Avoid negation of signed integers in C that may hold INT*_MIN.

Reported by minoki.
Recent C compilers 'take advantage' of the undefined behavior.
This completely changes the meaning of expressions like (k == -k).

diff --git a/src/lib_bit.c b/src/lib_bit.c
index 9e75eef3cc88656cb0ff175ffdafe660a6d9f3f3..b7988d701308275b34b2673c81bc90502d7dc568 100644 (file)
--- a/src/lib_bit.c
+++ b/src/lib_bit.c
@@ -55,8 +55,8 @@ LJLIB_CF(bit_tohex)
   int32_t i, n = L->base+1 >= L->top ? 8 : lj_lib_checkbit(L, 2);
   const char *hexdigits = "0123456789abcdef";
   char buf[8];
-  if (n < 0) { n = -n; hexdigits = "0123456789ABCDEF"; }
-  if (n > 8) n = 8;
+  if (n < 0) { n = (int32_t)(~(uint32_t)n+1u); hexdigits = "0123456789ABCDEF"; }
+  if ((uint32_t)n > 8) n = 8;
   for (i = n; --i >= 0; ) { buf[i] = hexdigits[b & 15]; b >>= 4; }
   lua_pushlstring(L, buf, (size_t)n);
   return 1;

diff --git a/src/lj_asm_mips.h b/src/lj_asm_mips.h
index c0e491a678ecf1af541ae376a8ec71d1f1a5814f..1d4c8a25a8af6affe0fe3d99c6490d9862432300 100644 (file)
--- a/src/lj_asm_mips.h
+++ b/src/lj_asm_mips.h
@@ -1227,7 +1227,7 @@ static void asm_arithov(ASMState *as, IRIns *ir)
   Reg right, left, tmp, dest = ra_dest(as, ir, RSET_GPR);
   if (irref_isk(ir->op2)) {
     int k = IR(ir->op2)->i;
-    if (ir->o == IR_SUBOV) k = -k;
+    if (ir->o == IR_SUBOV) k = (int)(~(unsigned int)k+1u);
     if (checki16(k)) {  /* (dest < left) == (k >= 0 ? 1 : 0) */
       left = ra_alloc1(as, ir->op1, RSET_GPR);
       asm_guard(as, k >= 0 ? MIPSI_BNE : MIPSI_BEQ, RID_TMP, RID_ZERO);

diff --git a/src/lj_carith.c b/src/lj_carith.c
index 462dbae4b208b1b42c20566ab09cff2ddfb0e110..231d7a8ad7f749cd2c9559fc5921ef1729dc8cd6 100644 (file)
--- a/src/lj_carith.c
+++ b/src/lj_carith.c
@@ -205,7 +205,7 @@ static int carith_int64(lua_State *L, CTState *cts, CDArith *ca, MMS mm)
       else
        *up = lj_carith_powu64(u0, u1);
       break;
-    case MM_unm: *up = (uint64_t)-(int64_t)u0; break;
+    case MM_unm: *up = ~u0+1u; break;
     default: lua_assert(0); break;
     }
     lj_gc_check(L);

diff --git a/src/lj_cparse.c b/src/lj_cparse.c
index df85d23b0d2823959a834eadcb0bf23a57a1660c..8c681c56e46b8c480535c00dc13fbab81c649091 100644 (file)
--- a/src/lj_cparse.c
+++ b/src/lj_cparse.c
@@ -477,7 +477,7 @@ static void cp_expr_prefix(CPState *cp, CPValue *k)
   } else if (cp_opt(cp, '+')) {
     cp_expr_unary(cp, k);  /* Nothing to do (well, integer promotion). */
   } else if (cp_opt(cp, '-')) {
-    cp_expr_unary(cp, k); k->i32 = -k->i32;
+    cp_expr_unary(cp, k); k->i32 = (int32_t)(~(uint32_t)k->i32+1);
   } else if (cp_opt(cp, '~')) {
     cp_expr_unary(cp, k); k->i32 = ~k->i32;
   } else if (cp_opt(cp, '!')) {

