public inbox for gcc-patches@gcc.gnu.org
 help / color / mirror / Atom feed
* [Ada] Compiler crash on large array aggregate
@ 2017-04-25 11:34 Arnaud Charlet
  0 siblings, 0 replies; only message in thread
From: Arnaud Charlet @ 2017-04-25 11:34 UTC (permalink / raw)
  To: gcc-patches; +Cc: Bob Duff

[-- Attachment #1: Type: text/plain, Size: 377 bytes --]

This patch fixes a bug in which the compiler crashes if the number of
subcomponents in an array aggregate is 2**31 or more.

Tested on x86_64-pc-linux-gnu, committed on trunk

2017-04-25  Bob Duff  <duff@adacore.com>

	* exp_aggr.adb (Component_Count): Protect the
	arithmetic from attempting to convert a value >= 2**31 to Int,
	which would otherwise raise Constraint_Error.


[-- Attachment #2: difs --]
[-- Type: text/plain, Size: 1516 bytes --]

Index: exp_aggr.adb
===================================================================
--- exp_aggr.adb	(revision 247177)
+++ exp_aggr.adb	(working copy)
@@ -352,7 +352,7 @@
       --  which hit memory limits in the backend.
 
       function Component_Count (T : Entity_Id) return Nat;
-      --  The limit is applied to the total number of components that the
+      --  The limit is applied to the total number of subcomponents that the
       --  aggregate will have, which is the number of static expressions
       --  that will appear in the flattened array. This requires a recursive
       --  computation of the number of scalar components of the structure.
@@ -399,8 +399,20 @@
                   return 0;
 
                else
-                  return
-                    Siz * UI_To_Int (Expr_Value (Hi) - Expr_Value (Lo) + 1);
+                  --  If the number of components is greater than Int'Last,
+                  --  then return Int'Last, so caller will return False (Aggr
+                  --  size is not OK). Otherwise, UI_To_Int will crash.
+
+                  declare
+                     UI : constant Uint :=
+                            Expr_Value (Hi) - Expr_Value (Lo) + 1;
+                  begin
+                     if UI_Is_In_Int_Range (UI) then
+                        return Siz * UI_To_Int (UI);
+                     else
+                        return Int'Last;
+                     end if;
+                  end;
                end if;
             end;
 

^ permalink raw reply	[flat|nested] only message in thread
only message in thread, other threads:[~2017-04-25 10:52 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-04-25 11:34 [Ada] Compiler crash on large array aggregate Arnaud Charlet

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).