From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on dcvr.yhbt.net X-Spam-Level: X-Spam-ASN: AS22989 209.51.188.0/24 X-Spam-Status: No, score=-4.0 required=3.0 tests=AWL,BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,NICE_REPLY_A, RCVD_IN_DNSWL_MED,RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL,SPF_HELO_PASS, SPF_PASS shortcircuit=no autolearn=ham autolearn_force=no version=3.4.2 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dcvr.yhbt.net (Postfix) with ESMTPS id 38C5A1F4B4 for ; Tue, 6 Apr 2021 03:19:35 +0000 (UTC) Received: from localhost ([::1]:50894 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1lTcFa-0000yN-0e for normalperson@yhbt.net; Mon, 05 Apr 2021 23:19:34 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:38976) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lTcFW-0000yF-BO for bug-gnulib@gnu.org; Mon, 05 Apr 2021 23:19:30 -0400 Received: from zimbra.cs.ucla.edu ([131.179.128.68]:52468) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lTcFT-0001le-9M for bug-gnulib@gnu.org; Mon, 05 Apr 2021 23:19:29 -0400 Received: from localhost (localhost [127.0.0.1]) by zimbra.cs.ucla.edu (Postfix) with ESMTP id 3C90C160071; Mon, 5 Apr 2021 20:19:24 -0700 (PDT) Received: from zimbra.cs.ucla.edu ([127.0.0.1]) by localhost (zimbra.cs.ucla.edu [127.0.0.1]) (amavisd-new, port 10032) with ESMTP id DChUOnCdkVub; Mon, 5 Apr 2021 20:19:23 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by zimbra.cs.ucla.edu (Postfix) with ESMTP id F32101600E5; Mon, 5 Apr 2021 20:19:22 -0700 (PDT) X-Virus-Scanned: amavisd-new at zimbra.cs.ucla.edu Received: from zimbra.cs.ucla.edu ([127.0.0.1]) by localhost (zimbra.cs.ucla.edu [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id Ftfw866UnoLB; Mon, 5 Apr 2021 20:19:22 -0700 (PDT) Received: from [192.168.1.9] (cpe-23-243-218-95.socal.res.rr.com [23.243.218.95]) by zimbra.cs.ucla.edu (Postfix) with ESMTPSA id CAADA160071; Mon, 5 Apr 2021 20:19:22 -0700 (PDT) To: =?UTF-8?Q?Marc_Nieper-Wi=c3=9fkirchen?= References: From: Paul Eggert Organization: UCLA Computer Science Department Subject: Re: New function xpalloc in module xalloc Message-ID: Date: Mon, 5 Apr 2021 20:19:22 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.7.1 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/mixed; boundary="------------EF1FB0A833F3E9C5B86C49F4" Content-Language: en-US Received-SPF: pass client-ip=131.179.128.68; envelope-from=eggert@cs.ucla.edu; helo=zimbra.cs.ucla.edu X-Spam_score_int: -41 X-Spam_score: -4.2 X-Spam_bar: ---- X-Spam_report: (-4.2 / 5.0 requ) BAYES_00=-1.9, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: bug-gnulib@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Gnulib discussion list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Gnulib bugs Errors-To: bug-gnulib-bounces+normalperson=yhbt.net@gnu.org Sender: "bug-gnulib" This is a multi-part message in MIME format. --------------EF1FB0A833F3E9C5B86C49F4 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: quoted-printable On 4/3/21 11:17 PM, Marc Nieper-Wi=C3=9Fkirchen wrote: > Does the comparison make any sense, by the way? Yes, although it's needed only on unusual (and these days perhaps=20 theoretical?) platforms where SIZE_MAX < PTRDIFF_MAX. I hadn't noticed the issue, as the projects I contribute to (coreutils,=20 etc.) compile with -Wno-sign-compare because gcc -Wsign-compare