diff --git a/src/lj_ctype.c b/src/lj_ctype.c
index adbacaec9b426150c8b89e1906e3783970642e08..04e8c35ce0fd496045b04744d69788c944757b8b 100644 (file)
--- a/src/lj_ctype.c
+++ b/src/lj_ctype.c
@@ -577,7 +577,7 @@ GCstr *lj_ctype_repr_int64(lua_State *L, uint64_t n, int isunsigned)
   if (isunsigned) {
     *--p = 'U';
   } else if ((int64_t)n < 0) {
-    n = (uint64_t)-(int64_t)n;
+    n = ~n+1u;
     sign = 1;
   }
   do { *--p = (char)('0' + n % 10); } while (n /= 10);

diff --git a/src/lj_emit_arm.h b/src/lj_emit_arm.h
index 2db07ef69e855c55b890514bd3b1ae85b745c8b3..633afb49c3780f6170e120cbdf3b78c2f15c2649 100644 (file)
--- a/src/lj_emit_arm.h
+++ b/src/lj_emit_arm.h
@@ -154,7 +154,7 @@ static int emit_kdelta2(ASMState *as, Reg d, int32_t i)
       if (other) {
        int32_t delta = i - other;
        uint32_t sh, inv = 0, k2, k;
-       if (delta < 0) { delta = -delta; inv = ARMI_ADD^ARMI_SUB; }
+       if (delta < 0) { delta = (int32_t)(~(uint32_t)delta+1u); inv = ARMI_ADD^ARMI_SUB; }
        sh = lj_ffs(delta) & ~1;
        k2 = emit_isk12(0, delta & (255 << sh));
        k = emit_isk12(0, delta & ~(255 << sh));

diff --git a/src/lj_obj.h b/src/lj_obj.h
index ea8fe8701e18895b83ed34448ded1ed3c0c7434e..ef45ae121437b8c61032015cd0bef0b6297cbe3a 100644 (file)
--- a/src/lj_obj.h
+++ b/src/lj_obj.h
@@ -327,7 +327,7 @@ typedef struct GCproto {
 #define PROTO_UV_IMMUTABLE     0x4000  /* Immutable upvalue. */
 
 #define proto_kgc(pt, idx) \
-  check_exp((uintptr_t)(intptr_t)(idx) >= (uintptr_t)-(intptr_t)(pt)->sizekgc, \
+  check_exp((uintptr_t)(intptr_t)(idx) >= ~(uintptr_t)(pt)->sizekgc+1u, \
            gcref(mref((pt)->k, GCRef)[(idx)]))
 #define proto_knumtv(pt, idx) \
   check_exp((uintptr_t)(idx) < (pt)->sizekn, &mref((pt)->k, TValue)[(idx)])

diff --git a/src/lj_opt_fold.c b/src/lj_opt_fold.c
index e9a6532a6276f20ad59bf885fa3dc872587ff546..482abdef074cc6a215f1ee1402f9aff493995d53 100644 (file)
--- a/src/lj_opt_fold.c
+++ b/src/lj_opt_fold.c
@@ -236,7 +236,7 @@ static int32_t kfold_intop(int32_t k1, int32_t k2, IROp op)
   case IR_SUB: k1 -= k2; break;
   case IR_MUL: k1 *= k2; break;
   case IR_MOD: k1 = lj_vm_modi(k1, k2); break;
-  case IR_NEG: k1 = -k1; break;
+  case IR_NEG: k1 = (int32_t)(~(uint32_t)k1+1u); break;
   case IR_BAND: k1 &= k2; break;
   case IR_BOR: k1 |= k2; break;
   case IR_BXOR: k1 ^= k2; break;
@@ -1160,7 +1160,7 @@ LJFOLDF(simplify_intsub_k)
   if (fright->i == 0)  /* i - 0 ==> i */
     return LEFTFOLD;
   fins->o = IR_ADD;  /* i - k ==> i + (-k) */
-  fins->op2 = (IRRef1)lj_ir_kint(J, -fright->i);  /* Overflow for -2^31 ok. */
+  fins->op2 = (IRRef1)lj_ir_kint(J, (int32_t)(~(uint32_t)fright->i+1u));  /* Overflow for -2^31 ok. */
   return RETRYFOLD;
 }
 
