Without bounding the increment, we can overflow exp either here
in scalbn_decomposed or when adding the bias in round_canonical.
This can result in e.g. underflowing to 0 instead of overflowing
to infinity.
The old softfloat code did bound the increment.
Signed-off-by: Richard Henderson <richard.hender...@linaro.org>
---
fpu/softfloat.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/fpu/softfloat.c b/fpu/softfloat.c
index ba6e654050..a589f328c9 100644
--- a/fpu/softfloat.c
+++ b/fpu/softfloat.c
@@ -1883,6 +1883,12 @@ static FloatParts scalbn_decomposed(FloatParts a, int n,
float_status *s)
return return_nan(a, s);
}
if (a.cls == float_class_normal) {
+ /* The largest float type (even though not supported by FloatParts)
+ * is float128, which has a 15 bit exponent. Bounding N to 16 bits
+ * still allows rounding to infinity, without allowing overflow
+ * within the int32_t that backs FloatParts.exp.
+ */
+ n = MIN(MAX(n, -0x10000), 0x10000);
a.exp += n;
}
return a;
--
2.14.3
