Viva64 Send comments on this topic.
V104. Implicit type conversion to memsize type in an arithmetic expression

Glossary Item Box

The analyzer found a possible error inside an arithmetic expression and this error is related to the implicit type conversion to memsize type. The error of an overflow may be caused by the changing of the permissible interval of the values of the variables included into the expression.

The first example.

The incorrect comparison expression. Let’s examine the code:

  CopyCode image Copy Code
size_t n;
unsigned i;
// Infinite loop (n > UINT_MAX).
for (i = 0; i != n; ++i) { ... }

In this example the error are shown which are related to the implicit conversion of type unsigned to type size_t while performing the comparison operation.

On the 64-bit platform you may have an opportunity to process a larger data size and the value of the variable n may excess the number UINT_MAX (4 Gb). As a result, the condition i != n will be always true and that will cause an eternal cycle.

An example of the corrected code:

  CopyCode image Copy Code
size_t n;
size_t i;
for (i = 0; i != n; ++i) { ... }

The second example.

  CopyCode image Copy Code
char *begin, *end;
int bufLen, bufCount;
…
ptrdiff_t diff = begin - end + bufLen * bufCount;

The implicit conversion of type int to type ptrdiff_t often indicates an error. One should pay attention that the conversion takes place not while performing operator "=" (for the expression begin - end + bufLen * bufCount has type ptrdiff_t), but inside this expression. The subexpression begin - end according to C++ rules has type ptrdiff_t, and the right bufLen * bufCount type int. While changing over to 64-bit platform the program may begin to process a larger data size which may result in an overflow while determining the subexpression bufLen * bufCount.

You should change the type of the variables bufLen and bufCount into memsize type or use the explicit type conversion, as follows:

  CopyCode image Copy Code
char *begin, *end;
int bufLen, bufCount;
…
ptrdiff_t diff = begin - end + ptrdiff_t(bufLen) * ptrdiff_t(bufCount);

Let’s notice that the implicit conversion to memsize type inside the expressions is not always incorrect. Let’s examine the following situation:

  CopyCode image Copy Code
size_t value;
char c1, c2;
size_t result = value + c1 * c2;

The analyzer does not show error message although the conversion of type int to size_t occurs in this case, for there can be no overflow while determining the subexpression c1 * c2.

If you suspect that the program may contain errors related to the incorrect explicit type conversion in expressions, you may use the Find incorrect explicit type conversion mode. Here is an example when the explicit type conversion to type size_t hides an error:

  CopyCode image Copy Code
int i;
size_t st;
…
st = size_t(i * i * i) * st;

See also:

memsize type

limitations of the analyzer Viva64

implicit type conversion

explicit type conversion

how to find the explicit type conversion