From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gcc-bugs-return-246511-listarch-gcc-bugs=gcc.gnu.org@gcc.gnu.org>
Received: (qmail 31249 invoked by alias); 3 Mar 2008 17:35:41 -0000
Received: (qmail 31073 invoked by uid 48); 3 Mar 2008 17:34:57 -0000
Date: Mon, 03 Mar 2008 17:35:00 -0000
Subject: [Bug c/35427]  New: pointer subtraction in very big array
X-Bugzilla-Reason: CC
Message-ID: <bug-35427-2489@http.gcc.gnu.org/bugzilla/>
Reply-To: gcc-bugzilla@gcc.gnu.org
To: gcc-bugs@gcc.gnu.org
From: "akr at m17n dot org" <gcc-bugzilla@gcc.gnu.org>
Mailing-List: contact gcc-bugs-help@gcc.gnu.org; run by ezmlm
Precedence: bulk
List-Id: <gcc-bugs.gcc.gnu.org>
List-Archive: <http://gcc.gnu.org/ml/gcc-bugs/>
List-Post: <mailto:gcc-bugs@gcc.gnu.org>
List-Help: <mailto:gcc-bugs-help@gcc.gnu.org>
Sender: gcc-bugs-owner@gcc.gnu.org
X-SW-Source: 2008-03/txt/msg00137.txt.bz2

I found that an result of pointer subtraction in a big array is negative when
it is expected to be positive.

% cat t.i
typedef int ptrdiff_t;
typedef unsigned int size_t;
extern void *malloc (size_t __size) __attribute__ ((__malloc__));
extern void exit (int __status) __attribute__ ((__noreturn__));
extern int printf (__const char *__restrict __format, ...);
extern void perror (__const char *__s);

int main(int argc, char **argv)
{
  long *p, *q;
  int nelem;
  ptrdiff_t s;

  printf("sizeof(long) = %d\n", sizeof(long));
  printf("sizeof(size_t) = %d\n", sizeof(size_t));
  printf("sizeof(ptrdiff_t) = %d\n", sizeof(ptrdiff_t));

  nelem = 513 * 1024 * 1024;
  printf("nelem: %d\n", nelem);

  q = malloc(sizeof(long) * nelem);
  if (!q) { perror("malloc"); exit(1); }

  p = q + (nelem-1);
  s = p - q;
  printf("result: %d\n", s);

  return 0;
}
% bin/gcc -Wall t.i
% ./a.out 
sizeof(long) = 4
sizeof(size_t) = 4
sizeof(ptrdiff_t) = 4
nelem: 537919488
result: -535822337
% uname -srv
Linux 2.6.23.12 #3 SMP PREEMPT Thu Dec 27 21:28:19 JST 2007

This program allocates a big array, 513  * 1024 * 1024 elements of longs.

After that, the program subtracts the pointer to the first element from the
last element.

Then the subtraction from the pointer to one after the last element by the
pointer to the first element.
It's result should be 513 * 1024 * 1024 - 1. 
But -535822337 is printed.

Note that the expected result is representable in int because it is counted as
number of longs, not chars.


-- 
           Summary: pointer subtraction in very big array
           Product: gcc
           Version: 4.2.3
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: c
        AssignedTo: unassigned at gcc dot gnu dot org
        ReportedBy: akr at m17n dot org
 GCC build triplet: i686-pc-linux-gnu
  GCC host triplet: i686-pc-linux-gnu
GCC target triplet: i686-pc-linux-gnu


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=35427