has too=20 many false alarms. I prefer to avoid casts merely to pacify GCC (as casts are too=20 error-prone), so I installed the attached. I hope it works for you. (If=20 not, perhaps you can use -Wno-sign-compare too....) This underscores the fact that the xalloc module should use idx_t=20 instead of size_t pretty much everywhere. If xrealloc's size arg were of=20 idx_t we wouldn't need any of this hacking. I realize that replacing=20 size_t with idx_t is an incompatible change to xalloc's API, but it's=20 time callers started using signed instead of unsigned byte counts as=20 that helps avoid and/or catch integer-overflow errors better. I'll add=20 that to my list of things to do for Gnulib. --------------EF1FB0A833F3E9C5B86C49F4 Content-Type: text/x-patch; charset=UTF-8; name="0001-xalloc-try-to-pacify-gcc-Wsign-compare.patch" Content-Transfer-Encoding: quoted-printable Content-Disposition: attachment; filename="0001-xalloc-try-to-pacify-gcc-Wsign-compare.patch" =46rom 06931a1f5fc04cf4e3585408fa10f79a745b3099 Mon Sep 17 00:00:00 2001 From: Paul Eggert Date: Mon, 5 Apr 2021 20:08:27 -0700 Subject: [PATCH] xalloc: try to pacify gcc -Wsign-compare MIME-Version: 1.0 Content-Type: text/plain; charset=3DUTF-8 Content-Transfer-Encoding: 8bit Problem reported by Marc Nieper-Wi=C3=9Fkirchen in: https://lists.gnu.org/r/bug-gnulib/2021-04/msg00034.html * lib/xmalloc.c (xpalloc): For odd platforms where SIZE_MAX < IDX_MAX, use a tricky destination for INT_MULTIPLY_WRAPV instead of an explicit comparison to SIZE_MAX. This should be more likely to pacify gcc -Wsign-compare. --- ChangeLog | 10 ++++++++++ lib/xmalloc.c | 13 +++++++++++-- 2 files changed, 21 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 81d3aab73..f3cca1ab2 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,13 @@ +2021-04-05 Paul Eggert + + xalloc: try to pacify gcc -Wsign-compare + Problem reported by Marc Nieper-Wi=C3=9Fkirchen in: + https://lists.gnu.org/r/bug-gnulib/2021-04/msg00034.html + * lib/xmalloc.c (xpalloc): For odd platforms where SIZE_MAX < IDX_MAX, + use a tricky destination for INT_MULTIPLY_WRAPV instead of an + explicit comparison to SIZE_MAX. This should be more likely to + pacify gcc -Wsign-compare. + 2021-04-05 Marc Nieper-Wi=C3=9Fkirchen =20 hamt: Fix coding errors. diff --git a/lib/xmalloc.c b/lib/xmalloc.c index faeccacc9..4a6589571 100644 --- a/lib/xmalloc.c +++ b/lib/xmalloc.c @@ -122,14 +122,23 @@ xpalloc (void *pa, idx_t *nitems, idx_t nitems_incr= _min, Adjust the growth according to three constraints: NITEMS_INCR_MIN, NITEMS_MAX, and what the C language can represent safely. */ =20 - idx_t n, nbytes; + idx_t n; if (INT_ADD_WRAPV (n0, n0 >> 1, &n)) n =3D IDX_MAX; if (0 <=3D nitems_max && nitems_max < n) n =3D nitems_max; =20 + /* NBYTES is of a type suitable for holding the count of bytes in an o= bject. + This is typically idx_t, but it should be size_t on (theoretical?) + platforms where SIZE_MAX < IDX_MAX so xpalloc does not pass + values greater than SIZE_MAX to xrealloc. */ +#if IDX_MAX <=3D SIZE_MAX + idx_t nbytes; +#else + size_t nbytes; +#endif idx_t adjusted_nbytes - =3D ((INT_MULTIPLY_WRAPV (n, item_size, &nbytes) || SIZE_MAX < nbyte= s) + =3D (INT_MULTIPLY_WRAPV (n, item_size, &nbytes) ? MIN (IDX_MAX, SIZE_MAX) : nbytes < DEFAULT_MXFAST ? DEFAULT_MXFAST : 0); if (adjusted_nbytes) --=20 2.27.0 --------------EF1FB0A833F3E9C5B86C49F4--