@@ -1191,7 +1191,7 @@ LJFOLDF(simplify_intsub_k64)
   if (k == 0)  /* i - 0 ==> i */
     return LEFTFOLD;
   fins->o = IR_ADD;  /* i - k ==> i + (-k) */
-  fins->op2 = (IRRef1)lj_ir_kint64(J, (uint64_t)-(int64_t)k);
+  fins->op2 = (IRRef1)lj_ir_kint64(J, ~k+1u);
   return RETRYFOLD;
 }
 

diff --git a/src/lj_parse.c b/src/lj_parse.c
index 5a8bcff9230aa75b56b60a807822aff8e48ec041..57eb11cc226d01fa2c3ff1881e762072dd6098df 100644 (file)
--- a/src/lj_parse.c
+++ b/src/lj_parse.c
@@ -951,22 +951,22 @@ static void bcemit_unop(FuncState *fs, BCOp op, ExpDesc *e)
 #if LJ_HASFFI
       if (e->k == VKCDATA) {  /* Fold in-place since cdata is not interned. */
        GCcdata *cd = cdataV(&e->u.nval);
-       int64_t *p = (int64_t *)cdataptr(cd);
+       uint64_t *p = (uint64_t *)cdataptr(cd);
        if (cd->ctypeid == CTID_COMPLEX_DOUBLE)
-         p[1] ^= (int64_t)U64x(80000000,00000000);
+         p[1] ^= U64x(80000000,00000000);
        else
-         *p = -*p;
+         *p = ~*p+1u;
        return;
       } else
 #endif
       if (expr_isnumk(e) && !expr_numiszero(e)) {  /* Avoid folding to -0. */
        TValue *o = expr_numtv(e);
        if (tvisint(o)) {
-         int32_t k = intV(o);
-         if (k == -k)
+         int32_t k = intV(o), negk = (int32_t)(~(uint32_t)k+1u);
+         if (k == negk)
            setnumV(o, -(lua_Number)k);
          else
-           setintV(o, -k);
+           setintV(o, negk);
          return;
        } else {
          o->u64 ^= U64x(80000000,00000000);

diff --git a/src/lj_str.c b/src/lj_str.c
index 60912aed34f54abe6cb24bc54cbc41015c87f78f..f1fc8ee12ebb24d3af81364f3c88318d660795e8 100644 (file)
--- a/src/lj_str.c
+++ b/src/lj_str.c
@@ -190,7 +190,7 @@ size_t LJ_FASTCALL lj_str_bufnum(char *s, cTValue *o)
 /* Print integer to buffer. Returns pointer to start. */
 char * LJ_FASTCALL lj_str_bufint(char *p, int32_t k)
 {
-  uint32_t u = (uint32_t)(k < 0 ? -k : k);
+  uint32_t u = k < 0 ? ~(uint32_t)k+1u : (uint32_t)k;
   p += 1+10;
   do { *--p = (char)('0' + u % 10); } while (u /= 10);
   if (k < 0) *--p = '-';

