Note places where undefined behavior is detected by the UB sanitizer

Comments only, no functional changes. modified: src/arith2.c modified: src/arith3.c modified: src/arith4.c modified: src/xc.c
2026-01-31 13:52:29 +00:00 · 2020-09-17 18:24:54 -07:00
parent 11690d0f9c
commit 2b02c15982
4 changed files with 8 additions and 1 deletions
--- a/src/arith2.c
+++ b/src/arith2.c
@@ -47,6 +47,7 @@ doufn2:
  ERROR_EXIT(tos);

 #else
+  /* UB: signed integer overflow: 2147483647 + 2147483647 cannot be represented in type 'int' */
  result = arg1 + arg2;
  if (((arg1 >= 0) == (arg2 >= 0)) && ((result >= 0) != (arg1 >= 0))) { ERROR_EXIT(tos); }
  N_ARITH_SWITCH(result);
@@ -82,6 +83,7 @@ dummy:

 #else

+  /* UB: signed integer overflow: 2147483647 + 2147483647 cannot be represented in type 'int' */
  result = arg1 + arg2;
  if (((arg1 >= 0) == (arg2 >= 0)) && ((result >= 0) != (arg1 >= 0))) { ERROR_EXIT(tos); }
  N_ARITH_SWITCH(result);
@@ -117,6 +119,7 @@ doufn2:

 #else

+  /* UB: signed integer overflow: -2147483647 - 320 cannot be represented in type 'int' */
  result = arg1 - arg2;
  if (((arg1 >= 0) == (arg2 < 0)) && ((result >= 0) != (arg1 >= 0))) { ERROR_EXIT(tos); }
  N_ARITH_SWITCH(result);
@@ -142,7 +145,7 @@ dummy:
  idiff_err_label();

 #else
-
+  /* UB: signed integer overflow: -2147483647 - 100 cannot be represented in type 'int' */
  result = arg1 - arg2;
  if (((arg1 >= 0) == (arg2 < 0)) && ((result >= 0) != (arg1 >= 0))) { ERROR_EXIT(tos); }
  N_ARITH_SWITCH(result);
--- a/src/arith3.c
+++ b/src/arith3.c
@@ -47,6 +47,7 @@ LispPTR N_OP_makenumber(int tosm1, int tos) {
  register int result;

  if (((tosm1 & 0xFFFF0000) != S_POSITIVE) || ((tos & 0xFFFF0000) != S_POSITIVE)) ERROR_EXIT(tos);
+  /* UB: left shift of 49152 by 16 places cannot be represented in type 'int' */
  result = ((tosm1 & 0xffff) << 16) | (tos & 0xffff);
  N_ARITH_SWITCH(result);
 } /* end OP_makenumber */
--- a/src/arith4.c
+++ b/src/arith4.c
@@ -89,6 +89,7 @@ dummy:

 #else

+  /* UB: signed integer overflow: 1073741824 * 32768 cannot be represented in type 'int' */
  result = arg1 * arg2;
  if ((arg2 != 0) && ((result / arg2) != arg1)) { goto doufn; }
  N_ARITH_SWITCH(result);
--- a/src/xc.c
+++ b/src/xc.c
@@ -444,6 +444,7 @@ nextopcode:

    case 021:
    CASE021:
+      /* UB: left shift of negative value -4 */
      BIND;
    case 022:
    CASE022:
@@ -901,6 +902,7 @@ nextopcode:
    case 0261:
    CASE261 : {
      CHECK_INTERRUPT;
+      /* UB: left shift of negative value -1 */
      PCMACL += (Get_SBYTE_PCMAC1 << 8) | Get_BYTE_PCMAC2;
      nextop0;
    }