how to make gcc warn about arithmetic signed overflow
Mon Sep 23 13:04:00 GMT 2013
On 21/09/13 21:33, email@example.com wrote:
> On Sat, Sep 21, 2013 at 07:27:20PM +0100, Jonathan Wakely wrote:
>> On 21 September 2013 19:09, <firstname.lastname@example.org> wrote:
>>> It tried -O2 and it also worked. However on my system it only said:
>>> warning: integer overflow in expression
>>> How did you get gcc to produce this part:
>>> I use gcc 4.5.2. But when I use gcc like this I also do not get any
>>> gcc -Woverflow main.c -o main
>> 4.5.2 is quite old now. More recent versions show the warning option
>> that triggered the warning, that's what the [-Woverflow] part is.
>>> I wonder:
>>> 1) why -Woverflow appears in your gcc output?
>> Because it's a recent version.
>>> 2) why `gcc -Woverflow main.c -o main' does not produce a warning?
>> Because without optimisation the compiler doesn't do the necessary
>> analysis to realise that in the multiplication expression it knows the
>>> 3) why does `gcc -O main.c -o main' produce warning in the first place
>>> and why does it do this only when two operands are const?
>> Because the optimiser can track the values of constants (because they
>> don't change) and see that the values in the multiplication are known.
> But compiler also knows the operand values even if they are not
> constant? These values must be known to produce the multiplication
> result. Is this warning produced only when two operands are constant
> and optimization is turned on because this is just the way gcc does it
> and the warnings could also be produced for non-const operands if a
> compiler worked in a different way?
The compiler can only produce warnings here if it knows the values you
are using for the calculations. If you write "r = ab * bc;" then
compiler assumes that you know what you are doing, and using sensible
values for "ab" and "bc". But if the compiler can calculate the values
involved (it requires -O1 or above for many of these calculations and
analysis passes), and it can see there is definitely an error, then it
can give a warning.
So it needs the values to be "compile-time constants". That does not
necessarily mean values declared with "const", such as "const int ab =
50000;". It also includes values set with #define, enumeration
constants, literals (i.e., "50000"), as well as statements, expressions
and function calls using these if the compiler knows all the details at
Note that the compiler /can/ give a warning in such cases, but it does
not have to do so. gcc is a fantastic compiler, and gives better
compile-time warnings and static analysis than any other compiler I have
used - but it has limits. If it can easily do the calculations at
compile-time, /and/ you have optimisation flags to enable such passes,
/and/ you have enabled the appropriate warnings - /then/ gcc will give
you the warnings.
More information about the Gcc-help