aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2025-04-25gmon: Fix UB in sprofilazanella/ubsan-undefAdhemerval Zanella1-1/+1
UBSAN: Undefined behaviour in ../sysdeps/posix/sprofil.c:272:16 variable length array bound evaluates to non-positive value 0 Move the VLA to after the porfile stop condition (where size might be zero).
2025-04-25gmon: Fix UB in tst-sprofil.cAdhemerval Zanella1-3/+3
UBSAN: Undefined behaviour in tst-sprofil.c:140:6 unsigned integer overflow: 2432902008176640000 + 7812407968270641256 cannot be represened in type 'long int' Use unsigned types for the fibonacci.
2025-04-25string: Remove UB on ffs/ffsllAdhemerval Zanella2-2/+6
Building with ubsan on 32 bit architecture, tst-ffs shows: ffsll(0x4000000000000000) as expected 63 UBSAN: Undefined behaviour in ffsll.c:37:34 negation of 9223372036854775808 cannot be represented in type 'long long int' Since the idea is to isolate the least significant bit, use unsigned types.
2025-04-25string: Fix UB on test-strrchrAdhemerval Zanella1-2/+2
UBSAN: Undefined behaviour in test-strrchr.c:100:35 unsigned integer overflow: 1804289383 * 846930886 cannot be represened in type 'long int' Use int64_t operations instead.
2025-04-25sysvipc: Fix UB on time64 time supportAdhemerval Zanella10-43/+35
Building with ubsan on 32 bit architecture without 64 bit time_t as default, it shows: UBSAN: Undefined behaviour in ../sysdeps/unix/sysv/linux/msgctl.c:180:45 left shift of 3935167480 by 32 cannot be represented in type 'long long int' Add a new macro, IPC_HILO, to handle this transparently by using unsigned shifts.
2025-04-25nptl: xfail tst-cleanup2 when building with ubsanAdhemerval Zanella1-0/+4
The test explicit uses UB (sprintf (NULL, ...) to triggers a SIGSEGV from libc and check with the pthread cleanup are correctly called. With ubsan enable, it triggers: UBSAN: Undefined behaviour in Xprintf_buffer_write.c:39:7 null pointer passed as argument 1, nonnull attribute declared at unknown:0:0 Which is a memcpy call with NULL argument.
2025-04-25powerpc: Fix powerpc64 build for ubsanAdhemerval Zanella1-1/+2
2025-04-25stdio: Fix test-printf-ldbl-compat.c build with ubsanAdhemerval Zanella1-0/+2
On powercp64le with --enable-ubsan the build fails with: In file included from ../include/bits/stdio2.h:1, from ../libio/stdio.h:967, from ../include/stdio.h:14, from ../sysdeps/ieee754/ldbl-128ibm-compat/test-printf-ldbl-compat.c:21, from ../sysdeps/ieee754/ldbl-128ibm-compat/test-printf-ieee128.c:1: In function ‘vfprintf’, inlined from ‘do_test_call_varg’ at ../sysdeps/ieee754/ldbl-128ibm-compat/test-printf-ldbl-compat.c:56:3: ../libio/bits/stdio2.h:166:10: error: null format string [-Werror=format-overflow=] 166 | return __vfprintf_chk (__stream, __USE_FORTIFY_LEVEL - 1, __fmt, __ap); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ In function ‘vsnprintf’, inlined from ‘do_test_call_varg’ at ../sysdeps/ieee754/ldbl-128ibm-compat/test-printf-ldbl-compat.c:68:3: ../libio/bits/stdio2.h:100:10: error: null format string [-Werror=format-truncation=] 100 | return __builtin___vsnprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1, | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 101 | __glibc_objsize (__s), __fmt, __ap); | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ In function ‘fprintf’, inlined from ‘do_test_call_rarg.constprop’ at ../sysdeps/ieee754/ldbl-128ibm-compat/test-printf-ldbl-compat.c:104:3: ../libio/bits/stdio2.h:111:10: error: null format string [-Werror=format-overflow=] 111 | return __fprintf_chk (__stream, __USE_FORTIFY_LEVEL - 1, __fmt, | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 112 | __va_arg_pack ()); | ~~~~~~~~~~~~~~~~~ In function ‘printf’, inlined from ‘do_test_call_rarg.constprop’ at ../sysdeps/ieee754/ldbl-128ibm-compat/test-printf-ldbl-compat.c:108:3: ../libio/bits/stdio2.h:118:10: error: null format string [-Werror=format-overflow=] 118 | return __printf_chk (__USE_FORTIFY_LEVEL - 1, __fmt, __va_arg_pack ()); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ In function ‘snprintf’, inlined from ‘do_test_call_rarg.constprop’ at ../sysdeps/ieee754/ldbl-128ibm-compat/test-printf-ldbl-compat.c:112:3: ../libio/bits/stdio2.h:68:10: error: null format string [-Werror=format-truncation=] 68 | return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1, | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 69 | __glibc_objsize (__s), __fmt, | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 70 | __va_arg_pack ()); | ~~~~~~~~~~~~~~~~~ cc1: all warnings being treated as errors
2025-04-25stdio: Fix test-printf-chk-ldbl-compat build with ubsanAdhemerval Zanella1-0/+2
On powercp64le with --enable-ubsan the build fails with: ../sysdeps/ieee754/ldbl-128ibm-compat/test-printf-chk-ldbl-compat.c: In function ‘do_test_call_varg’: ../sysdeps/ieee754/ldbl-128ibm-compat/test-printf-chk-ldbl-compat.c:60:3: error: null format string [-Werror=format-overflow=] 60 | __vfprintf_chk (stream, 1, format, args); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ../sysdeps/ieee754/ldbl-128ibm-compat/test-printf-chk-ldbl-compat.c:66:3: error: null format string [-Werror=format-overflow=] 66 | __vprintf_chk (1, format, args); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ../sysdeps/ieee754/ldbl-128ibm-compat/test-printf-chk-ldbl-compat.c:72:3: error: null format string [-Werror=format-truncation=] 72 | __vsnprintf_chk (string, 79, 1, 127, format, args); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ../sysdeps/ieee754/ldbl-128ibm-compat/test-printf-chk-ldbl-compat.c: In function ‘do_test_call_rarg.constprop’: ../sysdeps/ieee754/ldbl-128ibm-compat/test-printf-chk-ldbl-compat.c:111:3: error: null format string [-Werror=format-overflow=] 111 | __fprintf_chk (stdout, 1, format, ld, d); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ../sysdeps/ieee754/ldbl-128ibm-compat/test-printf-chk-ldbl-compat.c:115:3: error: null format string [-Werror=format-overflow=] 115 | __printf_chk (1, format, ld, d); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ../sysdeps/ieee754/ldbl-128ibm-compat/test-printf-chk-ldbl-compat.c:119:3: error: null format string [-Werror=format-truncation=] 119 | __snprintf_chk (string, 79, 1, 127, format, ld, d); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2025-04-25stdio-common: Fix UB on stdio-common/vfprintf-process-arg.cAdhemerval Zanella1-1/+2
On i686 debug/tst-sprintf-fortify-unchecked triggers: UBSAN: Undefined behaviour in vfprintf-process-arg.c:41:57 negation of 9223372036854775808 cannot be represented in type 'long long int'
2025-04-25nss: Fix tst-nss-hash UBAdhemerval Zanella1-1/+1
UBSAN: Undefined behaviour in tst-nss-hash.c:49:8 variable length array bound evaluates to non-positive value 0
2025-04-25nss: Fix UB on test-netdbAdhemerval Zanella1-0/+3
The gethostname is defined as not accepting NULL arguments, so use a minimal size for initial call.
