aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/ChangeLog199
-rw-r--r--src/alloc.c147
-rw-r--r--src/bidi.c51
-rw-r--r--src/buffer.c8
-rw-r--r--src/callint.c2
-rw-r--r--src/data.c3
-rw-r--r--src/dispnew.c67
-rw-r--r--src/doprnt.c23
-rw-r--r--src/editfns.c40
-rw-r--r--src/emacs.c8
-rw-r--r--src/eval.c10
-rw-r--r--src/fileio.c6
-rw-r--r--src/filelock.c15
-rw-r--r--src/floatfns.c3
-rw-r--r--src/fns.c26
-rw-r--r--src/gmalloc.c158
-rw-r--r--src/gtkutil.c6
-rw-r--r--src/image.c230
-rw-r--r--src/keyboard.c4
-rw-r--r--src/keyboard.h4
-rw-r--r--src/lisp.h37
-rw-r--r--src/lread.c19
-rw-r--r--src/print.c3
-rw-r--r--src/regex.c69
-rw-r--r--src/s/aix4-2.h5
-rw-r--r--src/s/ms-w32.h5
-rw-r--r--src/sysdep.c55
-rw-r--r--src/xdisp.c8
-rw-r--r--src/xfaces.c10
-rw-r--r--src/xselect.c7
-rw-r--r--src/xterm.h4
31 files changed, 609 insertions, 623 deletions
diff --git a/src/ChangeLog b/src/ChangeLog
index e204ff2040b..10f6e326891 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,3 +1,202 @@
12011-07-28 Paul Eggert <eggert@cs.ucla.edu>
2
3 Integer signedness and overflow and related fixes. (Bug#9079)
4
5 * bidi.c: Integer size and overflow fixes.
6 (bidi_cache_size, bidi_cache_idx, bidi_cache_last_idx)
7 (bidi_cache_start, bidi_cache_fetch_state, bidi_cache_search)
8 (bidi_cache_find_level_change, bidi_cache_ensure_space)
9 (bidi_cache_iterator_state, bidi_cache_find, bidi_cache_start_stack)
10 (bidi_find_other_level_edge):
11 Use ptrdiff_t instead of EMACS_INT where either will do.
12 This works better on 32-bit hosts configured --with-wide-int.
13 (bidi_cache_ensure_space): Check for size-calculation overflow.
14 Use % rather than repeated addition, for better worst-case speed.
15 Don't set bidi_cache_size until after xrealloc returns, because it
16 might not return.
17 (bidi_dump_cached_states): Use ptrdiff_t, not int, to avoid overflow.
18 (bidi_cache_ensure_space): Also check that the bidi cache size
19 does not exceed that of the largest Lisp string or buffer. See Eli
20 Zaretskii in <http://debbugs.gnu.org/cgi/bugreport.cgi?bug=9079#29>.
21
22 * alloc.c (__malloc_size_t): Remove.
23 All uses replaced by size_t. See Andreas Schwab's note
24 <http://debbugs.gnu.org/cgi/bugreport.cgi?bug=9079#8>.
25
26 * image.c: Improve checking for integer overflow.
27 (check_image_size): Assume that f is nonnull, since
28 it is always nonnull in practice. This is one less thing to
29 worry about when checking for integer overflow later.
30 (x_check_image_size): New function, which checks for integer
31 overflow issues inside X.
32 (x_create_x_image_and_pixmap, xbm_read_bitmap_data): Use it.
33 This removes the need for a memory_full check.
34 (xbm_image_p): Rewrite to avoid integer multiplication overflow.
35 (Create_Pixmap_From_Bitmap_Data, xbm_load): Use x_check_image_size.
36 (xbm_read_bitmap_data): Change locals back to 'int', since
37 their values must fit in 'int'.
38 (xpm_load_image, png_load, tiff_load):
39 Invoke x_create_x_image_and_pixmap earlier,
40 to avoid much needless work if the image is too large.
41 (tiff_load): Treat overly large images as if
42 x_create_x_image_and_pixmap failed, not as malloc failures.
43 (gs_load): Use x_check_image_size.
44
45 * gtkutil.c: Omit integer casts.
46 (xg_get_pixbuf_from_pixmap): Remove unnecessary cast.
47 (xg_set_toolkit_scroll_bar_thumb): Rewrite to avoid need for cast.
48
49 * image.c (png_load): Don't assume height * row_bytes fits in 'int'.
50
51 * xfaces.c (Fbitmap_spec_p): Fix integer overflow bug.
52 Without this fix, (bitmap-spec-p '(34359738368 1 "x"))
53 would wrongly return t on a 64-bit host.
54
55 * dispnew.c (init_display): Use *_RANGE_OVERFLOW macros.
56 The plain *_OVERFLOW macros run afoul of GCC bug 49705
57 <http://gcc.gnu.org/bugzilla/show_bug.cgi?id=49705>
58 and therefore cause GCC to emit a bogus diagnostic in some cases.
59
60 * image.c: Integer signedness and overflow and related fixes.
61 This is not an exhaustive set of fixes, but it's time to
62 record what I've got.
63 (lookup_pixel_color, check_image_size): Remove redundant decls.
64 (check_image_size): Don't assume that arbitrary EMACS_INT values
65 fit in 'int', or that arbitrary 'double' values fit in 'int'.
66 (x_alloc_image_color, x_create_x_image_and_pixmap, png_load)
67 (tiff_load, imagemagick_load_image):
68 Check for overflow in size calculations.
69 (x_create_x_image_and_pixmap): Remove unnecessary test for
70 xmalloc returning NULL; that can't happen.
71 (xbm_read_bitmap_data): Don't assume sizes fit into 'int'.
72 (xpm_color_bucket): Use better integer hashing function.
73 (xpm_cache_color): Don't possibly over-allocate memory.
74 (struct png_memory_storage, tiff_memory_source, tiff_seek_in_memory)
75 (gif_memory_source):
76 Use ptrdiff_t, not int or size_t, to record sizes.
77 (png_load): Don't assume values greater than 2**31 fit in 'int'.
78 (our_stdio_fill_input_buffer): Prefer ptrdiff_t to size_t when
79 either works, as we prefer signed integers.
80 (tiff_read_from_memory, tiff_write_from_memory):
81 Return tsize_t, not size_t, since that's what the TIFF API wants.
82 (tiff_read_from_memory): Don't fail simply because the read would
83 go past EOF; instead, return a short read.
84 (tiff_load): Omit no-longer-needed casts.
85 (Fimagemagick_types): Don't assume size fits into 'int'.
86
87 Improve hashing quality when configured --with-wide-int.
88 * fns.c (hash_string): New function, taken from sxhash_string.
89 Do not discard information about ASCII character case; this
90 discarding is no longer needed.
91 (sxhash-string): Use it. Change sig to match it. Caller changed.
92 * lisp.h: Declare it.
93 * lread.c (hash_string): Remove, since we now use fns.c's version.
94 The fns.c version returns a wider integer if --with-wide-int is
95 specified, so this should help the quality of the hashing a bit.
96
97 * emacs.c: Integer overflow minor fix.
98 (heap_bss_diff): Now uprintmax_t, not unsigned long. All used changed.
99 Define only if GNU_LINUX.
100 (main, Fdump_emacs): Set and use heap_bss_diff only if GNU_LINUX.
101
102 * dispnew.c: Integer signedness and overflow fixes.
103 Remove unnecessary forward decls, that were a maintenance hassle.
104 (history_tick): Now uprintmax_t, so it's more likely to avoid overflow.
105 All uses changed.
106 (adjust_glyph_matrix, realloc_glyph_pool, adjust_frame_message_buffer)
107 (scrolling_window): Use ptrdiff_t, not int, for byte count.
108 (prepare_desired_row, line_draw_cost):
109 Use int, not unsigned, where either works.
110 (save_current_matrix, restore_current_matrix):
111 Use ptrdiff_t, not size_t, where either works.
112 (init_display): Check for overflow more accurately, and without
113 relying on undefined behavior.
114
115 * editfns.c (pWIDE, pWIDElen, signed_wide, unsigned_wide):
116 Remove, replacing with the new symbols in lisp.h. All uses changed.
117 * fileio.c (make_temp_name):
118 * filelock.c (lock_file_1, lock_file):
119 * xdisp.c (message_dolog):
120 Don't assume PRIdMAX etc. works; this isn't portable to pre-C99 hosts.
121 Use pMd etc. instead.
122 * lisp.h (printmax_t, uprintmax_t, pMd, pMu): New types and macros,
123 replacing the pWIDE etc. symbols removed from editfns.c.
124
125 * keyboard.h (num_input_events): Now uintmax_t.
126 This is (very slightly) less likely to mess up due to wraparound.
127 All uses changed.
128
129 * buffer.c: Integer signedness fixes.
130 (alloc_buffer_text, enlarge_buffer_text):
131 Use ptrdiff_t rather than size_t when either will do, as we prefer
132 signed integers.
133
134 * alloc.c: Integer signedness and overflow fixes.
135 Do not impose an arbitrary 32-bit limit on malloc sizes when debugging.
136 (__malloc_size_t): Default to size_t, not to int.
137 (pure_size, pure_bytes_used_before_overflow, stack_copy_size)
138 (Fgarbage_collect, mark_object_loop_halt, mark_object):
139 Prefer ptrdiff_t to size_t when either would do, as we prefer
140 signed integers.
141 (XMALLOC_OVERRUN_CHECK_OVERHEAD): New macro.
142 (xmalloc_overrun_check_header, xmalloc_overrun_check_trailer):
143 Now const. Initialize with values that are in range even if char
144 is signed.
145 (XMALLOC_PUT_SIZE, XMALLOC_GET_SIZE): Remove, replacing with ...
146 (xmalloc_put_size, xmalloc_get_size): New functions. All uses changed.
147 These functions do the right thing with sizes > 2**32.
148 (check_depth): Now ptrdiff_t, not int.
149 (overrun_check_malloc, overrun_check_realloc, overrun_check_free):
150 Adjust to new way of storing sizes. Check for size overflow bugs
151 in rest of code.
152 (STRING_BYTES_MAX): Adjust to new overheads. The old code was
153 slightly wrong anyway, as it missed one instance of
154 XMALLOC_OVERRUN_CHECK_OVERHEAD.
155 (refill_memory_reserve): Omit needless cast to size_t.
156 (mark_object_loop_halt): Mark as externally visible.
157
158 * xselect.c: Integer signedness and overflow fixes.
159 (Fx_register_dnd_atom, x_handle_dnd_message):
160 Use ptrdiff_t, not size_t, since we prefer signed.
161 (Fx_register_dnd_atom): Check for ptrdiff_t (and size_t) overflow.
162 * xterm.h (struct x_display_info): Use ptrdiff_t, not size_t, for
163 x_dnd_atoms_size and x_dnd_atoms_length.
164
165 * doprnt.c: Prefer signed to unsigned when either works.
166 * eval.c (verror):
167 * doprnt.c (doprnt):
168 * lisp.h (doprnt):
169 * xdisp.c (vmessage):
170 Use ptrdiff_t, not size_t, when using or implementing doprnt,
171 since the sizes cannot exceed ptrdiff_t bounds anyway, and we
172 prefer signed arithmetic to avoid comparison confusion.
173 * doprnt.c (doprnt): Avoid a "+ 1" that can't overflow,
174 but is a bit tricky.
175
176 Assume freestanding C89 headers, string.h, stdlib.h.
177 * data.c, doprnt.c, floatfns.c, print.c:
178 Include float.h unconditionally.
179 * gmalloc.c: Assume C89-at-least behavior for preprocessor,
180 limits.h, stddef.h, string.h. Use memset instead of 'flood'.
181 * regex.c: Likewise for stddef.h, string.h.
182 (ISASCII): Remove; can assume it returns 1 now. All uses removed.
183 * s/aix4-2.h (HAVE_STRING_H): Remove obsolete undef.
184 * s/ms-w32.h (HAVE_LIMITS_H, HAVE_STRING_H, HAVE_STDLIB_H)
185 (STDC_HEADERS): Remove obsolete defines.
186 * sysdep.c: Include limits.h unconditionally.
187
188 Assume support for memcmp, memcpy, memmove, memset.
189 * lisp.h, sysdep.c (memcmp, memcpy, memmove, memset):
190 * regex.c (memcmp, memcpy):
191 Remove; we assume C89 now.
192
193 * gmalloc.c (memcpy, memset, memmove): Remove; we assume C89 now.
194 (__malloc_safe_bcopy): Remove; no longer needed.
195
196 * lisp.h (struct vectorlike_header, struct Lisp_Subr): Signed sizes.
197 Use EMACS_INT, not EMACS_UINT, for sizes. The code works equally
198 well either way, and we prefer signed to unsigned.
199
12011-07-27 Lars Magne Ingebrigtsen <larsi@gnus.org> 2002011-07-27 Lars Magne Ingebrigtsen <larsi@gnus.org>
2 201
3 * gnutls.c (emacs_gnutls_read): Don't message anything if the peer 202 * gnutls.c (emacs_gnutls_read): Don't message anything if the peer
diff --git a/src/alloc.c b/src/alloc.c
index d48d1f34dbd..eb0185a8e35 100644
--- a/src/alloc.c
+++ b/src/alloc.c
@@ -68,10 +68,6 @@ extern POINTER_TYPE *sbrk ();
68#ifdef DOUG_LEA_MALLOC 68#ifdef DOUG_LEA_MALLOC
69 69
70#include <malloc.h> 70#include <malloc.h>
71/* malloc.h #defines this as size_t, at least in glibc2. */
72#ifndef __malloc_size_t
73#define __malloc_size_t int
74#endif
75 71
76/* Specify maximum number of areas to mmap. It would be nice to use a 72/* Specify maximum number of areas to mmap. It would be nice to use a
77 value that explicitly means "no limit". */ 73 value that explicitly means "no limit". */
@@ -82,9 +78,8 @@ extern POINTER_TYPE *sbrk ();
82 78
83/* The following come from gmalloc.c. */ 79/* The following come from gmalloc.c. */
84 80
85#define __malloc_size_t size_t 81extern size_t _bytes_used;
86extern __malloc_size_t _bytes_used; 82extern size_t __malloc_extra_blocks;
87extern __malloc_size_t __malloc_extra_blocks;
88 83
89#endif /* not DOUG_LEA_MALLOC */ 84#endif /* not DOUG_LEA_MALLOC */
90 85
@@ -214,12 +209,12 @@ EMACS_INT pure[(PURESIZE + sizeof (EMACS_INT) - 1) / sizeof (EMACS_INT)] = {1,};
214/* Pointer to the pure area, and its size. */ 209/* Pointer to the pure area, and its size. */
215 210
216static char *purebeg; 211static char *purebeg;
217static size_t pure_size; 212static ptrdiff_t pure_size;
218 213
219/* Number of bytes of pure storage used before pure storage overflowed. 214/* Number of bytes of pure storage used before pure storage overflowed.
220 If this is non-zero, this implies that an overflow occurred. */ 215 If this is non-zero, this implies that an overflow occurred. */
221 216
222static size_t pure_bytes_used_before_overflow; 217static ptrdiff_t pure_bytes_used_before_overflow;
223 218
224/* Value is non-zero if P points into pure space. */ 219/* Value is non-zero if P points into pure space. */
225 220
@@ -252,7 +247,7 @@ const char *pending_malloc_warning;
252 247
253#if MAX_SAVE_STACK > 0 248#if MAX_SAVE_STACK > 0
254static char *stack_copy; 249static char *stack_copy;
255static size_t stack_copy_size; 250static ptrdiff_t stack_copy_size;
256#endif 251#endif
257 252
258/* Non-zero means ignore malloc warnings. Set during initialization. 253/* Non-zero means ignore malloc warnings. Set during initialization.
@@ -486,14 +481,15 @@ buffer_memory_full (EMACS_INT nbytes)
486 481
487 482
488#ifndef XMALLOC_OVERRUN_CHECK 483#ifndef XMALLOC_OVERRUN_CHECK
489#define XMALLOC_OVERRUN_CHECK_SIZE 0 484#define XMALLOC_OVERRUN_CHECK_OVERHEAD 0
490#else 485#else
491 486
492/* Check for overrun in malloc'ed buffers by wrapping a 16 byte header 487/* Check for overrun in malloc'ed buffers by wrapping a header and trailer
493 and a 16 byte trailer around each block. 488 around each block.
494 489
495 The header consists of 12 fixed bytes + a 4 byte integer contaning the 490 The header consists of 16 fixed bytes followed by sizeof (size_t) bytes
496 original block size, while the trailer consists of 16 fixed bytes. 491 containing the original block size in little-endian order,
492 while the trailer consists of 16 fixed bytes.
