undefined behavior in GMP 5.1.2
marc.glisse at inria.fr
Fri Sep 20 20:43:49 CEST 2013
On Fri, 20 Sep 2013, Vincent Lefevre wrote:
> On 2013-09-20 15:05:11 +0200, Vincent Lefevre wrote:
>> In GMP 5.1.2, there's an integer overflow in mpn/get_d.c:
> Actually mpn/generic/get_d.c (the target of the symlink).
> And it was on x86_64.
> BTW, this integer overflow is detected when building GMP with:
> ./configure CC=clang CFLAGS='-O2 -fsanitize=undefined -fno-sanitize-recover'
> get_d.c:137:7: runtime error: signed integer overflow: 9223372036854775807 - -100 cannot be represented in type 'long'
I backported my patch to the 5.1 branch.
> It also detects other problems:
> t-constants.c:221:3: runtime error: left shift of negative value -9223372036854775808
> FAIL: t-constants
> t-parity.c:53:22: runtime error: left shift of 1 by 63 places cannot be represented in type 'long'
> FAIL: t-parity
> and possible other ones...
Those are in the testsuite, so less of a priority (not that we should
ignore them). Did you find others in the library itself?
More information about the gmp-bugs