From patchwork Tue Aug 13 08:31:57 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Pierre-Marie de Rodat X-Patchwork-Id: 1146114 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=gcc.gnu.org (client-ip=209.132.180.131; helo=sourceware.org; envelope-from=gcc-patches-return-506769-incoming=patchwork.ozlabs.org@gcc.gnu.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=adacore.com Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=gcc.gnu.org header.i=@gcc.gnu.org header.b="nFAld7tJ"; dkim-atps=neutral Received: from sourceware.org (server1.sourceware.org [209.132.180.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4675c14476z9sNF for ; Tue, 13 Aug 2019 18:34:25 +1000 (AEST) DomainKey-Signature: a=rsa-sha1; c=nofws; d=gcc.gnu.org; h=list-id :list-unsubscribe:list-archive:list-post:list-help:sender:date :from:to:cc:subject:message-id:mime-version:content-type; q=dns; s=default; b=xbX2POgmp7oMXhy47BpzzKbbaiV4NVjsNHj1H3eX5raUwRCO8I syGU+jhSJq2psrGUIZzIu4DpNLVMIiP4TN9E8104KCUSPCuB+LrEq2oy+F+RLafk Bsm06kBx/jgT9edATRLSzbh+2ZJLmza3vBAUC/wzPnZvvo5mUJdpeVKwk= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=gcc.gnu.org; h=list-id :list-unsubscribe:list-archive:list-post:list-help:sender:date :from:to:cc:subject:message-id:mime-version:content-type; s= default; bh=4N6diiRfrlA5spVWOppeJQCvRuE=; b=nFAld7tJ/0Wj9k4mhPlm IxVcWZ3qWVDfQGjgCK5ubTOnLIH3Tvdhs4MrULmLKwh3mNCOx01LA4Wc+qrEK16d K6drJL8mGVXdgYlUkE4IZryCWEvtkQAyF/rMRTDdE0GQTnZvWze7clTi+MR9LF71 dJD7MUNOcdFp/B4AodZg2HQ= Received: (qmail 111057 invoked by alias); 13 Aug 2019 08:32:11 -0000 Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Archive: List-Post: List-Help: Sender: gcc-patches-owner@gcc.gnu.org Delivered-To: mailing list gcc-patches@gcc.gnu.org Received: (qmail 110786 invoked by uid 89); 13 Aug 2019 08:32:09 -0000 Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-10.6 required=5.0 tests=AWL, BAYES_00, GIT_PATCH_2, GIT_PATCH_3, SPF_NEUTRAL autolearn=ham version=3.3.1 spammy=5000 X-HELO: eggs.gnu.org Received: from eggs.gnu.org (HELO eggs.gnu.org) (209.51.188.92) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Tue, 13 Aug 2019 08:32:07 +0000 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hxSDo-0001dj-D9 for gcc-patches@gcc.gnu.org; Tue, 13 Aug 2019 04:32:01 -0400 Received: from rock.gnat.com ([205.232.38.15]:53679) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1hxSDo-0001d2-3d for gcc-patches@gcc.gnu.org; Tue, 13 Aug 2019 04:32:00 -0400 Received: from localhost (localhost.localdomain [127.0.0.1]) by filtered-rock.gnat.com (Postfix) with ESMTP id 82152560F4; Tue, 13 Aug 2019 04:31:59 -0400 (EDT) Received: from rock.gnat.com ([127.0.0.1]) by localhost (rock.gnat.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id bUbSBEQYpE-F; Tue, 13 Aug 2019 04:31:59 -0400 (EDT) Received: from tron.gnat.com (tron.gnat.com [205.232.38.10]) by rock.gnat.com (Postfix) with ESMTP id CB828560F9; Tue, 13 Aug 2019 04:31:57 -0400 (EDT) Received: by tron.gnat.com (Postfix, from userid 4862) id CA50B6B4; Tue, 13 Aug 2019 04:31:57 -0400 (EDT) Date: Tue, 13 Aug 2019 04:31:57 -0400 From: Pierre-Marie de Rodat To: gcc-patches@gcc.gnu.org Cc: Gary Dismukes Subject: [Ada] Compiler may blow up on array aggregates whose size is very large Message-ID: <20190813083157.GA38616@adacore.com> MIME-Version: 1.0 Content-Disposition: inline User-Agent: Mutt/1.5.23 (2014-03-12) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x X-Received-From: 205.232.38.15 X-IsSubscribed: yes The compiler may crash when compiling array aggregates where the computation of the size produces a very large number that overflows (possibly producing a small result), such as with an aggregate of a type that is an array of arrays, where each array range has close to Integer'Last elements. That can lead to Aggr_Size_OK returning incorrectly returning True, following on to allocating a very large array in function Flatten that blows the stack. The size computation was being performed using type Int, so this was changed to use universal arithmetic. Tested on x86_64-pc-linux-gnu, committed on trunk 2019-08-13 Gary Dismukes gcc/ada/ * exp_aggr.adb (Aggr_Size_OK): Compute the aggregate size using universal arithmetic, to avoid situations where the size computation overflows. gcc/testsuite/ * gnat.dg/aggr26.adb: New testcase. --- gcc/ada/exp_aggr.adb +++ gcc/ada/exp_aggr.adb @@ -344,7 +344,7 @@ package body Exp_Aggr is Lo : Node_Id; Hi : Node_Id; Indx : Node_Id; - Siz : Int; + Size : Uint; Lov : Uint; Hiv : Uint; @@ -468,7 +468,7 @@ package body Exp_Aggr is Max_Aggr_Size := 5000; end if; - Siz := Component_Count (Component_Type (Typ)); + Size := UI_From_Int (Component_Count (Component_Type (Typ))); Indx := First_Index (Typ); while Present (Indx) loop @@ -538,14 +538,17 @@ package body Exp_Aggr is return False; end if; - Siz := Siz * UI_To_Int (Rng); - end; + -- Compute the size using universal arithmetic to avoid the + -- possibility of overflow on very large aggregates. - if Siz <= 0 - or else Siz > Max_Aggr_Size - then - return False; - end if; + Size := Size * Rng; + + if Size <= 0 + or else Size > Max_Aggr_Size + then + return False; + end if; + end; -- Bounds must be in integer range, for later array construction --- /dev/null new file mode 100644 +++ gcc/testsuite/gnat.dg/aggr26.adb @@ -0,0 +1,10 @@ +-- { dg-do compile } + +procedure Aggr26 is + + type Row is array (Positive) of Integer; + H : array (Positive) of Row := (others => (others => 0)); -- { dg-warning "\"Storage_Error\" will be raised at run time" } + +begin + null; +end Aggr26;