497 493
498 The header is used to detect whether this block has been allocated 494 The header is used to detect whether this block has been allocated
499 through these functions -- as it seems that some low-level libc 495 through these functions -- as it seems that some low-level libc
@@ -502,31 +498,47 @@ buffer_memory_full (EMACS_INT nbytes)
502 498
503 499
504#define XMALLOC_OVERRUN_CHECK_SIZE 16 500#define XMALLOC_OVERRUN_CHECK_SIZE 16
501#define XMALLOC_OVERRUN_CHECK_OVERHEAD \
502 (2 * XMALLOC_OVERRUN_CHECK_SIZE + sizeof (size_t))
505 503
506static char xmalloc_overrun_check_header[XMALLOC_OVERRUN_CHECK_SIZE-4] = 504static char const xmalloc_overrun_check_header[XMALLOC_OVERRUN_CHECK_SIZE] =
507 { 0x9a, 0x9b, 0xae, 0xaf, 505 { '\x9a', '\x9b', '\xae', '\xaf',
508 0xbf, 0xbe, 0xce, 0xcf, 506 '\xbf', '\xbe', '\xce', '\xcf',
509 0xea, 0xeb, 0xec, 0xed }; 507 '\xea', '\xeb', '\xec', '\xed',
508 '\xdf', '\xde', '\x9c', '\x9d' };
510 509
511static char xmalloc_overrun_check_trailer[XMALLOC_OVERRUN_CHECK_SIZE] = 510static char const xmalloc_overrun_check_trailer[XMALLOC_OVERRUN_CHECK_SIZE] =
512 { 0xaa, 0xab, 0xac, 0xad, 511 { '\xaa', '\xab', '\xac', '\xad',
513 0xba, 0xbb, 0xbc, 0xbd, 512 '\xba', '\xbb', '\xbc', '\xbd',
514 0xca, 0xcb, 0xcc, 0xcd, 513 '\xca', '\xcb', '\xcc', '\xcd',
515 0xda, 0xdb, 0xdc, 0xdd }; 514 '\xda', '\xdb', '\xdc', '\xdd' };
516 515
517/* Macros to insert and extract the block size in the header. */ 516/* Insert and extract the block size in the header. */
518 517
519#define XMALLOC_PUT_SIZE(ptr, size) \ 518static void
520 (ptr[-1] = (size & 0xff), \ 519xmalloc_put_size (unsigned char *ptr, size_t size)
521 ptr[-2] = ((size >> 8) & 0xff), \ 520{
522 ptr[-3] = ((size >> 16) & 0xff), \ 521 int i;
523 ptr[-4] = ((size >> 24) & 0xff)) 522 for (i = 0; i < sizeof (size_t); i++)
523 {
524 *--ptr = size & (1 << CHAR_BIT) - 1;
525 size >>= CHAR_BIT;
526 }
527}
524 528
525#define XMALLOC_GET_SIZE(ptr) \ 529static size_t
526 (size_t)((unsigned)(ptr[-1]) | \ 530xmalloc_get_size (unsigned char *ptr)
527 ((unsigned)(ptr[-2]) << 8) | \ 531{
528 ((unsigned)(ptr[-3]) << 16) | \ 532 size_t size = 0;
529 ((unsigned)(ptr[-4]) << 24)) 533 int i;
534 ptr -= sizeof (size_t);
535 for (i = 0; i < sizeof (size_t); i++)
536 {
537 size <<= CHAR_BIT;
538 size += *ptr++;
539 }
540 return size;
541}
530 542
531 543
532/* The call depth in overrun_check functions. For example, this might happen: 544/* The call depth in overrun_check functions. For example, this might happen:
@@ -545,10 +557,10 @@ static char xmalloc_overrun_check_trailer[XMALLOC_OVERRUN_CHECK_SIZE] =
545 557
546 xfree(10032) 558 xfree(10032)
547 overrun_check_free(10032) 559 overrun_check_free(10032)
548 decrease overhed 560 decrease overhead
549 free(10016) <- crash, because 10000 is the original pointer. */ 561 free(10016) <- crash, because 10000 is the original pointer. */
550 562
551static int check_depth; 563static ptrdiff_t check_depth;
552 564
553/* Like malloc, but wraps allocated block with header and trailer. */ 565/* Like malloc, but wraps allocated block with header and trailer. */
554 566
@@ -556,15 +568,16 @@ static POINTER_TYPE *
556overrun_check_malloc (size_t size) 568overrun_check_malloc (size_t size)
557{ 569{
558 register unsigned char *val; 570 register unsigned char *val;
559 size_t overhead = ++check_depth == 1 ? XMALLOC_OVERRUN_CHECK_SIZE*2 : 0; 571 int overhead = ++check_depth == 1 ? XMALLOC_OVERRUN_CHECK_OVERHEAD : 0;
572 if (SIZE_MAX - overhead < size)
573 abort ();
560 574
561 val = (unsigned char *) malloc (size + overhead); 575 val = (unsigned char *) malloc (size + overhead);
562 if (val && check_depth == 1) 576 if (val && check_depth == 1)
563 { 577 {
564 memcpy (val, xmalloc_overrun_check_header, 578 memcpy (val, xmalloc_overrun_check_header, XMALLOC_OVERRUN_CHECK_SIZE);
565 XMALLOC_OVERRUN_CHECK_SIZE - 4); 579 val += XMALLOC_OVERRUN_CHECK_SIZE + sizeof (size_t);
566 val += XMALLOC_OVERRUN_CHECK_SIZE; 580 xmalloc_put_size (val, size);
567 XMALLOC_PUT_SIZE(val, size);
568 memcpy (val + size, xmalloc_overrun_check_trailer, 581 memcpy (val + size, xmalloc_overrun_check_trailer,
569 XMALLOC_OVERRUN_CHECK_SIZE); 582 XMALLOC_OVERRUN_CHECK_SIZE);
570 } 583 }
@@ -580,31 +593,32 @@ static POINTER_TYPE *
580overrun_check_realloc (POINTER_TYPE *block, size_t size) 593overrun_check_realloc (POINTER_TYPE *block, size_t size)
581{ 594{
582 register unsigned char *val = (unsigned char *) block; 595 register unsigned char *val = (unsigned char *) block;
583 size_t overhead = ++check_depth == 1 ? XMALLOC_OVERRUN_CHECK_SIZE*2 : 0; 596 int overhead = ++check_depth == 1 ? XMALLOC_OVERRUN_CHECK_OVERHEAD : 0;
597 if (SIZE_MAX - overhead < size)
598 abort ();
584 599
585 if (val 600 if (val
586 && check_depth == 1 601 && check_depth == 1
587 && memcmp (xmalloc_overrun_check_header, 602 && memcmp (xmalloc_overrun_check_header,
588 val - XMALLOC_OVERRUN_CHECK_SIZE, 603 val - XMALLOC_OVERRUN_CHECK_SIZE - sizeof (size_t),
589 XMALLOC_OVERRUN_CHECK_SIZE - 4) == 0) 604 XMALLOC_OVERRUN_CHECK_SIZE) == 0)
590 { 605 {
591 size_t osize = XMALLOC_GET_SIZE (val); 606 size_t osize = xmalloc_get_size (val);
592 if (memcmp (xmalloc_overrun_check_trailer, val + osize, 607 if (memcmp (xmalloc_overrun_check_trailer, val + osize,
593 XMALLOC_OVERRUN_CHECK_SIZE)) 608 XMALLOC_OVERRUN_CHECK_SIZE))
594 abort (); 609 abort ();
595 memset (val + osize, 0, XMALLOC_OVERRUN_CHECK_SIZE); 610 memset (val + osize, 0, XMALLOC_OVERRUN_CHECK_SIZE);
596 val -= XMALLOC_OVERRUN_CHECK_SIZE; 611 val -= XMALLOC_OVERRUN_CHECK_SIZE + sizeof (size_t);
597 memset (val, 0, XMALLOC_OVERRUN_CHECK_SIZE); 612 memset (val, 0, XMALLOC_OVERRUN_CHECK_SIZE + sizeof (size_t));
598 } 613 }
599 614
600 val = (unsigned char *) realloc ((POINTER_TYPE *)val, size + overhead); 615 val = (unsigned char *) realloc ((POINTER_TYPE *)val, size + overhead);
601 616
602 if (val && check_depth == 1) 617 if (val && check_depth == 1)
603 { 618 {
604 memcpy (val, xmalloc_overrun_check_header, 619 memcpy (val, xmalloc_overrun_check_header, XMALLOC_OVERRUN_CHECK_SIZE);
605 XMALLOC_OVERRUN_CHECK_SIZE - 4); 620 val += XMALLOC_OVERRUN_CHECK_SIZE + sizeof (size_t);
606 val += XMALLOC_OVERRUN_CHECK_SIZE; 621 xmalloc_put_size (val, size);
607 XMALLOC_PUT_SIZE(val, size);
608 memcpy (val + size, xmalloc_overrun_check_trailer, 622 memcpy (val + size, xmalloc_overrun_check_trailer,
609 XMALLOC_OVERRUN_CHECK_SIZE); 623 XMALLOC_OVERRUN_CHECK_SIZE);
610 } 624 }
@@ -623,20 +637,20 @@ overrun_check_free (POINTER_TYPE *block)
623 if (val 637 if (val
624 && check_depth == 1 638 && check_depth == 1
625 && memcmp (xmalloc_overrun_check_header, 639 && memcmp (xmalloc_overrun_check_header,
626 val - XMALLOC_OVERRUN_CHECK_SIZE, 640 val - XMALLOC_OVERRUN_CHECK_SIZE - sizeof (size_t),
627 XMALLOC_OVERRUN_CHECK_SIZE - 4) == 0) 641 XMALLOC_OVERRUN_CHECK_SIZE) == 0)
628 { 642 {
629 size_t osize = XMALLOC_GET_SIZE (val); 643 size_t osize = xmalloc_get_size (val);
630 if (memcmp (xmalloc_overrun_check_trailer, val + osize, 644 if (memcmp (xmalloc_overrun_check_trailer, val + osize,
631 XMALLOC_OVERRUN_CHECK_SIZE)) 645 XMALLOC_OVERRUN_CHECK_SIZE))
632 abort (); 646 abort ();
633#ifdef XMALLOC_CLEAR_FREE_MEMORY 647#ifdef XMALLOC_CLEAR_FREE_MEMORY
634 val -= XMALLOC_OVERRUN_CHECK_SIZE; 648 val -= XMALLOC_OVERRUN_CHECK_SIZE + sizeof (size_t);
635 memset (val, 0xff, osize + XMALLOC_OVERRUN_CHECK_SIZE*2); 649 memset (val, 0xff, osize + XMALLOC_OVERRUN_CHECK_OVERHEAD);
636#else 650#else
637 memset (val + osize, 0, XMALLOC_OVERRUN_CHECK_SIZE); 651 memset (val + osize, 0, XMALLOC_OVERRUN_CHECK_SIZE);
638 val -= XMALLOC_OVERRUN_CHECK_SIZE; 652 val -= XMALLOC_OVERRUN_CHECK_SIZE + sizeof (size_t);
639 memset (val, 0, XMALLOC_OVERRUN_CHECK_SIZE); 653 memset (val, 0, XMALLOC_OVERRUN_CHECK_SIZE + sizeof (size_t));
640#endif 654#endif
641 } 655 }
642 656
@@ -1092,11 +1106,11 @@ static void (*old_free_hook) (void*, const void*);
1092# define BYTES_USED _bytes_used 1106# define BYTES_USED _bytes_used
1093#endif 1107#endif
1094 1108
1095static __malloc_size_t bytes_used_when_reconsidered; 1109static size_t bytes_used_when_reconsidered;
1096 1110
1097/* Value of _bytes_used, when spare_memory was freed. */ 1111/* Value of _bytes_used, when spare_memory was freed. */
1098 1112
1099static __malloc_size_t bytes_used_when_full; 1113static size_t bytes_used_when_full;
1100 1114
1101/* This function is used as the hook for free to call. */ 1115/* This function is used as the hook for free to call. */
1102 1116
@@ -1661,7 +1675,8 @@ static char const string_overrun_cookie[GC_STRING_OVERRUN_COOKIE_SIZE] =
1661 calculating a value to be passed to malloc. */ 1675 calculating a value to be passed to malloc. */
1662#define STRING_BYTES_MAX \ 1676#define STRING_BYTES_MAX \
1663 min (STRING_BYTES_BOUND, \ 1677 min (STRING_BYTES_BOUND, \
1664 ((SIZE_MAX - XMALLOC_OVERRUN_CHECK_SIZE - GC_STRING_EXTRA \ 1678 ((SIZE_MAX - XMALLOC_OVERRUN_CHECK_OVERHEAD \
1679 - GC_STRING_EXTRA \
1665 - offsetof (struct sblock, first_data) \ 1680 - offsetof (struct sblock, first_data) \
1666 - SDATA_DATA_OFFSET) \ 1681 - SDATA_DATA_OFFSET) \
1667 & ~(sizeof (EMACS_INT) - 1))) 1682 & ~(sizeof (EMACS_INT) - 1)))
@@ -3320,7 +3335,7 @@ refill_memory_reserve (void)
3320{ 3335{
3321#ifndef SYSTEM_MALLOC 3336#ifndef SYSTEM_MALLOC
3322 if (spare_memory[0] == 0) 3337 if (spare_memory[0] == 0)
3323 spare_memory[0] = (char *) malloc ((size_t) SPARE_MEMORY); 3338 spare_memory[0] = (char *) malloc (SPARE_MEMORY);
3324 if (spare_memory[1] == 0) 3339 if (spare_memory[1] == 0)
3325 spare_memory[1] = (char *) lisp_align_malloc (sizeof (struct cons_block), 3340 spare_memory[1] = (char *) lisp_align_malloc (sizeof (struct cons_block),
3326 MEM_TYPE_CONS); 3341 MEM_TYPE_CONS);
@@ -4922,7 +4937,7 @@ returns nil, because real GC can't be done. */)
4922 if (NILP (Vpurify_flag)) 4937 if (NILP (Vpurify_flag))
4923 { 4938 {
4924 char *stack; 4939 char *stack;
4925 size_t stack_size; 4940 ptrdiff_t stack_size;
4926 if (&stack_top_variable < stack_bottom) 4941 if (&stack_top_variable < stack_bottom)
4927 { 4942 {
4928 stack = &stack_top_variable; 4943 stack = &stack_top_variable;
@@ -5233,7 +5248,7 @@ static int last_marked_index;
5233 links of a list, in mark_object. In debugging, 5248 links of a list, in mark_object. In debugging,
5234 the call to abort will hit a breakpoint. 5249 the call to abort will hit a breakpoint.
5235 Normally this is zero and the check never goes off. */ 5250 Normally this is zero and the check never goes off. */
5236static size_t mark_object_loop_halt; 5251ptrdiff_t mark_object_loop_halt EXTERNALLY_VISIBLE;
5237 5252
5238static void 5253static void
5239mark_vectorlike (struct Lisp_Vector *ptr) 5254mark_vectorlike (struct Lisp_Vector *ptr)
@@ -5290,7 +5305,7 @@ mark_object (Lisp_Object arg)
5290 void *po; 5305 void *po;
5291 struct mem_node *m; 5306 struct mem_node *m;
5292#endif 5307#endif
5293 size_t cdr_count = 0; 5308 ptrdiff_t cdr_count = 0;
5294 5309
5295 loop: 5310 loop:
5296 5311
diff --git a/src/bidi.c b/src/bidi.c
index 412dc94cb86..697ebb92856 100644
--- a/src/bidi.c
+++ b/src/bidi.c
@@ -299,11 +299,11 @@ bidi_copy_it (struct bidi_it *to, struct bidi_it *from)
299 299
300#define BIDI_CACHE_CHUNK 200 300#define BIDI_CACHE_CHUNK 200
301static struct bidi_it *bidi_cache; 301static struct bidi_it *bidi_cache;
302static EMACS_INT bidi_cache_size = 0; 302static ptrdiff_t bidi_cache_size = 0;
303enum { elsz = sizeof (struct bidi_it) }; 303enum { elsz = sizeof (struct bidi_it) };
304static EMACS_INT bidi_cache_idx; /* next unused cache slot */ 304static ptrdiff_t bidi_cache_idx; /* next unused cache slot */
305static EMACS_INT bidi_cache_last_idx; /* slot of last cache hit */ 305static ptrdiff_t bidi_cache_last_idx; /* slot of last cache hit */
306static EMACS_INT bidi_cache_start = 0; /* start of cache for this 306static ptrdiff_t bidi_cache_start = 0; /* start of cache for this
307 "stack" level */ 307 "stack" level */
308 308
309/* Reset the cache state to the empty state. We only reset the part 309/* Reset the cache state to the empty state. We only reset the part
@@ -336,7 +336,7 @@ bidi_cache_shrink (void)
336} 336}
337 337
338static inline void 338static inline void
339bidi_cache_fetch_state (EMACS_INT idx, struct bidi_it *bidi_it) 339bidi_cache_fetch_state (ptrdiff_t idx, struct bidi_it *bidi_it)
340{ 340{
341 int current_scan_dir = bidi_it->scan_dir; 341 int current_scan_dir = bidi_it->scan_dir;
342 342
@@ -352,10 +352,10 @@ bidi_cache_fetch_state (EMACS_INT idx, struct bidi_it *bidi_it)
352 level less or equal to LEVEL. if LEVEL is -1, disregard the 352 level less or equal to LEVEL. if LEVEL is -1, disregard the
353 resolved levels in cached states. DIR, if non-zero, means search 353 resolved levels in cached states. DIR, if non-zero, means search
354 in that direction from the last cache hit. */ 354 in that direction from the last cache hit. */
355static inline EMACS_INT 355static inline ptrdiff_t
356bidi_cache_search (EMACS_INT charpos, int level, int dir) 356bidi_cache_search (EMACS_INT charpos, int level, int dir)
357{ 357{
358 EMACS_INT i, i_start; 358 ptrdiff_t i, i_start;
359 359
360 if (bidi_cache_idx > bidi_cache_start) 360 if (bidi_cache_idx > bidi_cache_start)
361 { 361 {
@@ -417,12 +417,12 @@ bidi_cache_search (EMACS_INT charpos, int level, int dir)
417 C, searching backwards (DIR = -1) for LEVEL = 2 will return the 417 C, searching backwards (DIR = -1) for LEVEL = 2 will return the
418 index of slot B or A, depending whether BEFORE is, respectively, 418 index of slot B or A, depending whether BEFORE is, respectively,
419 non-zero or zero. */ 419 non-zero or zero. */
420static EMACS_INT 420static ptrdiff_t
421bidi_cache_find_level_change (int level, int dir, int before) 421bidi_cache_find_level_change (int level, int dir, int before)
422{ 422{
423 if (bidi_cache_idx) 423 if (bidi_cache_idx)
424 { 424 {
425 EMACS_INT i = dir ? bidi_cache_last_idx : bidi_cache_idx - 1; 425 ptrdiff_t i = dir ? bidi_cache_last_idx : bidi_cache_idx - 1;
426 int incr = before ? 1 : 0; 426 int incr = before ? 1 : 0;
427 427
428 xassert (!dir || bidi_cache_last_idx >= 0); 428 xassert (!dir || bidi_cache_last_idx >= 0);
@@ -458,22 +458,33 @@ bidi_cache_find_level_change (int level, int dir, int before)
458} 458}
459 459
460static inline void 460static inline void
461bidi_cache_ensure_space (EMACS_INT idx) 461bidi_cache_ensure_space (ptrdiff_t idx)
462{ 462{
463 /* Enlarge the cache as needed. */ 463 /* Enlarge the cache as needed. */
464 if (idx >= bidi_cache_size) 464 if (idx >= bidi_cache_size)
465 { 465 {
466 while (idx >= bidi_cache_size) 466 ptrdiff_t new_size;
467 bidi_cache_size += BIDI_CACHE_CHUNK; 467
468 bidi_cache = 468 /* The bidi cache cannot be larger than the largest Lisp string
469 (struct bidi_it *) xrealloc (bidi_cache, bidi_cache_size * elsz); 469 or buffer. */
470 ptrdiff_t string_or_buffer_bound =
471 max (BUF_BYTES_MAX, STRING_BYTES_BOUND);
472
473 /* Also, it cannot be larger than what C can represent. */
474 ptrdiff_t c_bound = min (PTRDIFF_MAX, SIZE_MAX) / elsz;
475
476 if (min (string_or_buffer_bound, c_bound) <= idx)
477 memory_full (SIZE_MAX);
478 new_size = idx - idx % BIDI_CACHE_CHUNK + BIDI_CACHE_CHUNK;
479 bidi_cache = (struct bidi_it *) xrealloc (bidi_cache, new_size * elsz);
480 bidi_cache_size = new_size;
470 } 481 }
471} 482}
472 483
473static inline void 484static inline void
474bidi_cache_iterator_state (struct bidi_it *bidi_it, int resolved) 485bidi_cache_iterator_state (struct bidi_it *bidi_it, int resolved)
475{ 486{
476 EMACS_INT idx; 487 ptrdiff_t idx;
477 488
478 /* We should never cache on backward scans. */ 489 /* We should never cache on backward scans. */
479 if (bidi_it->scan_dir == -1) 490 if (bidi_it->scan_dir == -1)
@@ -528,7 +539,7 @@ bidi_cache_iterator_state (struct bidi_it *bidi_it, int resolved)
528static inline bidi_type_t 539static inline bidi_type_t
529bidi_cache_find (EMACS_INT charpos, int level, struct bidi_it *bidi_it) 540bidi_cache_find (EMACS_INT charpos, int level, struct bidi_it *bidi_it)
530{ 541{
531 EMACS_INT i = bidi_cache_search (charpos, level, bidi_it->scan_dir); 542 ptrdiff_t i = bidi_cache_search (charpos, level, bidi_it->scan_dir);
532 543
533 if (i >= bidi_cache_start) 544 if (i >= bidi_cache_start)
534 { 545 {
@@ -560,7 +571,7 @@ bidi_peek_at_next_level (struct bidi_it *bidi_it)
560/* 5-slot stack for saving the start of the previous level of the 571/* 5-slot stack for saving the start of the previous level of the
561 cache. xdisp.c maintains a 5-slot stack for its iterator state, 572 cache. xdisp.c maintains a 5-slot stack for its iterator state,
562 and we need the same size of our stack. */ 573 and we need the same size of our stack. */
563static EMACS_INT bidi_cache_start_stack[IT_STACK_SIZE]; 574static ptrdiff_t bidi_cache_start_stack[IT_STACK_SIZE];
564static int bidi_cache_sp; 575static int bidi_cache_sp;
565 576
566/* Push the bidi iterator state in preparation for reordering a 577/* Push the bidi iterator state in preparation for reordering a
@@ -2123,7 +2134,7 @@ static void
