In perl.git, the branch davem/cpan-undef has been created
<http://perl5.git.perl.org/perl.git/commitdiff/625dabb7080ce2b583d77b1acf8c3783a0dfd9bc?hp=0000000000000000000000000000000000000000>
at 625dabb7080ce2b583d77b1acf8c3783a0dfd9bc (commit)
- Log -----------------------------------------------------------------
commit 625dabb7080ce2b583d77b1acf8c3783a0dfd9bc
Author: David Mitchell <[email protected]>
Date: Tue Dec 23 02:21:17 2014 +0000
update customized.dat with local 'version' change
M t/porting/customized.dat
commit a3f461a88988cef9a89c13ab42c50556750ede51
Author: David Mitchell <[email protected]>
Date: Tue Dec 23 02:13:24 2014 +0000
'version': vutil.c: silence overflow warnings
Running 'clang -fsanitize=undefined' on the perl test suite triggers
a number of warnings:
vutil.c:354:9: runtime error: signed integer overflow: 750283776 +
1705032704 cannot be represented in type 'int'
vutil.c:354:25: runtime error: signed integer overflow: 6 * 1000000000
cannot be represented in type 'int'
vutil.c:355:10: runtime error: signed integer overflow: 1000000000 * 10
cannot be represented in type 'int'
This is because the version string parsing code takes a "maybe overflow,
then check to see if we've overflown" approach. Which is perfectly fine,
but clashes with clang.
This commit makes it take the opposite approach of checking each time
*before* doing the += mult*i and mult*=10 steps.
A bit clunky, but ASan only allows you to disable these warnings on a
per-function basis, and it's a reasonably large function.
I suspect that the block of code above this may need similar treatment,
but as it wasn't triggering clang warnings, I didn't look at it.
M vutil.c
commit 4575dcd7ab96eb555feaa09fe2410f10ee0b55f9
Author: David Mitchell <[email protected]>
Date: Tue Dec 23 01:17:44 2014 +0000
Digest-SHA: avoid undefined warning
With 'clang -fsanitize=undefined', (~0 << gap) gives this warning:
src/sha.c:372:41: runtime error: left shift of negative value -1
Fix it by doing (~0U << gap) instead.
NB: this commit modifies a file which appears to be part of a separate
distribution, so may have licensing implications.
M cpan/Digest-SHA/src/sha.c
commit 0a67b928b106a78d7aff58e3adbcd62bc6737598
Author: David Mitchell <[email protected]>
Date: Tue Dec 23 01:07:36 2014 +0000
Compress-Raw-Zlib: avoid undefined warning
With 'clang -fsanitize=undefined', when f==-1, ((f)<<1) gives this warning:
deflate.c:886:54: runtime error: left shift of negative value -1
Fix it by doing ((f)*2) instead. Any half-decent compiler should spot the
'*2' and implement it efficiently underneath as a shift or add or
whatever.
NB: this commit modifies a file which is part of a separate distribution,
libbzip2, so may have licensing implications.
M cpan/Compress-Raw-Zlib/zlib-src/deflate.c
commit 1bd78aeb681cbb7ff70281cdc4e5e336197bb64d
Author: David Mitchell <[email protected]>
Date: Tue Dec 23 00:48:21 2014 +0000
Compress-Raw-Bzip2: avoid overflow warning
With 'clang -fsanitize=undefined', (1<<31) gives warnings like these:
blocksort.c:256:7: runtime error: left shift of 1 by 31 places cannot be
represented in type 'int'
Fix it by shifting an unsigned value instead: (1U<<31).
NB: this commit modifies a file which is part of a separate distribution,
libbzip2, so may have licensing implications.
M cpan/Compress-Raw-Bzip2/bzip2-src/blocksort.c
commit 3bc8d0267c240874b9a1c01f4bcf53d0b3860ec1
Author: David Mitchell <[email protected]>
Date: Tue Dec 23 00:29:53 2014 +0000
Socket.xs: avoid integer overflow
As spotted by 'clang -fsanitize=undefined',
the shifting of the bytes to form an IPv4 address results in an
intermediate signed int, which clang detects as overflowing when <<24.
So ensure all the values to be shifted are unsigned.
Typical clang error:
Socket.xs:796:30: runtime error: left shift of 193 by 24 places cannot be
represented in type 'int'
M cpan/Socket/Socket.xs
commit 9f4ce887f275e5092586e05149d7a993af5882c8
Author: David Mitchell <[email protected]>
Date: Tue Dec 23 00:07:38 2014 +0000
List::Util: fix some integer overflows
both sum() and product() didn't handle integers near IV_MIN and IV_MAX
very well. Some of this was spotted by "clang -fsanitize=undefined",
the rest by visual code inspection.
Basically when adding or multiplying two signed IV together, and deciding
when to bail out and use NVs instead, there are more permutations to
consider than was being done. This meant that the bail tests sometimes
had undefined behaviour, and in the worst case, product(...,0,...)
actually raised a divide by zero exception in the bail test
M cpan/Scalar-List-Utils/ListUtil.xs
M cpan/Scalar-List-Utils/t/product.t
M cpan/Scalar-List-Utils/t/sum.t
-----------------------------------------------------------------------
--
Perl5 Master Repository
