clang++ vs g++ constexpr 与越界引用的区别

Question

I have constexpr std::array<int, N> v1{0}, v2{0}; which behaves like big integers. So, I write a multiply function to find the product of the numbers.

#include <array>
#include <cstdint>
using namespace std;

template <int N>
constexpr array<int, 2 * N> multiply(const array<int, N> &a,
                                     const array<int, N> &b) {
    const int as = N, bs = N, rs = as + bs;
    array<int, rs> result{0};

    __int128_t carry = 0;
    auto pr = begin(result);
    for (int r = 0, lim = min(rs, as + bs - 1); r < lim; ++r) {
        int i = r >= as ? as - 1 : r,           
            j = r - i,
            k = i < bs - j ? i + 1 : bs - j;    // min(i+1, bs-j);
        auto pa = begin(a) + i;
        auto pb = begin(b) + j;
        while (k--) {
            carry += static_cast<__int128_t>(*(pa--)) * (*(pb++));
        }
        *(pr++) = static_cast<int64_t>(carry);
    }
    return result;
}

int main() {
    constexpr int N = 20;
    constexpr array<int, N> v1{0}, v2{0};
    constexpr array<int, 2 *N> result = multiply<N>(v1, v2);
    return result[1];
}

Note that the multiply function is incorrect to make it minimal.

When I compile this code using clang++ -std=c++17 -Wall -O0 example.cc , I erroneously get:

example.cc:30:32: error: constexpr variable 'result' must be initialized by a constant expression
    constexpr array<int, 2 *N> result = multiply<N>(v1, v2);
                               ^        ~~~~~~~~~~~~~~~~~~~
example.cc:20:50: note: cannot refer to element -1 of array of 20 elements in a constant expression
            carry += static_cast<__int128_t>(*(pa--)) * (*(pb++));
                                                 ^
example.cc:30:41: note: in call to 'multiply(v1, v2)'
    constexpr array<int, 2 *N> result = multiply<N>(v1, v2);
                                        ^
1 error generated.

But this compiles correctly with gcc.

Why I think clang's error is an error:

To verify whether there is an out of bound access I enabled libstdc++'s debug mode and compiled using g++ -std=c++17 -Wall -D_GLIBCXX_DEBUG -g -O0 example.cc and there was no crash which would have happened if there was an out of bound access.

Also under sanitizers ( g++ -fsanitize=address,undefined -fno-omit-frame-pointer ) code ran successfully.

I am curious as to why clang claims out of bound access, while the experiments clearly shows it is not the case.

Answer 1

Clang is right. You did not " erroneously get " the error.

*(pa--)

Assuming that k is initially set to i + 1 , prior to the last time the last time this expression is evaluated in the while loop, pa points to the first element of the array. pa-- involves evaluating pa - 1 , which results in undefined behavior according to [expr.add]/4 : ( i = 0 , j = 1 )

When an expression that has integral type is added to or subtracted from a pointer, the result has the type of the pointer operand. If the expression P points to element x[i] of an array object x with n elements, the expressions P + J and J + P (where J has the value j ) point to the (possibly-hypothetical) element x[i + j] if 0 ≤ i + j ≤ n ; otherwise, the behavior is undefined. Likewise, the expression P - J points to the (possibly-hypothetical) element x[i − j] if 0 ≤ i − j ≤ n ; otherwise, the behavior is undefined.

Now, a constant expression must not evaluate: [expr.const]/2.6

an operation that would have undefined behavior as specified in Clauses [intro] through [cpp] of this International Standard

Therefore, multiply<N>(v1, v2) is not a constant expression, and a diagnostic is required here.

Of course, this [-1] pointer will usually not cause problems unless you dereference it, but it's nonetheless undefined behavior, which prevents it from being a part of a constant expression. Sanitizers can only diagnose a limited subset of undefined behavior.