From: Paul Eggert <eggert@cs.ucla.edu>
To: bug-gnulib@gnu.org, berrange@redhat.com
Cc: Paul Eggert <eggert@cs.ucla.edu>
Subject: [PATCH 5/8] xalloc-oversized: fix SIZE_MAX optimization bug
Date: Sun, 18 Apr 2021 21:01:56 -0700 [thread overview]
Message-ID: <20210419040158.1902066-5-eggert@cs.ucla.edu> (raw)
In-Reply-To: <20210419040158.1902066-1-eggert@cs.ucla.edu>
* lib/xalloc-oversized.h (xalloc_count_t): Remove; no longer
needed and was evidently error-prone anyway.
(xalloc_oversized): Omit some over-optimization that caused
SIZE_MAX to not be treated as too large (the Gnulib convention) on
unusual platforms where PTRDIFF_MAX == SIZE_MAX. This change
should not affect typical platforms where PTRDIFF_MAX < SIZE_MAX.
When optimizing, simply use ptrdiff_t instead of xalloc_count_t.
---
ChangeLog | 9 +++++++++
lib/xalloc-oversized.h | 17 ++++++-----------
2 files changed, 15 insertions(+), 11 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 857b7048f..1d2607a0b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,14 @@
2021-04-18 Paul Eggert <eggert@cs.ucla.edu>
+ xalloc-oversized: fix SIZE_MAX optimization bug
+ * lib/xalloc-oversized.h (xalloc_count_t): Remove; no longer
+ needed and was evidently error-prone anyway.
+ (xalloc_oversized): Omit some over-optimization that caused
+ SIZE_MAX to not be treated as too large (the Gnulib convention) on
+ unusual platforms where PTRDIFF_MAX == SIZE_MAX. This change
+ should not affect typical platforms where PTRDIFF_MAX < SIZE_MAX.
+ When optimizing, simply use ptrdiff_t instead of xalloc_count_t.
+
xalloc: new function xreallocarray
This effectively replaces xnmalloc, which perhaps should be deprecated.
The name xreallocarray should be easier to remember now that
diff --git a/lib/xalloc-oversized.h b/lib/xalloc-oversized.h
index 3618c75cb..6437a5d8b 100644
--- a/lib/xalloc-oversized.h
+++ b/lib/xalloc-oversized.h
@@ -30,25 +30,20 @@
#define __xalloc_oversized(n, s) \
((size_t) (PTRDIFF_MAX < SIZE_MAX ? PTRDIFF_MAX : SIZE_MAX - 1) / (s) < (n))
-#if PTRDIFF_MAX < SIZE_MAX
-typedef ptrdiff_t xalloc_count_t;
-#else
-typedef size_t xalloc_count_t;
-#endif
-
/* Return 1 if an array of N objects, each of size S, cannot exist reliably
- because its total size in bytes exceeds MIN (PTRDIFF_MAX, SIZE_MAX).
+ because its total size in bytes exceeds MIN (PTRDIFF_MAX, SIZE_MAX - 1).
N must be nonnegative, S must be positive, and either N or S should be
of type ptrdiff_t or size_t or wider. This is a macro, not a function,
so that it works even if an argument exceeds MAX (PTRDIFF_MAX, SIZE_MAX). */
-#if 7 <= __GNUC__ && !defined __clang__
+#if 7 <= __GNUC__ && !defined __clang__ && PTRDIFF_MAX < SIZE_MAX
# define xalloc_oversized(n, s) \
- __builtin_mul_overflow_p (n, s, (xalloc_count_t) 1)
-#elif 5 <= __GNUC__ && !defined __ICC && !__STRICT_ANSI__
+ __builtin_mul_overflow_p (n, s, (ptrdiff_t) 1)
+#elif (5 <= __GNUC__ && !defined __ICC && !__STRICT_ANSI__ \
+ && PTRDIFF_MAX < SIZE_MAX)
# define xalloc_oversized(n, s) \
(__builtin_constant_p (n) && __builtin_constant_p (s) \
? __xalloc_oversized (n, s) \
- : ({ xalloc_count_t __xalloc_count; \
+ : ({ ptrdiff_t __xalloc_count; \
__builtin_mul_overflow (n, s, &__xalloc_count); }))
/* Other compilers use integer division; this may be slower but is
--
2.27.0
next prev parent reply other threads:[~2021-04-19 4:04 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-04-19 4:01 [PATCH 1/8] safe-alloc: improve doc Paul Eggert
2021-04-19 4:01 ` [PATCH 2/8] backupfile: simplify via realloc-gnu Paul Eggert
2021-04-19 4:01 ` [PATCH 3/8] group-member: " Paul Eggert
2021-04-19 4:01 ` [PATCH 4/8] xalloc: new function xreallocarray Paul Eggert
2021-04-22 0:18 ` Bruno Haible
2021-04-22 19:39 ` Paul Eggert
2021-10-19 23:49 ` Paul Eggert
2021-04-19 4:01 ` Paul Eggert [this message]
2021-04-19 4:01 ` [PATCH 6/8] safe-alloc: simplify via reallocarray Paul Eggert
2021-04-19 4:01 ` [PATCH 7/8] calloc-gnu: now LGPLv2+ Paul Eggert
2021-04-19 4:01 ` [PATCH 8/8] safe-alloc: fix pointer implementation Paul Eggert
2021-04-22 18:20 ` [PATCH 1/8] safe-alloc: improve doc Eric Blake
2021-04-22 19:32 ` Paul Eggert
2021-04-22 19:43 ` Eric Blake
2021-04-22 20:27 ` Eric Blake
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://lists.gnu.org/mailman/listinfo/bug-gnulib
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210419040158.1902066-5-eggert@cs.ucla.edu \
--to=eggert@cs.ucla.edu \
--cc=berrange@redhat.com \
--cc=bug-gnulib@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).