2025-04-25stdlib: Fix tst-makecontext3 UBAdhemerval Zanella1-34/+34
UBSAN: Undefined behaviour in tst-makecontext3.c:164:40 left shift of 1794341827 by 1 cannot be represented in type 'int'
2025-04-25linux: Fix UB on tst-sched-setattr.cAdhemerval Zanella1-10/+15
UBSAN: Undefined behaviour in ../sysdeps/unix/sysv/linux/tst-sched_setattr.c:86:5 null pointer passed as argument 2, nonnull attribute declared at unknown:0:0
2025-04-25string: Fix UB on tesf-ffsAdhemerval Zanella1-2/+3
UBSAN: Undefined behaviour in test-ffs.c:48:3 left shift of 1 by 31 cannot be represented in type 'int'
2025-04-25stdlib: Fix UB in tst-limits.cAdhemerval Zanella1-4/+12
UBSAN: Undefined behaviour in tst-limits.c:14:16 left shift of 1 by 63 cannot be represented in type 'long long int'
2025-04-25stdlib: Adapt tst-environ to ubsanAdhemerval Zanella1-11/+19
The test explicits checks for passing a null argument to a function with argument nonnull attribute.
2025-04-25stdlib: Fix UB on strtod FIXAdhemerval Zanella1-1/+1
2025-04-25math: Rewrite ldbl-128 isnanAdhemerval Zanella1-26/+23
With ubsan, test-float128-cabs triggers: UBSAN: Undefined behaviour in ../sysdeps/ieee754/float128/../ldbl-128/s_isnanl.c:29:30 negation of 9223372036854775808 cannot be represented in type 'long int' Rewrite with simplified version.
2025-04-25math: Fix UB in float128 atan2Adhemerval Zanella1-1/+1
UBSAN: Undefined behaviour in ../sysdeps/ieee754/float128/../ldbl-128/e_atan2l.c:68:9 unsigned integer overflow: 9223372036854775808 - 4611404543450677248 cannot be represened in type 'long int'
2025-04-25math: Fix UB in test-canonical-ldbl-96.cAdhemerval Zanella1-1/+2
UBSAN: Undefined behaviour in ../sysdeps/ieee754/ldbl-96/test-canonical-ldbl-96.c:97:7 left shift of 1 by 31 cannot be represented in type 'int'
2025-04-25sunrpc: Fix UB on xdr_hyperAdhemerval Zanella1-1/+1
ubsan triggers: UBSAN: Undefined behaviour in xdr.c:262:28 left shift of 18446744073709551615 by 32 cannot be represented in type 'long int' Fix by using unsigned type cast for left shift.
2025-04-25string: Fix UB on gneric strncmpAdhemerval Zanella1-1/+1
Building with ubsan it triggers: UBSAN: Undefined behaviour in ../string/strncmp.c:103:12 shift exponent 32 is too large for 32-bit type 'int' Use an unsigned constant literal for MERGE, since op_t is defined as unsigned.
2025-04-25string: Fix UB on index_first/index_lastAdhemerval Zanella1-22/+5
Building with ubsan the test-strcnmp triggers: UBSAN: Undefined behaviour in ../sysdeps/generic/string-fzi.h:39:12 passing zero to __builtin_ctz() Use stdbit.h functions instead of ctl/clz.
2025-04-25string: Fix UB on generic strcmpAdhemerval Zanella1-1/+1
Building with ubsan it trigger: UBSAN: Undefined behaviour in ../string/strcmp.c:92:12 shift exponent 32 is too large for 32-bit type 'int' Use an unsigned constant literal for MERGE, since op_t is defined as unsigned.
2025-04-25string: Fix UB on gneric stpcpyAdhemerval Zanella1-1/+1
Building with ubsan it trigger: UBSAN: Undefined behaviour in ../string/stpcpy.c:91:12 shift exponent 56 is too large for 32-bit type 'int' Use an unsigned constant literal for MERGE, since op_t is defined as unsigned.
