Re: [C/C++ PATCH] Reject declarators with huge arrays (PR c/68107, c++/68266)

[Jeff Law <law at redhat dot com>]

On 11/10/2015 09:36 AM, Marek Polacek wrote:
> While both C and C++ FEs are able to reject e.g.
> int a[__SIZE_MAX__ / sizeof(int)];
> they are accepting code such as
> int (*a)[__SIZE_MAX__ / sizeof(int)];
>
> As Joseph pointed out, any construction of a non-VLA type whose size is half or
> more of the address space should receive a compile-time error.
>
> Done by moving up the check for the size in bytes so that it checks check every
> non-VLA complete array type constructed in the course of processing the
> declarator.  Since the C++ FE had the same problem, I've fixed it up there as
> well.  And that's why I had to twek dg-error of two C++ tests; if the size of
> an array is considered invalid, we give an error message with word "unnamed".
>
> (I've removed the comment about crashing in tree_to_[su]hwi since that seems
> to no longer be the case.)
>
> Bootstrapped/regtested on x86_64-linux, ok for trunk?
>
> 2015-11-10  Marek Polacek  <polacek@redhat.com>
>
> 	PR c/68107
> 	PR c++/68266
> 	* c-decl.c (grokdeclarator): Check whether the size of arrays is
> 	valid earlier.
>
> 	* decl.c (grokdeclarator): Check whether the size of arrays is valid
> 	earlier.
>
> 	* c-c++-common/pr68107.c: New test.
> 	* g++.dg/init/new38.C (large_array_char): Adjust dg-error.
> 	(large_array_char_template): Likewise.
> 	* g++.dg/init/new44.C: Adjust dg-error.
Someone (I can't recall who) suggested the overflow check ought to be 
shared, I agree.  Can you factor out that check, shove it into c-family/ 
and call it from the C & C++ front-ends?

Approved with that change.  Please post it here for archival purposes 
though.

Your decision as to whether or not the shared routine verifies that type 
!= error_mark_node as is currently done in the C++ front-end.  The C 
front-end merely checks it earlier.  SO it's safe to put that test into 
the shared code if you want.

Jeff