfc822 format available.
This bug report was last modified 11 years and 183 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.