Fix signed integer overflow in RV32M

The current implementation of the mul instruction does not guard
against integer overflow, potentially leading to undefined behavior.
Cast the operands to int64_t before performing the multiplication to
ensure that the result can be accommodated without overflow. The lower
32 bits of the product are then extracted, preserving the correct
uint32_t type.

Author: visitorckw

src/rv32_constopt.c

@@ -408,8 +408,9 @@ CONSTOPT(csrrci, { info->is_constant[ir->rd] = false; })
 CONSTOPT(mul, {
     if (info->is_constant[ir->rs1] && info->is_constant[ir->rs2]) {
         info->is_constant[ir->rd] = true;
-        ir->imm = (int32_t) info->const_val[ir->rs1] *
-                  (int32_t) info->const_val[ir->rs2];
+        const int64_t multiplicand = (int32_t) info->const_val[ir->rs1];
+        const int64_t multiplier = (int32_t) info->const_val[ir->rs2];
+        ir->imm = ((uint64_t) (multiplicand * multiplier)) & ((1ULL << 32) - 1);
         info->const_val[ir->rd] = ir->imm;
         ir->opcode = rv_insn_lui;
         ir->impl = dispatch_table[ir->opcode];

src/rv32_template.c

@@ -1047,7 +1047,12 @@ RVOP(
 /* MUL: Multiply */
 RVOP(
     mul,
-    { rv->X[ir->rd] = (int32_t) rv->X[ir->rs1] * (int32_t) rv->X[ir->rs2]; },
+    {
+        const int64_t multiplicand = (int32_t) rv->X[ir->rs1];
+        const int64_t multiplier = (int32_t) rv->X[ir->rs2];
+        rv->X[ir->rd] =
+            ((uint64_t) (multiplicand * multiplier)) & ((1ULL << 32) - 1);
+    },
     GEN({
         ld, S32, TMP0, X, rs1;
         ld, S32, TMP1, X, rs2;