2123bidi_find_other_level_edge (struct bidi_it *bidi_it, int level, int end_flag) 2134bidi_find_other_level_edge (struct bidi_it *bidi_it, int level, int end_flag)
2124{ 2135{
2125 int dir = end_flag ? -bidi_it->scan_dir : bidi_it->scan_dir; 2136 int dir = end_flag ? -bidi_it->scan_dir : bidi_it->scan_dir;
2126 EMACS_INT idx; 2137 ptrdiff_t idx;
2127 2138
2128 /* Try the cache first. */ 2139 /* Try the cache first. */
2129 if ((idx = bidi_cache_find_level_change (level, dir, end_flag)) 2140 if ((idx = bidi_cache_find_level_change (level, dir, end_flag))
@@ -2300,7 +2311,7 @@ void bidi_dump_cached_states (void) EXTERNALLY_VISIBLE;
2300void 2311void
2301bidi_dump_cached_states (void) 2312bidi_dump_cached_states (void)
2302{ 2313{
2303 int i; 2314 ptrdiff_t i;
2304 int ndigits = 1; 2315 int ndigits = 1;
2305 2316
2306 if (bidi_cache_idx == 0) 2317 if (bidi_cache_idx == 0)
@@ -2308,7 +2319,7 @@ bidi_dump_cached_states (void)
2308 fprintf (stderr, "The cache is empty.\n"); 2319 fprintf (stderr, "The cache is empty.\n");
2309 return; 2320 return;
2310 } 2321 }
2311 fprintf (stderr, "Total of %"pI"d state%s in cache:\n", 2322 fprintf (stderr, "Total of %"pD"d state%s in cache:\n",
2312 bidi_cache_idx, bidi_cache_idx == 1 ? "" : "s"); 2323 bidi_cache_idx, bidi_cache_idx == 1 ? "" : "s");
2313 2324
2314 for (i = bidi_cache[bidi_cache_idx - 1].charpos; i > 0; i /= 10) 2325 for (i = bidi_cache[bidi_cache_idx - 1].charpos; i > 0; i /= 10)
diff --git a/src/buffer.c b/src/buffer.c
index 81c537b9c6a..a40275db8de 100644
--- a/src/buffer.c
+++ b/src/buffer.c
@@ -152,7 +152,7 @@ Lisp_Object Qmodification_hooks;
152Lisp_Object Qinsert_in_front_hooks; 152Lisp_Object Qinsert_in_front_hooks;
153Lisp_Object Qinsert_behind_hooks; 153Lisp_Object Qinsert_behind_hooks;
154 154
155static void alloc_buffer_text (struct buffer *, size_t); 155static void alloc_buffer_text (struct buffer *, ptrdiff_t);
156static void free_buffer_text (struct buffer *b); 156static void free_buffer_text (struct buffer *b);
157static struct Lisp_Overlay * copy_overlays (struct buffer *, struct Lisp_Overlay *); 157static struct Lisp_Overlay * copy_overlays (struct buffer *, struct Lisp_Overlay *);
158static void modify_overlay (struct buffer *, EMACS_INT, EMACS_INT); 158static void modify_overlay (struct buffer *, EMACS_INT, EMACS_INT);
@@ -4796,7 +4796,7 @@ extern void r_alloc_free (POINTER_TYPE **ptr);
4796/* Allocate NBYTES bytes for buffer B's text buffer. */ 4796/* Allocate NBYTES bytes for buffer B's text buffer. */
4797 4797
4798static void 4798static void
4799alloc_buffer_text (struct buffer *b, size_t nbytes) 4799alloc_buffer_text (struct buffer *b, ptrdiff_t nbytes)
4800{ 4800{
4801 POINTER_TYPE *p; 4801 POINTER_TYPE *p;
4802 4802
@@ -4826,8 +4826,8 @@ void
4826enlarge_buffer_text (struct buffer *b, EMACS_INT delta) 4826enlarge_buffer_text (struct buffer *b, EMACS_INT delta)
4827{ 4827{
4828 POINTER_TYPE *p; 4828 POINTER_TYPE *p;
4829 size_t nbytes = (BUF_Z_BYTE (b) - BUF_BEG_BYTE (b) + BUF_GAP_SIZE (b) + 1 4829 ptrdiff_t nbytes = (BUF_Z_BYTE (b) - BUF_BEG_BYTE (b) + BUF_GAP_SIZE (b) + 1
4830 + delta); 4830 + delta);
4831 BLOCK_INPUT; 4831 BLOCK_INPUT;
4832#if defined USE_MMAP_FOR_BUFFERS 4832#if defined USE_MMAP_FOR_BUFFERS
4833 p = mmap_realloc ((POINTER_TYPE **) &b->text->beg, nbytes); 4833 p = mmap_realloc ((POINTER_TYPE **) &b->text->beg, nbytes);
diff --git a/src/callint.c b/src/callint.c
index 26b161a25b3..5cf99495671 100644
--- a/src/callint.c
+++ b/src/callint.c
@@ -339,7 +339,7 @@ invoke it. If KEYS is omitted or nil, the return value of
339 { 339 {
340 Lisp_Object input; 340 Lisp_Object input;
341 Lisp_Object funval = Findirect_function (function, Qt); 341 Lisp_Object funval = Findirect_function (function, Qt);
342 size_t events = num_input_events; 342 uintmax_t events = num_input_events;
343 input = specs; 343 input = specs;
344 /* Compute the arg values using the user's expression. */ 344 /* Compute the arg values using the user's expression. */
345 GCPRO2 (input, filter_specs); 345 GCPRO2 (input, filter_specs);
diff --git a/src/data.c b/src/data.c
index 7bc04592c57..76a54547a5d 100644
--- a/src/data.c
+++ b/src/data.c
@@ -35,10 +35,7 @@ along with GNU Emacs. If not, see <http://www.gnu.org/licenses/>. */
35#include "termhooks.h" /* For FRAME_KBOARD reference in y-or-n-p. */ 35#include "termhooks.h" /* For FRAME_KBOARD reference in y-or-n-p. */
36#include "font.h" 36#include "font.h"
37 37
38#ifdef STDC_HEADERS
39#include <float.h> 38#include <float.h>
40#endif
41
42/* If IEEE_FLOATING_POINT isn't defined, default it from FLT_*. */ 39/* If IEEE_FLOATING_POINT isn't defined, default it from FLT_*. */
43#ifndef IEEE_FLOATING_POINT 40#ifndef IEEE_FLOATING_POINT
44#if (FLT_RADIX == 2 && FLT_MANT_DIG == 24 \ 41#if (FLT_RADIX == 2 && FLT_MANT_DIG == 24 \
diff --git a/src/dispnew.c b/src/dispnew.c
index 0198942012c..b2f416701c3 100644
--- a/src/dispnew.c
+++ b/src/dispnew.c
@@ -103,57 +103,24 @@ struct dim
103 103
104/* Function prototypes. */ 104/* Function prototypes. */
105 105
106static struct glyph_matrix *save_current_matrix (struct frame *);
107static void restore_current_matrix (struct frame *, struct glyph_matrix *);
108static int showing_window_margins_p (struct window *);
109static void fake_current_matrices (Lisp_Object);
110static void redraw_overlapping_rows (struct window *, int);
111static void redraw_overlapped_rows (struct window *, int);
112static int count_blanks (struct glyph *, int);
113static int count_match (struct glyph *, struct glyph *,
114 struct glyph *, struct glyph *);
115static unsigned line_draw_cost (struct glyph_matrix *, int);
116static void update_frame_line (struct frame *, int); 106static void update_frame_line (struct frame *, int);
117static struct dim allocate_matrices_for_frame_redisplay
118 (Lisp_Object, int, int, int, int *);
119static int required_matrix_height (struct window *); 107static int required_matrix_height (struct window *);
120static int required_matrix_width (struct window *); 108static int required_matrix_width (struct window *);
121static void allocate_matrices_for_window_redisplay (struct window *);
122static int realloc_glyph_pool (struct glyph_pool *, struct dim);
123static void adjust_frame_glyphs (struct frame *); 109static void adjust_frame_glyphs (struct frame *);
124static struct glyph_matrix *new_glyph_matrix (struct glyph_pool *);
125static void free_glyph_matrix (struct glyph_matrix *);
126static void adjust_glyph_matrix (struct window *, struct glyph_matrix *,
127 int, int, struct dim);
128static void change_frame_size_1 (struct frame *, int, int, int, int, int); 110static void change_frame_size_1 (struct frame *, int, int, int, int, int);
129static void increment_row_positions (struct glyph_row *, EMACS_INT, EMACS_INT); 111static void increment_row_positions (struct glyph_row *, EMACS_INT, EMACS_INT);
130static void swap_glyph_pointers (struct glyph_row *, struct glyph_row *);
131#if GLYPH_DEBUG
132static int glyph_row_slice_p (struct glyph_row *, struct glyph_row *);
133#endif
134static void fill_up_frame_row_with_spaces (struct glyph_row *, int); 112static void fill_up_frame_row_with_spaces (struct glyph_row *, int);
135static void build_frame_matrix_from_window_tree (struct glyph_matrix *, 113static void build_frame_matrix_from_window_tree (struct glyph_matrix *,
136 struct window *); 114 struct window *);
137static void build_frame_matrix_from_leaf_window (struct glyph_matrix *, 115static void build_frame_matrix_from_leaf_window (struct glyph_matrix *,
138 struct window *); 116 struct window *);
139static struct glyph_pool *new_glyph_pool (void);
140static void free_glyph_pool (struct glyph_pool *);
141static void adjust_frame_glyphs_initially (void);
142static void adjust_frame_message_buffer (struct frame *); 117static void adjust_frame_message_buffer (struct frame *);
143static void adjust_decode_mode_spec_buffer (struct frame *); 118static void adjust_decode_mode_spec_buffer (struct frame *);
144static void fill_up_glyph_row_with_spaces (struct glyph_row *); 119static void fill_up_glyph_row_with_spaces (struct glyph_row *);
145static void build_frame_matrix (struct frame *);
146void clear_current_matrices (struct frame *);
147void scroll_glyph_matrix_range (struct glyph_matrix *, int, int,
148 int, int);
149static void clear_window_matrices (struct window *, int); 120static void clear_window_matrices (struct window *, int);
150static void fill_up_glyph_row_area_with_spaces (struct glyph_row *, int); 121static void fill_up_glyph_row_area_with_spaces (struct glyph_row *, int);
151static int scrolling_window (struct window *, int); 122static int scrolling_window (struct window *, int);
152static int update_window_line (struct window *, int, int *); 123static int update_window_line (struct window *, int, int *);
153static void update_marginal_area (struct window *, int, int);
154static int update_text_area (struct window *, int);
155static void make_current (struct glyph_matrix *, struct glyph_matrix *,
156 int);
157static void mirror_make_current (struct window *, int); 124static void mirror_make_current (struct window *, int);
158#if GLYPH_DEBUG 125#if GLYPH_DEBUG
159static void check_matrix_pointers (struct glyph_matrix *, 126static void check_matrix_pointers (struct glyph_matrix *,
@@ -286,7 +253,7 @@ static int history_idx;
286/* A tick that's incremented each time something is added to the 253/* A tick that's incremented each time something is added to the
287 history. */ 254 history. */
288 255
289static unsigned history_tick; 256static uprintmax_t history_tick;
290 257
291static void add_frame_display_history (struct frame *, int); 258static void add_frame_display_history (struct frame *, int);
292 259
@@ -305,7 +272,7 @@ add_window_display_history (struct window *w, const char *msg, int paused_p)
305 buf = redisplay_history[history_idx].trace; 272 buf = redisplay_history[history_idx].trace;
306 ++history_idx; 273 ++history_idx;
307 274
308 sprintf (buf, "%d: window %p (`%s')%s\n", 275 sprintf (buf, "%"pMu": window %p (`%s')%s\n",
309 history_tick++, 276 history_tick++,
310 w, 277 w,
311 ((BUFFERP (w->buffer) 278 ((BUFFERP (w->buffer)
@@ -331,7 +298,7 @@ add_frame_display_history (struct frame *f, int paused_p)
331 buf = redisplay_history[history_idx].trace; 298 buf = redisplay_history[history_idx].trace;
332 ++history_idx; 299 ++history_idx;
333 300
334 sprintf (buf, "%d: update frame %p%s", 301 sprintf (buf, "%"pMu": update frame %p%s",
335 history_tick++, 302 history_tick++,
336 f, paused_p ? " ***paused***" : ""); 303 f, paused_p ? " ***paused***" : "");
337} 304}
@@ -532,7 +499,7 @@ adjust_glyph_matrix (struct window *w, struct glyph_matrix *matrix, int x, int y
532 /* Enlarge MATRIX->rows if necessary. New rows are cleared. */ 499 /* Enlarge MATRIX->rows if necessary. New rows are cleared. */
533 if (matrix->rows_allocated < dim.height) 500 if (matrix->rows_allocated < dim.height)
534 { 501 {
535 int size = dim.height * sizeof (struct glyph_row); 502 ptrdiff_t size = dim.height * sizeof (struct glyph_row);
536 new_rows = dim.height - matrix->rows_allocated; 503 new_rows = dim.height - matrix->rows_allocated;
537 matrix->rows = (struct glyph_row *) xrealloc (matrix->rows, size); 504 matrix->rows = (struct glyph_row *) xrealloc (matrix->rows, size);
538 memset (matrix->rows + matrix->rows_allocated, 0, 505 memset (matrix->rows + matrix->rows_allocated, 0,
@@ -1198,7 +1165,7 @@ prepare_desired_row (struct glyph_row *row)
1198{ 1165{
1199 if (!row->enabled_p) 1166 if (!row->enabled_p)
1200 { 1167 {
1201 unsigned rp = row->reversed_p; 1168 int rp = row->reversed_p;
1202 1169
1203 clear_glyph_row (row); 1170 clear_glyph_row (row);
1204 row->enabled_p = 1; 1171 row->enabled_p = 1;
@@ -1242,7 +1209,7 @@ line_hash_code (struct glyph_row *row)
1242 the number of characters in the line. If must_write_spaces is 1209 the number of characters in the line. If must_write_spaces is
1243 zero, leading and trailing spaces are ignored. */ 1210 zero, leading and trailing spaces are ignored. */
1244 1211
1245static unsigned int 1212static int
1246line_draw_cost (struct glyph_matrix *matrix, int vpos) 1213line_draw_cost (struct glyph_matrix *matrix, int vpos)
1247{ 1214{
1248 struct glyph_row *row = matrix->rows + vpos; 1215 struct glyph_row *row = matrix->rows + vpos;
@@ -1435,7 +1402,7 @@ realloc_glyph_pool (struct glyph_pool *pool, struct dim matrix_dim)
1435 needed = matrix_dim.width * matrix_dim.height; 1402 needed = matrix_dim.width * matrix_dim.height;
1436 if (needed > pool->nglyphs) 1403 if (needed > pool->nglyphs)
1437 { 1404 {
1438 int size = needed * sizeof (struct glyph); 1405 ptrdiff_t size = needed * sizeof (struct glyph);
1439 1406
1440 if (pool->glyphs) 1407 if (pool->glyphs)
1441 { 1408 {
@@ -2061,7 +2028,7 @@ save_current_matrix (struct frame *f)
2061 { 2028 {
2062 struct glyph_row *from = f->current_matrix->rows + i; 2029 struct glyph_row *from = f->current_matrix->rows + i;
2063 struct glyph_row *to = saved->rows + i; 2030 struct glyph_row *to = saved->rows + i;
2064 size_t nbytes = from->used[TEXT_AREA] * sizeof (struct glyph); 2031 ptrdiff_t nbytes = from->used[TEXT_AREA] * sizeof (struct glyph);
2065 to->glyphs[TEXT_AREA] = (struct glyph *) xmalloc (nbytes); 2032 to->glyphs[TEXT_AREA] = (struct glyph *) xmalloc (nbytes);
2066 memcpy (to->glyphs[TEXT_AREA], from->glyphs[TEXT_AREA], nbytes); 2033 memcpy (to->glyphs[TEXT_AREA], from->glyphs[TEXT_AREA], nbytes);
2067 to->used[TEXT_AREA] = from->used[TEXT_AREA]; 2034 to->used[TEXT_AREA] = from->used[TEXT_AREA];
@@ -2083,7 +2050,7 @@ restore_current_matrix (struct frame *f, struct glyph_matrix *saved)
2083 { 2050 {
2084 struct glyph_row *from = saved->rows + i; 2051 struct glyph_row *from = saved->rows + i;
2085 struct glyph_row *to = f->current_matrix->rows + i; 2052 struct glyph_row *to = f->current_matrix->rows + i;
2086 size_t nbytes = from->used[TEXT_AREA] * sizeof (struct glyph); 2053 ptrdiff_t nbytes = from->used[TEXT_AREA] * sizeof (struct glyph);
2087 memcpy (to->glyphs[TEXT_AREA], from->glyphs[TEXT_AREA], nbytes); 2054 memcpy (to->glyphs[TEXT_AREA], from->glyphs[TEXT_AREA], nbytes);
2088 to->used[TEXT_AREA] = from->used[TEXT_AREA]; 2055 to->used[TEXT_AREA] = from->used[TEXT_AREA];
2089 xfree (from->glyphs[TEXT_AREA]); 2056 xfree (from->glyphs[TEXT_AREA]);
@@ -2271,7 +2238,7 @@ adjust_frame_glyphs_for_window_redisplay (struct frame *f)
2271static void 2238static void
2272adjust_frame_message_buffer (struct frame *f) 2239adjust_frame_message_buffer (struct frame *f)
2273{ 2240{
2274 int size = FRAME_MESSAGE_BUF_SIZE (f) + 1; 2241 ptrdiff_t size = FRAME_MESSAGE_BUF_SIZE (f) + 1;
2275 2242
2276 if (FRAME_MESSAGE_BUF (f)) 2243 if (FRAME_MESSAGE_BUF (f))
2277 { 2244 {
@@ -4301,7 +4268,8 @@ scrolling_window (struct window *w, int header_line_p)
4301 struct glyph_matrix *current_matrix = w->current_matrix; 4268 struct glyph_matrix *current_matrix = w->current_matrix;
4302 int yb = window_text_bottom_y (w); 4269 int yb = window_text_bottom_y (w);
4303 int i, j, first_old, first_new, last_old, last_new; 4270 int i, j, first_old, first_new, last_old, last_new;
4304 int nruns, nbytes, n, run_idx; 4271 int nruns, n, run_idx;
4272 ptrdiff_t nbytes;
4305 struct row_entry *entry; 4273 struct row_entry *entry;
4306 struct redisplay_interface *rif = FRAME_RIF (XFRAME (WINDOW_FRAME (w))); 4274 struct redisplay_interface *rif = FRAME_RIF (XFRAME (WINDOW_FRAME (w)));
4307 4275
@@ -6329,11 +6297,14 @@ init_display (void)
6329 int width = FRAME_TOTAL_COLS (sf); 6297 int width = FRAME_TOTAL_COLS (sf);
6330 int height = FRAME_LINES (sf); 6298 int height = FRAME_LINES (sf);
6331 6299
6332 unsigned int total_glyphs = height * (width + 2) * sizeof (struct glyph);
6333
6334 /* If these sizes are so big they cause overflow, just ignore the 6300 /* If these sizes are so big they cause overflow, just ignore the
6335 change. It's not clear what better we could do. */ 6301 change. It's not clear what better we could do. The rest of
6336 if (total_glyphs / sizeof (struct glyph) / height != width + 2) 6302 the code assumes that (width + 2) * height * sizeof (struct glyph)
6303 does not overflow and does not exceed PTRDIFF_MAX or SIZE_MAX. */
6304 if (INT_ADD_RANGE_OVERFLOW (width, 2, INT_MIN, INT_MAX)
6305 || INT_MULTIPLY_RANGE_OVERFLOW (width + 2, height, INT_MIN, INT_MAX)
6306 || (min (PTRDIFF_MAX, SIZE_MAX) / sizeof (struct glyph)
6307 < (width + 2) * height))
6337 fatal ("screen size %dx%d too big", width, height); 6308 fatal ("screen size %dx%d too big", width, height);
6338 } 6309 }
6339 6310
diff --git a/src/doprnt.c b/src/doprnt.c
index 195598c07ea..79f9f36e461 100644
--- a/src/doprnt.c
+++ b/src/doprnt.c
@@ -102,13 +102,8 @@ along with GNU Emacs. If not, see <http://www.gnu.org/licenses/>. */
102#include <stdio.h> 102#include <stdio.h>
103#include <ctype.h> 103#include <ctype.h>
104#include <setjmp.h> 104#include <setjmp.h>
105
106#ifdef STDC_HEADERS
107#include <float.h> 105#include <float.h>
108#endif
109
110#include <unistd.h> 106#include <unistd.h>
111
112#include <limits.h> 107#include <limits.h>
113 108
114#include "lisp.h" 109#include "lisp.h"
@@ -134,8 +129,8 @@ along with GNU Emacs. If not, see <http://www.gnu.org/licenses/>. */
