Date: Wed, 4 Dec 2019 17:45:35 +0000 (UTC) From: Dimitry Andric <dim@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r355395 - in stable: 10/lib/msun/src 11/lib/msun/src 12/lib/msun/src Message-ID: <201912041745.xB4HjZ9O081496@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: dim Date: Wed Dec 4 17:45:34 2019 New Revision: 355395 URL: https://svnweb.freebsd.org/changeset/base/355395 Log: r355120 | dim | 2019-11-26 23:01:09 +0100 (Tue, 26 Nov 2019) | 32 lines The fdlibm hypot() implementations shouldn't potentially left-shift negative numbers (invoking undefined behavior) Summary: Various paths through hypot(x, y) will multiply x and y by a power of two, perform the calculation in a range where IEEE-754 provides greater precision, then undo the multiplication to determine the true result. Undoing that multiplication is implemented as t1*w, where t1=2**k. 2**k is often computed by taking the high word of 1.0, then adding k<<20 (for doubles or long doubles) or k<<23 (for floats) to it, then overwriting that high word. But when k is negative this left-shifts a negative value -- and that's undefined behavior in many editions of C and C++. This patch should fix all hypot implementations to compute 2**k without triggering this particular bit of undefined behavior. Test Plan: I've only very lightly tested out the hypot(double, double) change, in SpiderMonkey's JavaScript engine, for consistency with prior behavior. The other functions' changes have more or less only been eyeballed. Careful examination appreciated! Do note, however, that an error in any of these changes would most likely produce a value that is incorrect by a factor of two, so any mistake would most likely be glaring if invoked. Submitted by: Jeff Walden <jwalden@mit.edu> Obtained from: https://github.com/freebsd/freebsd/pull/414 Reviewed by: dim, lwhsu Differential Revision: https://reviews.freebsd.org/D22354 Modified: stable/10/lib/msun/src/e_hypot.c stable/10/lib/msun/src/e_hypotf.c Directory Properties: stable/10/ (props changed) Changes in other areas also in this revision: Modified: stable/11/lib/msun/src/e_hypot.c stable/11/lib/msun/src/e_hypotf.c stable/12/lib/msun/src/e_hypot.c stable/12/lib/msun/src/e_hypotf.c Directory Properties: stable/11/ (props changed) stable/12/ (props changed) Modified: stable/10/lib/msun/src/e_hypot.c ============================================================================== --- stable/10/lib/msun/src/e_hypot.c Wed Dec 4 16:56:11 2019 (r355394) +++ stable/10/lib/msun/src/e_hypot.c Wed Dec 4 17:45:34 2019 (r355395) @@ -118,10 +118,8 @@ __ieee754_hypot(double x, double y) w = sqrt(t1*y1-(w*(-w)-(t1*y2+t2*b))); } if(k!=0) { - u_int32_t high; - t1 = 1.0; - GET_HIGH_WORD(high,t1); - SET_HIGH_WORD(t1,high+(k<<20)); + t1 = 0.0; + SET_HIGH_WORD(t1,(1023+k)<<20); return t1*w; } else return w; } Modified: stable/10/lib/msun/src/e_hypotf.c ============================================================================== --- stable/10/lib/msun/src/e_hypotf.c Wed Dec 4 16:56:11 2019 (r355394) +++ stable/10/lib/msun/src/e_hypotf.c Wed Dec 4 17:45:34 2019 (r355395) @@ -77,7 +77,7 @@ __ieee754_hypotf(float x, float y) w = __ieee754_sqrtf(t1*y1-(w*(-w)-(t1*y2+t2*b))); } if(k!=0) { - SET_FLOAT_WORD(t1,0x3f800000+(k<<23)); + SET_FLOAT_WORD(t1,(127+k)<<23); return t1*w; } else return w; }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201912041745.xB4HjZ9O081496>