Viva64 Send comments on this topic.
V101. Implicit assignment type conversion to memsize type

Glossary Item Box

The analyzer found a potentially possible error related to the implicit type conversion while performing the assignment operator "=". The error may consist in an incorrect value determination of an expression standing from the right of the assignment operator "=".

Let’s take up the first example. An application uses a large array the size of which is defined with the use of three constants.

  CopyCode image Copy Code 
#define BUFFER_ARRAY_WIDTH 1000 
#define BUFFER_ARRAY_HEIGHT 1000
#define BUFFER_ARRAY_DEPTH 1000
…
size_t BufferSize = BUFFER_ARRAY_WIDTH *
                             BUFFER_ARRAY_HEIGHT *
                             BUFFER_ARRAY_DEPTH; 
void *BufferVoidPtr = malloc(BufferSize);

This code works correctly and produces allocation of 100000000000 bytes of memory. Changing over to the 64-bit platform we decided to increase the buffer size and changed the code as follows.

  CopyCode image Copy Code 
#define BUFFER_ARRAY_WIDTH 1800
#define BUFFER_ARRAY_HEIGHT 1800
#define BUFFER_ARRAY_DEPTH 1800
…
size_t BufferSize = BUFFER_ARRAY_WIDTH *
                             BUFFER_ARRAY_HEIGHT *
                             BUFFER_ARRAY_DEPTH;
void *BufferVoidPtr = malloc(BufferSize);

Unfortunately, it is incorrect and instead of 5832000000 bytes of memory 1537032704 bytes will be allocated. In this case the error is in the overflow of the expression 1800*1800*1800 result. The given figures are represented as type int which has 32-bit capacity as on the 32-bit platform so on the 64-bit platform. During multiplication the overflow occurs, for it is impossible to represent the number of 5832000000 using 32 bits. The variable BufferSize type is right, for size_t relates to memsize types, but it does not have the value for an implicit conversion of the incorrect expression value.

One may hasten and put it right in the following incorrect way:

  CopyCode image Copy Code 
#define BUFFER_ARRAY_WIDTH 1800
#define BUFFER_ARRAY_HEIGHT 1800
#define BUFFER_ARRAY_DEPTH 1800
…
size_t BufferSize = static_cast<size_t>(BUFFER_ARRAY_WIDTH *
                                                           BUFFER_ARRAY_HEIGHT *
                                                           BUFFER_ARRAY_DEPTH);
void *BufferVoidPtr = malloc(BufferSize);

But this decision is false, because during the determination the overflow occurs anyway and the expression value would be incorrect. Unfortunately, your code may already contain such errors which are not marked with warning V101. The use of the explicit type conversion indicates to the analyzer that the code is correct and it does not show the warning. For seeking errors related to the explicit type conversion you may use the “Search for explicit conversions” mode.

The right correction of the error will be the explicit pointing of the constants capacity.

  CopyCode image Copy Code 
#define BUFFER_ARRAY_WIDTH 1800ui64
#define BUFFER_ARRAY_HEIGHT 1800ui64
#define BUFFER_ARRAY_DEPTH 1800ui64
…
size_t BufferSize = BUFFER_ARRAY_WIDTH *
                             BUFFER_ARRAY_HEIGHT *
                             BUFFER_ARRAY_DEPTH;
void *BufferVoidPtr = malloc(BufferSize);

Another correct way consists in explicit operand conversion in the expression to the memsize type.

  CopyCode imageCopy Code 
#define BUFFER_ARRAY_WIDTH 1800
#define BUFFER_ARRAY_HEIGHT 1800
#define BUFFER_ARRAY_DEPTH 1800
…
size_t BufferSize = static_cast<size_t>(BUFFER_ARRAY_WIDTH) *
                       static_cast<size_t>(BUFFER_ARRAY_HEIGHT) *
                       static_cast<size_t>(BUFFER_ARRAY_DEPTH);
void *BufferVoidPtr = malloc(BufferSize);

Let’s take up the second example. An application uses a large one-dimensional array and the function CalcIndex which allows to address this array as a two-dimensional one.

  CopyCode image Copy Code 
extern unsigned ArrayWidth;
unsigned CalcIndex(unsigned x, unsigned y) {
  return x + y * ArrayWidth;
}
…
const size_t index = CalcIndex(x, y);

The error consists in the incorrect index determination if the array size excesses 4 Gb. The example is interesting because the error occurs not in that line about which the analyzer warns. The analyzer will report about the problem in the line: const size_t index = CalcIndex(x, y). But the error consists in the incorrect realization of the function CalcIndex. If we take the function CalcIndex separately it will be absolutely correct. The type of the input and the output values is unsigned. Determinations also occur only when the unsigned types are present. There are neither implicit nor explicit type conversions and the analyzer cannot identify a logic problem related to the function CalcIndex. The error consists in the incorrectly chosen result of the return function and possibly of the input values too. The function result must have the type memsize.

Fortunately, the analyzer managed to find the implicit result conversion of the function CalcIndex to the type size_t. This allows us to analyze the situation and bring some necessary changes into the program. The error correction, for instance, may look as follows:

  CopyCode image Copy Code 
extern size_t ArrayWidth;
size_t CalcIndex(size_t x, size_t y) {
  return x + y * ArrayWidth;
}
…
const size_t index = CalcIndex(x, y);

If you are sure that the code is correct and the array size will never approach the border of 4 Gb you may suppress the analyzer’s warning by using the explicit type conversion:

  CopyCode image Copy Code 
extern unsigned ArrayWidth;
unsigned CalcIndex(unsigned x, unsigned y) {
  return x + y * ArrayWidth;
}
…
const size_t index = static_cast<size_t>(CalcIndex(x, y));

See also:

memsize type

limitations of the analyzer Viva64

implicit type conversion

explicit type conversion

how to find the explicit type conversion