(ccl_driver): Do not generate an out-of-range pointer.
(Fccl_execute_on_string): Remove unnecessary check for
integer overflow, noted by Stefan Monnier in
<http://lists.gnu.org/archive/html/emacs-devel/2011-08/msg00979.html>.
Remove a FIXME that didn't need fixing.
Simplify the newly-introduced buffer reallocation code.
(Fccl_execute_on_string): Check for memory overflow.
Use ptrdiff_t rather than EMACS_INT where ptrdiff_t will do.
Redo buffer-overflow calculations to avoid integer overflow.
* category.c (hash_get_category_set): Use 'EMACS_UINT' and 'EMACS_INT'
for hashes and hash indexes, instead of 'unsigned' and 'int'.
* ccl.c (ccl_driver): Likewise.
* charset.c (Fdefine_charset_internal): Likewise.
* charset.h (struct charset.hash_index): Likewise.
* composite.c (get_composition_id, gstring_lookup_cache):
(composition_gstring_put_cache): Likewise.
* composite.h (struct composition.hash_index): Likewise.
* dispextern.h (struct image.hash): Likewise.
* fns.c (next_almost_prime, larger_vector, cmpfn_eql):
(cmpfn_equal, cmpfn_user_defined, hashfn_eq, hashfn_eql):
(hashfn_equal, hashfn_user_defined, make_hash_table):
(maybe_resize_hash_table, hash_lookup, hash_put):
(hash_remove_from_table, hash_clear, sweep_weak_table, SXHASH_COMBINE):
(sxhash_string, sxhash_list, sxhash_vector, sxhash_bool_vector):
(Fsxhash, Fgethash, Fputhash, Fmaphash): Likewise.
* image.c (make_image, search_image_cache, lookup_image):
(xpm_put_color_table_h): Likewise.
* lisp.h (struct Lisp_Hash_Table): Likewise, for 'count', 'cmpfn',
and 'hashfn' members.
* minibuf.c (Ftry_completion, Fall_completions, Ftest_completion):
Likewise.
* print.c (print): Likewise.
* alloc.c (allocate_vectorlike): Check for overflow in vector size
calculations.
* ccl.c (ccl_driver): Check for overflow when converting EMACS_INT
to int.
* fns.c, image.c: Remove unnecessary static decls that would otherwise
need to be updated by these changes.
* fns.c (make_hash_table, maybe_resize_hash_table): Check for integer
overflow with large hash tables.
(make_hash_table, maybe_resize_hash_table, Fmake_hash_table):
Prefer the faster XFLOAT_DATA to XFLOATINT where either will do.
(SXHASH_REDUCE): New macro.
(sxhash_string, sxhash_list, sxhash_vector, sxhash_bool_vector):
Use it instead of discarding useful hash info with large hash values.
(sxhash_float): New function.
(sxhash): Use it. No more need for "& INTMASK" due to above changes.
* lisp.h (FIXNUM_BITS): New macro, useful for SXHASH_REDUCE etc.
(MOST_NEGATIVE_FIXNUM, MOST_POSITIVE_FIXNUM, INTMASK): Rewrite
to use FIXNUM_BITS, as this simplifies things.
(next_almost_prime, larger_vector, sxhash, hash_lookup, hash_put):
Adjust signatures to match updated version of code.
(consing_since_gc): Now EMACS_INT, since a single hash table can
use more than INT_MAX bytes.
* ccl.c (CCL_CODE_MAX, GET_CCL_RANGE, GET_CCL_CODE, GET_CCL_INT):
(IN_INT_RANGE): New macros.
(ccl_driver): Use them to check for integer overflow when
decoding a CCL program. Many of the new checks are whether XINT (x)
fits in int; it doesn't always, on 64-bit hosts. The new version
doesn't catch all possible integer overflows, but it's an
improvement.