134 String arguments are passed as C strings. 129 String arguments are passed as C strings.
135 Integers are passed as C integers. */ 130 Integers are passed as C integers. */
136 131
137size_t 132ptrdiff_t
138doprnt (char *buffer, register size_t bufsize, const char *format, 133doprnt (char *buffer, ptrdiff_t bufsize, const char *format,
139 const char *format_end, va_list ap) 134 const char *format_end, va_list ap)
140{ 135{
141 const char *fmt = format; /* Pointer into format string */ 136 const char *fmt = format; /* Pointer into format string */
@@ -145,7 +140,7 @@ doprnt (char *buffer, register size_t bufsize, const char *format,
145 char tembuf[DBL_MAX_10_EXP + 100]; 140 char tembuf[DBL_MAX_10_EXP + 100];
146 141
147 /* Size of sprintf_buffer. */ 142 /* Size of sprintf_buffer. */
148 size_t size_allocated = sizeof (tembuf); 143 ptrdiff_t size_allocated = sizeof (tembuf);
149 144
150 /* Buffer to use for sprintf. Either tembuf or same as BIG_BUFFER. */ 145 /* Buffer to use for sprintf. Either tembuf or same as BIG_BUFFER. */
151 char *sprintf_buffer = tembuf; 146 char *sprintf_buffer = tembuf;
@@ -164,7 +159,7 @@ doprnt (char *buffer, register size_t bufsize, const char *format,
164 if (format_end == 0) 159 if (format_end == 0)
165 format_end = format + strlen (format); 160 format_end = format + strlen (format);
166 161
167 if ((format_end - format + 1) < sizeof (fixed_buffer)) 162 if (format_end - format < sizeof (fixed_buffer) - 1)
168 fmtcpy = fixed_buffer; 163 fmtcpy = fixed_buffer;
169 else 164 else
170 SAFE_ALLOCA (fmtcpy, char *, format_end - format + 1); 165 SAFE_ALLOCA (fmtcpy, char *, format_end - format + 1);
@@ -176,7 +171,7 @@ doprnt (char *buffer, register size_t bufsize, const char *format,
176 { 171 {
177 if (*fmt == '%') /* Check for a '%' character */ 172 if (*fmt == '%') /* Check for a '%' character */
178 { 173 {
179 size_t size_bound = 0; 174 ptrdiff_t size_bound = 0;
180 EMACS_INT width; /* Columns occupied by STRING on display. */ 175 EMACS_INT width; /* Columns occupied by STRING on display. */
181 int long_flag = 0; 176 int long_flag = 0;
182 int pIlen = sizeof pI - 1; 177 int pIlen = sizeof pI - 1;
@@ -194,16 +189,16 @@ doprnt (char *buffer, register size_t bufsize, const char *format,
194 This might be a field width or a precision; e.g. 189 This might be a field width or a precision; e.g.
195 %1.1000f and %1000.1f both might need 1000+ bytes. 190 %1.1000f and %1000.1f both might need 1000+ bytes.
196 Parse the width or precision, checking for overflow. */ 191 Parse the width or precision, checking for overflow. */
197 size_t n = *fmt - '0'; 192 ptrdiff_t n = *fmt - '0';
198 while (fmt + 1 < format_end 193 while (fmt + 1 < format_end
199 && '0' <= fmt[1] && fmt[1] <= '9') 194 && '0' <= fmt[1] && fmt[1] <= '9')
200 { 195 {
201 /* Avoid size_t overflow. Avoid int overflow too, as 196 /* Avoid ptrdiff_t, size_t, and int overflow, as
202 many sprintfs mishandle widths greater than INT_MAX. 197 many sprintfs mishandle widths greater than INT_MAX.
203 This test is simple but slightly conservative: e.g., 198 This test is simple but slightly conservative: e.g.,
204 (INT_MAX - INT_MAX % 10) is reported as an overflow 199 (INT_MAX - INT_MAX % 10) is reported as an overflow
205 even when it's not. */ 200 even when it's not. */
206 if (n >= min (INT_MAX, SIZE_MAX) / 10) 201 if (n >= min (INT_MAX, min (PTRDIFF_MAX, SIZE_MAX)) / 10)
207 error ("Format width or precision too large"); 202 error ("Format width or precision too large");
208 n = n * 10 + fmt[1] - '0'; 203 n = n * 10 + fmt[1] - '0';
209 *string++ = *++fmt; 204 *string++ = *++fmt;
@@ -235,7 +230,7 @@ doprnt (char *buffer, register size_t bufsize, const char *format,
235 230
236 /* Make the size bound large enough to handle floating point formats 231 /* Make the size bound large enough to handle floating point formats
237 with large numbers. */ 232 with large numbers. */
238 if (size_bound > SIZE_MAX - DBL_MAX_10_EXP - 50) 233 if (size_bound > min (PTRDIFF_MAX, SIZE_MAX) - DBL_MAX_10_EXP - 50)
239 error ("Format width or precision too large"); 234 error ("Format width or precision too large");
240 size_bound += DBL_MAX_10_EXP + 50; 235 size_bound += DBL_MAX_10_EXP + 50;
241 236
diff --git a/src/editfns.c b/src/editfns.c
index 56ad99d199f..577263c5aea 100644
--- a/src/editfns.c
+++ b/src/editfns.c
@@ -3504,22 +3504,6 @@ usage: (propertize STRING &rest PROPERTIES) */)
3504 RETURN_UNGCPRO (string); 3504 RETURN_UNGCPRO (string);
3505} 3505}
3506 3506
3507/* pWIDE is a conversion for printing large decimal integers (possibly with a
3508 trailing "d" that is ignored). pWIDElen is its length. signed_wide and
3509 unsigned_wide are signed and unsigned types for printing them. Use widest
3510 integers if available so that more floating point values can be converted. */
3511#ifdef PRIdMAX
3512# define pWIDE PRIdMAX
3513enum { pWIDElen = sizeof PRIdMAX - 2 }; /* Don't count trailing "d". */
3514typedef intmax_t signed_wide;
3515typedef uintmax_t unsigned_wide;
3516#else
3517# define pWIDE pI
3518enum { pWIDElen = sizeof pI - 1 };
3519typedef EMACS_INT signed_wide;
3520typedef EMACS_UINT unsigned_wide;
3521#endif
3522
3523DEFUN ("format", Fformat, Sformat, 1, MANY, 0, 3507DEFUN ("format", Fformat, Sformat, 1, MANY, 0,
3524 doc: /* Format a string out of a format-string and arguments. 3508 doc: /* Format a string out of a format-string and arguments.
3525The first argument is a format control string. 3509The first argument is a format control string.
@@ -3901,7 +3885,11 @@ usage: (format STRING &rest OBJECTS) */)
3901 precision is no more than DBL_USEFUL_PRECISION_MAX. 3885 precision is no more than DBL_USEFUL_PRECISION_MAX.
3902 On all practical hosts, %f is the worst case. */ 3886 On all practical hosts, %f is the worst case. */
3903 SPRINTF_BUFSIZE = 3887 SPRINTF_BUFSIZE =
3904 sizeof "-." + (DBL_MAX_10_EXP + 1) + USEFUL_PRECISION_MAX 3888 sizeof "-." + (DBL_MAX_10_EXP + 1) + USEFUL_PRECISION_MAX,
3889
3890 /* Length of pM (that is, of pMd without the
3891 trailing "d"). */
3892 pMlen = sizeof pMd - 2
3905 }; 3893 };
3906 verify (0 < USEFUL_PRECISION_MAX); 3894 verify (0 < USEFUL_PRECISION_MAX);
3907 3895
@@ -3914,7 +3902,7 @@ usage: (format STRING &rest OBJECTS) */)
3914 3902
3915 /* Copy of conversion specification, modified somewhat. 3903 /* Copy of conversion specification, modified somewhat.
3916 At most three flags F can be specified at once. */ 3904 At most three flags F can be specified at once. */
3917 char convspec[sizeof "%FFF.*d" + pWIDElen]; 3905 char convspec[sizeof "%FFF.*d" + pMlen];
3918 3906
3919 /* Avoid undefined behavior in underlying sprintf. */ 3907 /* Avoid undefined behavior in underlying sprintf. */
3920 if (conversion == 'd' || conversion == 'i') 3908 if (conversion == 'd' || conversion == 'i')
@@ -3922,7 +3910,7 @@ usage: (format STRING &rest OBJECTS) */)
3922 3910
3923 /* Create the copy of the conversion specification, with 3911 /* Create the copy of the conversion specification, with
3924 any width and precision removed, with ".*" inserted, 3912 any width and precision removed, with ".*" inserted,
3925 and with pWIDE inserted for integer formats. */ 3913 and with pM inserted for integer formats. */
3926 { 3914 {
3927 char *f = convspec; 3915 char *f = convspec;
3928 *f++ = '%'; 3916 *f++ = '%';
@@ -3937,8 +3925,8 @@ usage: (format STRING &rest OBJECTS) */)
3937 || conversion == 'o' || conversion == 'x' 3925 || conversion == 'o' || conversion == 'x'
3938 || conversion == 'X') 3926 || conversion == 'X')
3939 { 3927 {
3940 memcpy (f, pWIDE, pWIDElen); 3928 memcpy (f, pMd, pMlen);
3941 f += pWIDElen; 3929 f += pMlen;
3942 zero_flag &= ~ precision_given; 3930 zero_flag &= ~ precision_given;
3943 } 3931 }
3944 *f++ = conversion; 3932 *f++ = conversion;
@@ -3978,7 +3966,7 @@ usage: (format STRING &rest OBJECTS) */)
3978 /* For float, maybe we should use "%1.0f" 3966 /* For float, maybe we should use "%1.0f"
3979 instead so it also works for values outside 3967 instead so it also works for values outside
3980 the integer range. */ 3968 the integer range. */
3981 signed_wide x; 3969 printmax_t x;
3982 if (INTEGERP (args[n])) 3970 if (INTEGERP (args[n]))
3983 x = XINT (args[n]); 3971 x = XINT (args[n]);
3984 else 3972 else
@@ -3986,13 +3974,13 @@ usage: (format STRING &rest OBJECTS) */)
3986 double d = XFLOAT_DATA (args[n]); 3974 double d = XFLOAT_DATA (args[n]);
3987 if (d < 0) 3975 if (d < 0)
3988 { 3976 {
3989 x = TYPE_MINIMUM (signed_wide); 3977 x = TYPE_MINIMUM (printmax_t);
3990 if (x < d) 3978 if (x < d)
3991 x = d; 3979 x = d;
3992 } 3980 }
3993 else 3981 else
3994 { 3982 {
3995 x = TYPE_MAXIMUM (signed_wide); 3983 x = TYPE_MAXIMUM (printmax_t);
3996 if (d < x) 3984 if (d < x)
3997 x = d; 3985 x = d;
3998 } 3986 }
@@ -4002,7 +3990,7 @@ usage: (format STRING &rest OBJECTS) */)
4002 else 3990 else
4003 { 3991 {
4004 /* Don't sign-extend for octal or hex printing. */ 3992 /* Don't sign-extend for octal or hex printing. */
4005 unsigned_wide x; 3993 uprintmax_t x;
4006 if (INTEGERP (args[n])) 3994 if (INTEGERP (args[n]))
4007 x = XUINT (args[n]); 3995 x = XUINT (args[n]);
4008 else 3996 else
@@ -4012,7 +4000,7 @@ usage: (format STRING &rest OBJECTS) */)
4012 x = 0; 4000 x = 0;
4013 else 4001 else
4014 { 4002 {
4015 x = TYPE_MAXIMUM (unsigned_wide); 4003 x = TYPE_MAXIMUM (uprintmax_t);
4016 if (d < x) 4004 if (d < x)
4017 x = d; 4005 x = d;
4018 } 4006 }
diff --git a/src/emacs.c b/src/emacs.c
index bc62735ab88..39870ec0079 100644
--- a/src/emacs.c
+++ b/src/emacs.c
@@ -170,8 +170,10 @@ char *stack_bottom;
170/* The address where the heap starts (from the first sbrk (0) call). */ 170/* The address where the heap starts (from the first sbrk (0) call). */
171static void *my_heap_start; 171static void *my_heap_start;
172 172
173#ifdef GNU_LINUX
173/* The gap between BSS end and heap start as far as we can tell. */ 174/* The gap between BSS end and heap start as far as we can tell. */
174static unsigned long heap_bss_diff; 175static uprintmax_t heap_bss_diff;
176#endif
175 177
176/* Nonzero means running Emacs without interactive terminal. */ 178/* Nonzero means running Emacs without interactive terminal. */
177int noninteractive; 179int noninteractive;
@@ -716,6 +718,7 @@ main (int argc, char **argv)
716 setenv ("G_SLICE", "always-malloc", 1); 718 setenv ("G_SLICE", "always-malloc", 1);
717#endif 719#endif
718 720
721#ifdef GNU_LINUX
719 if (!initialized) 722 if (!initialized)
720 { 723 {
721 extern char my_endbss[]; 724 extern char my_endbss[];
@@ -726,6 +729,7 @@ main (int argc, char **argv)
726 729
727 heap_bss_diff = (char *)my_heap_start - max (my_endbss, my_endbss_static); 730 heap_bss_diff = (char *)my_heap_start - max (my_endbss, my_endbss_static);
728 } 731 }
732#endif
729 733
730#ifdef RUN_TIME_REMAP 734#ifdef RUN_TIME_REMAP
731 if (initialized) 735 if (initialized)
@@ -2134,7 +2138,7 @@ You must run Emacs in batch mode in order to dump it. */)
2134 { 2138 {
2135 fprintf (stderr, "**************************************************\n"); 2139 fprintf (stderr, "**************************************************\n");
2136 fprintf (stderr, "Warning: Your system has a gap between BSS and the\n"); 2140 fprintf (stderr, "Warning: Your system has a gap between BSS and the\n");
2137 fprintf (stderr, "heap (%lu bytes). This usually means that exec-shield\n", 2141 fprintf (stderr, "heap (%"pMu" bytes). This usually means that exec-shield\n",
2138 heap_bss_diff); 2142 heap_bss_diff);
2139 fprintf (stderr, "or something similar is in effect. The dump may\n"); 2143 fprintf (stderr, "or something similar is in effect. The dump may\n");
2140 fprintf (stderr, "fail because of this. See the section about\n"); 2144 fprintf (stderr, "fail because of this. See the section about\n");
diff --git a/src/eval.c b/src/eval.c
index 90d0df61858..ef169e80e27 100644
--- a/src/eval.c
+++ b/src/eval.c
@@ -1968,18 +1968,18 @@ void
1968verror (const char *m, va_list ap) 1968verror (const char *m, va_list ap)
1969{ 1969{
1970 char buf[4000]; 1970 char buf[4000];
1971 size_t size = sizeof buf; 1971 ptrdiff_t size = sizeof buf;
1972 size_t size_max = STRING_BYTES_BOUND + 1; 1972 ptrdiff_t size_max = STRING_BYTES_BOUND + 1;
1973 size_t mlen = strlen (m); 1973 char const *m_end = m + strlen (m);
1974 char *buffer = buf; 1974 char *buffer = buf;
1975 size_t used; 1975 ptrdiff_t used;
1976 Lisp_Object string; 1976 Lisp_Object string;
1977 1977
1978 while (1) 1978 while (1)
1979 { 1979 {
1980 va_list ap_copy; 1980 va_list ap_copy;
1981 va_copy (ap_copy, ap); 1981 va_copy (ap_copy, ap);
1982 used = doprnt (buffer, size, m, m + mlen, ap_copy); 1982 used = doprnt (buffer, size, m, m_end, ap_copy);
1983 va_end (ap_copy); 1983 va_end (ap_copy);
1984 1984
1985 /* Note: the -1 below is because `doprnt' returns the number of bytes 1985 /* Note: the -1 below is because `doprnt' returns the number of bytes
diff --git a/src/fileio.c b/src/fileio.c
index 3e1aa54462f..61713689351 100644
--- a/src/fileio.c
+++ b/src/fileio.c
@@ -587,9 +587,9 @@ make_temp_name (Lisp_Object prefix, int base64_p)
587{ 587{
588 Lisp_Object val; 588 Lisp_Object val;
589 int len, clen; 589 int len, clen;
590 intmax_t pid; 590 printmax_t pid;
591 char *p, *data; 591 char *p, *data;
592 char pidbuf[INT_BUFSIZE_BOUND (pid_t)]; 592 char pidbuf[INT_BUFSIZE_BOUND (printmax_t)];
593 int pidlen; 593 int pidlen;
594 594
595 CHECK_STRING (prefix); 595 CHECK_STRING (prefix);
@@ -611,7 +611,7 @@ make_temp_name (Lisp_Object prefix, int base64_p)
611 else 611 else
612 { 612 {
613#ifdef HAVE_LONG_FILE_NAMES 613#ifdef HAVE_LONG_FILE_NAMES
614 pidlen = sprintf (pidbuf, "%"PRIdMAX, pid); 614 pidlen = sprintf (pidbuf, "%"pMd, pid);
615#else 615#else
616 pidbuf[0] = make_temp_name_tbl[pid & 63], pid >>= 6; 616 pidbuf[0] = make_temp_name_tbl[pid & 63], pid >>= 6;
617 pidbuf[1] = make_temp_name_tbl[pid & 63], pid >>= 6; 617 pidbuf[1] = make_temp_name_tbl[pid & 63], pid >>= 6;
diff --git a/src/filelock.c b/src/filelock.c
index 18483b6f3f3..c28ee7837fa 100644
--- a/src/filelock.c
+++ b/src/filelock.c
@@ -337,7 +337,7 @@ static int
337lock_file_1 (char *lfname, int force) 337lock_file_1 (char *lfname, int force)
338{ 338{
339 register int err; 339 register int err;
340 intmax_t boot, pid; 340 printmax_t boot, pid;
341 const char *user_name; 341 const char *user_name;
342 const char *host_name; 342 const char *host_name;
343 char *lock_info_str; 343 char *lock_info_str;
@@ -354,15 +354,15 @@ lock_file_1 (char *lfname, int force)
354 else 354 else
355 host_name = ""; 355 host_name = "";
356 lock_info_str = (char *)alloca (strlen (user_name) + strlen (host_name) 356 lock_info_str = (char *)alloca (strlen (user_name) + strlen (host_name)
357 + 2 * INT_STRLEN_BOUND (intmax_t) 357 + 2 * INT_STRLEN_BOUND (printmax_t)
358 + sizeof "@.:"); 358 + sizeof "@.:");
359 pid = getpid (); 359 pid = getpid ();
360 360
361 if (boot) 361 if (boot)
362 sprintf (lock_info_str, "%s@%s.%"PRIdMAX":%"PRIdMAX, 362 sprintf (lock_info_str, "%s@%s.%"pMd":%"pMd,
363 user_name, host_name, pid, boot); 363 user_name, host_name, pid, boot);
364 else 364 else
365 sprintf (lock_info_str, "%s@%s.%"PRIdMAX, 365 sprintf (lock_info_str, "%s@%s.%"pMd,
366 user_name, host_name, pid); 366 user_name, host_name, pid);
367 367
368 err = symlink (lock_info_str, lfname); 368 err = symlink (lock_info_str, lfname);
@@ -542,7 +542,7 @@ lock_file (Lisp_Object fn)
542 register Lisp_Object attack, orig_fn, encoded_fn; 542 register Lisp_Object attack, orig_fn, encoded_fn;
543 register char *lfname, *locker; 543 register char *lfname, *locker;
544 lock_info_type lock_info; 544 lock_info_type lock_info;
545 intmax_t pid; 545 printmax_t pid;
546 struct gcpro gcpro1; 546 struct gcpro gcpro1;
547 547
548 /* Don't do locking while dumping Emacs. 548 /* Don't do locking while dumping Emacs.
