From f0fc3dd88b05866c4f6343d3c64ae1a4de4b8c9c Mon Sep 17 00:00:00 2001 From: Tuomas Tynkkynen <tuomas@tuxera.com> Date: Wed, 26 Oct 2016 18:09:01 +0300 Subject: [PATCH] Fix SIGFPE from integer overflow during division On some architectures (like x86_64 or i686, but not ARM for example) overflow during integer division causes a crash due to SIGFPE. Reproduces on a 64-bit system with: nix-instantiate --eval -E '(-9223372036854775807 - 1) / -1' The only way this can happen is when the smallest possible integer is divided by -1, so just special-case that. --- src/libexpr/primops.cc | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/src/libexpr/primops.cc b/src/libexpr/primops.cc index 5ba983042..4398cc951 100644 --- a/src/libexpr/primops.cc +++ b/src/libexpr/primops.cc @@ -1516,10 +1516,16 @@ static void prim_div(EvalState & state, const Pos & pos, Value * * args, Value & NixFloat f2 = state.forceFloat(*args[1], pos); if (f2 == 0) throw EvalError(format("division by zero, at %1%") % pos); - if (args[0]->type == tFloat || args[1]->type == tFloat) + if (args[0]->type == tFloat || args[1]->type == tFloat) { mkFloat(v, state.forceFloat(*args[0], pos) / state.forceFloat(*args[1], pos)); - else - mkInt(v, state.forceInt(*args[0], pos) / state.forceInt(*args[1], pos)); + } else { + NixInt i1 = state.forceInt(*args[0], pos); + NixInt i2 = state.forceInt(*args[1], pos); + /* Avoid division overflow as it might raise SIGFPE. */ + if (i1 == std::numeric_limits<NixInt>::min() && i2 == -1) + throw EvalError(format("overflow in integer division, at %1%") % pos); + mkInt(v, i1 / i2); + } }