New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Undefined behavior in dtoa.c (rshift 32 of 32bit data type) #68187
Comments
Coverity has found undefined behavior in dtoa.c:d2b(). lo0bits() can return 32 which z >>= 32, where z is an uint32. I've talked to doku at PyCon. He suggested to update dtoa.c to a more recent version. Our copy is based on a version from 2001. There are more modern versions available, e.g. https://searchcode.com/codesearch/view/52748288/ from 2006. CID 1202735 (#1 of 1): Bad bit shift operation (BAD_SHIFT) |
I'm pretty sure that our code was based on something rather more recent than 2001: it was the most recent version available at the time (around 2008?), and it incorporates subsequent fixes from David Gay. Please don't replace our dtoa.c with a current version: ours has diverged from the original, and includes fixes that aren't available upstream. |
Looking more closely, the report doesn't make sense to me: |
Ah, sorry; I see it. Fix on the way. |
Okay, so after looking more closely, this still looks like a false positive: I edited the code to print out debugging information if |
Bah; missed a bit. I saw no output when running the Python test suite, that is. That's not definitive, of course. |
You could be right. I didn't track all paths manually. All this bit shifting is making my head dizzy... :) Anyways I have sent you an invite for Coverity, so you can check the result yourself. The Python test suite passes with assert(k < 32); inside the problematic block, too. |
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
bugs.python.org fields:
The text was updated successfully, but these errors were encountered: