This is the mail archive of the gcc-patches@gcc.gnu.org mailing list for the GCC project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[Ada] fix bogus computation of empty array 'length

From: Olivier Hainque <hainque at adacore dot com>
To: gcc-patches at gcc dot gnu dot org
Cc: hainque at adacore dot com
Date: Fri, 21 Mar 2008 14:11:16 +0100
Subject: [Ada] fix bogus computation of empty array 'length

We used to compute the 'length of an array as max (hb - lb + 1, 0),
which could overflow for some cases of empty arrays, e.g. when
lb == index_type'first.

We now compute it as (hb < lb) ? 0 : hb - lb + 1, which
could overflow as well but in many less cases (of extremely large
arrays) which we never encounter in practice.

The testcase below is expected to compile and run silently:

   procedure Q is

      type Vector is array (Integer range <>) of Integer;

      function Empty_Vector return Vector is
      begin
         return (2 .. Integer'First => 0);
      end;

      My_Vector : Vector := Empty_Vector;
      My_Length : Integer := My_Vector'Length;
   begin
      if My_Length /= 0 then
         raise Program_Error;
      end if;
   end;

Bootstrapped an regtested on x86_64-suse-linux.

2008-03-21  Olivier Hainque  <hainque@adacore.com>

        * trans.c (Attribute_to_gnu) <'length>: Compute as (hb < lb)
        ? 0 : hb - lb + 1 instead of max (hb - lb + 1, 0).

        * gnat.dg/empty_vector_length.adb: New testcase.

Attachment: empty_array_length.dif
Description: Text document

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]