diff options
| author | Paul Eggert | 2016-06-24 13:49:32 +0200 |
|---|---|---|
| committer | Paul Eggert | 2016-06-24 13:51:08 +0200 |
| commit | 63457dcfe0fe101d3db131c4b05823e8280b6bff (patch) | |
| tree | 61011da009c5e0bb342d3c5a01e516cd08d97254 /lib | |
| parent | dc49db725e2d1648cbf1f94cef6131d42b13237b (diff) | |
| download | emacs-63457dcfe0fe101d3db131c4b05823e8280b6bff.tar.gz emacs-63457dcfe0fe101d3db131c4b05823e8280b6bff.zip | |
Update from gnulib
This incorporates:
2016-06-24 intprops: port better to GCC 7
2016-06-13 xalloc-oversized: port to GCC 7; fewer warnings
* doc/misc/texinfo.tex, lib/xalloc-oversized.h, lib/intprops.h:
Copy from gnulib.
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/intprops.h | 57 | ||||
| -rw-r--r-- | lib/xalloc-oversized.h | 42 |
2 files changed, 70 insertions, 29 deletions
diff --git a/lib/intprops.h b/lib/intprops.h index 31521395e2a..e1fce5c96a1 100644 --- a/lib/intprops.h +++ b/lib/intprops.h | |||
| @@ -222,24 +222,35 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); | |||
| 222 | ? (a) < (min) >> (b) \ | 222 | ? (a) < (min) >> (b) \ |
| 223 | : (max) >> (b) < (a)) | 223 | : (max) >> (b) < (a)) |
| 224 | 224 | ||
| 225 | /* True if __builtin_add_overflow (A, B, P) works when P is null. */ | ||
| 226 | #define _GL_HAS_BUILTIN_OVERFLOW_WITH_NULL (7 <= __GNUC__) | ||
| 225 | 227 | ||
| 226 | /* The _GL*_OVERFLOW macros have the same restrictions as the | 228 | /* The _GL*_OVERFLOW macros have the same restrictions as the |
| 227 | *_RANGE_OVERFLOW macros, except that they do not assume that operands | 229 | *_RANGE_OVERFLOW macros, except that they do not assume that operands |
| 228 | (e.g., A and B) have the same type as MIN and MAX. Instead, they assume | 230 | (e.g., A and B) have the same type as MIN and MAX. Instead, they assume |
| 229 | that the result (e.g., A + B) has that type. */ | 231 | that the result (e.g., A + B) has that type. */ |
| 230 | #define _GL_ADD_OVERFLOW(a, b, min, max) \ | 232 | #if _GL_HAS_BUILTIN_OVERFLOW_WITH_NULL |
| 231 | ((min) < 0 ? INT_ADD_RANGE_OVERFLOW (a, b, min, max) \ | 233 | # define _GL_ADD_OVERFLOW(a, b, min, max) |
| 232 | : (a) < 0 ? (b) <= (a) + (b) \ | 234 | __builtin_add_overflow (a, b, (__typeof__ ((a) + (b)) *) 0) |
| 233 | : (b) < 0 ? (a) <= (a) + (b) \ | 235 | # define _GL_SUBTRACT_OVERFLOW(a, b, min, max) |
| 234 | : (a) + (b) < (b)) | 236 | __builtin_sub_overflow (a, b, (__typeof__ ((a) - (b)) *) 0) |
| 235 | #define _GL_SUBTRACT_OVERFLOW(a, b, min, max) \ | 237 | # define _GL_MULTIPLY_OVERFLOW(a, b, min, max) |
| 236 | ((min) < 0 ? INT_SUBTRACT_RANGE_OVERFLOW (a, b, min, max) \ | 238 | __builtin_mul_overflow (a, b, (__typeof__ ((a) * (b)) *) 0) |
| 237 | : (a) < 0 ? 1 \ | 239 | #else |
| 238 | : (b) < 0 ? (a) - (b) <= (a) \ | 240 | # define _GL_ADD_OVERFLOW(a, b, min, max) \ |
| 239 | : (a) < (b)) | 241 | ((min) < 0 ? INT_ADD_RANGE_OVERFLOW (a, b, min, max) \ |
| 240 | #define _GL_MULTIPLY_OVERFLOW(a, b, min, max) \ | 242 | : (a) < 0 ? (b) <= (a) + (b) \ |
| 241 | (((min) == 0 && (((a) < 0 && 0 < (b)) || ((b) < 0 && 0 < (a)))) \ | 243 | : (b) < 0 ? (a) <= (a) + (b) \ |
| 242 | || INT_MULTIPLY_RANGE_OVERFLOW (a, b, min, max)) | 244 | : (a) + (b) < (b)) |
| 245 | # define _GL_SUBTRACT_OVERFLOW(a, b, min, max) \ | ||
| 246 | ((min) < 0 ? INT_SUBTRACT_RANGE_OVERFLOW (a, b, min, max) \ | ||
| 247 | : (a) < 0 ? 1 \ | ||
| 248 | : (b) < 0 ? (a) - (b) <= (a) \ | ||
| 249 | : (a) < (b)) | ||
| 250 | # define _GL_MULTIPLY_OVERFLOW(a, b, min, max) \ | ||
| 251 | (((min) == 0 && (((a) < 0 && 0 < (b)) || ((b) < 0 && 0 < (a)))) \ | ||
| 252 | || INT_MULTIPLY_RANGE_OVERFLOW (a, b, min, max)) | ||
| 253 | #endif | ||
| 243 | #define _GL_DIVIDE_OVERFLOW(a, b, min, max) \ | 254 | #define _GL_DIVIDE_OVERFLOW(a, b, min, max) \ |
| 244 | ((min) < 0 ? (b) == _GL_INT_NEGATE_CONVERT (min, 1) && (a) < - (max) \ | 255 | ((min) < 0 ? (b) == _GL_INT_NEGATE_CONVERT (min, 1) && (a) < - (max) \ |
| 245 | : (a) < 0 ? (b) <= (a) + (b) - 1 \ | 256 | : (a) < 0 ? (b) <= (a) + (b) - 1 \ |
| @@ -304,8 +315,12 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); | |||
| 304 | _GL_BINARY_OP_OVERFLOW (a, b, _GL_ADD_OVERFLOW) | 315 | _GL_BINARY_OP_OVERFLOW (a, b, _GL_ADD_OVERFLOW) |
| 305 | #define INT_SUBTRACT_OVERFLOW(a, b) \ | 316 | #define INT_SUBTRACT_OVERFLOW(a, b) \ |
| 306 | _GL_BINARY_OP_OVERFLOW (a, b, _GL_SUBTRACT_OVERFLOW) | 317 | _GL_BINARY_OP_OVERFLOW (a, b, _GL_SUBTRACT_OVERFLOW) |
| 307 | #define INT_NEGATE_OVERFLOW(a) \ | 318 | #if _GL_HAS_BUILTIN_OVERFLOW_WITH_NULL |
| 308 | INT_NEGATE_RANGE_OVERFLOW (a, _GL_INT_MINIMUM (a), _GL_INT_MAXIMUM (a)) | 319 | # define INT_NEGATE_OVERFLOW(a) INT_SUBTRACT_OVERFLOW (0, a) |
| 320 | #else | ||
| 321 | # define INT_NEGATE_OVERFLOW(a) \ | ||
| 322 | INT_NEGATE_RANGE_OVERFLOW (a, _GL_INT_MINIMUM (a), _GL_INT_MAXIMUM (a)) | ||
| 323 | #endif | ||
| 309 | #define INT_MULTIPLY_OVERFLOW(a, b) \ | 324 | #define INT_MULTIPLY_OVERFLOW(a, b) \ |
| 310 | _GL_BINARY_OP_OVERFLOW (a, b, _GL_MULTIPLY_OVERFLOW) | 325 | _GL_BINARY_OP_OVERFLOW (a, b, _GL_MULTIPLY_OVERFLOW) |
| 311 | #define INT_DIVIDE_OVERFLOW(a, b) \ | 326 | #define INT_DIVIDE_OVERFLOW(a, b) \ |
| @@ -325,7 +340,7 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); | |||
| 325 | _GL_INT_MINIMUM (0 * (b) + (a)), \ | 340 | _GL_INT_MINIMUM (0 * (b) + (a)), \ |
| 326 | _GL_INT_MAXIMUM (0 * (b) + (a))) | 341 | _GL_INT_MAXIMUM (0 * (b) + (a))) |
| 327 | 342 | ||
| 328 | /* Compute A + B, A - B, A * B, respectively, storing the result into *R. | 343 | /* Store the low-order bits of A + B, A - B, A * B, respectively, into *R. |
| 329 | Return 1 if the result overflows. See above for restrictions. */ | 344 | Return 1 if the result overflows. See above for restrictions. */ |
| 330 | #define INT_ADD_WRAPV(a, b, r) \ | 345 | #define INT_ADD_WRAPV(a, b, r) \ |
| 331 | _GL_INT_OP_WRAPV (a, b, r, +, __builtin_add_overflow, INT_ADD_OVERFLOW) | 346 | _GL_INT_OP_WRAPV (a, b, r, +, __builtin_add_overflow, INT_ADD_OVERFLOW) |
| @@ -350,9 +365,10 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); | |||
| 350 | # define _GL__GENERIC_BOGUS 0 | 365 | # define _GL__GENERIC_BOGUS 0 |
| 351 | #endif | 366 | #endif |
| 352 | 367 | ||
| 353 | /* Store A <op> B into *R, where OP specifies the operation. | 368 | /* Store the low-order bits of A <op> B into *R, where OP specifies |
| 354 | BUILTIN is the builtin operation, and OVERFLOW the overflow predicate. | 369 | the operation. BUILTIN is the builtin operation, and OVERFLOW the |
| 355 | See above for restrictions. */ | 370 | overflow predicate. Return 1 if the result overflows. See above |
| 371 | for restrictions. */ | ||
| 356 | #if 5 <= __GNUC__ || __has_builtin (__builtin_add_overflow) | 372 | #if 5 <= __GNUC__ || __has_builtin (__builtin_add_overflow) |
| 357 | # define _GL_INT_OP_WRAPV(a, b, r, op, builtin, overflow) builtin (a, b, r) | 373 | # define _GL_INT_OP_WRAPV(a, b, r, op, builtin, overflow) builtin (a, b, r) |
| 358 | #elif 201112 <= __STDC_VERSION__ && !_GL__GENERIC_BOGUS | 374 | #elif 201112 <= __STDC_VERSION__ && !_GL__GENERIC_BOGUS |
| @@ -403,7 +419,8 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX); | |||
| 403 | /* Store the low-order bits of A <op> B into *R, where the operation | 419 | /* Store the low-order bits of A <op> B into *R, where the operation |
| 404 | is given by OP. Use the unsigned type UT for calculation to avoid | 420 | is given by OP. Use the unsigned type UT for calculation to avoid |
| 405 | overflow problems. *R's type is T, with extremal values TMIN and | 421 | overflow problems. *R's type is T, with extremal values TMIN and |
| 406 | TMAX. T must be a signed integer type. */ | 422 | TMAX. T must be a signed integer type. Return 1 if the result |
| 423 | overflows. */ | ||
| 407 | #define _GL_INT_OP_CALC(a, b, r, op, overflow, ut, t, tmin, tmax) \ | 424 | #define _GL_INT_OP_CALC(a, b, r, op, overflow, ut, t, tmin, tmax) \ |
| 408 | (sizeof ((a) op (b)) < sizeof (t) \ | 425 | (sizeof ((a) op (b)) < sizeof (t) \ |
| 409 | ? _GL_INT_OP_CALC1 ((t) (a), (t) (b), r, op, overflow, ut, t, tmin, tmax) \ | 426 | ? _GL_INT_OP_CALC1 ((t) (a), (t) (b), r, op, overflow, ut, t, tmin, tmax) \ |
diff --git a/lib/xalloc-oversized.h b/lib/xalloc-oversized.h index d81a8471d37..44f16441c79 100644 --- a/lib/xalloc-oversized.h +++ b/lib/xalloc-oversized.h | |||
| @@ -20,15 +20,13 @@ | |||
| 20 | 20 | ||
| 21 | #include <stddef.h> | 21 | #include <stddef.h> |
| 22 | 22 | ||
| 23 | /* Default for (non-Clang) compilers that lack __has_builtin. */ | ||
| 23 | #ifndef __has_builtin | 24 | #ifndef __has_builtin |
| 24 | # define __has_builtin(x) 0 | 25 | # define __has_builtin(x) 0 |
| 25 | #endif | 26 | #endif |
| 26 | 27 | ||
| 27 | /* Return 1 if an array of N objects, each of size S, cannot exist due | 28 | /* True if N * S would overflow in a size calculation. |
| 28 | to size arithmetic overflow. S must be positive and N must be | 29 | This expands to a constant expression if N and S are both constants. |
| 29 | nonnegative. This is a macro, not a function, so that it | ||
