[flac-dev] Undefined behaviour
Erik de Castro Lopo
mle+la at mega-nerd.com
Fri Aug 28 16:27:14 PDT 2015
Hi all,
People watching the git commits might have noticed that I have been
fixing a number of issues around undefined behaviour.
Why you ask?
* Some forms of undefined behaviour have potential for security exploits.
* Compiler writers are free to replace anything which invokes UB with a
NOP or even, nothing at all.
* Having large numbers of UB warnings makes it difficult (or rather time
consuming) to check them all for the possibility that they are a
potentially exploitable.
Most of these UB changes have little liklihood of performance regressions.
However, this one:
commit 1b8af6bb45a9ad74fa374fb6414974e63ffc793b
Author: Erik de Castro Lopo <erikd at mega-nerd.com>
Date: Sat Aug 29 05:21:43 2015 +1000
libFLAC/fixed.c: Fix undefined behaviour
Left shift if a negative integer such that the sign bit is affected is
(according to the C spec) undefined behaviour and the residual
calculations using the shift operator were hitting this.
Fortunately these same calculations using plain multiplication do not
invoke UB and according to benchmarking (on x86_64 linux) have the same
performance as the bit shift version.
has no performance impact on x86_64 linux, *may* not be the same with
other compilers.
Since this code is in such an inner loop, any banchmark should show up
regressions if they exist. Please test.
Cheers,
Erik
--
----------------------------------------------------------------------
Erik de Castro Lopo
http://www.mega-nerd.com/
More information about the flac-dev
mailing list