[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug-gnulib] Re: alloca.c
|
From: |
Paul Eggert |
|
Subject: |
[Bug-gnulib] Re: alloca.c |
|
Date: |
Thu, 5 Dec 2002 12:52:40 -0800 |
> From: Richard Stallman <address@hidden>
> cc: address@hidden
> Date: Thu, 05 Dec 2002 10:08:11 -0500
>
> Some changes are needed in alloca.c to make it work in Emacs and to
> make it suitable for its job, which is compatibility for compilers
> (perhaps old) that don't have alloca.
I have installed many of those changes, but I have questions about
some of them as described below.
> In particular, those changed conditionals on HAVE_STRING_H
> etc. won't work when the macro is not defined.
I don't see why they won't work, as a macro that is not defined
evaluates to zero in an #if.
> Likewise, size_t may be bad to use in obscure situations--it is
> safer not to.
size_t is required in some not-so-obscure situations, e.g., a 64-bit
environment where size_t is 64 bits and unsigned int is 32 bits. On
older platforms that do not have size_t, config.h is supposed to
define size_t; that is how it now works for Emacs and for other
programs that use alloca.c.
> ***************
> *** 90,95 ****
> --- 97,105 ----
> # ifndef emacs
> # undef malloc
> # define malloc xmalloc
> + # ifdef EMACS_FREE
> + # define free EMACS_FREE
> + # endif
> # endif
> extern pointer malloc ();
>
There seems to be another bug here, since that change is surrounded by
"#ifndef emacs", which appears to be the opposite of what is intended.
As I understand it, the old alloca.c code works correctly for
non-Emacs applications, since it defines malloc to xmalloc, which all
non-Emacs application use.. But it works incorrectly for Emacs
itself, since it doesn't define malloc to xmalloc for Emacs -- this
error would only be apparent at run-time, so it's not surprising that
it hasn't been noticed. The comment talks about "the utilities in
lib-src", but as far as I can see none of those utilities use alloca
any more. So I think it is simpler to remove the #define for malloc,
and I installed the following patch for now.
I also noticed a bug when allocating a block whose size is close to
SIZE_MAX, so I fixed that too.
2002-12-05 Paul Eggert <address@hidden>
* alloca.c [defined emacs]: Include "lisp.h".
(xalloc_die) [defined emacs]: New macro.
(free) [defined emacs && defined EMACS_FREE]: Define to EMACS_FREE.
[! defined emacs]: Include <xalloc.h>.
(POINTER_TYPE) [!defined POINTER_TYPE]: New macro.
(pointer): Typedef to POINTER_TYPE *.
(malloc): Remove decl; we now always use xmalloc.
(alloca): Use old-style definition, since Emacs needs this.
Check for arithmetic overflow when computing combined size.
Index: alloca.c
===================================================================
RCS file: /cvsroot/gnulib/gnulib/lib/alloca.c,v
retrieving revision 1.8
retrieving revision 1.9
diff -c -r1.8 -r1.9
*** alloca.c 30 Aug 2001 19:19:02 -0000 1.8
--- alloca.c 5 Dec 2002 20:46:03 -0000 1.9
***************
*** 33,39 ****
--- 33,47 ----
#endif
#ifdef emacs
+ # include "lisp.h"
# include "blockinput.h"
+ # define xalloc_die() memory_full ()
+ # ifdef EMACS_FREE
+ # undef free
+ # define free EMACS_FREE
+ # endif
+ #else
+ # include <xalloc.h>
#endif
/* If compiling with GCC 2, this file's not needed. */
***************
*** 53,58 ****
--- 61,68 ----
you
lose
-- must know STACK_DIRECTION at compile-time
+ /* Using #error here is not wise since this file should work for
+ old and obscure compilers. */
# endif /* STACK_DIRECTION undefined */
# endif /* static */
# endif /* emacs */
***************
*** 67,98 ****
# define ADDRESS_FUNCTION(arg) &(arg)
# endif
! # if __STDC__
! typedef void *pointer;
! # else
! typedef char *pointer;
# endif
# ifndef NULL
# define NULL 0
# endif
- /* Different portions of Emacs need to call different versions of
- malloc. The Emacs executable needs alloca to call xmalloc, because
- ordinary malloc isn't protected from input signals. On the other
- hand, the utilities in lib-src need alloca to call malloc; some of
- them are very simple, and don't have an xmalloc routine.
-
- Non-Emacs programs expect this to call xmalloc.
-
- Callers below should use malloc. */
-
- # ifndef emacs
- # undef malloc
- # define malloc xmalloc
- # endif
- extern pointer malloc ();
-
/* Define STACK_DIRECTION if you know the direction of stack
growth for your system; otherwise it will be automatically
deduced at run-time.
--- 77,95 ----
# define ADDRESS_FUNCTION(arg) &(arg)
# endif
! # ifndef POINTER_TYPE
! # ifdef __STDC__
! # define POINTER_TYPE void
! # else
! # define POINTER_TYPE char
! # endif
# endif
+ typedef POINTER_TYPE *pointer;
# ifndef NULL
# define NULL 0
# endif
/* Define STACK_DIRECTION if you know the direction of stack
growth for your system; otherwise it will be automatically
deduced at run-time.
***************
*** 169,175 ****
implementations of C, for example under Gould's UTX/32. */
pointer
! alloca (size_t size)
{
auto char probe; /* Probes stack depth: */
register char *depth = ADDRESS_FUNCTION (probe);
--- 166,173 ----
implementations of C, for example under Gould's UTX/32. */
pointer
! alloca (size)
! size_t size;
{
auto char probe; /* Probes stack depth: */
register char *depth = ADDRESS_FUNCTION (probe);
***************
*** 215,222 ****
/* Allocate combined header + user data storage. */
{
- register pointer new = malloc (sizeof (header) + size);
/* Address of header. */
if (new == 0)
abort();
--- 213,226 ----
/* Allocate combined header + user data storage. */
{
/* Address of header. */
+ register pointer new;
+
+ size_t combined_size = sizeof (header) + size;
+ if (combined_size < sizeof (header))
+ xalloc_die ();
+
+ new = xmalloc (combined_size);
if (new == 0)
abort();
- [Bug-gnulib] Re: alloca.c,
Paul Eggert <=