2025-04-25stdlib: Fix UB on strtodAdhemerval Zanella1-2/+5
With glibc built with ubsan it triggers: UBSAN: Undefined behaviour in strtod_l.c:1580:8 shift exponent 41 is too large for 32-bit type 'int' Use the correct constant literal definition based on mp_limb_t size.
2025-04-25stdlib: Fix UB on erand48/jrand48Adhemerval Zanella2-2/+3
With glibc built with ubsan it triggers: UBSAN: Undefined behaviour in jrand48_r.c:29:34 left shift of 41612 by 16 cannot be represented in type 'int' UBSAN: Undefined behaviour in erand48_r.c:39:45 left shift of 3972 by 20 cannot be represented in type 'int' Fix by casting to uint32_t for the shift operation.
2025-04-25stdlib: Fix __libc_message_impl iovec sizeAdhemerval Zanella1-1/+1
The ubsan triggers an array item access error with stdlib/tst-bz20544.
2025-04-25stdio: Remove UB on printf_fpAdhemerval Zanella1-9/+9
Building with ubsan triggers: UBSAN: Undefined behaviour in printf_fp.c:633:4 passing zero to __builtin_ctz() So replace longlong.h with stdbit.h function.
2025-04-25nss: Fix UB on flsAdhemerval Zanella1-1/+1
2025-04-25locale: Fix UB on VLA allocationAdhemerval Zanella2-68/+80
Both level 2 and level 3 sizes can be zero, which triggers a 0-size VLA. Reorganize the code to allocate the VLA iff sizes are positive.
2025-04-25libio: Fix UB __libio_codecvt_lengthAdhemerval Zanella1-0/+3
To avoid a 0 size VLA.
2025-04-25iconv: Fix UB on iconv/tst-translit-mcharAdhemerval Zanella1-0/+2
Building with ubsan, the test triggers: UBSAN: Undefined behaviour in programs/locfile.c:598:3 null pointer passed as argument 2, nonnull attribute declared at unknown:0:0 The obstack_grow is only define for size > 0.
2025-04-25iconv: Fix UB on find_derivationAdhemerval Zanella1-2/+5
The cost addition might overflow since the default value is LONG_INT. Use wrap addition instead.
2025-04-25elf: Fix UB on _dl_map_object_from_fdAdhemerval Zanella1-1/+1
On 32-bit architecture ubsan triggers: UBSAN: Undefined behaviour in dl-load.c:1345:54 pointer index expression with base 0x00612508 overflowed to 0xf7c3a508 Use explicit uintptr_t operation instead.
2025-04-25math: Fix UB on sinpifAdhemerval Zanella1-4/+4
The left shift overflows for 'int', use uint32_t instead. It syncs with CORE-MATH commit bbfabd99.
2025-04-25math: Fix UB on erfcfAdhemerval Zanella1-2/+2
The left shift overflows for 'int', use uint64_t instead. It syncs with CORE-MATH commit d0a2be200cbc1344d800d9ef0ebee9ad67dd3ad8.
2025-04-25math: Fix UB on cospifAdhemerval Zanella1-3/+3
The left shift overflows for 'int', use uint32_t instead. It syncs with CORE-MATH commit bbfabd993a71b049c210b0febfd06d18369fadc1.
2025-04-25math: Fix UB on cbrtfAdhemerval Zanella1-3/+3
The left shift overflows for 'int64_t', use unsigned instead. It syncs with CORE-MATH commit f7c7408d1749ec2859ea249495af699359ae559b.
2025-04-25math: Fix UB on sinhfAdhemerval Zanella1-3/+3
The left shift overflows for 'int', use uint64_t instead. It syncs with CORE-MATH commit bbfabd99.
2025-04-25math: Fix UB on logfAdhemerval Zanella1-1/+1
The left shift overflows for 'int', use a literal instead. It syncs with OPTIMIZED-ROUTINES commit 0f87f607b976820ef41fe64d004fe67dc7af8236.
