-2011-09-25 Paul Eggert <eggert@cs.ucla.edu>
+2011-10-11 Paul Eggert <eggert@cs.ucla.edu>
+ Fix integer width and related issues.
* alloc.c (pure_bytes_used_lisp, pure_bytes_used_non_lisp):
(allocate_vectorlike, buffer_memory_full, struct sdata, SDATA_SIZE)
(string_bytes, check_sblock, allocate_string_data):
(Foverlay_recenter, last_overlay_modification_hooks_used)
(report_overlay_modification, evaporate_overlays, enlarge_buffer_text):
Use ptrdiff_t, not EMACS_INT, where ptrdiff_t is wide enough.
- (validate_region): Omit unnecessary test for b <= e, since
- that's guaranteed by the previous test.
+ (validate_region): Omit unnecessary test for b <= e,
+ since that's guaranteed by the previous test.
(adjust_overlays_for_delete): Avoid pos + length overflow.
(Fmove_overlay, Fdelete_overlay, add_overlay_mod_hooklist)
(report_overlay_modification):
(Foverlays_at, Fnext_overlay_change, Fprevious_overlay_change):
Omit pointer cast, which isn't needed anyway, and doesn't work
after the EMACS_INT -> ptrdiff_t change.
+ (Fmove_overlay): Delete an evaporating overlay
+ if it becomes empty after its bounds are adjusted to fit within
+ its buffer. Without this fix, in a nonempty buffer (let ((o
+ (make-overlay 1 2))) (overlay-put o 'evaporate t) (move-overlay o 0 1))
+ yields an empty overlay that has the evaporate property, which is
+ not supposed to happen. (Bug#9642)
* buffer.h: Adjust decls to match defn changes elsewhere.
(struct buffer_text, struct buffer):
Use ptrdiff_t, not EMACS_INT, where ptrdiff_t is wide enough.
Use EMACS_INT, not int, where int might not be wide enough.
- * bytecode.c (exec_byte_code): Use ptrdiff_t, not int, to avoid
- needless 32-bit limit on 64-bit hosts. Remove unnecessary
- memory-full test. Use EMACS_INT, not ptrdiff_t or int, where
- ptrdiff_t or int might not be wide enough.
+ * bytecode.c (unmark_byte_stack, exec_byte_code): Use ptrdiff_t,
+ not int, to avoid needless 32-bit limit on 64-bit hosts.
+ (exec_byte_code): Use tighter memory-full test, one that checks
+ for alloca overflow. Don't compute the address of the object just
+ before an array, as that's not portable. Use EMACS_INT, not
+ ptrdiff_t or int, where ptrdiff_t or int might not be wide enough.
* callint.c (Fcall_interactively):
Use ptrdiff_t, not int, to avoid needless 32-bit limit on 64-bit hosts.
* callproc.c (call_process_kill, Fcall_process):
(ccl_driver):
Use ptrdiff_t, not EMACS_INT, where ptrdiff_t is wide enough.
For CCL_MapSingle, check that content and value are in int range.
+ (ccl_driver, Fregister_code_conversion_map):
+ Check that Vcode_version_map_vector is a vector.
(resolve_symbol_ccl_program): Check that vector header is in range.
Always copy the vector, so that we can check its contents reliably
now rather than having to recheck each instruction as it's being
* cmds.c (move_point): New function, that does the gist of
Fforward_char and Fbackward_char, but does so while checking
for integer overflow more accurately.
- (Fforward_char, Fbackward_char, internal_self_insert): Use it.
+ (Fforward_char, Fbackward_char): Use it.
(Fforward_line, Fend_of_line, internal_self_insert)
(internal_self_insert):
Use ptrdiff_t, not EMACS_INT, where ptrdiff_t is wide enough.
Don't assume fixnums fit in int.
(decode_coding_gap, decode_coding_object, encode_coding_object)
(Fread_coding_system, Fdetect_coding_region)
- (Funencodable_char_position, Fcheck_coding_systems_region):
+ (Funencodable_char_position, Fcheck_coding_systems_region)
+ (get_translation, handle_composition_annotation, consume_chars):
Use ptrdiff_t, not int, to avoid needless 32-bit limit on 64-bit hosts.
+ (consume_chars): Rewrite to not calculate an address outside buffer.
(Ffind_operation_coding_system): NATNUMP can eval its arg twice.
+ Don't access memory outside of the args array.
(Fdefine_coding_system_internal): Check for charset-id overflow.
(ENCODE_ISO_CHARACTER): Use unsigned, not int, to store the unsigned
result of ENCODE_CHAR.
(increment_row_positions, mode_line_string)
(marginal_area_string):
Use ptrdiff_t, not EMACS_INT, where ptrdiff_t is wide enough.
