[1/8] math: Fix UB on atanhf

Message ID	20250425205618.360232-2-adhemerval.zanella@linaro.org
State	Accepted
Commit	92f7b6061d867c5e5f26e84c44a3ec2887bf6c81
Headers	show Delivered-To: patch@linaro.org Received-SPF: pass (google.com: domain of libc-alpha-bounces~patch=linaro.org@sourceware.org designates 8.43.85.97 as permitted sender) client-ip=8.43.85.97; DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 7948E3858D20 From: Adhemerval Zanella <adhemerval.zanella@linaro.org> To: libc-alpha@sourceware.org Cc: Paul Zimmermann <Paul.Zimmermann@inria.fr> Subject: [PATCH 1/8] math: Fix UB on atanhf Date: Fri, 25 Apr 2025 17:54:22 -0300 Message-ID: <20250425205618.360232-2-adhemerval.zanella@linaro.org> In-Reply-To: <20250425205618.360232-1-adhemerval.zanella@linaro.org> References: <20250425205618.360232-1-adhemerval.zanella@linaro.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: list Errors-To: libc-alpha-bounces~patch=linaro.org@sourceware.org
Series	Fix UB in math implementations \| expand [0/8] Fix UB in math implementations [1/8] math: Fix UB on atanhf [2/8] math: Fix UB on coshf [3/8] math: Fix UB on logf [4/8] math: Fix UB on sinhf [5/8] math: Fix UB on cbrtf [6/8] math: Fix UB on cospif [7/8] math: Fix UB on erfcf [8/8] math: Fix UB on sinpif

Message ID

20250425205618.360232-2-adhemerval.zanella@linaro.org

State

Accepted

Commit

92f7b6061d867c5e5f26e84c44a3ec2887bf6c81

Headers

Received-SPF: pass (google.com: domain of
 libc-alpha-bounces~patch=linaro.org@sourceware.org designates 8.43.85.97 as
 permitted sender) client-ip=8.43.85.97;
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 7948E3858D20
From: Adhemerval Zanella <adhemerval.zanella@linaro.org>
To: libc-alpha@sourceware.org
Cc: Paul Zimmermann <Paul.Zimmermann@inria.fr>
Subject: [PATCH 1/8] math: Fix UB on atanhf
Date: Fri, 25 Apr 2025 17:54:22 -0300
Message-ID: <20250425205618.360232-2-adhemerval.zanella@linaro.org>
In-Reply-To: <20250425205618.360232-1-adhemerval.zanella@linaro.org>
References: <20250425205618.360232-1-adhemerval.zanella@linaro.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: list
Errors-To: libc-alpha-bounces~patch=linaro.org@sourceware.org

Series

Fix UB in math implementations | expand

Commit Message

Adhemerval Zanella Netto April 25, 2025, 8:54 p.m. UTC

The left shift overflows for 'int', use unsigned instead.  It syncs
with CORE-MATH commit 4d6192d2.

Checked on aarch64-linux-gnu, x86_64-linux-gnu, and i686-linux-gnu.
---
 sysdeps/ieee754/flt-32/e_atanhf.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

Comments

Carlos O'Donell April 29, 2025, 12:45 p.m. UTC | #1

On 4/25/25 4:54 PM, Adhemerval Zanella wrote:
> The left shift overflows for 'int', use unsigned instead.  It syncs
> with CORE-MATH commit 4d6192d2.
> 
> Checked on aarch64-linux-gnu, x86_64-linux-gnu, and i686-linux-gnu.

LGTM. Note upstream CORE-MATH uses 1UL here not 1U. Still OK.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>

> ---
>   sysdeps/ieee754/flt-32/e_atanhf.c | 4 ++--
>   1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/sysdeps/ieee754/flt-32/e_atanhf.c b/sysdeps/ieee754/flt-32/e_atanhf.c
> index 5138408324..eeb1aae6a1 100644
> --- a/sysdeps/ieee754/flt-32/e_atanhf.c
> +++ b/sysdeps/ieee754/flt-32/e_atanhf.c
> @@ -3,7 +3,7 @@
>   Copyright (c) 2023-2024 Alexei Sibidanov.
>   
>   The original version of this file was copied from the CORE-MATH
> -project (file src/binary32/acosh/acoshf.c, revision bc385c2).
> +project (file src/binary32/acosh/acoshf.c, revision 4d6192d2).
>   
>   Permission is hereby granted, free of charge, to any person obtaining a copy
>   of this software and associated documentation files (the "Software"), to deal
> @@ -135,7 +135,7 @@ __ieee754_atanhf (float x)
>       }
>     double sgn = s[ux >> 31];
>     unsigned int e = ax >> 24;
> -  unsigned int md = ((ux << 8) | 1 << 31) >> (126 - e);
> +  unsigned int md = ((ux << 8) | 1U << 31) >> (126 - e);

OK. We use 1U, but CORE-MATH uses 1UL, so it doesn't *quite* sync, but close enough.

>     unsigned int mn = -md;
>     int nz = __builtin_clz (mn) + 1;
>     mn <<= nz;

OK.

commit 4d6192d21a311e412b8cc76bd33c7ba4d41ccbab
Author: Paul Zimmermann <Paul.Zimmermann@inria.fr>
Date:   Thu Mar 13 13:38:38 2025 +0100

     [atanhf] fixed undefined behavior

diff --git a/sysdeps/ieee754/flt-32/e_atanhf.c b/sysdeps/ieee754/flt-32/e_atanhf.c
index 5138408324..eeb1aae6a1 100644
--- a/sysdeps/ieee754/flt-32/e_atanhf.c
+++ b/sysdeps/ieee754/flt-32/e_atanhf.c
@@ -3,7 +3,7 @@ 
 Copyright (c) 2023-2024 Alexei Sibidanov.
 
 The original version of this file was copied from the CORE-MATH
-project (file src/binary32/acosh/acoshf.c, revision bc385c2).
+project (file src/binary32/acosh/acoshf.c, revision 4d6192d2).
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
@@ -135,7 +135,7 @@  __ieee754_atanhf (float x)
     }
   double sgn = s[ux >> 31];
   unsigned int e = ax >> 24;
-  unsigned int md = ((ux << 8) | 1 << 31) >> (126 - e);
+  unsigned int md = ((ux << 8) | 1U << 31) >> (126 - e);
   unsigned int mn = -md;
   int nz = __builtin_clz (mn) + 1;
   mn <<= nz;

[1/8] math: Fix UB on atanhf

Commit Message

Comments

Patch