Re: xmalloc.c's xcalloc performs unnecessary test for N*S overflow
I installed the following (slightly different) patch for that problem, into gnulib. It's tested with GNU tar. 2005-06-22 Paul Eggert [EMAIL PROTECTED] * xmalloc.c (HAVE_GNU_CALLOC): New constant. (xcalloc): Use it to avoid needless tests. Problem reported by Jim Meyering. --- xmalloc.c 14 May 2005 06:03:58 - 1.36 +++ xmalloc.c 22 Jun 2005 07:12:04 - 1.37 @@ -30,6 +30,15 @@ # define SIZE_MAX ((size_t) -1) #endif +/* 1 if calloc is known to be compatible with GNU calloc. This + matters if we are not also using the calloc module, which defines + HAVE_CALLOC and supports the GNU API even on non-GNU platforms. */ +#if defined HAVE_CALLOC || defined __GLIBC__ +enum { HAVE_GNU_CALLOC = 1 }; +#else +enum { HAVE_GNU_CALLOC = 0 }; +#endif + /* Allocate an array of N objects, each with S bytes of memory, dynamically, with error checking. S must be nonzero. */ @@ -204,8 +213,11 @@ xcalloc (size_t n, size_t s) { void *p; /* Test for overflow, since some calloc implementations don't have - proper overflow checks. */ - if (xalloc_oversized (n, s) || (! (p = calloc (n, s)) n != 0)) + proper overflow checks. But omit overflow and size-zero tests if + HAVE_GNU_CALLOC, since GNU calloc catches overflow and never + returns NULL if successful. */ + if ((! HAVE_GNU_CALLOC xalloc_oversized (n, s)) + || (! (p = calloc (n, s)) (HAVE_GNU_CALLOC || n != 0))) xalloc_die (); return p; } ___ bug-gnulib mailing list bug-gnulib@gnu.org http://lists.gnu.org/mailman/listinfo/bug-gnulib
Re: xmalloc.c's xcalloc performs unnecessary test for N*S overflow
Jim Meyering [EMAIL PROTECTED] writes: This makes me think it'd be worthwhile to support a new section in the modules file listing `Recommended' modules. Yes, that would be nice. It's been suggested before but nobody has had the time yet to do it. gnulib-tool might bring in recommended modules automatically on request, for example. But why reuse the HAVE_CALLOC symbol at all? It's name isn't really accurate in this context. How about this instead: Yes, that would be better (and thanks for catching the bug -- I did say my patch was untested :-). Though I think it'd be better to reverse the sense and call it HAVE_GNU_CALLOC or something like that. How about the following (also untested) patch? 2005-06-17 Paul Eggert [EMAIL PROTECTED] * xmalloc (HAVE_GNU_CALLOC): New macro. (xcalloc): Omit needless tests if ! HAVE_GNU_CALLOC. --- xmalloc.c 2005-05-13 23:03:58 -0700 +++ /tmp/xmalloc.c 2005-06-17 10:28:06 -0700 @@ -30,6 +30,15 @@ # define SIZE_MAX ((size_t) -1) #endif +/* 1 if calloc is known to be compatible with GNU calloc. This + matters if we are not also using the calloc module, which defines + HAVE_CALLOC and supports the GNU API even on non-GNU platforms. */ +#ifdef HAVE_CALLOC +# define HAVE_GNU_CALLOC 1 +#else +# define HAVE_GNU_CALLOC 0 +#endif + /* Allocate an array of N objects, each with S bytes of memory, dynamically, with error checking. S must be nonzero. */ @@ -204,8 +213,11 @@ xcalloc (size_t n, size_t s) { void *p; /* Test for overflow, since some calloc implementations don't have - proper overflow checks. */ - if (xalloc_oversized (n, s) || (! (p = calloc (n, s)) n != 0)) + proper overflow checks. But omit overflow and size-zero tests if + HAVE_GNU_CALLOC, since GNU calloc catches overflow and never + returns NULL if successful. */ + if ((! HAVE_GNU_CALLOC xalloc_oversized (n, s)) + || (! (p = calloc (n, s)) (HAVE_GNU_CALLOC || n != 0))) xalloc_die (); return p; } ___ bug-gnulib mailing list bug-gnulib@gnu.org http://lists.gnu.org/mailman/listinfo/bug-gnulib
Re: xmalloc.c's xcalloc performs unnecessary test for N*S overflow
Paul Eggert [EMAIL PROTECTED] wrote: ... How about the following (also untested) patch? 2005-06-17 Paul Eggert [EMAIL PROTECTED] * xmalloc (HAVE_GNU_CALLOC): New macro. (xcalloc): Omit needless tests if ! HAVE_GNU_CALLOC. Looks fine to me. Thanks! ___ bug-gnulib mailing list bug-gnulib@gnu.org http://lists.gnu.org/mailman/listinfo/bug-gnulib
Re: xmalloc.c's xcalloc performs unnecessary test for N*S overflow
Jim Meyering [EMAIL PROTECTED] writes: As it stands, if I use both of the xalloc and calloc modules, calling xcalloc ends up performing the overflow check twice, first in xcalloc itself (above), and then again in calloc. Also, xcalloc contains a test n != 0 that isn't needed when rpl_calloc is being called. How about the following (untested) change instead? It omits the tests when they're unnecessary, but it doesn't establish a dependency of xalloc on calloc. I'd rather leave out dependencies like that if it's easy. 2005-06-16 Paul Eggert [EMAIL PROTECTED] * xmalloc (HAVE_CALLOC): Define to 1 if not defined. (xcalloc): Omit needless tests if ! HAVE_CALLOC. --- xmalloc.c 2005-05-13 23:03:58 -0700 +++ /tmp/xmalloc.c 2005-06-16 17:14:13 -0700 @@ -30,6 +30,10 @@ # define SIZE_MAX ((size_t) -1) #endif +#ifndef HAVE_CALLOC +# define HAVE_CALLOC 1 +#endif + /* Allocate an array of N objects, each with S bytes of memory, dynamically, with error checking. S must be nonzero. */ @@ -204,8 +208,11 @@ xcalloc (size_t n, size_t s) { void *p; /* Test for overflow, since some calloc implementations don't have - proper overflow checks. */ - if (xalloc_oversized (n, s) || (! (p = calloc (n, s)) n != 0)) + proper overflow checks. Omit some tests if !HAVE_CALLOC, since + rpl_calloc catches overflow and never returns NULL if + successful. */ + if ((HAVE_CALLOC xalloc_oversized (n, s)) + || (! (p = calloc (n, s)) ! (HAVE_CALLOC n == 0))) xalloc_die (); return p; } ___ bug-gnulib mailing list bug-gnulib@gnu.org http://lists.gnu.org/mailman/listinfo/bug-gnulib