2025-04-25math: Fix UB on coshfAdhemerval Zanella1-3/+3
The left shift overflows for 'int', use uint64_t instead. It syncs with CORE-MATH commit 4d6192d2.
2025-04-25math: Fix UB on atanhfAdhemerval Zanella1-2/+2
The left shift overflows for 'int', use unsigned instead. It syncs with CORE-MATH commit 4d6192d2.
2025-04-25math: Fix UB in setayloadfAdhemerval Zanella1-1/+2
The code can shift the 1U for value larger than 31 depending of the exponent value. Add a check prior the shift.
2025-04-25math: Fix UB in setayloadAdhemerval Zanella1-1/+3
The code can shift the 1ULL for value larger than 63 depending of the exponent value. Add a check prior the shift.
2025-04-25math: Remove UB from float18 ilogbfAdhemerval Zanella1-3/+4
The subnormal exponent calculation invokes UB by left shifting the high or lower work. Use unsigned values and stdc_leading_zeros instead.
2025-04-25math: Optimize float ilogb/llogbAdhemerval Zanella3-41/+73
By removing the wrapper and setting FE_INVALID and errno inline.
2025-04-25math: Remove UB and optimize double ilogbfAdhemerval Zanella1-35/+33
The subnormal exponent calculation invokes UB by left shifting the signed expoenent to fix the first leading bit. The patch reimplements ilogb using the math_config.h macros and uses the new stdbit function to simplify the subnormal handling. On aarch64 it generates better code: * master: 0000000000000000 <__ieee754_ilogbf>: 0: 1e260000 fmov w0, s0 4: 12007801 and w1, w0, #0x7fffffff 8: 72091c1f tst w0, #0x7f800000 c: 54000141 b.ne 34 <__ieee754_ilogbf+0x34> // b.any 10: 34000201 cbz w1, 50 <__ieee754_ilogbf+0x50> 14: 53185c21 lsl w1, w1, #8 18: 12800fa0 mov w0, #0xffffff82 // #-126 1c: d503201f nop 20: 531f7821 lsl w1, w1, #1 24: 51000400 sub w0, w0, #0x1 28: 7100003f cmp w1, #0x0 2c: 54ffffac b.gt 20 <__ieee754_ilogbf+0x20> 30: d65f03c0 ret 34: 13177c20 asr w0, w1, #23 38: 12b01002 mov w2, #0x7f7fffff // #2139095039 3c: 5101fc00 sub w0, w0, #0x7f 40: 6b02003f cmp w1, w2 44: 12b00001 mov w1, #0x7fffffff // #2147483647 48: 1a819000 csel w0, w0, w1, ls // ls = plast 4c: d65f03c0 ret 50: 320107e0 mov w0, #0x80000001 // #-2147483647 54: d65f03c0 ret * patch: 0000000000000000 <__ieee754_ilogbf>: 0: 1e260001 fmov w1, s0 4: d3577820 ubfx x0, x1, #23, #8 8: 350000e0 cbnz w0, 24 <__ieee754_ilogbf+0x24> c: 53175821 lsl w1, w1, #9 10: 34000141 cbz w1, 38 <__ieee754_ilogbf+0x38> 14: 5ac01021 clz w1, w1 18: 12800fc0 mov w0, #0xffffff81 // #-127 1c: 4b010000 sub w0, w0, w1 20: d65f03c0 ret 24: 7103fc1f cmp w0, #0xff 28: 5101fc00 sub w0, w0, #0x7f 2c: 12b00001 mov w1, #0x7fffffff // #2147483647 30: 1a811000 csel w0, w0, w1, ne // ne = any 34: d65f03c0 ret 38: 320107e0 mov w0, #0x80000001 // #-2147483647 3c: d65f03c0 ret
2025-04-25math: Optimize double ilogb/llogbAdhemerval Zanella3-41/+72
By removing the wrapper and setting FE_INVALID and errno inline.
generated by cgit v1.2.3 (git 2.25.1) at 2026-01-01 05:42:43 +0000