From 9a93c6686f56086fe5280a85513041bbfebf41d0 Mon Sep 17 00:00:00 2001 From: Jeff King Date: Tue, 29 Dec 2015 01:35:46 -0500 Subject: avoid shifting signed integers 31 bits We sometimes use 32-bit unsigned integers as bit-fields. It's fine to access the MSB, because it's unsigned. However, doing so as "1 << 31" is wrong, because the constant "1" is a signed int, and we shift into the sign bit, causing undefined behavior. We can fix this by using "1U" as the constant. Signed-off-by: Jeff King Signed-off-by: Junio C Hamano diff --git a/builtin/receive-pack.c b/builtin/receive-pack.c index e6b93d0..e35ed40 100644 --- a/builtin/receive-pack.c +++ b/builtin/receive-pack.c @@ -1597,7 +1597,7 @@ static void prepare_shallow_update(struct command *commands, continue; si->need_reachability_test[i]++; for (k = 0; k < 32; k++) - if (si->used_shallow[i][j] & (1 << k)) + if (si->used_shallow[i][j] & (1U << k)) si->shallow_ref[j * 32 + k]++; } diff --git a/cache.h b/cache.h index 6f53962..9088843 100644 --- a/cache.h +++ b/cache.h @@ -214,7 +214,7 @@ struct cache_entry { #define CE_INTENT_TO_ADD (1 << 29) #define CE_SKIP_WORKTREE (1 << 30) /* CE_EXTENDED2 is for future extension */ -#define CE_EXTENDED2 (1 << 31) +#define CE_EXTENDED2 (1U << 31) #define CE_EXTENDED_FLAGS (CE_INTENT_TO_ADD | CE_SKIP_WORKTREE) diff --git a/diff.h b/diff.h index f7208ad..893f446 100644 --- a/diff.h +++ b/diff.h @@ -91,7 +91,7 @@ typedef struct strbuf *(*diff_prefix_fn_t)(struct diff_options *opt, void *data) #define DIFF_OPT_DIRSTAT_BY_LINE (1 << 28) #define DIFF_OPT_FUNCCONTEXT (1 << 29) #define DIFF_OPT_PICKAXE_IGNORE_CASE (1 << 30) -#define DIFF_OPT_DEFAULT_FOLLOW_RENAMES (1 << 31) +#define DIFF_OPT_DEFAULT_FOLLOW_RENAMES (1U << 31) #define DIFF_OPT_TST(opts, flag) ((opts)->flags & DIFF_OPT_##flag) #define DIFF_OPT_TOUCHED(opts, flag) ((opts)->touched_flags & DIFF_OPT_##flag) -- cgit v0.10.2-6-g49f6 From a0df2e5a7efe90e932af66e70ba6c863a5826833 Mon Sep 17 00:00:00 2001 From: Jeff King Date: Tue, 29 Dec 2015 01:36:00 -0500 Subject: bswap: add NO_UNALIGNED_LOADS define The byte-swapping code automatically decides, based on the platform, whether it is sensible to cast and do a potentially unaligned ntohl(), or to pick individual bytes out of an array. It can be handy to override this decision, though, when turning on compiler flags that will complain about unaligned loads (such as -fsanitize=undefined). This patch adds a macro check to make this possible. There's no nice Makefile knob here; this is for prodding at Git's internals, and anybody using it can set "-DNO_UNALIGNED_LOADS" in the same place they are setting up "-fsanitize". Signed-off-by: Jeff King Signed-off-by: Junio C Hamano diff --git a/compat/bswap.h b/compat/bswap.h index 7fed637..d47c003 100644 --- a/compat/bswap.h +++ b/compat/bswap.h @@ -149,11 +149,12 @@ static inline uint64_t git_bswap64(uint64_t x) * and is faster on architectures with memory alignment issues. */ -#if defined(__i386__) || defined(__x86_64__) || \ +#if !defined(NO_UNALIGNED_LOADS) && ( \ + defined(__i386__) || defined(__x86_64__) || \ defined(_M_IX86) || defined(_M_X64) || \ defined(__ppc__) || defined(__ppc64__) || \ defined(__powerpc__) || defined(__powerpc64__) || \ - defined(__s390__) || defined(__s390x__) + defined(__s390__) || defined(__s390x__)) #define get_be16(p) ntohs(*(unsigned short *)(p)) #define get_be32(p) ntohl(*(unsigned int *)(p)) -- cgit v0.10.2-6-g49f6