@@ -581,9 +581,10 @@ lock_file (Lisp_Object fn)
581 581
582 /* Else consider breaking the lock */ 582 /* Else consider breaking the lock */
583 locker = (char *) alloca (strlen (lock_info.user) + strlen (lock_info.host) 583 locker = (char *) alloca (strlen (lock_info.user) + strlen (lock_info.host)
584 + INT_STRLEN_BOUND (intmax_t) + sizeof "@ (pid )"); 584 + INT_STRLEN_BOUND (printmax_t)
585 + sizeof "@ (pid )");
585 pid = lock_info.pid; 586 pid = lock_info.pid;
586 sprintf (locker, "%s@%s (pid %"PRIdMAX")", 587 sprintf (locker, "%s@%s (pid %"pMd")",
587 lock_info.user, lock_info.host, pid); 588 lock_info.user, lock_info.host, pid);
588 FREE_LOCK_INFO (lock_info); 589 FREE_LOCK_INFO (lock_info);
589 590
diff --git a/src/floatfns.c b/src/floatfns.c
index e003f492fe6..89aa052e8b1 100644
--- a/src/floatfns.c
+++ b/src/floatfns.c
@@ -53,10 +53,7 @@ along with GNU Emacs. If not, see <http://www.gnu.org/licenses/>. */
53#include "lisp.h" 53#include "lisp.h"
54#include "syssignal.h" 54#include "syssignal.h"
55 55
56#if STDC_HEADERS
57#include <float.h> 56#include <float.h>
58#endif
59
60/* If IEEE_FLOATING_POINT isn't defined, default it from FLT_*. */ 57/* If IEEE_FLOATING_POINT isn't defined, default it from FLT_*. */
61#ifndef IEEE_FLOATING_POINT 58#ifndef IEEE_FLOATING_POINT
62#if (FLT_RADIX == 2 && FLT_MANT_DIG == 24 \ 59#if (FLT_RADIX == 2 && FLT_MANT_DIG == 24 \
diff --git a/src/fns.c b/src/fns.c
index 0ca731ed331..9c9d19fe26a 100644
--- a/src/fns.c
+++ b/src/fns.c
@@ -4098,25 +4098,33 @@ sweep_weak_hash_tables (void)
4098#define SXHASH_REDUCE(X) \ 4098#define SXHASH_REDUCE(X) \
4099 ((((X) ^ (X) >> (BITS_PER_EMACS_INT - FIXNUM_BITS))) & INTMASK) 4099 ((((X) ^ (X) >> (BITS_PER_EMACS_INT - FIXNUM_BITS))) & INTMASK)
4100 4100
4101/* Return a hash for string PTR which has length LEN. The hash 4101/* Return a hash for string PTR which has length LEN. The hash value
4102 code returned is guaranteed to fit in a Lisp integer. */ 4102 can be any EMACS_UINT value. */
4103 4103
4104static EMACS_UINT 4104EMACS_UINT
4105sxhash_string (unsigned char *ptr, EMACS_INT len) 4105hash_string (char const *ptr, ptrdiff_t len)
4106{ 4106{
4107 unsigned char *p = ptr; 4107 char const *p = ptr;
4108 unsigned char *end = p + len; 4108 char const *end = p + len;
4109 unsigned char c; 4109 unsigned char c;
4110 EMACS_UINT hash = 0; 4110 EMACS_UINT hash = 0;
4111 4111
4112 while (p != end) 4112 while (p != end)
4113 { 4113 {
4114 c = *p++; 4114 c = *p++;
4115 if (c >= 0140)
4116 c -= 40;
4117 hash = SXHASH_COMBINE (hash, c); 4115 hash = SXHASH_COMBINE (hash, c);
4118 } 4116 }
4119 4117
4118 return hash;
4119}
4120
4121/* Return a hash for string PTR which has length LEN. The hash
4122 code returned is guaranteed to fit in a Lisp integer. */
4123
4124static EMACS_UINT
4125sxhash_string (char const *ptr, ptrdiff_t len)
4126{
4127 EMACS_UINT hash = hash_string (ptr, len);
4120 return SXHASH_REDUCE (hash); 4128 return SXHASH_REDUCE (hash);
4121} 4129}
4122 4130
@@ -4231,7 +4239,7 @@ sxhash (Lisp_Object obj, int depth)
4231 /* Fall through. */ 4239 /* Fall through. */
4232 4240
4233 case Lisp_String: 4241 case Lisp_String:
4234 hash = sxhash_string (SDATA (obj), SCHARS (obj)); 4242 hash = sxhash_string (SSDATA (obj), SBYTES (obj));
4235 break; 4243 break;
4236 4244
4237 /* This can be everything from a vector to an overlay. */ 4245 /* This can be everything from a vector to an overlay. */
diff --git a/src/gmalloc.c b/src/gmalloc.c
index a023d2d78e5..fa4aa1fdf6a 100644
--- a/src/gmalloc.c
+++ b/src/gmalloc.c
@@ -41,37 +41,13 @@ Fifth Floor, Boston, MA 02110-1301, USA.
41#define USE_PTHREAD 41#define USE_PTHREAD
42#endif 42#endif
43 43
44#if ((defined __cplusplus || (defined (__STDC__) && __STDC__) \
45 || defined STDC_HEADERS || defined PROTOTYPES))
46#undef PP 44#undef PP
47#define PP(args) args 45#define PP(args) args
48#undef __ptr_t 46#undef __ptr_t
49#define __ptr_t void * 47#define __ptr_t void *
50#else /* Not C++ or ANSI C. */
51#undef PP
52#define PP(args) ()
53#undef __ptr_t
54#define __ptr_t char *
55#endif /* C++ or ANSI C. */
56 48
57#if defined(_LIBC) || defined(STDC_HEADERS) || defined(USG)
58#include <string.h> 49#include <string.h>
59#else
60#ifndef memset
61#define memset(s, zero, n) bzero ((s), (n))
62#endif
63#ifndef memcpy
64#define memcpy(d, s, n) bcopy ((s), (d), (n))
65#endif
66#endif
67
68#ifdef HAVE_LIMITS_H
69#include <limits.h> 50#include <limits.h>
70#endif
71#ifndef CHAR_BIT
72#define CHAR_BIT 8
73#endif
74
75#include <unistd.h> 51#include <unistd.h>
76 52
77#ifdef USE_PTHREAD 53#ifdef USE_PTHREAD
@@ -86,26 +62,9 @@ extern "C"
86{ 62{
87#endif 63#endif
88 64
89#ifdef STDC_HEADERS
90#include <stddef.h> 65#include <stddef.h>
91#define __malloc_size_t size_t 66#define __malloc_size_t size_t
92#define __malloc_ptrdiff_t ptrdiff_t 67#define __malloc_ptrdiff_t ptrdiff_t
93#else
94#ifdef __GNUC__
95#include <stddef.h>
96#ifdef __SIZE_TYPE__
97#define __malloc_size_t __SIZE_TYPE__
98#endif
99#endif
100#ifndef __malloc_size_t
101#define __malloc_size_t unsigned int
102#endif
103#define __malloc_ptrdiff_t int
104#endif
105
106#ifndef NULL
107#define NULL 0
108#endif
109 68
110 69
111/* Allocate SIZE bytes of memory. */ 70/* Allocate SIZE bytes of memory. */
@@ -1069,20 +1028,6 @@ Fifth Floor, Boston, MA 02110-1301, USA.
1069#endif 1028#endif
1070 1029
1071 1030
1072/* Cope with systems lacking `memmove'. */
1073#ifndef memmove
1074#if (!defined(_LIBC) && !defined(STDC_HEADERS) && !defined(USG))
1075#ifdef emacs
1076#undef __malloc_safe_bcopy
1077#define __malloc_safe_bcopy safe_bcopy
1078#endif
1079/* This function is defined in realloc.c. */
1080extern void __malloc_safe_bcopy PP ((__ptr_t, __ptr_t, __malloc_size_t));
1081#define memmove(to, from, size) __malloc_safe_bcopy ((from), (to), (size))
1082#endif
1083#endif
1084
1085
1086/* Debugging hook for free. */ 1031/* Debugging hook for free. */
1087void (*__free_hook) PP ((__ptr_t __ptr)); 1032void (*__free_hook) PP ((__ptr_t __ptr));
1088 1033
@@ -1402,85 +1347,6 @@ Fifth Floor, Boston, MA 02110-1301, USA.
1402#endif 1347#endif
1403 1348
1404 1349
1405
1406/* Cope with systems lacking `memmove'. */
1407#if (!defined(_LIBC) && !defined(STDC_HEADERS) && !defined(USG))
1408
1409#ifdef emacs
1410#undef __malloc_safe_bcopy
1411#define __malloc_safe_bcopy safe_bcopy
1412#else
1413
1414/* Snarfed directly from Emacs src/dispnew.c:
1415 XXX Should use system bcopy if it handles overlap. */
1416
1417/* Like bcopy except never gets confused by overlap. */
1418
1419void
1420__malloc_safe_bcopy (afrom, ato, size)
1421 __ptr_t afrom;
1422 __ptr_t ato;
1423 __malloc_size_t size;
1424{
1425 char *from = afrom, *to = ato;
1426
1427 if (size <= 0 || from == to)
1428 return;
1429
1430 /* If the source and destination don't overlap, then bcopy can
1431 handle it. If they do overlap, but the destination is lower in
1432 memory than the source, we'll assume bcopy can handle that. */
1433 if (to < from || from + size <= to)
1434 bcopy (from, to, size);
1435
1436 /* Otherwise, we'll copy from the end. */
1437 else
1438 {
1439 register char *endf = from + size;
1440 register char *endt = to + size;
1441
1442 /* If TO - FROM is large, then we should break the copy into
1443 nonoverlapping chunks of TO - FROM bytes each. However, if
1444 TO - FROM is small, then the bcopy function call overhead
1445 makes this not worth it. The crossover point could be about
1446 anywhere. Since I don't think the obvious copy loop is too
1447 bad, I'm trying to err in its favor. */
1448 if (to - from < 64)
1449 {
1450 do
1451 *--endt = *--endf;
1452 while (endf != from);
1453 }
1454 else
1455 {
1456 for (;;)
1457 {
1458 endt -= (to - from);
1459 endf -= (to - from);
1460
1461 if (endt < to)
1462 break;
1463
1464 bcopy (endf, endt, to - from);
1465 }
1466
1467 /* If SIZE wasn't a multiple of TO - FROM, there will be a
1468 little left over. The amount left over is
1469 (endt + (to - from)) - to, which is endt - from. */
1470 bcopy (from, to, endt - from);
1471 }
1472 }
1473}
1474#endif /* emacs */
1475
1476#ifndef memmove
1477extern void __malloc_safe_bcopy PP ((__ptr_t, __ptr_t, __malloc_size_t));
1478#define memmove(to, from, size) __malloc_safe_bcopy ((from), (to), (size))
1479#endif
1480
1481#endif
1482
1483
1484#define min(A, B) ((A) < (B) ? (A) : (B)) 1350#define min(A, B) ((A) < (B) ? (A) : (B))
1485 1351
1486/* Debugging hook for realloc. */ 1352/* Debugging hook for realloc. */
@@ -1983,22 +1849,6 @@ struct hdr
1983 unsigned long int magic; /* Magic number to check header integrity. */ 1849 unsigned long int magic; /* Magic number to check header integrity. */
1984 }; 1850 };
1985 1851
1986#if defined(_LIBC) || defined(STDC_HEADERS) || defined(USG)
1987#define flood memset
1988#else
1989static void flood (__ptr_t, int, __malloc_size_t);
1990static void
1991flood (ptr, val, size)
1992 __ptr_t ptr;
1993 int val;
1994 __malloc_size_t size;
1995{
1996 char *cp = ptr;
1997 while (size--)
1998 *cp++ = val;
1999}
2000#endif
2001
2002static enum mcheck_status checkhdr (const struct hdr *); 1852static enum mcheck_status checkhdr (const struct hdr *);
2003static enum mcheck_status 1853static enum mcheck_status
2004checkhdr (hdr) 1854checkhdr (hdr)
@@ -2037,7 +1887,7 @@ freehook (ptr)
2037 hdr = ((struct hdr *) ptr) - 1; 1887 hdr = ((struct hdr *) ptr) - 1;
2038 checkhdr (hdr); 1888 checkhdr (hdr);
2039 hdr->magic = MAGICFREE; 1889 hdr->magic = MAGICFREE;
2040 flood (ptr, FREEFLOOD, hdr->size); 1890 memset (ptr, FREEFLOOD, hdr->size);
2041 } 1891 }
2042 else 1892 else
2043 hdr = NULL; 1893 hdr = NULL;
@@ -2063,7 +1913,7 @@ mallochook (size)
2063 hdr->size = size; 1913 hdr->size = size;
2064 hdr->magic = MAGICWORD; 1914 hdr->magic = MAGICWORD;
2065 ((char *) &hdr[1])[size] = MAGICBYTE; 1915 ((char *) &hdr[1])[size] = MAGICBYTE;
2066 flood ((__ptr_t) (hdr + 1), MALLOCFLOOD, size); 1916 memset ((__ptr_t) (hdr + 1), MALLOCFLOOD, size);
2067 return (__ptr_t) (hdr + 1); 1917 return (__ptr_t) (hdr + 1);
2068} 1918}
2069 1919
@@ -2083,7 +1933,7 @@ reallochook (ptr, size)
2083 1933
2084 checkhdr (hdr); 1934 checkhdr (hdr);
2085 if (size < osize) 1935 if (size < osize)
2086 flood ((char *) ptr + size, FREEFLOOD, osize - size); 1936 memset ((char *) ptr + size, FREEFLOOD, osize - size);
2087 } 1937 }
2088 1938
2089 __free_hook = old_free_hook; 1939 __free_hook = old_free_hook;
@@ -2100,7 +1950,7 @@ reallochook (ptr, size)
2100 hdr->magic = MAGICWORD; 1950 hdr->magic = MAGICWORD;
2101 ((char *) &hdr[1])[size] = MAGICBYTE; 1951 ((char *) &hdr[1])[size] = MAGICBYTE;
2102 if (size > osize) 1952 if (size > osize)
2103 flood ((char *) (hdr + 1) + osize, MALLOCFLOOD, size - osize); 1953 memset ((char *) (hdr + 1) + osize, MALLOCFLOOD, size - osize);
2104 return (__ptr_t) (hdr + 1); 1954 return (__ptr_t) (hdr + 1);
2105} 1955}
2106 1956
diff --git a/src/gtkutil.c b/src/gtkutil.c
index 35b366222de..8826b08851a 100644
--- a/src/gtkutil.c
+++ b/src/gtkutil.c
@@ -269,8 +269,8 @@ xg_get_pixbuf_from_pixmap (FRAME_PTR f, Pixmap pix)
269 GDK_COLORSPACE_RGB, 269 GDK_COLORSPACE_RGB,
270 FALSE, 270 FALSE,
271 xim->bitmap_unit, 271 xim->bitmap_unit,
272 (int) width, 272 width,
273 (int) height, 273 height,
274 xim->bytes_per_line, 274 xim->bytes_per_line,
275 NULL, 275 NULL,
276 NULL); 276 NULL);
@@ -3646,7 +3646,7 @@ xg_set_toolkit_scroll_bar_thumb (struct scroll_bar *bar,
3646 gtk_adjustment_set_page_size (adj, size); 3646 gtk_adjustment_set_page_size (adj, size);
3647 gtk_adjustment_set_step_increment (adj, new_step); 3647 gtk_adjustment_set_step_increment (adj, new_step);
3648 /* Assume a page increment is about 95% of the page size */ 3648 /* Assume a page increment is about 95% of the page size */
3649 gtk_adjustment_set_page_increment (adj,(int) (0.95*size)); 3649 gtk_adjustment_set_page_increment (adj, size - size / 20);
3650 changed = 1; 3650 changed = 1;
3651 } 3651 }
3652 } 3652 }
diff --git a/src/image.c b/src/image.c
index fa39ff12681..7a5ac40b3d2 100644
--- a/src/image.c
+++ b/src/image.c
@@ -136,7 +136,6 @@ static unsigned long lookup_rgb_color (struct frame *f, int r, int g, int b);
136#ifdef COLOR_TABLE_SUPPORT 136#ifdef COLOR_TABLE_SUPPORT
137static void free_color_table (void); 137static void free_color_table (void);
138static unsigned long *colors_in_color_table (int *n); 138static unsigned long *colors_in_color_table (int *n);
139static unsigned long lookup_pixel_color (struct frame *f, unsigned long p);
140#endif 139#endif
141static Lisp_Object Finit_image_library (Lisp_Object, Lisp_Object); 140static Lisp_Object Finit_image_library (Lisp_Object, Lisp_Object);
142 141
@@ -987,7 +986,6 @@ or omitted means use the selected frame. */)
987 ***********************************************************************/ 986 ***********************************************************************/
988 987
989static void free_image (struct frame *f, struct image *img); 988static void free_image (struct frame *f, struct image *img);
990static int check_image_size (struct frame *f, int width, int height);
991 989
992#define MAX_IMAGE_SIZE 6.0 990#define MAX_IMAGE_SIZE 6.0
993/* Allocate and return a new image structure for image specification 991/* Allocate and return a new image structure for image specification
@@ -1042,7 +1040,7 @@ free_image (struct frame *f, struct image *img)
