[eigen] Checking for integer overflow in size computations

[ Thread Index | Date Index | More lists.tuxfamily.org/eigen Archives ]


This is about Bug 363.

We weren't checking for integer overflow in our size computations, at
2 different levels:
  1) Index size=rows*cols computations in PlainObjectBase.h
  2) size_t byte_size=size*sizeof(Scalar) computations in Memory.h

This is fixed in the default branch (1 is fixed by f76f77b7d086, 2 is
fixed by 25ba289d5292, unit test added by f76f77b7d086)

Note that there is a small performance overhead associated with that.
I tried to minimize it, but there is still 1 integer division in the
size=rows*cols overflow check. I hope that's still negligible compared
to the cost of malloc.

Like the standard behavior of operator new and of our own aligned_new
routines, these checks throw std::bad_alloc on error and don't do
anything else. In particular, we still don't guarantee that
aligned_new returns null on error. It feels weird to me to rely
entirely on exceptions to report these errors, but this is how c++
works (as long as one doesn't use nothrow-new) and what we've been
doing. Is this OK?

I feel that this should be merged to the 3.0 branch. Do you agree?


Mail converted by MHonArc 2.6.19+ http://listengine.tuxfamily.org/