From: bluhm Date: Thu, 20 Jan 2022 11:06:57 +0000 (+0000) Subject: Shifting signed integers left by 31 is undefined behavior in C. X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=41d7544ad5db9629c47e9f43babdf911f5e7fc95;p=openbsd Shifting signed integers left by 31 is undefined behavior in C. found by kubsan; joint work with tobhe@; OK miod@ --- diff --git a/sys/arch/amd64/amd64/identcpu.c b/sys/arch/amd64/amd64/identcpu.c index ca6276b2cb5..b67e177a686 100644 --- a/sys/arch/amd64/amd64/identcpu.c +++ b/sys/arch/amd64/amd64/identcpu.c @@ -1,4 +1,4 @@ -/* $OpenBSD: identcpu.c,v 1.121 2021/11/02 23:30:15 mlarkin Exp $ */ +/* $OpenBSD: identcpu.c,v 1.122 2022/01/20 11:06:57 bluhm Exp $ */ /* $NetBSD: identcpu.c,v 1.1 2003/04/26 18:39:28 fvdl Exp $ */ /* @@ -854,7 +854,7 @@ cpu_topology(struct cpu_info *ci) ci->ci_pkg_id = apicid >> core_bits; /* Get rid of the package bits */ - core_mask = (1 << core_bits) - 1; + core_mask = (1U << core_bits) - 1; thread_id = apicid & core_mask; /* Cut logical thread_id into core id, and smt id in a core */ @@ -872,14 +872,14 @@ cpu_topology(struct cpu_info *ci) max_coreid = ((eax >> 26) & 0x3f) + 1; /* SMT */ smt_bits = mask_width(max_apicid / max_coreid); - smt_mask = (1 << smt_bits) - 1; + smt_mask = (1U << smt_bits) - 1; /* Core */ core_bits = log2(max_coreid); - core_mask = (1 << (core_bits + smt_bits)) - 1; + core_mask = (1U << (core_bits + smt_bits)) - 1; core_mask ^= smt_mask; /* Pkg */ pkg_bits = core_bits + smt_bits; - pkg_mask = -1 << core_bits; + pkg_mask = ~0U << core_bits; ci->ci_smt_id = apicid & smt_mask; ci->ci_core_id = (apicid & core_mask) >> smt_bits; diff --git a/sys/kern/kern_descrip.c b/sys/kern/kern_descrip.c index 17d9deaf54d..fe98eb87843 100644 --- a/sys/kern/kern_descrip.c +++ b/sys/kern/kern_descrip.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_descrip.c,v 1.204 2021/10/25 10:24:54 claudio Exp $ */ +/* $OpenBSD: kern_descrip.c,v 1.205 2022/01/20 11:06:57 bluhm Exp $ */ /* $NetBSD: kern_descrip.c,v 1.42 1996/03/30 22:24:38 christos Exp $ */ /* @@ -156,7 +156,7 @@ fd_inuse(struct filedesc *fdp, int fd) { u_int off = fd >> NDENTRYSHIFT; - if (fdp->fd_lomap[off] & (1 << (fd & NDENTRYMASK))) + if (fdp->fd_lomap[off] & (1U << (fd & NDENTRYMASK))) return 1; return 0; @@ -167,9 +167,9 @@ fd_used(struct filedesc *fdp, int fd) { u_int off = fd >> NDENTRYSHIFT; - fdp->fd_lomap[off] |= 1 << (fd & NDENTRYMASK); + fdp->fd_lomap[off] |= 1U << (fd & NDENTRYMASK); if (fdp->fd_lomap[off] == ~0) - fdp->fd_himap[off >> NDENTRYSHIFT] |= 1 << (off & NDENTRYMASK); + fdp->fd_himap[off >> NDENTRYSHIFT] |= 1U << (off & NDENTRYMASK); if (fd > fdp->fd_lastfile) fdp->fd_lastfile = fd; @@ -185,8 +185,8 @@ fd_unused(struct filedesc *fdp, int fd) fdp->fd_freefile = fd; if (fdp->fd_lomap[off] == ~0) - fdp->fd_himap[off >> NDENTRYSHIFT] &= ~(1 << (off & NDENTRYMASK)); - fdp->fd_lomap[off] &= ~(1 << (fd & NDENTRYMASK)); + fdp->fd_himap[off >> NDENTRYSHIFT] &= ~(1U << (off & NDENTRYMASK)); + fdp->fd_lomap[off] &= ~(1U << (fd & NDENTRYMASK)); #ifdef DIAGNOSTIC if (fd > fdp->fd_lastfile) diff --git a/sys/kern/kern_sched.c b/sys/kern/kern_sched.c index 6f8bf76c084..06e4bfde38f 100644 --- a/sys/kern/kern_sched.c +++ b/sys/kern/kern_sched.