1042/* Return 1 if the given widths and heights are valid for display; 1040/* Return 1 if the given widths and heights are valid for display;
1043 otherwise, return 0. */ 1041 otherwise, return 0. */
1044 1042
1045int 1043static int
1046check_image_size (struct frame *f, int width, int height) 1044check_image_size (struct frame *f, int width, int height)
1047{ 1045{
1048 int w, h; 1046 int w, h;
@@ -1051,23 +1049,18 @@ check_image_size (struct frame *f, int width, int height)
1051 return 0; 1049 return 0;
1052 1050
1053 if (INTEGERP (Vmax_image_size)) 1051 if (INTEGERP (Vmax_image_size))
1054 w = h = XINT (Vmax_image_size); 1052 return (width <= XINT (Vmax_image_size)
1053 && height <= XINT (Vmax_image_size));
1055 else if (FLOATP (Vmax_image_size)) 1054 else if (FLOATP (Vmax_image_size))
1056 { 1055 {
1057 if (f != NULL) 1056 xassert (f);
1058 { 1057 w = FRAME_PIXEL_WIDTH (f);
1059 w = FRAME_PIXEL_WIDTH (f); 1058 h = FRAME_PIXEL_HEIGHT (f);
1060 h = FRAME_PIXEL_HEIGHT (f); 1059 return (width <= XFLOAT_DATA (Vmax_image_size) * w
1061 } 1060 && height <= XFLOAT_DATA (Vmax_image_size) * h);
1062 else
1063 w = h = 1024; /* Arbitrary size for unknown frame. */
1064 w = (int) (XFLOAT_DATA (Vmax_image_size) * w);
1065 h = (int) (XFLOAT_DATA (Vmax_image_size) * h);
1066 } 1061 }
1067 else 1062 else
1068 return 1; 1063 return 1;
1069
1070 return (width <= w && height <= h);
1071} 1064}
1072 1065
1073/* Prepare image IMG for display on frame F. Must be called before 1066/* Prepare image IMG for display on frame F. Must be called before
@@ -1368,7 +1361,9 @@ x_alloc_image_color (struct frame *f, struct image *img, Lisp_Object color_name,
1368 1361
1369 xassert (STRINGP (color_name)); 1362 xassert (STRINGP (color_name));
1370 1363
1371 if (x_defined_color (f, SSDATA (color_name), &color, 1)) 1364 if (x_defined_color (f, SSDATA (color_name), &color, 1)
1365 && img->ncolors < min (min (PTRDIFF_MAX, SIZE_MAX) / sizeof *img->colors,
1366 INT_MAX))
1372 { 1367 {
1373 /* This isn't called frequently so we get away with simply 1368 /* This isn't called frequently so we get away with simply
1374 reallocating the color vector to the needed size, here. */ 1369 reallocating the color vector to the needed size, here. */
@@ -1911,6 +1906,38 @@ static int x_create_x_image_and_pixmap (struct frame *, int, int, int,
1911static void x_destroy_x_image (XImagePtr); 1906static void x_destroy_x_image (XImagePtr);
1912static void x_put_x_image (struct frame *, XImagePtr, Pixmap, int, int); 1907static void x_put_x_image (struct frame *, XImagePtr, Pixmap, int, int);
1913 1908
1909/* Return nonzero if XIMG's size WIDTH x HEIGHT doesn't break X.
1910 WIDTH and HEIGHT must both be positive.
1911 If XIMG is null, assume it is a bitmap. */
1912static int
1913x_check_image_size (XImagePtr ximg, int width, int height)
1914{
1915 /* Respect Xlib's limits: it cannot deal with images that have more
1916 than INT_MAX (and/or UINT_MAX) bytes. And respect Emacs's limits
1917 of PTRDIFF_MAX (and/or SIZE_MAX) bytes for any object. For now,
1918 assume all windowing systems have the same limits that X does. */
1919 enum
1920 {
1921 XLIB_BYTES_MAX = min (INT_MAX, UINT_MAX),
1922 X_IMAGE_BYTES_MAX = min (XLIB_BYTES_MAX, min (PTRDIFF_MAX, SIZE_MAX))
1923 };
1924
1925 int bitmap_pad, depth, bytes_per_line;
1926 if (ximg)
1927 {
1928 bitmap_pad = ximg->bitmap_pad;
1929 depth = ximg->depth;
1930 bytes_per_line = ximg->bytes_per_line;
1931 }
1932 else
1933 {
1934 bitmap_pad = 8;
1935 depth = 1;
1936 bytes_per_line = (width >> 3) + ((width & 7) != 0);
1937 }
1938 return (width <= (INT_MAX - (bitmap_pad - 1)) / depth
1939 && height <= X_IMAGE_BYTES_MAX / bytes_per_line);
1940}
1914 1941
1915/* Create an XImage and a pixmap of size WIDTH x HEIGHT for use on 1942/* Create an XImage and a pixmap of size WIDTH x HEIGHT for use on
1916 frame F. Set *XIMG and *PIXMAP to the XImage and Pixmap created. 1943 frame F. Set *XIMG and *PIXMAP to the XImage and Pixmap created.
@@ -1943,6 +1970,15 @@ x_create_x_image_and_pixmap (struct frame *f, int width, int height, int depth,
1943 return 0; 1970 return 0;
1944 } 1971 }
1945 1972
1973 if (! x_check_image_size (*ximg, width, height))
1974 {
1975 x_destroy_x_image (*ximg);
1976 *ximg = NULL;
1977 image_error ("Image too large (%dx%d)",
1978 make_number (width), make_number (height));
1979 return 0;
1980 }
1981
1946 /* Allocate image raster. */ 1982 /* Allocate image raster. */
1947 (*ximg)->data = (char *) xmalloc ((*ximg)->bytes_per_line * height); 1983 (*ximg)->data = (char *) xmalloc ((*ximg)->bytes_per_line * height);
1948 1984
@@ -1989,11 +2025,6 @@ x_create_x_image_and_pixmap (struct frame *f, int width, int height, int depth,
1989 palette_colors = 1 << depth - 1; 2025 palette_colors = 1 << depth - 1;
1990 2026
1991 *ximg = xmalloc (sizeof (XImage) + palette_colors * sizeof (RGBQUAD)); 2027 *ximg = xmalloc (sizeof (XImage) + palette_colors * sizeof (RGBQUAD));
1992 if (*ximg == NULL)
1993 {
1994 image_error ("Unable to allocate memory for XImage", Qnil, Qnil);
1995 return 0;
1996 }
1997 2028
1998 header = &(*ximg)->info.bmiHeader; 2029 header = &(*ximg)->info.bmiHeader;
1999 memset (&(*ximg)->info, 0, sizeof (BITMAPINFO)); 2030 memset (&(*ximg)->info, 0, sizeof (BITMAPINFO));
@@ -2365,7 +2396,7 @@ xbm_image_p (Lisp_Object object)
2365 } 2396 }
2366 else if (BOOL_VECTOR_P (data)) 2397 else if (BOOL_VECTOR_P (data))
2367 { 2398 {
2368 if (XBOOL_VECTOR (data)->size < width * height) 2399 if (XBOOL_VECTOR (data)->size / height < width)
2369 return 0; 2400 return 0;
2370 } 2401 }
2371 else 2402 else
@@ -2561,13 +2592,15 @@ Create_Pixmap_From_Bitmap_Data (struct frame *f, struct image *img, char *data,
2561 img->pixmap = ns_image_from_XBM (data, img->width, img->height); 2592 img->pixmap = ns_image_from_XBM (data, img->width, img->height);
2562 2593
2563#else 2594#else
2564 img->pixmap 2595 img->pixmap =
2565 = XCreatePixmapFromBitmapData (FRAME_X_DISPLAY (f), 2596 (x_check_image_size (0, img->width, img->height)
2597 ? XCreatePixmapFromBitmapData (FRAME_X_DISPLAY (f),
2566 FRAME_X_WINDOW (f), 2598 FRAME_X_WINDOW (f),
2567 data, 2599 data,
2568 img->width, img->height, 2600 img->width, img->height,
2569 fg, bg, 2601 fg, bg,
2570 DefaultDepthOfScreen (FRAME_X_SCREEN (f))); 2602 DefaultDepthOfScreen (FRAME_X_SCREEN (f)))
2603 : NO_PIXMAP);
2571#endif /* !HAVE_NTGUI && !HAVE_NS */ 2604#endif /* !HAVE_NTGUI && !HAVE_NS */
2572} 2605}
2573 2606
@@ -2674,6 +2707,13 @@ xbm_read_bitmap_data (struct frame *f, unsigned char *contents, unsigned char *e
2674 expect ('='); 2707 expect ('=');
2675 expect ('{'); 2708 expect ('{');
2676 2709
2710 if (! x_check_image_size (0, *width, *height))
2711 {
2712 if (!inhibit_image_error)
2713 image_error ("Image too large (%dx%d)",
2714 make_number (*width), make_number (*height));
2715 goto failure;
2716 }
2677 bytes_per_line = (*width + 7) / 8 + padding_p; 2717 bytes_per_line = (*width + 7) / 8 + padding_p;
2678 nbytes = bytes_per_line * *height; 2718 nbytes = bytes_per_line * *height;
2679 p = *data = (char *) xmalloc (nbytes); 2719 p = *data = (char *) xmalloc (nbytes);
@@ -2864,6 +2904,12 @@ xbm_load (struct frame *f, struct image *img)
2864 img->width = XFASTINT (fmt[XBM_WIDTH].value); 2904 img->width = XFASTINT (fmt[XBM_WIDTH].value);
2865 img->height = XFASTINT (fmt[XBM_HEIGHT].value); 2905 img->height = XFASTINT (fmt[XBM_HEIGHT].value);
2866 xassert (img->width > 0 && img->height > 0); 2906 xassert (img->width > 0 && img->height > 0);
2907 if (!check_image_size (f, img->width, img->height))
2908 {
2909 image_error ("Invalid image size (see `max-image-size')",
2910 Qnil, Qnil);
2911 return 0;
2912 }
2867 } 2913 }
2868 2914
2869 /* Get foreground and background colors, maybe allocate colors. */ 2915 /* Get foreground and background colors, maybe allocate colors. */
@@ -2925,9 +2971,13 @@ xbm_load (struct frame *f, struct image *img)
2925#endif 2971#endif
2926 /* Create the pixmap. */ 2972 /* Create the pixmap. */
2927 2973
2928 Create_Pixmap_From_Bitmap_Data (f, img, bits, 2974 if (x_check_image_size (0, img->width, img->height))
2929 foreground, background, 2975 Create_Pixmap_From_Bitmap_Data (f, img, bits,
2930 non_default_colors); 2976 foreground, background,
2977 non_default_colors);
2978 else
2979 img->pixmap = NO_PIXMAP;
2980
2931 if (img->pixmap) 2981 if (img->pixmap)
2932 success_p = 1; 2982 success_p = 1;
2933 else 2983 else
@@ -3125,12 +3175,8 @@ xpm_free_color_cache (void)
3125static int 3175static int
3126xpm_color_bucket (char *color_name) 3176xpm_color_bucket (char *color_name)
3127{ 3177{
3128 unsigned h = 0; 3178 EMACS_UINT hash = hash_string (color_name, strlen (color_name));
3129 char *s; 3179 return hash % XPM_COLOR_CACHE_BUCKETS;
3130
3131 for (s = color_name; *s; ++s)
3132 h = (h << 2) ^ *s;
3133 return h %= XPM_COLOR_CACHE_BUCKETS;
3134} 3180}
3135 3181
3136 3182
@@ -3147,7 +3193,7 @@ xpm_cache_color (struct frame *f, char *color_name, XColor *color, int bucket)
3147 if (bucket < 0) 3193 if (bucket < 0)
3148 bucket = xpm_color_bucket (color_name); 3194 bucket = xpm_color_bucket (color_name);
3149 3195
3150 nbytes = sizeof *p + strlen (color_name); 3196 nbytes = offsetof (struct xpm_cached_color, name) + strlen (color_name) + 1;
3151 p = (struct xpm_cached_color *) xmalloc (nbytes); 3197 p = (struct xpm_cached_color *) xmalloc (nbytes);
3152 strcpy (p->name, color_name); 3198 strcpy (p->name, color_name);
3153 p->color = *color; 3199 p->color = *color;
@@ -3849,6 +3895,18 @@ xpm_load_image (struct frame *f,
3849 goto failure; 3895 goto failure;
3850 } 3896 }
3851 3897
3898 if (!x_create_x_image_and_pixmap (f, width, height, 0,
3899 &ximg, &img->pixmap)
3900#ifndef HAVE_NS
3901 || !x_create_x_image_and_pixmap (f, width, height, 1,
3902 &mask_img, &img->mask)
3903#endif
3904 )
3905 {
3906 image_error ("Image too large", Qnil, Qnil);
3907 goto failure;
3908 }
3909
3852 expect (','); 3910 expect (',');
3853 3911
3854 XSETFRAME (frame, f); 3912 XSETFRAME (frame, f);
@@ -3942,18 +4000,6 @@ xpm_load_image (struct frame *f,
3942 expect (','); 4000 expect (',');
3943 } 4001 }
3944 4002
3945 if (!x_create_x_image_and_pixmap (f, width, height, 0,
3946 &ximg, &img->pixmap)
3947#ifndef HAVE_NS
3948 || !x_create_x_image_and_pixmap (f, width, height, 1,
3949 &mask_img, &img->mask)
3950#endif
3951 )
3952 {
3953 image_error ("Out of memory (%s)", img->spec, Qnil);
3954 goto error;
3955 }
3956
3957 for (y = 0; y < height; y++) 4003 for (y = 0; y < height; y++)
3958 { 4004 {
3959 expect (XPM_TK_STRING); 4005 expect (XPM_TK_STRING);
@@ -5518,8 +5564,8 @@ my_png_warning (png_struct *png_ptr, const char *msg)
5518struct png_memory_storage 5564struct png_memory_storage
5519{ 5565{
5520 unsigned char *bytes; /* The data */ 5566 unsigned char *bytes; /* The data */
5521 size_t len; /* How big is it? */ 5567 ptrdiff_t len; /* How big is it? */
5522 int index; /* Where are we? */ 5568 ptrdiff_t index; /* Where are we? */
5523}; 5569};
5524 5570
5525 5571
@@ -5563,7 +5609,8 @@ png_load (struct frame *f, struct image *img)
5563{ 5609{
5564 Lisp_Object file, specified_file; 5610 Lisp_Object file, specified_file;
5565 Lisp_Object specified_data; 5611 Lisp_Object specified_data;
5566 int x, y, i; 5612 int x, y;
5613 ptrdiff_t i;
5567 XImagePtr ximg, mask_img = NULL; 5614 XImagePtr ximg, mask_img = NULL;
5568 png_struct *png_ptr = NULL; 5615 png_struct *png_ptr = NULL;
5569 png_info *info_ptr = NULL, *end_info = NULL; 5616 png_info *info_ptr = NULL, *end_info = NULL;
@@ -5683,11 +5730,19 @@ png_load (struct frame *f, struct image *img)
5683 fn_png_get_IHDR (png_ptr, info_ptr, &width, &height, &bit_depth, &color_type, 5730 fn_png_get_IHDR (png_ptr, info_ptr, &width, &height, &bit_depth, &color_type,
5684 &interlace_type, NULL, NULL); 5731 &interlace_type, NULL, NULL);
5685 5732
5686 if (!check_image_size (f, width, height)) 5733 if (! (width <= INT_MAX && height <= INT_MAX
5734 && check_image_size (f, width, height)))
5687 { 5735 {
5688 image_error ("Invalid image size (see `max-image-size')", Qnil, Qnil); 5736 image_error ("Invalid image size (see `max-image-size')", Qnil, Qnil);
5689 goto error; 5737 goto error;
5690 } 5738 }
5739
5740 /* Create the X image and pixmap now, so that the work below can be
5741 omitted if the image is too large for X. */
5742 if (!x_create_x_image_and_pixmap (f, width, height, 0, &ximg,
5743 &img->pixmap))
5744 goto error;
5745
5691 /* If image contains simply transparency data, we prefer to 5746 /* If image contains simply transparency data, we prefer to
5692 construct a clipping mask. */ 5747 construct a clipping mask. */
5693 if (fn_png_get_valid (png_ptr, info_ptr, PNG_INFO_tRNS)) 5748 if (fn_png_get_valid (png_ptr, info_ptr, PNG_INFO_tRNS))
@@ -5776,7 +5831,10 @@ png_load (struct frame *f, struct image *img)
5776 row_bytes = fn_png_get_rowbytes (png_ptr, info_ptr); 5831 row_bytes = fn_png_get_rowbytes (png_ptr, info_ptr);
5777 5832
5778 /* Allocate memory for the image. */ 5833 /* Allocate memory for the image. */
5779 pixels = (png_byte *) xmalloc (row_bytes * height * sizeof *pixels); 5834 if (min (PTRDIFF_MAX, SIZE_MAX) / sizeof *rows < height
5835 || min (PTRDIFF_MAX, SIZE_MAX) / sizeof *pixels / height < row_bytes)
5836 memory_full (SIZE_MAX);
5837 pixels = (png_byte *) xmalloc (sizeof *pixels * row_bytes * height);
5780 rows = (png_byte **) xmalloc (height * sizeof *rows); 5838 rows = (png_byte **) xmalloc (height * sizeof *rows);
5781 for (i = 0; i < height; ++i) 5839 for (i = 0; i < height; ++i)
5782 rows[i] = pixels + i * row_bytes; 5840 rows[i] = pixels + i * row_bytes;
@@ -5790,11 +5848,6 @@ png_load (struct frame *f, struct image *img)
5790 fp = NULL; 5848 fp = NULL;
5791 } 5849 }
5792 5850
5793 /* Create the X image and pixmap. */
5794 if (!x_create_x_image_and_pixmap (f, width, height, 0, &ximg,
5795 &img->pixmap))
5796 goto error;
5797
5798 /* Create an image and pixmap serving as mask if the PNG image 5851 /* Create an image and pixmap serving as mask if the PNG image
5799 contains an alpha channel. */ 5852 contains an alpha channel. */
5800 if (channels == 4 5853 if (channels == 4
@@ -6192,7 +6245,7 @@ our_stdio_fill_input_buffer (j_decompress_ptr cinfo)
6192 src = (struct jpeg_stdio_mgr *) cinfo->src; 6245 src = (struct jpeg_stdio_mgr *) cinfo->src;
6193 if (!src->finished) 6246 if (!src->finished)
6194 { 6247 {
6195 size_t bytes; 6248 ptrdiff_t bytes;
6196 6249
6197 bytes = fread (src->buffer, 1, JPEG_STDIO_BUFFER_SIZE, src->file); 6250 bytes = fread (src->buffer, 1, JPEG_STDIO_BUFFER_SIZE, src->file);
6198 if (bytes > 0) 6251 if (bytes > 0)
@@ -6602,34 +6655,33 @@ init_tiff_functions (Lisp_Object libraries)
6602typedef struct 6655typedef struct
6603{ 6656{
6604 unsigned char *bytes; 6657 unsigned char *bytes;
6605 size_t len; 6658 ptrdiff_t len;
6606 int index; 6659 ptrdiff_t index;
6607} 6660}
6608tiff_memory_source; 6661tiff_memory_source;
6609 6662
6610static size_t 6663static tsize_t
6611tiff_read_from_memory (thandle_t data, tdata_t buf, tsize_t size) 6664tiff_read_from_memory (thandle_t data, tdata_t buf, tsize_t size)
6612{ 6665{
6613 tiff_memory_source *src = (tiff_memory_source *) data; 6666 tiff_memory_source *src = (tiff_memory_source *) data;
6614 6667
6615 if (size > src->len - src->index) 6668 size = min (size, src->len - src->index);
6616 return (size_t) -1;
6617 memcpy (buf, src->bytes + src->index, size); 6669 memcpy (buf, src->bytes + src->index, size);
6618 src->index += size; 6670 src->index += size;
6619 return size; 6671 return size;
6620} 6672}
6621 6673
6622static size_t 6674static tsize_t
6623tiff_write_from_memory (thandle_t data, tdata_t buf, tsize_t size) 6675tiff_write_from_memory (thandle_t data, tdata_t buf, tsize_t size)
6624{ 6676{
6625 return (size_t) -1; 6677 return -1;
6626} 6678}
6627 6679
6628static toff_t 6680static toff_t
6629tiff_seek_in_memory (thandle_t data, toff_t off, int whence) 6681tiff_seek_in_memory (thandle_t data, toff_t off, int whence)
6630{ 6682{
6631 tiff_memory_source *src = (tiff_memory_source *) data; 6683 tiff_memory_source *src = (tiff_memory_source *) data;
6632 int idx; 6684 ptrdiff_t idx;
6633 6685
6634 switch (whence) 6686 switch (whence)
6635 { 6687 {
@@ -6765,8 +6817,8 @@ tiff_load (struct frame *f, struct image *img)
6765 memsrc.index = 0; 6817 memsrc.index = 0;
6766 6818
6767 tiff = fn_TIFFClientOpen ("memory_source", "r", (thandle_t)&memsrc, 6819 tiff = fn_TIFFClientOpen ("memory_source", "r", (thandle_t)&memsrc,
6768 (TIFFReadWriteProc) tiff_read_from_memory, 6820 tiff_read_from_memory,
6769 (TIFFReadWriteProc) tiff_write_from_memory, 6821 tiff_write_from_memory,
6770 tiff_seek_in_memory, 6822 tiff_seek_in_memory,
6771 tiff_close_memory, 6823 tiff_close_memory,
6772 tiff_size_of_memory, 6824 tiff_size_of_memory,
@@ -6805,7 +6857,16 @@ tiff_load (struct frame *f, struct image *img)
6805 return 0; 6857 return 0;
6806 } 6858 }
6807 6859
6808 buf = (uint32 *) xmalloc (width * height * sizeof *buf); 6860 /* Create the X image and pixmap. */
6861 if (! (height <= min (PTRDIFF_MAX, SIZE_MAX) / sizeof *buf / width
6862 && x_create_x_image_and_pixmap (f, width, height, 0,
6863 &ximg, &img->pixmap)))
6864 {
6865 fn_TIFFClose (tiff);
6866 return 0;
6867 }
6868
6869 buf = (uint32 *) xmalloc (sizeof *buf * width * height);
6809 6870
6810 rc = fn_TIFFReadRGBAImage (tiff, width, height, buf, 0); 6871 rc = fn_TIFFReadRGBAImage (tiff, width, height, buf, 0);
6811 6872
@@ -6826,13 +6887,6 @@ tiff_load (struct frame *f, struct image *img)
6826 return 0; 6887 return 0;
6827 } 6888 }
6828 6889
6829 /* Create the X image and pixmap. */
6830 if (!x_create_x_image_and_pixmap (f, width, height, 0, &ximg, &img->pixmap))
6831 {
6832 xfree (buf);
6833 return 0;
6834 }
6835
6836 /* Initialize the color table. */ 6890 /* Initialize the color table. */
6837 init_color_table (); 6891 init_color_table ();
6838 6892
@@ -7034,8 +7088,8 @@ init_gif_functions (Lisp_Object libraries)
7034typedef struct 7088typedef struct
7035{ 7089{
7036 unsigned char *bytes; 7090 unsigned char *bytes;
7037 size_t len; 7091 ptrdiff_t len;
7038 int index; 7092 ptrdiff_t index;
7039} 7093}
7040gif_memory_source; 7094gif_memory_source;
7041 7095
@@ -7668,7 +7722,8 @@ imagemagick_load_image (struct frame *f, struct image *img,
7668 height = MagickGetImageHeight (image_wand); 7722 height = MagickGetImageHeight (image_wand);
7669 width = MagickGetImageWidth (image_wand); 7723 width = MagickGetImageWidth (image_wand);
7670 7724
7671 if (! check_image_size (f, width, height)) 7725 if (! (width <= INT_MAX && height <= INT_MAX
7726 && check_image_size (f, width, height)))
7672 { 7727 {
7673 image_error ("Invalid image size (see `max-image-size')", Qnil, Qnil); 7728 image_error ("Invalid image size (see `max-image-size')", Qnil, Qnil);
7674 goto imagemagick_error; 7729 goto imagemagick_error;
@@ -7872,7 +7927,7 @@ recognize as images, such as C. See `imagemagick-types-inhibit'. */)
7872 size_t numf = 0; 7927 size_t numf = 0;
7873 ExceptionInfo ex; 7928 ExceptionInfo ex;
7874 char **imtypes = GetMagickList ("*", &numf, &ex); 7929 char **imtypes = GetMagickList ("*", &numf, &ex);
7875 int i; 7930 size_t i;
7876 Lisp_Object Qimagemagicktype; 7931 Lisp_Object Qimagemagicktype;
7877 for (i = 0; i < numf; i++) 7932 for (i = 0; i < numf; i++)
7878 { 7933 {
@@ -8426,12 +8481,15 @@ gs_load (struct frame *f, struct image *img)
8426 /* Create the pixmap. */ 8481 /* Create the pixmap. */
8427 xassert (img->pixmap == NO_PIXMAP); 8482 xassert (img->pixmap == NO_PIXMAP);
8428 8483
8429 /* Only W32 version did BLOCK_INPUT here. ++kfs */ 8484 if (x_check_image_size (0, img->width, img->height))
8430 BLOCK_INPUT; 8485 {
8431 img->pixmap = XCreatePixmap (FRAME_X_DISPLAY (f), FRAME_X_WINDOW (f), 8486 /* Only W32 version did BLOCK_INPUT here. ++kfs */
8432 img->width, img->height, 8487 BLOCK_INPUT;
8433 DefaultDepthOfScreen (FRAME_X_SCREEN (f))); 8488 img->pixmap = XCreatePixmap (FRAME_X_DISPLAY (f), FRAME_X_WINDOW (f),
8434 UNBLOCK_INPUT; 8489 img->width, img->height,
8490 DefaultDepthOfScreen (FRAME_X_SCREEN (f)));
8491 UNBLOCK_INPUT;
8492 }
8435 8493
8436 if (!img->pixmap) 8494 if (!img->pixmap)
8437 { 8495 {
diff --git a/src/keyboard.c b/src/keyboard.c
index a6fa90163c5..7e144b80a09 100644
--- a/src/keyboard.c
+++ b/src/keyboard.c
@@ -210,8 +210,8 @@ Lisp_Object unread_switch_frame;
210/* Last size recorded for a current buffer which is not a minibuffer. */ 210/* Last size recorded for a current buffer which is not a minibuffer. */
211static EMACS_INT last_non_minibuf_size; 211static EMACS_INT last_non_minibuf_size;
212 212
213/* Total number of times read_char has returned, modulo SIZE_MAX + 1. */ 213/* Total number of times read_char has returned, modulo UINTMAX_MAX + 1. */
214size_t num_input_events; 214uintmax_t num_input_events;
215 215
216/* Value of num_nonmacro_input_events as of last auto save. */ 216/* Value of num_nonmacro_input_events as of last auto save. */
217 217
diff --git a/src/keyboard.h b/src/keyboard.h
index 91008a3ea24..69c804c873d 100644
--- a/src/keyboard.h
+++ b/src/keyboard.h
@@ -191,8 +191,8 @@ extern KBOARD *current_kboard;
191/* A list of all kboard objects, linked through next_kboard. */ 191/* A list of all kboard objects, linked through next_kboard. */
192extern KBOARD *all_kboards; 192extern KBOARD *all_kboards;
193 193
194/* Total number of times read_char has returned, modulo SIZE_MAX + 1. */ 194/* Total number of times read_char has returned, modulo UINTMAX_MAX + 1. */
195extern size_t num_input_events; 195extern uintmax_t num_input_events;
196 196
197/* Nonzero means polling for input is temporarily suppressed. */ 197/* Nonzero means polling for input is temporarily suppressed. */
198extern int poll_suppress_count; 198extern int poll_suppress_count;
diff --git a/src/lisp.h b/src/lisp.h
index 762d34abb9c..1e141dbb5d0 100644
--- a/src/lisp.h
+++ b/src/lisp.h
@@ -61,6 +61,23 @@ extern void check_cons_list (void);
61# define EMACS_UINT unsigned EMACS_INT 61# define EMACS_UINT unsigned EMACS_INT
62#endif 62#endif
63 63
64/* printmax_t and uprintmax_t are types for printing large integers.
65 These are the widest integers that are supported for printing.
66 pMd etc. are conversions for printing them.
67 On C99 hosts, there's no problem, as even the widest integers work.
68 Fall back on EMACS_INT on pre-C99 hosts. */
69#ifdef PRIdMAX
70typedef intmax_t printmax_t;
71typedef uintmax_t uprintmax_t;
72# define pMd PRIdMAX
73# define pMu PRIuMAX
74#else
75typedef EMACS_INT printmax_t;
76typedef EMACS_UINT uprintmax_t;
77# define pMd pI"d"
78# define pMu pI"u"
79#endif
80
64/* Use pD to format ptrdiff_t values, which suffice for indexes into 81/* Use pD to format ptrdiff_t values, which suffice for indexes into
65 buffers and strings. Emacs never allocates objects larger than 82 buffers and strings. Emacs never allocates objects larger than
66 PTRDIFF_MAX bytes, as they cause problems with pointer subtraction. 83 PTRDIFF_MAX bytes, as they cause problems with pointer subtraction.
@@ -833,7 +850,7 @@ struct Lisp_String
833 <http://debbugs.gnu.org/cgi/bugreport.cgi?bug=8546>. */ 850 <http://debbugs.gnu.org/cgi/bugreport.cgi?bug=8546>. */
834struct vectorlike_header 851struct vectorlike_header
835 { 852 {
836 EMACS_UINT size; 853 EMACS_INT size;
837 854
838 /* Pointer to the next vector-like object. It is generally a buffer or a 855 /* Pointer to the next vector-like object. It is generally a buffer or a
839 Lisp_Vector alias, so for convenience it is a union instead of a 856 Lisp_Vector alias, so for convenience it is a union instead of a
@@ -1028,7 +1045,7 @@ struct Lisp_Bool_Vector
1028 1045
1029struct Lisp_Subr 1046struct Lisp_Subr
1030 { 1047 {
1031 EMACS_UINT size; 1048 EMACS_INT size;
1032 union { 1049 union {
1033 Lisp_Object (*a0) (void); 1050 Lisp_Object (*a0) (void);
1034 Lisp_Object (*a1) (Lisp_Object); 1051 Lisp_Object (*a1) (Lisp_Object);
@@ -2540,6 +2557,7 @@ extern void sweep_weak_hash_tables (void);
2540extern Lisp_Object Qcursor_in_echo_area; 2557extern Lisp_Object Qcursor_in_echo_area;
2541extern Lisp_Object Qstring_lessp; 2558extern Lisp_Object Qstring_lessp;
2542extern Lisp_Object QCsize, QCtest, QCweakness, Qequal, Qeq, Qeql; 2559extern Lisp_Object QCsize, QCtest, QCweakness, Qequal, Qeq, Qeql;
2560EMACS_UINT hash_string (char const *, ptrdiff_t);
2543EMACS_UINT sxhash (Lisp_Object, int); 2561EMACS_UINT sxhash (Lisp_Object, int);
2544Lisp_Object make_hash_table (Lisp_Object, Lisp_Object, Lisp_Object, 2562Lisp_Object make_hash_table (Lisp_Object, Lisp_Object, Lisp_Object,
2545 Lisp_Object, Lisp_Object, Lisp_Object, 2563 Lisp_Object, Lisp_Object, Lisp_Object,
@@ -2868,7 +2886,8 @@ extern void float_to_string (char *, double);
2868extern void syms_of_print (void); 2886extern void syms_of_print (void);
2869 2887
2870/* Defined in doprnt.c */ 2888/* Defined in doprnt.c */
2871extern size_t doprnt (char *, size_t, const char *, const char *, va_list); 2889extern ptrdiff_t doprnt (char *, ptrdiff_t, const char *, const char *,
2890 va_list);
2872 2891
2873/* Defined in lread.c. */ 2892/* Defined in lread.c. */
2874extern Lisp_Object Qvariable_documentation, Qstandard_input; 2893extern Lisp_Object Qvariable_documentation, Qstandard_input;
@@ -3429,18 +3448,6 @@ extern EMACS_INT emacs_read (int, char *, EMACS_INT);
3429extern EMACS_INT emacs_write (int, const char *, EMACS_INT); 3448extern EMACS_INT emacs_write (int, const char *, EMACS_INT);
3430enum { READLINK_BUFSIZE = 1024 }; 3449enum { READLINK_BUFSIZE = 1024 };
3431extern char *emacs_readlink (const char *, char [READLINK_BUFSIZE]); 3450extern char *emacs_readlink (const char *, char [READLINK_BUFSIZE]);
3432#ifndef HAVE_MEMSET
3433extern void *memset (void *, int, size_t);
3434#endif
3435#ifndef HAVE_MEMCPY
3436extern void *memcpy (void *, void *, size_t);
3437#endif
3438#ifndef HAVE_MEMMOVE
3439extern void *memmove (void *, void *, size_t);
3440#endif
3441#ifndef HAVE_MEMCMP
3442extern int memcmp (void *, void *, size_t);
3443#endif
3444 3451
3445EXFUN (Funlock_buffer, 0); 3452EXFUN (Funlock_buffer, 0);
3446extern void unlock_all_files (void); 3453extern void unlock_all_files (void);
diff --git a/src/lread.c b/src/lread.c
index 83b158d97d8..0613ad037bf 100644
--- a/src/lread.c
+++ b/src/lread.c
@@ -3648,8 +3648,6 @@ static Lisp_Object initial_obarray;
3648 3648
3649static size_t oblookup_last_bucket_number; 3649static size_t oblookup_last_bucket_number;
3650 3650
3651static size_t hash_string (const char *ptr, size_t len);
3652
3653/* Get an error if OBARRAY is not an obarray. 3651/* Get an error if OBARRAY is not an obarray.
3654 If it is one, return it. */ 3652 If it is one, return it. */
3655 3653
@@ -3892,23 +3890,6 @@ oblookup (Lisp_Object obarray, register const char *ptr, EMACS_INT size, EMACS_I
3892 XSETINT (tem, hash); 3890 XSETINT (tem, hash);
3893 return tem; 3891 return tem;
3894} 3892}
3895
3896static size_t
3897hash_string (const char *ptr, size_t len)
3898{
3899 register const char *p = ptr;
3900 register const char *end = p + len;
3901 register unsigned char c;
3902 register size_t hash = 0;
3903
3904 while (p != end)
3905 {
3906 c = *p++;
3907 if (c >= 0140) c -= 40;
3908 hash = (hash << 3) + (hash >> (CHAR_BIT * sizeof hash - 4)) + c;
3909 }
3910 return hash;
3911}
3912 3893
3913void 3894void
3914map_obarray (Lisp_Object obarray, void (*fn) (Lisp_Object, Lisp_Object), Lisp_Object arg) 3895map_obarray (Lisp_Object obarray, void (*fn) (Lisp_Object, Lisp_Object), Lisp_Object arg)
diff --git a/src/print.c b/src/print.c
index 14b4326bb6f..f1907a31465 100644
--- a/src/print.c
+++ b/src/print.c
@@ -46,10 +46,7 @@ static Lisp_Object Qtemp_buffer_setup_hook;
46static Lisp_Object Qfloat_output_format; 46static Lisp_Object Qfloat_output_format;
47 47
48#include <math.h> 48#include <math.h>
49
50#if STDC_HEADERS
51#include <float.h> 49#include <float.h>
52#endif
53#include <ftoastr.h> 50#include <ftoastr.h>
54 51
55/* Default to values appropriate for IEEE floating point. */ 52/* Default to values appropriate for IEEE floating point. */
diff --git a/src/regex.c b/src/regex.c
index 625c59ccf0b..190d1d0fe21 100644
--- a/src/regex.c
+++ b/src/regex.c
@@ -37,9 +37,9 @@
37# include <config.h> 37# include <config.h>
38#endif 38#endif
39 39
40#if defined STDC_HEADERS && !defined emacs 40#include <stddef.h>
41# include <stddef.h> 41
42#else 42#ifdef emacs
43/* We need this for `regex.h', and perhaps for the Emacs include files. */ 43/* We need this for `regex.h', and perhaps for the Emacs include files. */
44# include <sys/types.h> 44# include <sys/types.h>
45#endif 45#endif
@@ -238,18 +238,7 @@ xrealloc (void *block, size_t size)
238# endif 238# endif
239# define realloc xrealloc 239# define realloc xrealloc
240 240
241/* This is the normal way of making sure we have memcpy, memcmp and memset. */ 241# include <string.h>
242# if defined HAVE_STRING_H || defined STDC_HEADERS || defined _LIBC
243# include <string.h>
244# else
245# include <strings.h>
246# ifndef memcmp
247# define memcmp(s1, s2, n) bcmp (s1, s2, n)
248# endif
249# ifndef memcpy
250# define memcpy(d, s, n) (bcopy (s, d, n), (d))
251# endif
252# endif
253 242
254/* Define the syntax stuff for \<, \>, etc. */ 243/* Define the syntax stuff for \<, \>, etc. */
255 244
@@ -357,25 +346,6 @@ enum syntaxcode { Swhitespace = 0, Sword = 1, Ssymbol = 2 };
357 346
358#else /* not emacs */ 347#else /* not emacs */
359 348
360/* Jim Meyering writes:
361
362 "... Some ctype macros are valid only for character codes that
363 isascii says are ASCII (SGI's IRIX-4.0.5 is one such system --when
364 using /bin/cc or gcc but without giving an ansi option). So, all
365 ctype uses should be through macros like ISPRINT... If
366 STDC_HEADERS is defined, then autoconf has verified that the ctype
367 macros don't need to be guarded with references to isascii. ...
368 Defining isascii to 1 should let any compiler worth its salt
369 eliminate the && through constant folding."
370 Solaris defines some of these symbols so we must undefine them first. */
371
372# undef ISASCII
373# if defined STDC_HEADERS || (!defined isascii && !defined HAVE_ISASCII)
374# define ISASCII(c) 1
375# else
376# define ISASCII(c) isascii(c)
377# endif
378
379/* 1 if C is an ASCII character. */ 349/* 1 if C is an ASCII character. */
380# define IS_REAL_ASCII(c) ((c) < 0200) 350# define IS_REAL_ASCII(c) ((c) < 0200)
381 351
@@ -383,27 +353,28 @@ enum syntaxcode { Swhitespace = 0, Sword = 1, Ssymbol = 2 };
383# define ISUNIBYTE(c) 1 353# define ISUNIBYTE(c) 1
384 354
385# ifdef isblank 355# ifdef isblank
386# define ISBLANK(c) (ISASCII (c) && isblank (c)) 356# define ISBLANK(c) isblank (c)
387# else 357# else
388# define ISBLANK(c) ((c) == ' ' || (c) == '\t') 358# define ISBLANK(c) ((c) == ' ' || (c) == '\t')
389# endif 359# endif
390# ifdef isgraph 360# ifdef isgraph
391# define ISGRAPH(c) (ISASCII (c) && isgraph (c)) 361# define ISGRAPH(c) isgraph (c)
392# else 362# else
393# define ISGRAPH(c) (ISASCII (c) && isprint (c) && !isspace (c)) 363# define ISGRAPH(c) (isprint (c) && !isspace (c))
394# endif 364# endif
395 365
366/* Solaris defines ISPRINT so we must undefine it first. */
396# undef ISPRINT 367# undef ISPRINT
397# define ISPRINT(c) (ISASCII (c) && isprint (c)) 368# define ISPRINT(c) isprint (c)
398# define ISDIGIT(c) (ISASCII (c) && isdigit (c)) 369# define ISDIGIT(c) isdigit (c)
399# define ISALNUM(c) (ISASCII (c) && isalnum (c)) 370# define ISALNUM(c) isalnum (c)
400# define ISALPHA(c) (ISASCII (c) && isalpha (c)) 371# define ISALPHA(c) isalpha (c)
401# define ISCNTRL(c) (ISASCII (c) && iscntrl (c)) 372# define ISCNTRL(c) iscntrl (c)
402# define ISLOWER(c) (ISASCII (c) && islower (c)) 373# define ISLOWER(c) islower (c)
403# define ISPUNCT(c) (ISASCII (c) && ispunct (c)) 374# define ISPUNCT(c) ispunct (c)
404# define ISSPACE(c) (ISASCII (c) && isspace (c)) 375# define ISSPACE(c) isspace (c)
405# define ISUPPER(c) (ISASCII (c) && isupper (c)) 376# define ISUPPER(c) isupper (c)
406# define ISXDIGIT(c) (ISASCII (c) && isxdigit (c)) 377# define ISXDIGIT(c) isxdigit (c)
407 378
408# define ISWORD(c) ISALPHA(c) 379# define ISWORD(c) ISALPHA(c)
409 380
@@ -450,10 +421,6 @@ init_syntax_once (void)
450 421
451#endif /* not emacs */ 422#endif /* not emacs */
452 423
453#ifndef NULL
454# define NULL (void *)0
455#endif
456
457/* We remove any previous definition of `SIGN_EXTEND_CHAR', 424/* We remove any previous definition of `SIGN_EXTEND_CHAR',
458 since ours (we hope) works properly with all combinations of 425 since ours (we hope) works properly with all combinations of
459 machines, compilers, `char' and `unsigned char' argument types. 426 machines, compilers, `char' and `unsigned char' argument types.
diff --git a/src/s/aix4-2.h b/src/s/aix4-2.h
index c2715fffe01..b44bd0308a3 100644
--- a/src/s/aix4-2.h
+++ b/src/s/aix4-2.h
@@ -47,11 +47,6 @@ along with GNU Emacs. If not, see <http://www.gnu.org/licenses/>. */
47/* AIX doesn't define this. */ 47/* AIX doesn't define this. */
48#define unix 1 48#define unix 1
49 49
50/* string.h defines rindex as a macro, at least with native cc, so we
51 lose declaring char * rindex without this.
52 It is just a guess which versions of AIX need this definition. */
53#undef HAVE_STRING_H
54
55/* Perry Smith <pedz@ddivt1.austin.ibm.com> says these are correct. */ 50/* Perry Smith <pedz@ddivt1.austin.ibm.com> says these are correct. */
56#define SIGNALS_VIA_CHARACTERS 51#define SIGNALS_VIA_CHARACTERS
57#define CLASH_DETECTION 52#define CLASH_DETECTION
diff --git a/src/s/ms-w32.h b/src/s/ms-w32.h
index bf6cc66798c..813c3cef115 100644
--- a/src/s/ms-w32.h
+++ b/src/s/ms-w32.h
@@ -111,11 +111,7 @@ struct sigaction {
111#undef HAVE_UTIME_H 111#undef HAVE_UTIME_H
112#undef HAVE_LINUX_VERSION_H 112#undef HAVE_LINUX_VERSION_H
113#undef HAVE_SYS_SYSTEMINFO_H 113#undef HAVE_SYS_SYSTEMINFO_H
114#define HAVE_LIMITS_H 1
115#define HAVE_STRING_H 1
116#define HAVE_STDLIB_H 1
117#define HAVE_PWD_H 1 114#define HAVE_PWD_H 1
118#define STDC_HEADERS 1
119#define TIME_WITH_SYS_TIME 1 115#define TIME_WITH_SYS_TIME 1
120 116
121#define HAVE_GETTIMEOFDAY 1 117#define HAVE_GETTIMEOFDAY 1
@@ -386,4 +382,3 @@ extern void _DebPrint (const char *fmt, ...);
386 382
387 383
388/* ============================================================ */ 384/* ============================================================ */
389
diff --git a/src/sysdep.c b/src/sysdep.c
index fc2f846b0dc..4bd1f54b9e6 100644
--- a/src/sysdep.c
+++ b/src/sysdep.c
@@ -26,9 +26,7 @@ along with GNU Emacs. If not, see <http://www.gnu.org/licenses/>. */
26#include <pwd.h> 26#include <pwd.h>
27#include <grp.h> 27#include <grp.h>
28#endif /* HAVE_PWD_H */ 28#endif /* HAVE_PWD_H */
29#ifdef HAVE_LIMITS_H
30#include <limits.h> 29#include <limits.h>
31#endif /* HAVE_LIMITS_H */
32#include <unistd.h> 30#include <unistd.h>
33 31
34#include <allocator.h> 32#include <allocator.h>
@@ -2215,59 +2213,6 @@ rmdir (char *dpath)
2215#endif /* !HAVE_RMDIR */ 2213#endif /* !HAVE_RMDIR */
2216 2214
2217 2215
2218#ifndef HAVE_MEMSET
2219void *
2220memset (void *b, int n, size_t length)
2221{
2222 unsigned char *p = b;
2223 while (length-- > 0)
2224 *p++ = n;
2225 return b;
2226}
2227#endif /* !HAVE_MEMSET */
2228
2229#ifndef HAVE_MEMCPY
2230void *
2231memcpy (void *b1, void *b2, size_t length)
2232{
2233 unsigned char *p1 = b1, *p2 = b2;
2234 while (length-- > 0)
2235 *p1++ = *p2++;
2236 return b1;
2237}
2238#endif /* !HAVE_MEMCPY */
2239
2240#ifndef HAVE_MEMMOVE
2241void *
2242memmove (void *b1, void *b2, size_t length)
2243{
2244 unsigned char *p1 = b1, *p2 = b2;
2245 if (p1 < p2 || p1 >= p2 + length)
2246 while (length-- > 0)
2247 *p1++ = *p2++;
2248 else
2249 {
2250 p1 += length;
2251 p2 += length;
2252 while (length-- > 0)
2253 *--p1 = *--p2;
2254 }
2255 return b1;
2256}
2257#endif /* !HAVE_MEMCPY */
2258
2259#ifndef HAVE_MEMCMP
2260int
2261memcmp (void *b1, void *b2, size_t length)
2262{
2263 unsigned char *p1 = b1, *p2 = b2;
2264 while (length-- > 0)
2265 if (*p1++ != *p2++)
2266 return p1[-1] < p2[-1] ? -1 : 1;
2267 return 0;
2268}
2269#endif /* !HAVE_MEMCMP */
2270
2271#ifndef HAVE_STRSIGNAL 2216#ifndef HAVE_STRSIGNAL
2272char * 2217char *
2273strsignal (int code) 2218strsignal (int code)
diff --git a/src/xdisp.c b/src/xdisp.c
index 7493fbff008..8f352561719 100644
--- a/src/xdisp.c
+++ b/src/xdisp.c
@@ -8842,7 +8842,7 @@ message_dolog (const char *m, EMACS_INT nbytes, int nlflag, int multibyte)
8842 if (nlflag) 8842 if (nlflag)
8843 { 8843 {
8844 EMACS_INT this_bol, this_bol_byte, prev_bol, prev_bol_byte; 8844 EMACS_INT this_bol, this_bol_byte, prev_bol, prev_bol_byte;
8845 intmax_t dups; 8845 printmax_t dups;
8846 insert_1 ("\n", 1, 1, 0, 0); 8846 insert_1 ("\n", 1, 1, 0, 0);
8847 8847
8848 scan_newline (Z, Z_BYTE, BEG, BEG_BYTE, -2, 0); 8848 scan_newline (Z, Z_BYTE, BEG, BEG_BYTE, -2, 0);
@@ -8866,12 +8866,12 @@ message_dolog (const char *m, EMACS_INT nbytes, int nlflag, int multibyte)
8866 if (dups > 1) 8866 if (dups > 1)
8867 { 8867 {
8868 char dupstr[sizeof " [ times]" 8868 char dupstr[sizeof " [ times]"
8869 + INT_STRLEN_BOUND (intmax_t)]; 8869 + INT_STRLEN_BOUND (printmax_t)];
8870 int duplen; 8870 int duplen;
8871 8871
8872 /* If you change this format, don't forget to also 8872 /* If you change this format, don't forget to also
8873 change message_log_check_duplicate. */ 8873 change message_log_check_duplicate. */
8874 sprintf (dupstr, " [%"PRIdMAX" times]", dups); 8874 sprintf (dupstr, " [%"pMd" times]", dups);
8875 duplen = strlen (dupstr); 8875 duplen = strlen (dupstr);
8876 TEMP_SET_PT_BOTH (Z - 1, Z_BYTE - 1); 8876 TEMP_SET_PT_BOTH (Z - 1, Z_BYTE - 1);
8877 insert_1 (dupstr, duplen, 1, 0, 1); 8877 insert_1 (dupstr, duplen, 1, 0, 1);
@@ -9264,7 +9264,7 @@ vmessage (const char *m, va_list ap)
9264 { 9264 {
9265 if (m) 9265 if (m)
9266 { 9266 {
9267 size_t len; 9267 ptrdiff_t len;
9268 9268
9269 len = doprnt (FRAME_MESSAGE_BUF (f), 9269 len = doprnt (FRAME_MESSAGE_BUF (f),
9270 FRAME_MESSAGE_BUF_SIZE (f), m, (char *)0, ap); 9270 FRAME_MESSAGE_BUF_SIZE (f), m, (char *)0, ap);
diff --git a/src/xfaces.c b/src/xfaces.c
index 32729ce6f8d..52b125b42e6 100644
--- a/src/xfaces.c
+++ b/src/xfaces.c
@@ -940,11 +940,13 @@ the pixmap. Bits are stored row by row, each row occupies
940 } 940 }
941 } 941 }
942 942
943 if (NATNUMP (width) && NATNUMP (height) && STRINGP (data)) 943 if (STRINGP (data)
944 && INTEGERP (width) && 0 < XINT (width)
945 && INTEGERP (height) && 0 < XINT (height))
944 { 946 {
945 int bytes_per_row = ((XFASTINT (width) + BITS_PER_CHAR - 1) 947 EMACS_INT bytes_per_row = ((XINT (width) + BITS_PER_CHAR - 1)
946 / BITS_PER_CHAR); 948 / BITS_PER_CHAR);
947 if (SBYTES (data) >= bytes_per_row * XINT (height)) 949 if (XINT (height) <= SBYTES (data) / bytes_per_row)
948 pixmap_p = 1; 950 pixmap_p = 1;
949 } 951 }
950 } 952 }
diff --git a/src/xselect.c b/src/xselect.c
index 5e5bdb55eca..f63977a73de 100644
--- a/src/xselect.c
+++ b/src/xselect.c
@@ -2381,7 +2381,7 @@ FRAME is on. If FRAME is nil, the selected frame is used. */)
2381{ 2381{
2382 Atom x_atom; 2382 Atom x_atom;
2383 struct frame *f = check_x_frame (frame); 2383 struct frame *f = check_x_frame (frame);
2384 size_t i; 2384 ptrdiff_t i;
2385 struct x_display_info *dpyinfo = FRAME_X_DISPLAY_INFO (f); 2385 struct x_display_info *dpyinfo = FRAME_X_DISPLAY_INFO (f);
2386 2386
2387 2387
@@ -2402,6 +2402,9 @@ FRAME is on. If FRAME is nil, the selected frame is used. */)
2402 2402
2403 if (dpyinfo->x_dnd_atoms_length == dpyinfo->x_dnd_atoms_size) 2403 if (dpyinfo->x_dnd_atoms_length == dpyinfo->x_dnd_atoms_size)
2404 { 2404 {
2405 if (min (PTRDIFF_MAX, SIZE_MAX) / sizeof *dpyinfo->x_dnd_atoms / 2
2406 < dpyinfo->x_dnd_atoms_size)
2407 memory_full (SIZE_MAX);
2405 dpyinfo->x_dnd_atoms_size *= 2; 2408 dpyinfo->x_dnd_atoms_size *= 2;
2406 dpyinfo->x_dnd_atoms = xrealloc (dpyinfo->x_dnd_atoms, 2409 dpyinfo->x_dnd_atoms = xrealloc (dpyinfo->x_dnd_atoms,
2407 sizeof (*dpyinfo->x_dnd_atoms) 2410 sizeof (*dpyinfo->x_dnd_atoms)
@@ -2424,7 +2427,7 @@ x_handle_dnd_message (struct frame *f, XClientMessageEvent *event, struct x_disp
2424 int x, y; 2427 int x, y;
2425 unsigned char *data = (unsigned char *) event->data.b; 2428 unsigned char *data = (unsigned char *) event->data.b;
2426 int idata[5]; 2429 int idata[5];
2427 size_t i; 2430 ptrdiff_t i;
2428 2431
2429 for (i = 0; i < dpyinfo->x_dnd_atoms_length; ++i) 2432 for (i = 0; i < dpyinfo->x_dnd_atoms_length; ++i)
2430 if (dpyinfo->x_dnd_atoms[i] == event->message_type) break; 2433 if (dpyinfo->x_dnd_atoms[i] == event->message_type) break;
diff --git a/src/xterm.h b/src/xterm.h
index a4767361bb3..30867656710 100644
--- a/src/xterm.h
+++ b/src/xterm.h
@@ -326,8 +326,8 @@ struct x_display_info
326 326
327 /* Atoms that are drag and drop atoms */ 327 /* Atoms that are drag and drop atoms */
328 Atom *x_dnd_atoms; 328 Atom *x_dnd_atoms;
329 size_t x_dnd_atoms_size; 329 ptrdiff_t x_dnd_atoms_size;
330 size_t x_dnd_atoms_length; 330 ptrdiff_t x_dnd_atoms_length;
331 331
332 /* Extended window manager hints, Atoms supported by the window manager and 332 /* Extended window manager hints, Atoms supported by the window manager and
333 atoms for settig the window type. */ 333 atoms for settig the window type. */
generated by cgit v1.2.1 (git 2.18.0) at 2026-01-21 12:07:01 +0000