[gdb/exp] Fix UB in scalar_binop

When building gdb with -fsanitize=undefined, I run into:
...
$ gdb -q -batch -ex "p -(-0x7fffffffffffffff - 1)"
src/gdb/valarith.c:1385:10: runtime error: signed integer overflow: \
  0 - -9223372036854775808 cannot be represented in type 'long int'
$1 = -9223372036854775808
...

Fix this by performing the substraction in scalar_binop using unsigned types.

Tested on x86_64-linux.

diff --git a/gdb/testsuite/gdb.base/arithmet.exp b/gdb/testsuite/gdb.base/arithmet.exp
index b6009a362355dd89d341ab0eadfe937e6ac05a53..4905c2e27061ba970ae131e47038d28529846248 100644 (file)
--- a/gdb/testsuite/gdb.base/arithmet.exp
+++ b/gdb/testsuite/gdb.base/arithmet.exp
@@ -98,3 +98,5 @@ gdb_test "print x-(y+w)"  "3"
 gdb_test "print x/(y*w)"  "0"
 gdb_test "print x-(y/w)"  "9"
 gdb_test "print (x+y)*w" "42"
+
+gdb_test "p /x -(-0x7fffffffffffffff - 1)" " = 0x8000000000000000"

diff --git a/gdb/valarith.c b/gdb/valarith.c
index 6210267826e835041d195a1c655070178608c786..526cc02599ec45ea8ef1756e33ddfcebb6889670 100644 (file)
--- a/gdb/valarith.c
+++ b/gdb/valarith.c
@@ -1382,7 +1382,10 @@ scalar_binop (struct value *arg1, struct value *arg2, enum exp_opcode op)
              break;
 
            case BINOP_SUB:
-             v = v1 - v2;
+             /* Avoid runtime error: signed integer overflow: \
+                0 - -9223372036854775808 cannot be represented in type
+                'long int'.  */
+             v = (ULONGEST)v1 - (ULONGEST)v2;
              break;
 
            case BINOP_MUL: