This is an archive of the discontinued LLVM Phabricator instance.

Differential D1238

Catch more cases when diagnosing integer-constant-expression overflows.
ClosedPublic

Authored by jmagee on Jul 30 2013, 12:34 PM.

Details

Reviewers
rsmith
Commits
rG4d1a79b8c046: Catch more cases when diagnosing integer-constant-expression overflows.
rC228202: Catch more cases when diagnosing integer-constant-expression overflows.
rL228202: Catch more cases when diagnosing integer-constant-expression overflows.
Summary

Hi,

This patch improves integer-constant-expression overflow diagnostics.

Currently clang catches overflow in some cases:

int i;
...
switch (i) {

case 4096 * 1024 * 1024:  // Generates overflow warning
...

}

if (4096 * 1024 * 1024) { // Generates overflow warning
}

But it misses other cases:

uint64_t x = 4096 * 1024 * 1024; // no warning

if ((x = 4096 * 1024 * 1024)) { // no warning
}

switch (i) {

case (uint64_t)(4096 * 1024 * 1024): // no warning

...
}

void f1(int);
...
f1(4096 * 1024 * 1024); // no warning

The patch introduces the following changes:

  1. In Sema::CheckForIntOverflow, when checking for a BinaryOperator ignore any casts in addition to parentheses. Ignoring only parentheses was not enough because it missed cases like: x = 4608 * 1024 * 1024, which has an implicit cast: ImplicitCastExpr 0x5145858 'uint64_t':'unsigned long' <IntegralCast> -BinaryOperator 0x5145830 'int' '*' |-BinaryOperator 0x51457e8 'int' '*' | |-IntegerLiteral 0x51457a8 'int' 4608 | -IntegerLiteral 0x51457c8 'int' 1024 `-IntegerLiteral 0x5145810 'int' 1024
  2. In Sema::CheckForIntOverflow, check for CallExprs and recursively check for overflow on each argument. This handles cases like f1(4096 * 1024 * 1024).
  3. In IntExprEvaluator::VisitBinaryOperator(), bail out on AssignmentOps _after_ running the DataRecursiveIntBinOpEvaluator. In fact, I am not sure if check here for AssignmentOps is really necessary. It seems like it is an early-exit optimization. Presumably it was thought that assignment operators would not have any integer expression operands that need evaluating here, however this is not the case in "x = y = 4096 * 1024 * 1024" or "if ((y = 4096 * 1024 *1024))". Running the DataRecursiveIntBinOpEvaluator on AssignmentOps catches these cases. Note, this change was only needed to catch these cases in C mode. In C++ mode an implicit LValueToRValue cast was added which changed the path taken through semantic analysis.

Thanks,
Josh

Diff Detail

Event Timeline

jmagee updated this revision to Diff 19020.Jan 29 2015, 7:22 PM

Refreshing a _very_ old patch.

This patch catches more cases of overflow in integer constant expressions and is
an improvement over the current state. That said, the robustness of
EvaluateForIntOverflow can be improved by allowing it to handle more than just
BinaryOperator expression (which this patch does not address.)

The changes to catch additional cases of overflow caused a problem in
SemaChecking when synthesizing the imaginary part of complex numbers.
Specifically, it was necessary to handle cases where the LHS is not complex and
also cases where the binary operator is an AssignmentOp.

I think the changes to the complex synthesis code is potentially better split
of as a separate patch, but those changes are only required if the integer
overflow changes go in. (Similarly, the integer overflow patch needs the
complex changes to get a clean test run.)
-> In short, I'm happy to split them apart, but I included
everything as one patch so the context of why I'm proposing the complex related
changes is clearer.

Thanks,

  • Josh
asl added a subscriber: asl.Jan 30 2015, 8:44 AM
rsmith added a subscriber: rsmith.Jan 30 2015, 3:07 PM
rsmith added inline comments.
lib/AST/ExprConstant.cpp
6837–6839

This comment seems redundant: it's obvious why keepEvaluatingAfterFailure should cause us to keep evaluating after a failure ;-)

6852–6853

Unnecessary nesting here, which makes the code harder to read; switch to

if (E->isAssignmentOp()) {
  // handle it
} else if (LHSTy->isRealFloatingType()) {
  // as currently
6859–6864

These changes look unrelated to your patch: we only get here for a non-assignment-op; you're only changing how we handle assignments.

6869

You should evaluate the LHS as an lvalue in this case; there could be integer overflow within it. Eg, arr[A * B] = 3i;

6874–6885

Please factor out this process rather than duplicating it here and above.