GCC 4.6.0 optimizes based on type-based alias analysis. For
example, if b is of type struct buffer * and v of type struct
Lisp_Vector *, then gcc -O2 was incorrectly assuming that &b->size
!= &v->size, and therefore "v->size = 1; b->size = 2; return
v->size;" must therefore return 1. This assumption is incorrect
for Emacs, since it type-puns struct Lisp_Vector * with many other
types. To fix this problem, this patch adds a new type struct
vector_header that documents the constraints on layout of vectors
and pseudovectors, and helps optimizing compilers not get fooled
by Emacs's type punning. It also adds the macros XSETTYPED_PVECTYPE
XSETTYPED_PSEUDOVECTOR, TYPED_PSEUDOVECTORP, for similar reasons.
* lisp.h (XVECTOR_SIZE): New convenience macro. All previous uses of
XVECTOR (foo)->size replaced to use this macro, to avoid the hassle
of writing XVECTOR (foo)->header.size.
(XVECTOR_HEADER_SIZE): New macro, for use in XSETPSEUDOVECTOR.
(XSETTYPED_PVECTYPE): New macro, specifying the name of the size
member.
(XSETPVECTYPE): Rewrite in terms of new macro.
(XSETPVECTYPESIZE): New macro, specifying both type and size.
This is a bit clearer, and further avoids the possibility of
undesirable aliasing.
(XSETTYPED_PSEUDOVECTOR): New macro, specifying the size.
(XSETPSEUDOVECTOR): Rewrite in terms of XSETTYPED_PSEUDOVECTOR
and XVECTOR_HEADER_SIZE.
(XSETSUBR): Rewrite in terms of XSETTYPED_PSEUDOVECTOR and XSIZE,
since Lisp_Subr is a special case (no "next" field).
(ASIZE): Rewrite in terms of XVECTOR_SIZE.
(struct vector_header): New type.
(TYPED_PSEUDOVECTORP): New macro, also specifying the C type of the
object, to help avoid aliasing.
(PSEUDOVECTORP): Rewrite in terms of TYPED_PSEUDOVECTORP.
(SUBRP): Likewise, since Lisp_Subr is a special case.
* lisp.h (struct Lisp_Vector, struct Lisp_Char_Table):
(struct Lisp_Sub_Char_Table, struct Lisp_Bool_Vector):
(struct Lisp_Hash_Table): Combine first two members into a single
struct vector_header member. All uses of "size" and "next" members
changed to be "header.size" and "header.next".
* buffer.h (struct buffer): Likewise.
* font.h (struct font_spec, struct font_entity, struct font): Likewise.
* frame.h (struct frame): Likewise.
* process.h (struct Lisp_Process): Likewise.
* termhooks.h (struct terminal): Likewise.
* window.c (struct save_window_data, struct saved_window): Likewise.
* window.h (struct window): Likewise.
* alloc.c (allocate_buffer, Fmake_bool_vector, allocate_pseudovector):
Use XSETPVECTYPESIZE, not XSETPVECTYPE, to avoid aliasing problems.
* buffer.c (init_buffer_once): Likewise.
* lread.c (defsubr): Use XSETTYPED_PVECTYPE, since Lisp_Subr is a
special case.
* process.c (Fformat_network_address): Use local var for size,
for brevity.
This makes it easier for human readers (and static analyzers)
to see whether these variables are used from other modules.
* alloc.c, buffer.c, bytecode.c, callint.c, casetab.c, category.c:
* ccl.c, character.c, charset.c, cmds.c, coding.c, composite.c:
* data.c, dbusbind.c, dired.c, editfns.c, eval.c, fileio.c, fns.c:
* font.c, frame.c, fringe.c, ftfont.c, image.c, keyboard.c, keymap.c:
* lread.c, macros.c, minibuf.c, print.c, process.c, search.c:
* sound.c, syntax.c, textprop.c, window.c, xdisp.c, xfaces.c, xfns.c:
* xmenu.c, xselect.c:
Declare Q* vars static if they are not used in other modules.
* ccl.h, character.h, charset.h, coding.h, composite.h, font.h:
* frame.h, intervals.h, keyboard.h, lisp.h, process.h, syntax.h:
Remove decls of unexported vars.
* keyboard.h (EVENT_HEAD_UNMODIFIED): Remove now-unused macro.
This makes it easier for human readers (and static analyzers)
to see whether these functions can be called from other modules.
DEFUN now defines a static function. To make the function external
so that it can be used in other C modules, use the new macro DEFUE.
