undefined behavior in GMP 5.1.2

Marc Glisse marc.glisse at inria.fr
Fri Sep 20 20:43:49 CEST 2013


On Fri, 20 Sep 2013, Vincent Lefevre wrote:

> On 2013-09-20 15:05:11 +0200, Vincent Lefevre wrote:
>> In GMP 5.1.2, there's an integer overflow in mpn/get_d.c:
>
> Actually mpn/generic/get_d.c (the target of the symlink).
> And it was on x86_64.
>
> BTW, this integer overflow is detected when building GMP with:
>
> ./configure CC=clang CFLAGS='-O2 -fsanitize=undefined -fno-sanitize-recover'
>
> get_d.c:137:7: runtime error: signed integer overflow: 9223372036854775807 - -100 cannot be represented in type 'long'

I backported my patch to the 5.1 branch.

> It also detects other problems:
>
> t-constants.c:221:3: runtime error: left shift of negative value -9223372036854775808
> FAIL: t-constants
>
> t-parity.c:53:22: runtime error: left shift of 1 by 63 places cannot be represented in type 'long'
> FAIL: t-parity
>
> and possible other ones...

Those are in the testsuite, so less of a priority (not that we should 
ignore them). Did you find others in the library itself?

-- 
Marc Glisse


More information about the gmp-bugs mailing list