This is the mail archive of the gcc-patches@gcc.gnu.org mailing list for the GCC project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [Patch, fortran] Fix sizetype and size_type_node in the Fortran frontend


Janne Blomqvist wrote:
I've been looking a bit at improving our detection of overflow when
allocating arrays (PR 28105), and I noticed that the definition of
size_t is a bit messed up. sizetype is properly set to an unsigned
type of the right size, but the expression is calculated in a bit
needlessly complicated way. However, size_type_node is an alias for
gfc_array_index_type which is a signed type.
Well spotted!

However, this patch does introduce a small regression (which the
testsuite doesn't test for), namely since size_type_node is now
changed to an unsigned type, the overflow test which checks for size<
0 when allocating arrays is optimized away.

Frankly, while this test catches some of the overflow cases, I never quite liked it. The chance that this issue occurs is relatively low, it makes the code needlessly complicated (and slow) and the chances that it works are also relatively low.


For non-manual allocation, we have already removed the check, cf. PR 42958. There, the non-negative check is only done with -fcheck=mem.

Thus, even though it is a regression, I am in favour of having no overflow check by default and only one - and possibly a better one - with -fcheck=mem. I think a better check would be "if (number_of_elements > (SIZE_MAX / sizeof(type)))", which assumes that the <number of element> does not already overflow.

Tobias

PS: If no one is faster, I will review the patch later today.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]