* lisp.h (DEFINE_FUNC): New macro, with the old contents of DEFUN.
(DEFUN): Rewrite in terms of DEFINE_FUNC. It now generates a
static function definition. Use DEFUE if you want an extern one.
(DEFUE, INFUN): New macros.
(Funibyte_char_to_multibyte, Fsyntax_table_p, Finit_image_library):
(Feval_region, Fbacktrace, Ffetch_bytecode, Fswitch_to_buffer):
(Ffile_executable_p, Fmake_symbolic_link, Fcommand_execute):
(Fget_process, Fdocumentation_property, Fbyte_code, Ffile_attributes):
Remove decls, since these functions are now static.
(Funintern, Fget_internal_run_time): New decls, since these functions
were already external.
* alloc.c, buffer.c, callint.c, callproc.c, casefiddle.c, casetab.c:
* ccl.c, character.c, chartab.c, cmds.c, coding.c, data.c, dispnew.c:
* doc.c, editfns.c, emacs.c, eval.c, fileio.c, filelock.c, floatfns.c:
* fns.c, font.c, fontset.c, frame.c, image.c, indent.c:
* keyboard.c, keymap.c, lread.c:
* macros.c, marker.c, menu.c, minibuf.c, print.c, process.c, search.c:
* syntax.c, term.c, terminal.c, textprop.c, undo.c:
* window.c, xdisp.c, xfaces.c, xfns.c, xmenu.c, xsettings.c:
Mark functions with DEFUE instead of DEFUN,
if they are used in other modules.
* buffer.c (Fset_buffer_major_mode, Fdelete_overlay): New forward
decls for now-static functions.
* buffer.h (Fdelete_overlay): Remove decl.
* callproc.c (Fgetenv_internal): Mark as internal.
* composite.c (Fremove_list_of_text_properties): Remove decl.
(Fcomposition_get_gstring): New forward static decl.
* composite.h (Fcomposite_get_gstring): Remove decl.
* dired.c (Ffile_attributes): New forward static decl.
* doc.c (Fdocumntation_property): New forward static decl.
* eval.c (Ffetch_bytecode): New forward static decl.
(Funintern): Remove extern decl; now in .h file where it belongs.
* fileio.c (Fmake_symbolic_link): New forward static decl.
* image.c (Finit_image_library): New forward static decl.
* insdel.c (Fcombine_after_change_execute): Make forward decl static.
* intervals.h (Fprevious_property_change):
(Fremove_list_of_text_properties): Remove decls.
* keyboard.c (Fthis_command_keys): Remove decl.
(Fcommand_execute): New forward static decl.
* keymap.c (Flookup_key): New forward static decl.
(Fcopy_keymap): Now static.
* keymap.h (Flookup_key): Remove decl.
* process.c (Fget_process): New forward static decl.
(Fprocess_datagram_address): Mark as internal.
* syntax.c (Fsyntax_table_p): New forward static decl.
(skip_chars): Remove duplicate decl.
* textprop.c (Fprevious_property_change): New forward static decl.
* window.c (Fset_window_fringes, Fset_window_scroll_bars):
Now internal.
(Fset_window_margins, Fset_window_vscroll): New forward static decls.
* window.h (Fset_window_vscroll, Fset_window_margins): Remove decls.
keyboard.c (make_lispy_position): Use EMACS_INT for buffer
positions.
xdisp.c (redisplay_internal, try_window_id)
(set_cursor_from_row, find_first_unchanged_at_end_row): Use
EMACS_INT for buffer positions.
dispextern.h (set_cursor_from_row, mode_line_string)
(marginal_area_string): Adjust prototypes.
dispnew.c (increment_matrix_positions)
(increment_row_positions, copy_glyph_row_contents)
(mode_line_string, marginal_area_string): Use EMACS_INT for buffer
positions.
dispextern.h (mode_line_string, marginal_area_string)
(increment_matrix_positions, increment_row_positions): Adjust
prototypes.
data.c (Faref, Faset): Use EMACS_INT for string length and
positions.
cmds.c (internal_self_insert): Use EMACS_INT for the count of
characters to insert.
ccl.c (Fccl_execute_on_string): Use EMACS_INT for string
position and size.
