Skip to content

Commit 3f86b3e

Browse files
author
Thomas Kiley
committed
Fix overflow error for objects whose offset is >32
Pulled out into a fnuction and assert that the max allocation size does not exceed 64 bits. Do not attempt to do the left shift in a 32 bit int, instead cast to 64 bits before doing the shift.
1 parent 7c6fb9c commit 3f86b3e

File tree

1 file changed

+22
-2
lines changed

1 file changed

+22
-2
lines changed

src/ansi-c/ansi_c_internal_additions.cpp

Lines changed: 22 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,8 @@ Author: Daniel Kroening, kroening@kroening.com
88

99
#include "ansi_c_internal_additions.h"
1010

11+
#include <limits>
12+
1113
#include <util/c_types.h>
1214
#include <util/config.h>
1315

@@ -120,6 +122,24 @@ static std::string architecture_string(T value, const char *s)
120122
std::string(s) + "=" + std::to_string(value) + ";\n";
121123
}
122124

125+
using max_alloc_sizet = uint64_t;
126+
/// The maximum allocation size is determined by the number of bits that
127+
/// are left in the pointer of width \p pointer_width after allowing for the
128+
/// signed bit, and the bits used for the objects ID (determined by
129+
/// \p object_bits).
130+
/// \param pointer_width: The width of the pointer
131+
/// \param object_bits : The number of bits used to represent the ID
132+
/// \return The size in bytes of the maximum allocation supported.
133+
static max_alloc_sizet
134+
max_malloc_size(std::size_t pointer_width, std::size_t object_bits)
135+
{
136+
PRECONDITION(object_bits < pointer_width - 1);
137+
PRECONDITION(object_bits >= 1);
138+
const auto bits_for_offset = pointer_width - object_bits - 1;
139+
PRECONDITION(bits_for_offset < std::numeric_limits<max_alloc_sizet>::digits);
140+
return ((max_alloc_sizet)1) << (max_alloc_sizet)bits_for_offset;
141+
}
142+
123143
void ansi_c_internal_additions(std::string &code)
124144
{
125145
// clang-format off
@@ -162,8 +182,8 @@ void ansi_c_internal_additions(std::string &code)
162182
"int " CPROVER_PREFIX "malloc_failure_mode_assert_then_assume="+
163183
std::to_string(config.ansi_c.malloc_failure_mode_assert_then_assume)+";\n"
164184
CPROVER_PREFIX "size_t " CPROVER_PREFIX "max_malloc_size="+
165-
std::to_string(1 << (config.ansi_c.pointer_width -
166-
config.bv_encoding.object_bits - 1))+";\n"
185+
std::to_string(max_malloc_size(config.ansi_c.pointer_width, config
186+
.bv_encoding.object_bits))+";\n"
167187

168188
// this is ANSI-C
169189
"extern " CPROVER_PREFIX "thread_local const char __func__["

0 commit comments

Comments
 (0)