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_sched.c,v 1.73 2021/09/09 18:41:39 mpi Exp $ */ +/* $OpenBSD: kern_sched.c,v 1.74 2022/01/20 11:06:57 bluhm Exp $ */ /* * Copyright (c) 2007, 2008 Artur Grabowski * @@ -262,7 +262,7 @@ setrunqueue(struct cpu_info *ci, struct proc *p, uint8_t prio) p->p_p->ps_pid); TAILQ_INSERT_TAIL(&spc->spc_qs[queue], p, p_runq); - spc->spc_whichqs |= (1 << queue); + spc->spc_whichqs |= (1U << queue); cpuset_add(&sched_queued_cpus, p->p_cpu); if (cpuset_isset(&sched_idle_cpus, p->p_cpu)) @@ -286,7 +286,7 @@ remrunqueue(struct proc *p) TAILQ_REMOVE(&spc->spc_qs[queue], p, p_runq); if (TAILQ_EMPTY(&spc->spc_qs[queue])) { - spc->spc_whichqs &= ~(1 << queue); + spc->spc_whichqs &= ~(1U << queue); if (spc->spc_whichqs == 0) cpuset_del(&sched_queued_cpus, p->p_cpu); } @@ -757,21 +757,21 @@ void cpuset_add(struct cpuset *cs, struct cpu_info *ci) { unsigned int num = CPU_INFO_UNIT(ci); - atomic_setbits_int(&cs->cs_set[num/32], (1 << (num % 32))); + atomic_setbits_int(&cs->cs_set[num/32], (1U << (num % 32))); } void cpuset_del(struct cpuset *cs, struct cpu_info *ci) { unsigned int num = CPU_INFO_UNIT(ci); - atomic_clearbits_int(&cs->cs_set[num/32], (1 << (num % 32))); + atomic_clearbits_int(&cs->cs_set[num/32], (1U << (num % 32))); } int cpuset_isset(struct cpuset *cs, struct cpu_info *ci) { unsigned int num = CPU_INFO_UNIT(ci); - return (cs->cs_set[num/32] & (1 << (num % 32))); + return (cs->cs_set[num/32] & (1U << (num % 32))); } void diff --git a/sys/kern/subr_pool.c b/sys/kern/subr_pool.c index 05768b71874..744f4e1ca64 100644 --- a/sys/kern/subr_pool.c +++ b/sys/kern/subr_pool.c @@ -1,4 +1,4 @@ -/* $OpenBSD: subr_pool.c,v 1.234 2021/06/15 05:24:46 dlg Exp $ */ +/* $OpenBSD: subr_pool.c,v 1.235 2022/01/20 11:06:57 bluhm Exp $ */ /* $NetBSD: subr_pool.c,v 1.61 2001/09/26 07:14:56 chs Exp $ */ /*- @@ -961,7 +961,7 @@ pool_p_alloc(struct pool *pp, int flags, int *slowdown) order = arc4random(); o = 0; } - if (ISSET(order, 1 << o++)) + if (ISSET(order, 1U << o++)) XSIMPLEQ_INSERT_TAIL(&ph->ph_items, pi, pi_list); else XSIMPLEQ_INSERT_HEAD(&ph->ph_items, pi, pi_list); diff --git a/sys/net/rtsock.c b/sys/net/rtsock.c index b35beb260eb..0ff8dd87531 100644 --- a/sys/net/rtsock.c +++ b/sys/net/rtsock.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rtsock.c,v 1.323 2021/12/16 09:33:56 claudio Exp $ */ +/* $OpenBSD: rtsock.c,v 1.324 2022/01/20 11:06:57 bluhm Exp $ */ /* $NetBSD: rtsock.c,v 1.18 1996/03/29 00:32:10 cgd Exp $ */ /* @@ -538,7 +538,7 @@ route_input(struct mbuf *m0, struct socket *so0, sa_family_t sa_family) /* but RTM_DESYNC can't be filtered */ if (rtm->rtm_type != RTM_DESYNC) { if (rop->rop_msgfilter != 0 && - !