undefined behavior in GMP 5.1.2

Vincent Lefevre vincent at vinc17.net
Fri Sep 20 15:29:09 CEST 2013

On 2013-09-20 15:05:11 +0200, Vincent Lefevre wrote:
> In GMP 5.1.2, there's an integer overflow in mpn/get_d.c:

Actually mpn/generic/get_d.c (the target of the symlink).
And it was on x86_64.

BTW, this integer overflow is detected when building GMP with:

./configure CC=clang CFLAGS='-O2 -fsanitize=undefined -fno-sanitize-recover'

get_d.c:137:7: runtime error: signed integer overflow: 9223372036854775807 - -100 cannot be represented in type 'long'

It also detects other problems:

t-constants.c:221:3: runtime error: left shift of negative value -9223372036854775808
FAIL: t-constants

t-parity.c:53:22: runtime error: left shift of 1 by 63 places cannot be represented in type 'long'
FAIL: t-parity

and possible other ones...

Vincent Lefèvre <vincent at vinc17.net> - Web: <http://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <http://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

More information about the gmp-bugs mailing list