This is the mail archive of the
gcc-patches@gcc.gnu.org
mailing list for the GCC project.
Re: [PATCH][C] Change array size overflow check
On Mon, 2 May 2011, Joseph S. Myers wrote:
> On Mon, 2 May 2011, Richard Guenther wrote:
>
> > This changes the code that deals with too large array sizes to
> > use int_fits_type_p instead of relying on the TREE_OVERFLOW setting
> > of the tree folder. The latter will break once we don't treat
> > sizetypes specially (and they keep being unsigned).
> >
> > Bootstrapped and tested on x86_64-unknown-linux-gnu, ok for trunk?
>
> An array size in C or C++ ought to be considered to overflow (and so give
> an error if the size is compile-time constant) if the size of the array in
> bytes is greater than or equal to half the address space, because it is
> then no longer possible to compute differences between all array elements,
> and pointers to just past the end of the array, reliably as ptrdiff_t
> values (cf. PR 45779). Thus, overflow in a signed rather than unsigned
> type is what's relevant.
>
> I don't know if there's a relevant testcase in the testsuite, but the
> patch is OK with the addition of a testcase such as
>
> /* { dg-do compile } */
> /* { dg-options "" } */
>
> typedef __SIZE_TYPE__ size_t;
>
> extern char a[((size_t)-1 >> 1) + 1]; /* { dg-error "too large" } */
> extern char b[((size_t)-1 >> 1)];
> extern int c[(((size_t)-1 >> 1) + 1) / sizeof(int)]; /* { dg-error "too large" } */
> extern int d[((size_t)-1 >> 1) / sizeof(int)];
>
> supposing it passes.
We do have similar testcases in gcc.dg/large-size-array*.c, but not
exactly testing the bound. The above testcase also complains with
-pedantic about
t.c:3:13: error: size of array ‘a’ is too large
t.c:4:1: error: overflow in constant expression [-Woverflow]
t.c:5:12: error: size of array ‘c’ is too large
t.c:6:1: error: overflow in constant expression [-Woverflow]
with and without the patch. I can add -Wno-overflow to the flags.
Ok with that?
Thanks,
Richard.