(rop->rop_msgfilter & (1 << rtm->rtm_type))) + !(rop->rop_msgfilter & (1U << rtm->rtm_type))) goto next; if (ISSET(rop->rop_flagfilter, rtm->rtm_flags)) goto next; @@ -1426,7 +1426,7 @@ rtm_xaddrs(caddr_t cp, caddr_t cplim, struct rt_addrinfo *rtinfo) */ bzero(rtinfo->rti_info, sizeof(rtinfo->rti_info)); for (i = 0; i < sizeof(rtinfo->rti_addrs) * 8; i++) { - if ((rtinfo->rti_addrs & (1 << i)) == 0) + if ((rtinfo->rti_addrs & (1U << i)) == 0) continue; if (i >= RTAX_MAX || cp + sizeof(socklen_t) > cplim) return (EINVAL); @@ -1605,7 +1605,7 @@ rtm_msg1(int type, struct rt_addrinfo *rtinfo) for (i = 0; i < RTAX_MAX; i++) { if (rtinfo == NULL || (sa = rtinfo->rti_info[i]) == NULL) continue; - rtinfo->rti_addrs |= (1 << i); + rtinfo->rti_addrs |= (1U << i); dlen = ROUNDUP(sa->sa_len); if (m_copyback(m, len, dlen, sa, M_NOWAIT)) { m_freem(m); @@ -1650,7 +1650,7 @@ again: if ((sa = rtinfo->rti_info[i]) == NULL) continue; - rtinfo->rti_addrs |= (1 << i); + rtinfo->rti_addrs |= (1U << i); dlen = ROUNDUP(sa->sa_len); if (cp) { bcopy(sa, cp, (size_t)dlen); diff --git a/sys/netinet/in_pcb.h b/sys/netinet/in_pcb.h index 2f87c820f7f..28dddfa8e20 100644 --- a/sys/netinet/in_pcb.h +++ b/sys/netinet/in_pcb.h @@ -1,4 +1,4 @@ -/* $OpenBSD: in_pcb.h,v 1.121 2021/01/25 03:40:46 dlg Exp $ */ +/* $OpenBSD: in_pcb.h,v 1.122 2022/01/20 11:06:57 bluhm Exp $ */ /* $NetBSD: in_pcb.h,v 1.14 1996/02/13 23:42:00 christos Exp $ */ /* @@ -226,9 +226,9 @@ struct inpcbtable { /* macros for handling bitmap of ports not to allocate dynamically */ #define DP_MAPBITS (sizeof(u_int32_t) * NBBY) #define DP_MAPSIZE (howmany(65536, DP_MAPBITS)) -#define DP_SET(m, p) ((m)[(p) / DP_MAPBITS] |= (1 << ((p) % DP_MAPBITS))) -#define DP_CLR(m, p) ((m)[(p) / DP_MAPBITS] &= ~(1 << ((p) % DP_MAPBITS))) -#define DP_ISSET(m, p) ((m)[(p) / DP_MAPBITS] & (1 << ((p) % DP_MAPBITS))) +#define DP_SET(m, p) ((m)[(p) / DP_MAPBITS] |= (1U << ((p) % DP_MAPBITS))) +#define DP_CLR(m, p) ((m)[(p) / DP_MAPBITS] &= ~(1U << ((p) % DP_MAPBITS))) +#define DP_ISSET(m, p) ((m)[(p) / DP_MAPBITS] & (1U << ((p) % DP_MAPBITS))) /* default values for baddynamicports [see ip_init()] */ #define DEFBADDYNAMICPORTS_TCP { \ diff --git a/sys/netinet/ip_esp.c b/sys/netinet/ip_esp.c index f904b6ddfaf..6c8e3d7d1a3 100644 --- a/sys/netinet/ip_esp.c +++ b/sys/netinet/ip_esp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_esp.c,v 1.193 2021/12/23 22:35:11 bluhm Exp $ */ +/* $OpenBSD: ip_esp.c,v 1.194 2022/01/20 11:06:57 bluhm Exp $ */ /* * The authors of this code are John Ioannidis (ji@tla.org), * Angelos D. Keromytis (kermit@csd.uch.gr) and @@ -1002,7 +1002,7 @@ checkreplaywindow(struct tdb *tdb, u_int64_t t, u_int32_t seq, u_int32_t *seqh, wl = tl - window + 1; idx = (seq % TDB_REPLAYMAX) / 32; - packet = 1 << (31 - (seq & 31)); + packet = 1U << (31 - (seq & 31)); /* * We keep the high part intact when: