diff options
author | Andrew Waterman <andrew@sifive.com> | 2023-12-13 16:47:04 -0800 |
---|---|---|
committer | Andrew Waterman <andrew@sifive.com> | 2023-12-13 16:49:01 -0800 |
commit | 1cc3a1fab17fd67284873f296d6222aea2f1cb7e (patch) | |
tree | be35599d379d35591bf69609835c30f5ac4cce1e /riscv/arith.h | |
parent | a729aff03d0a1bd8fa179f636b4b5f21da28b75b (diff) | |
download | riscv-isa-sim-1cc3a1fab17fd67284873f296d6222aea2f1cb7e.zip riscv-isa-sim-1cc3a1fab17fd67284873f296d6222aea2f1cb7e.tar.gz riscv-isa-sim-1cc3a1fab17fd67284873f296d6222aea2f1cb7e.tar.bz2 |
Fix UB on signed overflow in mulh routine
We want to evaluate whether the product of a and b is zero mod 2^64,
but the product might overflow, resulting in UB. If we instead perform
the computation in unsigned arithmetic, the overflow behavior is defined.
Resolves #1538
Diffstat (limited to 'riscv/arith.h')
-rw-r--r-- | riscv/arith.h | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/riscv/arith.h b/riscv/arith.h index 20b1504..c60fcbe 100644 --- a/riscv/arith.h +++ b/riscv/arith.h @@ -33,7 +33,7 @@ inline int64_t mulh(int64_t a, int64_t b) { int negate = (a < 0) != (b < 0); uint64_t res = mulhu(a < 0 ? -a : a, b < 0 ? -b : b); - return negate ? ~res + (a * b == 0) : res; + return negate ? ~res + ((uint64_t)a * (uint64_t)b == 0) : res; } inline int64_t mulhsu(int64_t a, uint64_t b) |