6887–6916

This code certainly won't do the right thing if we reach it for an assignment operator. Should you instead be setting LHSOK to false for an assignment op?

lib/Sema/SemaChecking.cpp
7028–7039

The original design for the checker was that it would recursively evaluate the entire expression, including all subexpressions. There is no principled reason for it to only apply it when the top-level expression is a BinaryOperator (or a CallExpr); IIRC that restriction was applied over (possibly-misplaced) performance concerns. So: I'd like to see some performance measurements showing that either we can, or we cannot, simply run the checker over all expressions. Let's not make an arbitrary restriction more complex for no reason...

Also, this appears orthogonal to the other changes in the patch; it would be better to separate it, especially since it has performance implications.

jmagee added inline comments.Feb 3 2015, 3:55 PM
lib/AST/ExprConstant.cpp
6859–6864

Hmm... Quite right; I'll remove this (and the similar treatment for the RHS).

6887–6916

Yes, you are absolutely correct. I am surprised that I managed to run the regression test without something blowing up from this. Setting LHSOK to false seems like the best thing to do. (Alternatively I could handle assignment in the above, but in that case I would just return false, so setting LHSOK seems more natural.)

lib/Sema/SemaChecking.cpp
7028–7039

Gotcha - I'll drop these changes. I haven't done any performance measurements here yet, so I agree with holding off on fiddling with the restrictions until the impact of running the checker over all expressions is better understood.

jmagee updated this revision to Diff 19280.Feb 3 2015, 4:01 PM

Thanks for the review, Richard. Here is a new patch that hopefully addresses your feedback.
I'm honestly a bit uncertain about how I'm handling the LHS of an assignment. Evaluating it as an LValue makes sense because, as you pointed out, there may be overflow there. However I don't see anything particularly useful that can be done with the result, particularly since I go on to set LHSOK to false. That said, the code looks awkward enough that it feels like I could be overlooking something here.

I also added 2 lines to an existing complex test that would trigger this assertion if it is reached on assignment operator. It's not terribly interesting, but it would have caught a mistake in the previous version of the patch at least.

rsmith accepted this revision.Feb 3 2015, 4:29 PM
rsmith added a reviewer: rsmith.

LGTM, thanks!

lib/AST/ExprConstant.cpp
6853

Dead store; remove the LHSOK = .

This revision is now accepted and ready to land.Feb 3 2015, 4:29 PM
Closed by commit rL228202: Catch more cases when diagnosing integer-constant-expression overflows. (authored by jmagee). · Explain WhyFeb 4 2015, 1:52 PM
This revision was automatically updated to reflect the committed changes.

Revision Contents

PathSize
lib/
AST/
38 lines
Sema/
12 lines
test/
Sema/
184 lines
SemaCXX/
206 lines

Diff 19020

lib/AST/ExprConstant.cpp

  • This file is larger than 256 KB, so syntax highlighting is disabled by default.
Show First 20 LinesShow All 6,828 Lines▼ Show 20 Lines case Job::BinOpVisitedLHSKind: {
return; return;
} }
} }
llvm_unreachable("Invalid Job::Kind!"); llvm_unreachable("Invalid Job::Kind!");
} }
bool IntExprEvaluator::VisitBinaryOperator(const BinaryOperator *E) { bool IntExprEvaluator::VisitBinaryOperator(const BinaryOperator *E) {
if (E->isAssignmentOp()) // Only bail out early if keepEvaluatingAfterFailure()
// is false, otherwise keep evaluating because the evaluator could identify
// overflow in subexpressions.
rsmithUnsubmitted
Not Done
ReplyInline Actions

This comment seems redundant: it's obvious why keepEvaluatingAfterFailure should cause us to keep evaluating after a failure ;-)

rsmith: This comment seems redundant: it's obvious why `keepEvaluatingAfterFailure` should cause us to…
if (!Info.keepEvaluatingAfterFailure() && E->isAssignmentOp())
return Error(E); return Error(E);
if (DataRecursiveIntBinOpEvaluator::shouldEnqueue(E)) if (DataRecursiveIntBinOpEvaluator::shouldEnqueue(E))
return DataRecursiveIntBinOpEvaluator(*this, Result).Traverse(E); return DataRecursiveIntBinOpEvaluator(*this, Result).Traverse(E);
QualType LHSTy = E->getLHS()->getType(); QualType LHSTy = E->getLHS()->getType();
QualType RHSTy = E->getRHS()->getType(); QualType RHSTy = E->getRHS()->getType();
if (LHSTy->isAnyComplexType() || RHSTy->isAnyComplexType()) { if (LHSTy->isAnyComplexType() || RHSTy->isAnyComplexType()) {
ComplexValue LHS, RHS; ComplexValue LHS, RHS;
bool LHSOK; bool LHSOK;
if (E->getLHS()->getType()->isRealFloatingType()) { if (!E->isAssignmentOp()) {
if (LHSTy->isRealFloatingType()) {
rsmithUnsubmitted
Not Done
ReplyInline Actions

