Re: [PATCH 1/2] avoid shifting signed integers 31 bits

public inbox for git@vger.kernel.org 
 help / color / mirror / Atom feed

From: Junio C Hamano <gitster@pobox•com>
To: Jeff King <peff@peff•net>
Cc: Duy Nguyen <pclouds@gmail•com>,
	Git Mailing List <git@vger•kernel.org>,
	Christian Couder <christian.couder@gmail•com>
Subject: Re: [PATCH 1/2] avoid shifting signed integers 31 bits
Date: Mon, 04 Jan 2016 09:52:10 -0800	[thread overview]
Message-ID: <xmqqh9itp705.fsf@gitster.mtv.corp.google.com> (raw)
In-Reply-To: <20151231052029.GA10238@sigill.intra.peff.net> (Jeff King's message of "Thu, 31 Dec 2015 00:20:29 -0500")

Jeff King <peff@peff•net> writes:

> On Thu, Dec 31, 2015 at 12:10:33PM +0700, Duy Nguyen wrote:
>
>> On Tue, Dec 29, 2015 at 1:35 PM, Jeff King <peff@peff•net> wrote:
>> > We sometimes use 32-bit unsigned integers as bit-fields.
>> > It's fine to access the MSB, because it's unsigned. However,
>> > doing so as "1 << 31" is wrong, because the constant "1" is
>> > a signed int, and we shift into the sign bit, causing
>> > undefined behavior.
>> >
>> > We can fix this by using "1U" as the constant.
>> 
>> We have this in cache.h, should it be fixed as well?
>> 
>> /* CE_EXTENDED2 is for future extension */
>> #define CE_EXTENDED2         (1 << 31)
>
> Sort of. We don't actually use it, and since it's a macro, that means it
> never even hits the compiler proper itself. So it's not a bug, but it's
> a bug waiting to happen. :)
>
> -Peff

Let's squash an obvious change for that in to 1/2, then, before I
merge the series to 'next'.

Thanks.

-- >8 --
From: Jeff King <peff@peff•net>
Date: Tue, 29 Dec 2015 01:35:46 -0500
Subject: [PATCH] avoid shifting signed integers 31 bits

We sometimes use 32-bit unsigned integers as bit-fields.
It's fine to access the MSB, because it's unsigned. However,
doing so as "1 << 31" is wrong, because the constant "1" is
a signed int, and we shift into the sign bit, causing
undefined behavior.

We can fix this by using "1U" as the constant.

Signed-off-by: Jeff King <peff@peff•net>
Signed-off-by: Junio C Hamano <gitster@pobox•com>
---
 builtin/receive-pack.c | 2 +-
 cache.h                | 2 +-
 diff.h                 | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/builtin/receive-pack.c b/builtin/receive-pack.c
index e6b93d0..e35ed40 100644
--- a/builtin/receive-pack.c
+++ b/builtin/receive-pack.c
@@ -1597,7 +1597,7 @@ static void prepare_shallow_update(struct command *commands,
 				continue;
 			si->need_reachability_test[i]++;
 			for (k = 0; k < 32; k++)
-				if (si->used_shallow[i][j] & (1 << k))
+				if (si->used_shallow[i][j] & (1U << k))
 					si->shallow_ref[j * 32 + k]++;
 		}
 
diff --git a/cache.h b/cache.h
index 6f53962..9088843 100644
--- a/cache.h
+++ b/cache.h
@@ -214,7 +214,7 @@ struct cache_entry {
 #define CE_INTENT_TO_ADD     (1 << 29)
 #define CE_SKIP_WORKTREE     (1 << 30)
 /* CE_EXTENDED2 is for future extension */
-#define CE_EXTENDED2         (1 << 31)
+#define CE_EXTENDED2         (1U << 31)
 
 #define CE_EXTENDED_FLAGS (CE_INTENT_TO_ADD | CE_SKIP_WORKTREE)
 
diff --git a/diff.h b/diff.h
index f7208ad..893f446 100644
--- a/diff.h
+++ b/diff.h
@@ -91,7 +91,7 @@ typedef struct strbuf *(*diff_prefix_fn_t)(struct diff_options *opt, void *data)
 #define DIFF_OPT_DIRSTAT_BY_LINE     (1 << 28)
 #define DIFF_OPT_FUNCCONTEXT         (1 << 29)
 #define DIFF_OPT_PICKAXE_IGNORE_CASE (1 << 30)
-#define DIFF_OPT_DEFAULT_FOLLOW_RENAMES (1 << 31)
+#define DIFF_OPT_DEFAULT_FOLLOW_RENAMES (1U << 31)
 
 #define DIFF_OPT_TST(opts, flag)    ((opts)->flags & DIFF_OPT_##flag)
 #define DIFF_OPT_TOUCHED(opts, flag)    ((opts)->touched_flags & DIFF_OPT_##flag)
-- 
2.7.0-rc3-132-g73ad441

next prev parent reply	other threads:[~2016-01-04 17:52 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-12-29  6:34 [PATCH 0/2] compiling with -fsanitize=undefined Jeff King
2015-12-29  6:35 ` [PATCH 1/2] avoid shifting signed integers 31 bits Jeff King
2015-12-30  0:09   ` Junio C Hamano
2015-12-30  4:25     ` Jeff King
2015-12-31  5:10   ` Duy Nguyen
2015-12-31  5:20     ` Jeff King
2016-01-04 17:52       ` Junio C Hamano [this message]
2016-01-04 23:32         ` Jeff King
2015-12-29  6:36 ` [PATCH 2/2] bswap: add NO_UNALIGNED_LOADS define Jeff King
2015-12-29  6:42   ` Eric Sunshine
2015-12-29  6:45     ` Jeff King
2015-12-29  6:44 ` [PATCH 0/2] compiling with -fsanitize=undefined Jeff King

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:e6b93d0 dfblob:e35ed40 dfblob:6f53962 dfblob:9088843
dfblob:f7208ad dfblob:893f446 )
 OR (
bs:"avoid shifting signed integers 31 bits" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=xmqqh9itp705.fsf@gitster.mtv.corp.google.com \
    --to=gitster@pobox$(echo .)com \
    --cc=christian.couder@gmail$(echo .)com \
    --cc=git@vger$(echo .)kernel.org \
    --cc=pclouds@gmail$(echo .)com \
    --cc=peff@peff$(echo .)net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox