how to make gcc warn about arithmetic signed overflow

David Brown david@westcontrol.com
Mon Sep 23 13:04:00 GMT 2013


On 21/09/13 21:33, wempwer@gmail.com wrote:
> On Sat, Sep 21, 2013 at 07:27:20PM +0100, Jonathan Wakely wrote:
>> On 21 September 2013 19:09,  <wempwer@gmail.com> wrote:
>>>
>>> It tried -O2 and it also worked. However on my system it only said:
>>>
>>> warning: integer overflow in expression
>>>
>>> How did you get gcc to produce this part:
>>>
>>> [-Woverflow]
>>>
>>> I use gcc 4.5.2. But when I use gcc like this I also do not get any
>>> warnings:
>>>
>>> gcc -Woverflow main.c -o main
>>
>> 4.5.2 is quite old now. More recent versions show the warning option
>> that triggered the warning, that's what the [-Woverflow] part is.
>>
>>> I wonder:
>>>
>>> 1) why -Woverflow appears in your gcc output?
>>
>> Because it's a recent version.
>>
>>> 2) why `gcc -Woverflow main.c -o main' does not produce a warning?
>>
>> Because without optimisation the compiler doesn't do the necessary
>> analysis to realise that in the multiplication expression it knows the
>> values.
>>
>>> 3) why does `gcc -O main.c -o main' produce warning in the first place
>>> and why does it do this only when two operands are const?
>>
>> Because the optimiser can track the values of constants (because they
>> don't change) and see that the values in the multiplication are known.
> 
> But compiler also knows the operand values even if they are not
> constant? These values must be known to produce the multiplication
> result. Is this warning produced only when two operands are constant
> and optimization is turned on because this is just the way gcc does it
> and the warnings could also be produced for non-const operands if a
> compiler worked in a different way?
> 

The compiler can only produce warnings here if it knows the values you
are using for the calculations.  If you write "r = ab * bc;" then
compiler assumes that you know what you are doing, and using sensible
values for "ab" and "bc".  But if the compiler can calculate the values
involved (it requires -O1 or above for many of these calculations and
analysis passes), and it can see there is definitely an error, then it
can give a warning.

So it needs the values to be "compile-time constants".  That does not
necessarily mean values declared with "const", such as "const int ab =
50000;".  It also includes values set with #define, enumeration
constants, literals (i.e., "50000"), as well as statements, expressions
and function calls using these if the compiler knows all the details at
compile-time.

Note that the compiler /can/ give a warning in such cases, but it does
not have to do so.  gcc is a fantastic compiler, and gives better
compile-time warnings and static analysis than any other compiler I have
used - but it has limits.  If it can easily do the calculations at
compile-time, /and/ you have optimisation flags to enable such passes,
/and/ you have enabled the appropriate warnings - /then/ gcc will give
you the warnings.



More information about the Gcc-help mailing list