Unnecessary nesting here, which makes the code harder to read; switch to

if (E->isAssignmentOp()) {
  // handle it
} else if (LHSTy->isRealFloatingType()) {
  // as currently
rsmith: Unnecessary nesting here, which makes the code harder to read; switch to if (E…
rsmithUnsubmitted
Not Done
ReplyInline Actions

Dead store; remove the LHSOK = .

rsmith: Dead store; remove the `LHSOK = `.
LHSOK = EvaluateFloat(E->getLHS(), LHS.FloatReal, Info); LHSOK = EvaluateFloat(E->getLHS(), LHS.FloatReal, Info);
if (LHSOK) { if (LHSOK) {
LHS.makeComplexFloat(); LHS.makeComplexFloat();
LHS.FloatImag = APFloat(LHS.FloatReal.getSemantics()); LHS.FloatImag = APFloat(LHS.FloatReal.getSemantics());
} }
} else if (LHSTy->isIntegerType()) {
LHSOK = EvaluateInteger(E->getLHS(), LHS.IntReal, Info);
if (LHSOK) {
LHS.makeComplexInt();
LHS.IntImag = APSInt(LHS.IntReal.getBitWidth(), !LHS.IntReal.isSigned());
}
rsmithUnsubmitted
Not Done
ReplyInline Actions

These changes look unrelated to your patch: we only get here for a non-assignment-op; you're only changing how we handle assignments.

rsmith: These changes look unrelated to your patch: we only get here for a non-assignment-op; you're…
jmageeAuthorUnsubmitted
Not Done
ReplyInline Actions

Hmm... Quite right; I'll remove this (and the similar treatment for the RHS).

jmagee: Hmm... Quite right; I'll remove this (and the similar treatment for the RHS).
} else { } else {
LHSOK = EvaluateComplex(E->getLHS(), LHS, Info); LHSOK = EvaluateComplex(E->getLHS(), LHS, Info);
} }
} else
LHSOK = true;
rsmithUnsubmitted
Not Done
ReplyInline Actions

You should evaluate the LHS as an lvalue in this case; there could be integer overflow within it. Eg, arr[A * B] = 3i;

rsmith: You should evaluate the LHS as an lvalue in this case; there could be integer overflow within…
if (!LHSOK && !Info.keepEvaluatingAfterFailure()) if (!LHSOK && !Info.keepEvaluatingAfterFailure())
return false; return false;
if (E->getRHS()->getType()->isRealFloatingType()) { if (RHSTy->isRealFloatingType()) {
if (!EvaluateFloat(E->getRHS(), RHS.FloatReal, Info) || !LHSOK) if (!EvaluateFloat(E->getRHS(), RHS.FloatReal, Info) || !LHSOK)
return false; return false;
RHS.makeComplexFloat(); RHS.makeComplexFloat();
RHS.FloatImag = APFloat(RHS.FloatReal.getSemantics()); RHS.FloatImag = APFloat(RHS.FloatReal.getSemantics());
} else if (RHSTy->isIntegerType()) {
if (!EvaluateInteger(E->getLHS(), LHS.IntReal, Info) || !LHSOK)
return false;
RHS.makeComplexInt();
RHS.IntImag = APSInt(RHS.IntReal.getBitWidth(), !RHS.IntReal.isSigned());
} else if (!EvaluateComplex(E->getRHS(), RHS, Info) || !LHSOK) } else if (!EvaluateComplex(E->getRHS(), RHS, Info) || !LHSOK)
return false; return false;
rsmithUnsubmitted
Not Done
ReplyInline Actions

Please factor out this process rather than duplicating it here and above.

rsmith: Please factor out this process rather than duplicating it here and above.
if (LHS.isComplexFloat()) { if (LHS.isComplexFloat()) {
APFloat::cmpResult CR_r = APFloat::cmpResult CR_r =
LHS.getComplexFloatReal().compare(RHS.getComplexFloatReal()); LHS.getComplexFloatReal().compare(RHS.getComplexFloatReal());
APFloat::cmpResult CR_i = APFloat::cmpResult CR_i =
LHS.getComplexFloatImag().compare(RHS.getComplexFloatImag()); LHS.getComplexFloatImag().compare(RHS.getComplexFloatImag());
if (E->getOpcode() == BO_EQ) if (E->getOpcode() == BO_EQ)
return Success((CR_r == APFloat::cmpEqual && return Success((CR_r == APFloat::cmpEqual &&
CR_i == APFloat::cmpEqual), E); CR_i == APFloat::cmpEqual), E);
else { else {
assert(E->getOpcode() == BO_NE && assert(E->getOpcode() == BO_NE &&
"Invalid complex comparison."); "Invalid complex comparison.");
return Success(((CR_r == APFloat::cmpGreaterThan || return Success(((CR_r == APFloat::cmpGreaterThan ||
CR_r == APFloat::cmpLessThan || CR_r == APFloat::cmpLessThan ||
CR_r == APFloat::cmpUnordered) || CR_r == APFloat::cmpUnordered) ||
(CR_i == APFloat::cmpGreaterThan || (CR_i == APFloat::cmpGreaterThan ||
CR_i == APFloat::cmpLessThan || CR_i == APFloat::cmpLessThan ||
CR_i == APFloat::cmpUnordered)), E); CR_i == APFloat::cmpUnordered)), E);
} }
} else { } else {
if (E->getOpcode() == BO_EQ) if (E->getOpcode() == BO_EQ)
return Success((LHS.getComplexIntReal() == RHS.getComplexIntReal() && return Success((LHS.getComplexIntReal() == RHS.getComplexIntReal() &&
LHS.getComplexIntImag() == RHS.getComplexIntImag()), E); LHS.getComplexIntImag() == RHS.getComplexIntImag()), E);
else { else {
assert(E->getOpcode() == BO_NE && assert(E->getOpcode() == BO_NE &&
"Invalid compex comparison."); "Invalid compex comparison.");
return Success((LHS.getComplexIntReal() != RHS.getComplexIntReal() || return Success((LHS.getComplexIntReal() != RHS.getComplexIntReal() ||
LHS.getComplexIntImag() != RHS.getComplexIntImag()), E); LHS.getComplexIntImag() != RHS.getComplexIntImag()), E);
} }
} }
rsmithUnsubmitted
Not Done
ReplyInline Actions

This code certainly won't do the right thing if we reach it for an assignment operator. Should you instead be setting LHSOK to false for an assignment op?

rsmith: This code certainly won't do the right thing if we reach it for an assignment operator. Should…
jmageeAuthorUnsubmitted
Not Done
ReplyInline Actions

Yes, you are absolutely correct. I am surprised that I managed to run the regression test without something blowing up from this. Setting LHSOK to false seems like the best thing to do. (Alternatively I could handle assignment in the above, but in that case I would just return false, so setting LHSOK seems more natural.)

jmagee: Yes, you are absolutely correct. I am surprised that I managed to run the regression test…
} }
if (LHSTy->isRealFloatingType() && if (LHSTy->isRealFloatingType() &&
RHSTy->isRealFloatingType()) { RHSTy->isRealFloatingType()) {
APFloat RHS(0.0), LHS(0.0); APFloat RHS(0.0), LHS(0.0);
bool LHSOK = EvaluateFloat(E->getRHS(), RHS, Info); bool LHSOK = EvaluateFloat(E->getRHS(), RHS, Info);
if (!LHSOK && !Info.keepEvaluatingAfterFailure()) if (!LHSOK && !Info.keepEvaluatingAfterFailure())
▲ Show 20 LinesShow All 2,265 LinesShow Last 20 Lines

lib/Sema/SemaChecking.cpp

  • This file is larger than 256 KB, so syntax highlighting is disabled by default.
Show First 20 LinesShow All 7,019 Lines▼ Show 20 Lines
/// Input argument E is a logical expression. /// Input argument E is a logical expression.
void Sema::CheckBoolLikeConversion(Expr *E, SourceLocation CC) { void Sema::CheckBoolLikeConversion(Expr *E, SourceLocation CC) {
::CheckBoolLikeConversion(*this, E, CC); ::CheckBoolLikeConversion(*this, E, CC);
} }
/// Diagnose when expression is an integer constant expression and its evaluation /// Diagnose when expression is an integer constant expression and its evaluation
/// results in integer overflow /// results in integer overflow
void Sema::CheckForIntOverflow (Expr *E) { void Sema::CheckForIntOverflow (Expr *E) {
if (isa<BinaryOperator>(E->IgnoreParenCasts())) // Evaluate each argument of a CallExpr to check
// for overflow and ignore both paren and cast expressions.
// FIXME: It should be possible to pass any/all Expressions to
// EvaluateForOverflow() and have it do the right thing. Currently, it only
// handles BinaryOperator expressions.
if (CallExpr *CE = dyn_cast<CallExpr>(E->IgnoreParenCasts())) {
for (CallExpr::arg_iterator CEI = CE->arg_begin(),
CEE = CE->arg_end(); CEI != CEE; ++CEI)
CheckForIntOverflow(*CEI);
} else if (isa<BinaryOperator>(E->IgnoreParenCasts()))
E->IgnoreParenCasts()->EvaluateForOverflow(Context); E->IgnoreParenCasts()->EvaluateForOverflow(Context);
rsmithUnsubmitted
Not Done
ReplyInline Actions

The original design for the checker was that it would recursively evaluate the entire expression, including all subexpressions. There is no principled reason for it to only apply it when the top-level expression is a BinaryOperator (or a CallExpr); IIRC that restriction was applied over (possibly-misplaced) performance concerns. So: I'd like to see some performance measurements showing that either we can, or we cannot, simply run the checker over all expressions. Let's not make an arbitrary restriction more complex for no reason...

Also, this appears orthogonal to the other changes in the patch; it would be better to separate it, especially since it has performance implications.

rsmith: The original design for the checker was that it would recursively evaluate the entire…
jmageeAuthorUnsubmitted
Not Done
ReplyInline Actions

Gotcha - I'll drop these changes. I haven't done any performance measurements here yet, so I agree with holding off on fiddling with the restrictions until the impact of running the checker over all expressions is better understood.

jmagee: Gotcha - I'll drop these changes. I haven't done any performance measurements here yet, so I…
} }
namespace { namespace {
/// \brief Visitor for expressions which looks for unsequenced operations on the /// \brief Visitor for expressions which looks for unsequenced operations on the
/// same object. /// same object.
class SequenceChecker : public EvaluatedExprVisitor<SequenceChecker> { class SequenceChecker : public EvaluatedExprVisitor<SequenceChecker> {
typedef EvaluatedExprVisitor<SequenceChecker> Base; typedef EvaluatedExprVisitor<SequenceChecker> Base;
▲ Show 20 LinesShow All 1,848 LinesShow Last 20 Lines

test/Sema/integer-overflow.c

  • This file was added.
// RUN: %clang_cc1 %s -verify -fsyntax-only
typedef unsigned long long uint64_t;
typedef unsigned long long uint32_t;
uint64_t f0(uint64_t);
uint64_t f1(uint64_t, uint32_t);
uint64_t f2(uint64_t, ...);
static const uint64_t overflow = 1 * 4608 * 1024 * 1024; // expected-warning {{overflow in expression; result is 536870912 with type 'int'}}
uint64_t check_integer_overflows(int i) {
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
uint64_t overflow = 4608 * 1024 * 1024,
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
overflow2 = (uint64_t)(4608 * 1024 * 1024),
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
overflow3 = (uint64_t)(4608 * 1024 * 1024 * i),
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
overflow4 = (1ULL * ((4608) * ((1024) * (1024))) + 2ULL),
// expected-warning@+1 2{{overflow in expression; result is 536870912 with type 'int'}}
multi_overflow = (uint64_t)((uint64_t)(4608 * 1024 * 1024) * (uint64_t)(4608 * 1024 * 1024));
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
overflow += overflow2 = overflow3 = (uint64_t)(4608 * 1024 * 1024);
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
overflow += overflow2 = overflow3 = 4608 * 1024 * 1024;
uint64_t not_overflow = 4608 * 1024 * 1024ULL;
uint64_t not_overflow2 = (1ULL * ((uint64_t)(4608) * (1024 * 1024)) + 2ULL);
// expected-warning@+1 2{{overflow in expression; result is 536870912 with type 'int'}}
overflow = 4608 * 1024 * 1024 ? 4608 * 1024 * 1024 : 0;
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
overflow = 0 ? 0 : 4608 * 1024 * 1024;
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
if (4608 * 1024 * 1024)
return 0;
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
if ((uint64_t)(4608 * 1024 * 1024))
return 1;
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
if ((uint64_t)(4608 * 1024 * 1024))
return 2;
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
if ((uint64_t)(4608 * 1024 * 1024 * i))
return 3;
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
if ((1ULL * ((4608) * ((1024) * (1024))) + 2ULL))
return 4;
// expected-warning@+1 2{{overflow in expression; result is 536870912 with type 'int'}}
if ((uint64_t)((uint64_t)(4608 * 1024 * 1024) * (uint64_t)(4608 * 1024 * 1024)))
return 5;
switch (i) {
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
case 4608 * 1024 * 1024:
return 6;
// expected-warning@+1 {{overflow in expression; result is 537919488 with type 'int'}}
case (uint64_t)(4609 * 1024 * 1024):
return 7;
// expected-error@+1 {{expression is not an integer constant expression}}
case ((uint64_t)(4608 * 1024 * 1024 * i)):
return 8;
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
case ((1ULL * ((4608) * ((1024) * (1024))) + 2ULL)):
return 9;
// expected-warning@+2 2{{overflow in expression; result is 536870912 with type 'int'}}
// expected-warning@+1 {{overflow converting case value to switch condition type (288230376151711744 to 0)}}
case ((uint64_t)((uint64_t)(4608 * 1024 * 1024) * (uint64_t)(4608 * 1024 * 1024))):
return 10;
}
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
while (4608 * 1024 * 1024);
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
while ((uint64_t)(4608 * 1024 * 1024));
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
while ((uint64_t)(4608 * 1024 * 1024));
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
while ((uint64_t)(4608 * 1024 * 1024 * i));
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
while ((1ULL * ((4608) * ((1024) * (1024))) + 2ULL));
// expected-warning@+1 2{{overflow in expression; result is 536870912 with type 'int'}}
while ((uint64_t)((uint64_t)(4608 * 1024 * 1024) * (uint64_t)(4608 * 1024 * 1024)));
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
do { } while (4608 * 1024 * 1024);
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
do { } while ((uint64_t)(4608 * 1024 * 1024));
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
do { } while ((uint64_t)(4608 * 1024 * 1024));
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
do { } while ((uint64_t)(4608 * 1024 * 1024 * i));
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
do { } while ((1ULL * ((4608) * ((1024) * (1024))) + 2ULL));
// expected-warning@+1 2{{overflow in expression; result is 536870912 with type 'int'}}
do { } while ((uint64_t)((uint64_t)(4608 * 1024 * 1024) * (uint64_t)(4608 * 1024 * 1024)));
// expected-warning@+3 {{overflow in expression; result is 536870912 with type 'int'}}
// expected-warning@+3 {{overflow in expression; result is 536870912 with type 'int'}}
// expected-warning@+3 {{overflow in expression; result is 536870912 with type 'int'}}
for (uint64_t i = 4608 * 1024 * 1024;
(uint64_t)(4608 * 1024 * 1024);
i += (uint64_t)(4608 * 1024 * 1024 * i));
// expected-warning@+3 {{overflow in expression; result is 536870912 with type 'int'}}
// expected-warning@+3 2{{overflow in expression; result is 536870912 with type 'int'}}
// expected-warning@+3 2{{overflow in expression; result is 536870912 with type 'int'}}
for (uint64_t i = (1ULL * ((4608) * ((1024) * (1024))) + 2ULL);
((uint64_t)((uint64_t)(4608 * 1024 * 1024) * (uint64_t)(4608 * 1024 * 1024)));
i = ((4608 * 1024 * 1024) + ((uint64_t)(4608 * 1024 * 1024))));
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
f0(4608 * 1024 * 1024);
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
f0((uint64_t)(4608 * 1024 * 1024));
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
f0((uint64_t)(4608 * 1024 * 1024));
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
f0((uint64_t)(4608 * 1024 * 1024 * i));
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
f0((1ULL * ((4608) * ((1024) * (1024))) + 2ULL));
// expected-warning@+1 2{{overflow in expression; result is 536870912 with type 'int'}}
f0((uint64_t)((uint64_t)(4608 * 1024 * 1024) * (uint64_t)(4608 * 1024 * 1024)));
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
f0(overflow = 4608 * 1024 * 1024);
// expected-warning@+1 2{{overflow in expression; result is 536870912 with type 'int'}}
f1((uint64_t)(4608 * 1024 * 1024), 4608 * 1024 * 1024);
// expected-warning@+1 2{{overflow in expression; result is 536870912 with type 'int'}}
f1((uint64_t)(4608 * 1024 * 1024 * i), (1ULL * ((4608) * ((1024) * (1024))) + 2ULL));
// expected-warning@+1 3{{overflow in expression; result is 536870912 with type 'int'}}
f1((uint64_t)((uint64_t)(4608 * 1024 * 1024) * (uint64_t)(4608 * 1024 * 1024)), overflow = 4608 * 1024 * 1024);
// expected-warning@+6 {{overflow in expression; result is 536870912 with type 'int'}}
// expected-warning@+6 {{overflow in expression; result is 536870912 with type 'int'}}
// expected-warning@+6 {{overflow in expression; result is 536870912 with type 'int'}}
// expected-warning@+6 {{overflow in expression; result is 536870912 with type 'int'}}
// expected-warning@+6 2{{overflow in expression; result is 536870912 with type 'int'}}
// expected-warning@+6 {{overflow in expression; result is 536870912 with type 'int'}}
f2(f1(f0((uint64_t)(4608 * 1024 * 1024)),
f0(4608 * 1024 * 1024)),
(uint64_t)(4608 * 1024 * 1024 * i),
(1ULL * ((4608) * ((1024) * (1024))) + 2ULL),
(uint64_t)((uint64_t)(4608 * 1024 * 1024) * (uint64_t)(4608 * 1024 * 1024)),
overflow = 4608 * 1024 * 1024);
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
_Complex long long x = 4608 * 1024 * 1024;
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
(__real__ x) = 4608 * 1024 * 1024;
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
(__imag__ x) = 4608 * 1024 * 1024;
// expected-warning@+1 2{{overflow in expression; result is 536870912 with type 'int'}}
return ((4608 * 1024 * 1024) + ((uint64_t)(4608 * 1024 * 1024)));
}

