[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [csmith-bugs] Undefined behavior in safe_math: Bitwise operation produces negative zero



Hi Andreas, it is interesting that KCC detects this behavior as a bug, since we have run many Csmith programs through KCC and never saw this before. Was KCC recently modified to add detection of this behavior, I wonder?

In a second I will forward a message from Pascal Cuoq arguing that this is not an undefined behavior.

John


On 06/27/2014 06:56 AM, Andreas Fried wrote:
Hello,

this applies to the latest git revision of csmith, commit
df8a0778a1087e3cb3d41a44a1b52bade6e3d4b6:

We are using csmith together with kcc [1], which has found the following
undefined behavior in the safe math library:

In the functions safe_sub_func_int{8,16,32,64}_t_s_s, there are the
expressions ~INT{8,16,32,64}_MAX. Of these, ~INT32_MAX and ~INT64_MAX
are undefined according to the C standard, sect. 6.2.6.2:4 (negative
zero produced through bitwise operations). The others are probably saved
by implicit conversion to int.

For two's complement integers, I'd propose to change this to
INT{8,16,32,64}_MIN, but I am not sure at all if this is the right thing
to do on other architectures.


Thank you in advance for looking into my problem,
Best regards,
Andreas Fried

[1] https://github.com/kframework/c-semantics