From 2b02c1598254fdeadb27ace5768151aa4f24a884 Mon Sep 17 00:00:00 2001
From: Nick Briggs <nicholas.h.briggs@gmail.com>
Date: Thu, 17 Sep 2020 18:24:54 -0700
Subject: [PATCH] Note places where undefined behavior is detected by the UB
 sanitizer Comments only, no functional changes.

	modified:   src/arith2.c
	modified:   src/arith3.c
	modified:   src/arith4.c
	modified:   src/xc.c
---
 src/arith2.c | 5 ++++-
 src/arith3.c | 1 +
 src/arith4.c | 1 +
 src/xc.c     | 2 ++
 4 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/src/arith2.c b/src/arith2.c
index d91d924..c744de3 100644
--- a/src/arith2.c
+++ b/src/arith2.c
@@ -47,6 +47,7 @@ doufn2:
   ERROR_EXIT(tos);
 
 #else
+  /* UB: signed integer overflow: 2147483647 + 2147483647 cannot be represented in type 'int' */
   result = arg1 + arg2;
   if (((arg1 >= 0) == (arg2 >= 0)) && ((result >= 0) != (arg1 >= 0))) { ERROR_EXIT(tos); }
   N_ARITH_SWITCH(result);
@@ -82,6 +83,7 @@ dummy:
 
 #else
 
+  /* UB: signed integer overflow: 2147483647 + 2147483647 cannot be represented in type 'int' */
   result = arg1 + arg2;
   if (((arg1 >= 0) == (arg2 >= 0)) && ((result >= 0) != (arg1 >= 0))) { ERROR_EXIT(tos); }
   N_ARITH_SWITCH(result);
@@ -117,6 +119,7 @@ doufn2:
 
 #else
 
+  /* UB: signed integer overflow: -2147483647 - 320 cannot be represented in type 'int' */
   result = arg1 - arg2;
   if (((arg1 >= 0) == (arg2 < 0)) && ((result >= 0) != (arg1 >= 0))) { ERROR_EXIT(tos); }
   N_ARITH_SWITCH(result);
@@ -142,7 +145,7 @@ dummy:
   idiff_err_label();
 
 #else
-
+  /* UB: signed integer overflow: -2147483647 - 100 cannot be represented in type 'int' */
   result = arg1 - arg2;
   if (((arg1 >= 0) == (arg2 < 0)) && ((result >= 0) != (arg1 >= 0))) { ERROR_EXIT(tos); }
   N_ARITH_SWITCH(result);
diff --git a/src/arith3.c b/src/arith3.c
index 2838c1a..7072e88 100644
--- a/src/arith3.c
+++ b/src/arith3.c
@@ -47,6 +47,7 @@ LispPTR N_OP_makenumber(int tosm1, int tos) {
   register int result;
 
   if (((tosm1 & 0xFFFF0000) != S_POSITIVE) || ((tos & 0xFFFF0000) != S_POSITIVE)) ERROR_EXIT(tos);
+  /* UB: left shift of 49152 by 16 places cannot be represented in type 'int' */
   result = ((tosm1 & 0xffff) << 16) | (tos & 0xffff);
   N_ARITH_SWITCH(result);
 } /* end OP_makenumber */
diff --git a/src/arith4.c b/src/arith4.c
index 1408a45..bd84dab 100644
--- a/src/arith4.c
+++ b/src/arith4.c
@@ -89,6 +89,7 @@ dummy:
 
 #else
 
+  /* UB: signed integer overflow: 1073741824 * 32768 cannot be represented in type 'int' */
   result = arg1 * arg2;
   if ((arg2 != 0) && ((result / arg2) != arg1)) { goto doufn; }
   N_ARITH_SWITCH(result);
diff --git a/src/xc.c b/src/xc.c
index 6294860..53f21ca 100644
--- a/src/xc.c
+++ b/src/xc.c
@@ -444,6 +444,7 @@ nextopcode:
 
     case 021:
     CASE021:
+      /* UB: left shift of negative value -4 */
       BIND;
     case 022:
     CASE022:
@@ -901,6 +902,7 @@ nextopcode:
     case 0261:
     CASE261 : {
       CHECK_INTERRUPT;
+      /* UB: left shift of negative value -1 */
       PCMACL += (Get_SBYTE_PCMAC1 << 8) | Get_BYTE_PCMAC2;
       nextop0;
     }