[tz] Compiler warning in tzcode2016g about SIZE_MAX being wider than int
Tom Lane
tgl at sss.pgh.pa.us
Thu Oct 20 17:15:10 UTC 2016
When trying to build 2016g using macOS's current compiler (or, probably,
any reasonably late-model version of clang), I get
cc -DTZDIR=\"/usr/local/etc/zoneinfo\" -c -o zic.o zic.c
zic.c:434:51: warning: implicit conversion from 'unsigned long long' to 'int' changes value from 18446744073709551615 to -1 [-Wconstant-conversion]
int amax = nitems_max < SIZE_MAX ? nitems_max : SIZE_MAX;
~~~~ ^~~~~~~~
/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.12.sdk/usr/include/stdint.h:153:20: note: expanded from macro 'SIZE_MAX'
#define SIZE_MAX UINT64_MAX
^~~~~~~~~~
/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.12.sdk/usr/include/stdint.h:87:27: note: expanded from macro 'UINT64_MAX'
#define UINT64_MAX 18446744073709551615ULL
^~~~~~~~~~~~~~~~~~~~~~~
1 warning generated.
Or in other words, clang is pointing out, quite correctly, that SIZE_MAX
won't fit in an int. This doesn't represent a runtime bug because the
condition "nitems_max < SIZE_MAX" can never fail, but that just begs
the question why have it. I am not aware of any C implementation that
has ever had INT_MAX > SIZE_MAX, and surely there are none in use today.
I suggest, therefore, a fix along the lines of
$ diff -u zic.c~ zic.c
--- zic.c~ 2016-09-06 00:39:50.000000000 -0400
+++ zic.c 2016-10-20 13:06:39.000000000 -0400
@@ -431,8 +431,7 @@
return ptr;
else {
int nitems_max = INT_MAX - WORK_AROUND_QTBUG_53071;
- int amax = nitems_max < SIZE_MAX ? nitems_max : SIZE_MAX;
- if ((amax - 1) / 3 * 2 < *nitems_alloc)
+ if ((nitems_max - 1) / 3 * 2 < *nitems_alloc)
memory_exhausted(_("int overflow"));
*nitems_alloc = *nitems_alloc + (*nitems_alloc >> 1) + 1;
return erealloc(ptr, size_product(*nitems_alloc, itemsize));
Alternatively one might think of changing the types of nitems_max and
amax to size_t --- but that would just make it even more crystal clear
that the "nitems_max < SIZE_MAX" conditional is useless. And if,
somewhere, one did find a C implementation in which size_t is narrower
than int, that coding wouldn't work at all. Basically I don't see a
way of dealing with this that is superior to just assuming that INT_MAX
is less than or equal to SIZE_MAX.
regards, tom lane
More information about the tz
mailing list