test/SemaCXX/integer-overflow.cpp

  • This file was added.
// RUN: %clang_cc1 %s -verify -fsyntax-only -std=gnu++98
typedef unsigned long long uint64_t;
typedef unsigned long long uint32_t;
uint64_t f0(uint64_t);
uint64_t f1(uint64_t, uint32_t);
uint64_t f2(uint64_t, ...);
static const uint64_t overflow = 1 * 4608 * 1024 * 1024; // expected-warning {{overflow in expression; result is 536870912 with type 'int'}}
uint64_t check_integer_overflows(int i) { //expected-note {{declared here}}
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
uint64_t overflow = 4608 * 1024 * 1024,
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
overflow2 = (uint64_t)(4608 * 1024 * 1024),
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
overflow3 = (uint64_t)(4608 * 1024 * 1024 * i),
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
overflow4 = (1ULL * ((4608) * ((1024) * (1024))) + 2ULL),
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
overflow5 = static_cast<uint64_t>(4608 * 1024 * 1024),
// expected-warning@+1 2{{overflow in expression; result is 536870912 with type 'int'}}
multi_overflow = (uint64_t)((uint64_t)(4608 * 1024 * 1024) * (uint64_t)(4608 * 1024 * 1024));
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
overflow += overflow2 = overflow3 = (uint64_t)(4608 * 1024 * 1024);
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
overflow += overflow2 = overflow3 = 4608 * 1024 * 1024;
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
overflow += overflow2 = overflow3 = static_cast<uint64_t>(4608 * 1024 * 1024);
uint64_t not_overflow = 4608 * 1024 * 1024ULL;
uint64_t not_overflow2 = (1ULL * ((uint64_t)(4608) * (1024 * 1024)) + 2ULL);
// expected-warning@+1 2{{overflow in expression; result is 536870912 with type 'int'}}
overflow = 4608 * 1024 * 1024 ? 4608 * 1024 * 1024 : 0;
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
overflow = 0 ? 0 : 4608 * 1024 * 1024;
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
if (4608 * 1024 * 1024)
return 0;
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
if ((uint64_t)(4608 * 1024 * 1024))
return 1;
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
if (static_cast<uint64_t>(4608 * 1024 * 1024))
return 1;
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
if ((uint64_t)(4608 * 1024 * 1024))
return 2;
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
if ((uint64_t)(4608 * 1024 * 1024 * i))
return 3;
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
if ((1ULL * ((4608) * ((1024) * (1024))) + 2ULL))
return 4;
// expected-warning@+1 2{{overflow in expression; result is 536870912 with type 'int'}}
if ((uint64_t)((uint64_t)(4608 * 1024 * 1024) * (uint64_t)(4608 * 1024 * 1024)))
return 5;
switch (i) {
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
case 4608 * 1024 * 1024:
return 6;
// expected-warning@+1 {{overflow in expression; result is 537919488 with type 'int'}}
case (uint64_t)(4609 * 1024 * 1024):
return 7;
// expected-warning@+1 {{overflow in expression; result is 537919488 with type 'int'}}
case 1 + static_cast<uint64_t>(4609 * 1024 * 1024):
return 7;
// expected-error@+2 {{expression is not an integral constant expression}}
// expected-note@+1 {{read of non-const variable 'i' is not allowed in a constant expression}}
case ((uint64_t)(4608 * 1024 * 1024 * i)):
return 8;
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
case ((1ULL * ((4608) * ((1024) * (1024))) + 2ULL)):
return 9;
// expected-warning@+2 2{{overflow in expression; result is 536870912 with type 'int'}}
// expected-warning@+1 {{overflow converting case value to switch condition type (288230376151711744 to 0)}}
case ((uint64_t)((uint64_t)(4608 * 1024 * 1024) * (uint64_t)(4608 * 1024 * 1024))):
return 10;
}
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
while (4608 * 1024 * 1024);
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
while ((uint64_t)(4608 * 1024 * 1024));
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
while (static_cast<uint64_t>(4608 * 1024 * 1024));
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
while ((uint64_t)(4608 * 1024 * 1024));
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
while ((uint64_t)(4608 * 1024 * 1024 * i));
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
while ((1ULL * ((4608) * ((1024) * (1024))) + 2ULL));
