Patch for TMatrixT: identify overflowing size


When asked to perform a matrix operation that results in an overly large matrix, TMatrixT segfaults (*). I’d like to suggest a patch that identifies the overflow and raises the appropriate error. Given that other error conditions are checked in a similar manner in this method, I hope the speed vs. usability trade off is acceptable to the ROOT developers.

The patch is for root/math/matrix/src and for ROOT v5.34/32 goes like:


if( ((Long64_t)this->fNrows)*this->fNcols != this->fNelems )
Error(“Allocate”,“too large: no_rows=%d no_cols=%d”,no_rows,no_cols);
With it, instead of a segfault you can get:

root [0] TMatrixD m( 80000, 80000 ) Error in <Allocate>: too large: no_rows=80000 no_cols=80000

(*) more precisely, if the result of signed integer overflow are undefined (I’m pretty sure that’s the case in C, not sure about the various C++ standards), whether the code segfaults or not depends on what value is stored in fNelems after the overflow. On my x86_64 linux box, with gcc 4.9.3, I get segfaults.

Amnon Harel

Thanks for the patch. Can you tell in which file it should go exactly ?

Hi Olivier,

I missed your question back in February, and happened to notice it now.
The patch goes into math/matrix/src/TMatrixT.cxx

That’s in the “Allocate” method, immediately after this->fNelems is set (as that’s the line where the overflow might occur).


Hi Amnon,

Your patch has been uploaded to the master branch.