bug-gnulib
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug-gnulib] Re: alloca.c


From: Paul Eggert
Subject: [Bug-gnulib] Re: alloca.c
Date: Thu, 5 Dec 2002 12:52:40 -0800

> From: Richard Stallman <address@hidden>
> cc: address@hidden
> Date: Thu, 05 Dec 2002 10:08:11 -0500
> 
> Some changes are needed in alloca.c to make it work in Emacs and to
> make it suitable for its job, which is compatibility for compilers
> (perhaps old) that don't have alloca.

I have installed many of those changes, but I have questions about
some of them as described below.

> In particular, those changed conditionals on HAVE_STRING_H
> etc. won't work when the macro is not defined.

I don't see why they won't work, as a macro that is not defined
evaluates to zero in an #if.

> Likewise, size_t may be bad to use in obscure situations--it is
> safer not to.

size_t is required in some not-so-obscure situations, e.g., a 64-bit
environment where size_t is 64 bits and unsigned int is 32 bits.  On
older platforms that do not have size_t, config.h is supposed to
define size_t; that is how it now works for Emacs and for other
programs that use alloca.c.

> ***************
> *** 90,95 ****
> --- 97,105 ----
>   #  ifndef emacs
>   #   undef malloc
>   #   define malloc xmalloc
> + #   ifdef EMACS_FREE
> + #    define free EMACS_FREE
> + #   endif
>   #  endif
>   extern pointer malloc ();
>   

There seems to be another bug here, since that change is surrounded by
"#ifndef emacs", which appears to be the opposite of what is intended.

As I understand it, the old alloca.c code works correctly for
non-Emacs applications, since it defines malloc to xmalloc, which all
non-Emacs application use..  But it works incorrectly for Emacs
itself, since it doesn't define malloc to xmalloc for Emacs -- this
error would only be apparent at run-time, so it's not surprising that
it hasn't been noticed.  The comment talks about "the utilities in
lib-src", but as far as I can see none of those utilities use alloca
any more.  So I think it is simpler to remove the #define for malloc,
and I installed the following patch for now.

I also noticed a bug when allocating a block whose size is close to
SIZE_MAX, so I fixed that too.


2002-12-05  Paul Eggert  <address@hidden>

        * alloca.c [defined emacs]: Include "lisp.h".
        (xalloc_die) [defined emacs]: New macro.
        (free) [defined emacs && defined EMACS_FREE]: Define to EMACS_FREE.
        [! defined emacs]: Include <xalloc.h>.
        (POINTER_TYPE) [!defined POINTER_TYPE]: New macro.
        (pointer): Typedef to POINTER_TYPE *.
        (malloc): Remove decl; we now always use xmalloc.
        (alloca): Use old-style definition, since Emacs needs this.
        Check for arithmetic overflow when computing combined size.

Index: alloca.c
===================================================================
RCS file: /cvsroot/gnulib/gnulib/lib/alloca.c,v
retrieving revision 1.8
retrieving revision 1.9
diff -c -r1.8 -r1.9
*** alloca.c    30 Aug 2001 19:19:02 -0000      1.8
--- alloca.c    5 Dec 2002 20:46:03 -0000       1.9
***************
*** 33,39 ****
--- 33,47 ----
  #endif
  
  #ifdef emacs
+ # include "lisp.h"
  # include "blockinput.h"
+ # define xalloc_die() memory_full ()
+ # ifdef EMACS_FREE
+ #  undef free
+ #  define free EMACS_FREE
+ # endif
+ #else
+ # include <xalloc.h>
  #endif
  
  /* If compiling with GCC 2, this file's not needed.  */
***************
*** 53,58 ****
--- 61,68 ----
  you
  lose
  -- must know STACK_DIRECTION at compile-time
+ /* Using #error here is not wise since this file should work for
+    old and obscure compilers.  */
  #    endif /* STACK_DIRECTION undefined */
  #   endif /* static */
  #  endif /* emacs */
***************
*** 67,98 ****
  #   define ADDRESS_FUNCTION(arg) &(arg)
  #  endif
  
! #  if __STDC__
! typedef void *pointer;
! #  else
! typedef char *pointer;
  #  endif
  
  #  ifndef NULL
  #   define NULL 0
  #  endif
  
- /* Different portions of Emacs need to call different versions of
-    malloc.  The Emacs executable needs alloca to call xmalloc, because
-    ordinary malloc isn't protected from input signals.  On the other
-    hand, the utilities in lib-src need alloca to call malloc; some of
-    them are very simple, and don't have an xmalloc routine.
- 
-    Non-Emacs programs expect this to call xmalloc.
- 
-    Callers below should use malloc.  */
- 
- #  ifndef emacs
- #   undef malloc
- #   define malloc xmalloc
- #  endif
- extern pointer malloc ();
- 
  /* Define STACK_DIRECTION if you know the direction of stack
     growth for your system; otherwise it will be automatically
     deduced at run-time.
--- 77,95 ----
  #   define ADDRESS_FUNCTION(arg) &(arg)
  #  endif
  
! #  ifndef POINTER_TYPE
! #   ifdef __STDC__
! #    define POINTER_TYPE void
! #   else
! #    define POINTER_TYPE char
! #   endif
  #  endif
+ typedef POINTER_TYPE *pointer;
  
  #  ifndef NULL
  #   define NULL 0
  #  endif
  
  /* Define STACK_DIRECTION if you know the direction of stack
     growth for your system; otherwise it will be automatically
     deduced at run-time.
***************
*** 169,175 ****
     implementations of C, for example under Gould's UTX/32.  */
  
  pointer
! alloca (size_t size)
  {
    auto char probe;            /* Probes stack depth: */
    register char *depth = ADDRESS_FUNCTION (probe);
--- 166,173 ----
     implementations of C, for example under Gould's UTX/32.  */
  
  pointer
! alloca (size)
!      size_t size;
  {
    auto char probe;            /* Probes stack depth: */
    register char *depth = ADDRESS_FUNCTION (probe);
***************
*** 215,222 ****
    /* Allocate combined header + user data storage.  */
  
    {
-     register pointer new = malloc (sizeof (header) + size);
      /* Address of header.  */
  
      if (new == 0)
        abort();
--- 213,226 ----
    /* Allocate combined header + user data storage.  */
  
    {
      /* Address of header.  */
+     register pointer new;
+ 
+     size_t combined_size = sizeof (header) + size;
+     if (combined_size < sizeof (header))
+       xalloc_die ();
+ 
+     new = xmalloc (combined_size);
  
      if (new == 0)
        abort();




reply via email to

[Prev in Thread] Current Thread [Next in Thread]