// expected-warning@+1 2{{overflow in expression; result is 536870912 with type 'int'}}
while ((uint64_t)((uint64_t)(4608 * 1024 * 1024) * (uint64_t)(4608 * 1024 * 1024)));
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
do { } while (4608 * 1024 * 1024);
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
do { } while ((uint64_t)(4608 * 1024 * 1024));
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
do { } while (static_cast<uint64_t>(4608 * 1024 * 1024));
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
do { } while ((uint64_t)(4608 * 1024 * 1024));
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
do { } while ((uint64_t)(4608 * 1024 * 1024 * i));
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
do { } while ((1ULL * ((4608) * ((1024) * (1024))) + 2ULL));
// expected-warning@+1 2{{overflow in expression; result is 536870912 with type 'int'}}
do { } while ((uint64_t)((uint64_t)(4608 * 1024 * 1024) * (uint64_t)(4608 * 1024 * 1024)));
// expected-warning@+3 {{overflow in expression; result is 536870912 with type 'int'}}
// expected-warning@+3 {{overflow in expression; result is 536870912 with type 'int'}}
// expected-warning@+3 {{overflow in expression; result is 536870912 with type 'int'}}
for (uint64_t i = 4608 * 1024 * 1024;
(uint64_t)(4608 * 1024 * 1024);
i += (uint64_t)(4608 * 1024 * 1024 * i));
// expected-warning@+3 {{overflow in expression; result is 536870912 with type 'int'}}
// expected-warning@+3 2{{overflow in expression; result is 536870912 with type 'int'}}
// expected-warning@+3 2{{overflow in expression; result is 536870912 with type 'int'}}
for (uint64_t i = (1ULL * ((4608) * ((1024) * (1024))) + 2ULL);
((uint64_t)((uint64_t)(4608 * 1024 * 1024) * (uint64_t)(4608 * 1024 * 1024)));
i = ((4608 * 1024 * 1024) + ((uint64_t)(4608 * 1024 * 1024))));
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
f0(4608 * 1024 * 1024);
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
f0((uint64_t)(4608 * 1024 * 1024));
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
f0(static_cast<uint64_t>(4608 * 1024 * 1024));
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
f0((uint64_t)(4608 * 1024 * 1024));
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
f0((uint64_t)(4608 * 1024 * 1024 * i));
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
f0((1ULL * ((4608) * ((1024) * (1024))) + 2ULL));
// expected-warning@+1 2{{overflow in expression; result is 536870912 with type 'int'}}
f0((uint64_t)((uint64_t)(4608 * 1024 * 1024) * (uint64_t)(4608 * 1024 * 1024)));
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
f0(overflow = 4608 * 1024 * 1024);
// expected-warning@+1 2{{overflow in expression; result is 536870912 with type 'int'}}
f1((uint64_t)(4608 * 1024 * 1024), 4608 * 1024 * 1024);
// expected-warning@+1 2{{overflow in expression; result is 536870912 with type 'int'}}
f1((uint64_t)(4608 * 1024 * 1024 * i), (1ULL * ((4608) * ((1024) * (1024))) + 2ULL));
// expected-warning@+1 3{{overflow in expression; result is 536870912 with type 'int'}}
f1((uint64_t)((uint64_t)(4608 * 1024 * 1024) * (uint64_t)(4608 * 1024 * 1024)), overflow = 4608 * 1024 * 1024);
// expected-warning@+6 {{overflow in expression; result is 536870912 with type 'int'}}
// expected-warning@+6 {{overflow in expression; result is 536870912 with type 'int'}}
// expected-warning@+6 {{overflow in expression; result is 536870912 with type 'int'}}
// expected-warning@+6 {{overflow in expression; result is 536870912 with type 'int'}}
// expected-warning@+6 2{{overflow in expression; result is 536870912 with type 'int'}}
// expected-warning@+6 {{overflow in expression; result is 536870912 with type 'int'}}
f2(f1(f0((uint64_t)(4608 * 1024 * 1024)),
f0(4608 * 1024 * 1024)),
(uint64_t)(4608 * 1024 * 1024 * i),
(1ULL * ((4608) * ((1024) * (1024))) + 2ULL),
(uint64_t)((uint64_t)(4608 * 1024 * 1024) * (uint64_t)(4608 * 1024 * 1024)),
overflow = 4608 * 1024 * 1024);
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
_Complex long long x = 4608 * 1024 * 1024;
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
(__real__ x) = 4608 * 1024 * 1024;
// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
(__imag__ x) = 4608 * 1024 * 1024;
// expected-warning@+1 2{{overflow in expression; result is 536870912 with type 'int'}}
return ((4608 * 1024 * 1024) + ((uint64_t)(4608 * 1024 * 1024)));
}