diff options
authorMarc Mutz <>2015-01-19 01:26:56 +0100
committerMarc Mutz <>2015-01-19 10:43:45 +0100
commitb69c2e86de99cb2ac9bcd2e33ae77c960cfbc57a (patch)
parent62a96dbb53d77d6cd7320c6fc8d33ee9c4add0fe (diff)
QFreeList: fix undefined behavior
Signed integer overflow is undefined behavior ([expr]/4), but unsigned arithmetic doesn't overflow, so isn't ([basic.fundamental]/4, footnote there). So, use unsigned arithmetic for the loop-around serial number generation in incrementserial(). While we're at it, also use it for the masking operation in the same function. Found by UBSan. Change-Id: I500fae9d80fd3f6e39d06e79a53d271b82ea8df8 Reviewed-by: Olivier Goffart (Woboq GmbH) <>
1 files changed, 1 insertions, 1 deletions
diff --git a/src/corelib/tools/qfreelist_p.h b/src/corelib/tools/qfreelist_p.h
index bfb03fb723..189140016c 100644
--- a/src/corelib/tools/qfreelist_p.h
+++ b/src/corelib/tools/qfreelist_p.h
@@ -171,7 +171,7 @@ class QFreeList
// take the current serial number from \a o, increment it, and store it in \a n
static inline int incrementserial(int o, int n)
- return (n & ConstantsType::IndexMask) | ((o + ConstantsType::SerialCounter) & ConstantsType::SerialMask);
+ return int((uint(n) & ConstantsType::IndexMask) | ((uint(o) + ConstantsType::SerialCounter) & ConstantsType::SerialMask));
// the blocks