diff --git a/src/lj_strscan.c b/src/lj_strscan.c
index 914cfb7ad0906a483db649902dc9465e49d331cf..9e8023b5ac142490c5dc651e4127b12c0f74e05b 100644 (file)
--- a/src/lj_strscan.c
+++ b/src/lj_strscan.c
@@ -124,19 +124,19 @@ static StrScanFmt strscan_hex(const uint8_t *p, TValue *o,
   case STRSCAN_INT:
     if (!(opt & STRSCAN_OPT_TONUM) && x < 0x80000000u+neg &&
        !(x == 0 && neg)) {
-      o->i = neg ? -(int32_t)x : (int32_t)x;
+      o->i = neg ? (int32_t)(~x+1u) : (int32_t)x;
       return STRSCAN_INT;  /* Fast path for 32 bit integers. */
     }
     if (!(opt & STRSCAN_OPT_C)) { fmt = STRSCAN_NUM; break; }
     /* fallthrough */
   case STRSCAN_U32:
     if (dig > 8) return STRSCAN_ERROR;
-    o->i = neg ? -(int32_t)x : (int32_t)x;
+    o->i = neg ? (int32_t)(~x+1u) : (int32_t)x;
     return STRSCAN_U32;
   case STRSCAN_I64:
   case STRSCAN_U64:
     if (dig > 16) return STRSCAN_ERROR;
-    o->u64 = neg ? (uint64_t)-(int64_t)x : x;
+    o->u64 = neg ? ~x+1u : x;
     return fmt;
   default:
     break;
@@ -168,12 +168,12 @@ static StrScanFmt strscan_oct(const uint8_t *p, TValue *o,
     /* fallthrough */
   case STRSCAN_U32:
     if ((x >> 32)) return STRSCAN_ERROR;
-    o->i = neg ? -(int32_t)x : (int32_t)x;
+    o->i = neg ? (int32_t)(~(uint32_t)x+1u) : (int32_t)x;
     break;
   default:
   case STRSCAN_I64:
   case STRSCAN_U64:
-    o->u64 = neg ? (uint64_t)-(int64_t)x : x;
+    o->u64 = neg ? ~x+1u : x;
     break;
   }
   return fmt;
@@ -229,18 +229,18 @@ static StrScanFmt strscan_dec(const uint8_t *p, TValue *o,
       switch (fmt) {
       case STRSCAN_INT:
        if (!(opt & STRSCAN_OPT_TONUM) && x < 0x80000000u+neg) {
-         o->i = neg ? -(int32_t)x : (int32_t)x;
+         o->i = neg ? (int32_t)(~x+1u) : (int32_t)x;
          return STRSCAN_INT;  /* Fast path for 32 bit integers. */
        }
        if (!(opt & STRSCAN_OPT_C)) { fmt = STRSCAN_NUM; goto plainnumber; }
        /* fallthrough */
       case STRSCAN_U32:
        if ((x >> 32) != 0) return STRSCAN_ERROR;
-       o->i = neg ? -(int32_t)x : (int32_t)x;
+       o->i = neg ? (int32_t)(~x+1u) : (int32_t)x;
        return STRSCAN_U32;
       case STRSCAN_I64:
       case STRSCAN_U64:
-       o->u64 = neg ? (uint64_t)-(int64_t)x : x;
+       o->u64 = neg ? ~x+1u : x;
        return fmt;
       default:
       plainnumber:  /* Fast path for plain numbers < 2^63. */
@@ -418,7 +418,7 @@ StrScanFmt lj_strscan_scan(const uint8_t *p, TValue *o, uint32_t opt)
        if (xx >= STRSCAN_MAXEXP) return STRSCAN_ERROR;
        p++;
       }
-      ex += negx ? -(int32_t)xx : (int32_t)xx;
+      ex += negx ? (int32_t)(~xx+1u) : (int32_t)xx;
     }
 
     /* Parse suffix. */
@@ -456,7 +456,7 @@ StrScanFmt lj_strscan_scan(const uint8_t *p, TValue *o, uint32_t opt)
        o->n = -0.0;
        return STRSCAN_NUM;
       } else {
-       o->i = neg ? -(int32_t)x : (int32_t)x;
+       o->i = neg ? (int32_t)(~x+1u) : (int32_t)x;
        return STRSCAN_INT;
       }
     }

diff --git a/src/lj_vmmath.c b/src/lj_vmmath.c
index ff41ba2873ba437c3cb989ab1c323ff462ba3bae..6369bc6be38a8b0827e56aefe50b9ccfd08af57e 100644 (file)
--- a/src/lj_vmmath.c
+++ b/src/lj_vmmath.c
@@ -66,11 +66,11 @@ int32_t LJ_FASTCALL lj_vm_modi(int32_t a, int32_t b)
 {
   uint32_t y, ua, ub;
   lua_assert(b != 0);  /* This must be checked before using this function. */
-  ua = a < 0 ? (uint32_t)-a : (uint32_t)a;
-  ub = b < 0 ? (uint32_t)-b : (uint32_t)b;
+  ua = a < 0 ? ~(uint32_t)a+1u : (uint32_t)a;
+  ub = b < 0 ? ~(uint32_t)b+1u : (uint32_t)b;
   y = ua % ub;
   if (y != 0 && (a^b) < 0) y = y - ub;
-  if (((int32_t)y^b) < 0) y = (uint32_t)-(int32_t)y;
+  if (((int32_t)y^b) < 0) y = ~y+1u;
   return (int32_t)y;
 }
 #endif
@@ -105,7 +105,7 @@ double lj_vm_powi(double x, int32_t k)
   else if (k == 0)
     return 1.0;
   else
-    return 1.0 / lj_vm_powui(x, (uint32_t)-k);
+    return 1.0 / lj_vm_powui(x, ~(uint32_t)k+1u);
 }
 
 /* Computes fpm(x) for extended math functions. */