| 30 | works correctly even when SIZE_MAX < N. | ||
| 31 | |||
| 32 | By gnulib convention, SIZE_MAX represents overflow in size | 30 | By gnulib convention, SIZE_MAX represents overflow in size |
| 33 | calculations, so the conservative dividend to use here is | 31 | calculations, so the conservative dividend to use here is |
| 34 | SIZE_MAX - 1, since SIZE_MAX might represent an overflowed value. | 32 | SIZE_MAX - 1, since SIZE_MAX might represent an overflowed value. |
| @@ -36,12 +34,38 @@ | |||
| 36 | sizeof (ptrdiff_t) <= sizeof (size_t), so do not bother to test for | 34 | sizeof (ptrdiff_t) <= sizeof (size_t), so do not bother to test for |
| 37 | exactly-SIZE_MAX allocations on such hosts; this avoids a test and | 35 | exactly-SIZE_MAX allocations on such hosts; this avoids a test and |
| 38 | branch when S is known to be 1. */ | 36 | branch when S is known to be 1. */ |
| 39 | #if 5 <= __GNUC__ || __has_builtin (__builtin_mul_overflow) | 37 | #define __xalloc_oversized(n, s) \ |
| 38 | ((size_t) (sizeof (ptrdiff_t) <= sizeof (size_t) ? -1 : -2) / (s) < (n)) | ||
| 39 | |||
| 40 | |||
| 41 | /* Return 1 if an array of N objects, each of size S, cannot exist due | ||
| 42 | to size arithmetic overflow. S must be positive and N must be | ||
| 43 | nonnegative. This is a macro, not a function, so that it | ||
| 44 | works correctly even when SIZE_MAX < N. */ | ||
| 45 | |||
| 46 | /* GCC 7 __builtin_mul_overflow should easily compute this. See: | ||
| 47 | https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68120 */ | ||
| 48 | #if 7 <= __GNUC__ | ||
| 49 | # define xalloc_oversized(n, s) __builtin_mul_overflow (n, s, (size_t *) NULL) | ||
| 50 | |||
| 51 | /* GCC 5 and Clang __builtin_mul_overflow needs a temporary, and | ||
| 52 | should be used only for non-constant operands, so that | ||
| 53 | xalloc_oversized is a constant expression if both arguments are. | ||
| 54 | Do not use this if pedantic, since pedantic GCC issues a diagnostic | ||
| 55 | for ({ ... }). */ | ||
| 56 | #elif ((5 <= __GNUC__ \ | ||
| 57 | || (__has_builtin (__builtin_mul_overflow) \ | ||
| 58 | && __has_builtin (__builtin_constant_p))) \ | ||
| 59 | && !__STRICT_ANSI__) | ||
| 40 | # define xalloc_oversized(n, s) \ | 60 | # define xalloc_oversized(n, s) \ |
| 41 | ({ size_t __xalloc_size; __builtin_mul_overflow (n, s, &__xalloc_size); }) | 61 | (__builtin_constant_p (n) && __builtin_constant_p (s) \ |
| 62 | ? __xalloc_oversized (n, s) \ | ||
| 63 | : ({ size_t __xalloc_size; __builtin_mul_overflow (n, s, &__xalloc_size); })) | ||
| 64 | |||
| 65 | /* Other compilers use integer division; this may be slower but is | ||
| 66 | more portable. */ | ||
| 42 | #else | 67 | #else |
| 43 | # define xalloc_oversized(n, s) \ | 68 | # define xalloc_oversized(n, s) __xalloc_oversized (n, s) |
| 44 | ((size_t) (sizeof (ptrdiff_t) <= sizeof (size_t) ? -1 : -2) / (s) < (n)) | ||
| 45 | #endif | 69 | #endif |
| 46 | 70 | ||
| 47 | #endif /* !XALLOC_OVERSIZED_H_ */ | 71 | #endif /* !XALLOC_OVERSIZED_H_ */ |