- (change_frame_size_1, Fredisplay):
+ (change_frame_size_1, Fredisplay, Fframe_or_buffer_changed_p):
Use ptrdiff_t, not int, to avoid needless 32-bit limit on 64-bit hosts.
(duration_to_sec_usec): New function, to check for overflow better.
(Fsleep_for, sit_for): Use it.
Use ptrdiff_t, not int, to avoid needless 32-bit limit on 64-bit hosts.
(Fapply, apply_lambda): Don't assume ptrdiff_t can hold fixnum.
(grow_specpdl): Simplify allocation by using xpalloc.
+ (Fprog1, Fprog2): Don't assume list length fits in int. Simplify.
* fileio.c (Ffind_file_name_handler, Fcopy_file, Frename_file)
(Finsert_file_contents, Fwrite_region, Fdo_auto_save):
Use ptrdiff_t, not int, to avoid needless 32-bit limit on 64-bit hosts.
(Finsert_file_contents): Check that counts are in proper range,
rather than assuming fixnums fit into ptrdiff_t etc.
Don't assume fixnums fit into int.
- (Fdo_auto_save, Fset_buffer_auto_saved)
- (Fclear_buffer_auto_save_failure):
- Don't assume time_t is signed, or that it fits in int.
+ * floatfns.c (Fexpt): Avoid undefined signed * signed overflow.
* fns.c (Fcompare_strings, Fstring_lessp, struct textprop_rec, concat)
(string_char_byte_cache_charpos, string_char_byte_cache_bytepos)
(string_char_to_byte, string_byte_to_char)
(struct Lisp_Marker):
Use ptrdiff_t, not EMACS_INT, where ptrdiff_t is wide enough.
(clip_to_bounds): Now an inline function, moved here from editfns.c.
- (XSETSUBR): Use size of 0 since the actual size doesn't matter,
- and using 0 avoids overflow.
(GLYPH_CODE_P): Check for overflow in system types, subsuming the
need for GLYPH_CODE_CHAR_VALID_P and doing proper checking ourselves.
All callers changed.
Use ptrdiff_t, not int, to avoid needless 32-bit limit on 64-bit hosts.
(ns_update_menubar): Use intptr_t, not EMACS_INT, when intptr_t is
wide enough.
- * nsselect.m (ns_get_local_selection):
+ * nsselect.m (ns_get_local_selection, clean_local_selection_data):
Use ptrdiff_t, not int, to avoid needless 32-bit limit on 64-bit hosts.
* print.c (print_buffer_size, print_buffer_pos, print_buffer_pos_byte)
(PRINTDECLARE, PRINTPREPARE):
* process.c (Fdelete_process): Don't assume pid fits into EMACS_INT.
(Fset_process_window_size, Fformat_network_address)
(get_lisp_to_sockaddr_size, set_socket_option, Fmake_network_process)
- (Fsignal_process, sigchld_handler):
+ (sigchld_handler):
Check that fixnums are in proper range for system types.
+ (Fsignal_process): Simplify by avoiding a goto.
+ Treat out-of-range process numbers just like invalid numbers
+ that fit into the pid_t range, and return -1.
(Fformat_network_address, read_process_output, send_process)
(Fprocess_send_region, status_notify):
Use ptrdiff_t, not EMACS_INT, where ptrdiff_t is wide enough.
(conv_lisp_to_sockaddr): Don't assume fixnums fit into int.
(Faccept_process_output): Use duration_to_sec_usec to do proper
overflow checking on durations.
+ * puresize.h (PURESIZE_RATIO): Shrink this to 8/6 on 32-bit hosts
+ configured --with-wide-int.
* scroll.c (calculate_scrolling, calculate_direct_scrolling)
(line_ins_del): Use int, not EMACS_INT, where int is wide enough.
* search.c (looking_at_1, string_match_1):
(update_tool_bar, hscroll_window_tree, redisplay_internal)
(redisplay_window, dump_glyph_row, display_mode_line)
(Fformat_mode_line, decode_mode_spec, on_hot_spot_p):
+ (handle_display_spec, display_prop_string_p):
Use ptrdiff_t, not int, to avoid needless 32-bit limit on 64-bit hosts.
(handle_single_display_spec, build_desired_tool_bar_string)
(redisplay_tool_bar, scroll_window_tree, Fdump_glyph_matrix)
rather than rolling our own approximation.
(SCROLL_BAR_VEC_SIZE): Remove; not used.
+2011-10-07 Stefan Monnier <monnier@iro.umontreal.ca>
+
+ * buffer.c (syms_of_buffer) <enable-multibyte-characters>: Don't
+ advertise functionality which we discourage or doesn't work.
+
+2011-10-07 Paul Eggert <eggert@cs.ucla.edu>
+
+ * alloc.c (GC_LISP_OBJECT_ALIGNMENT): Use offsetof, not __alignof__
+ or sizeof. __alignof__ gives the wrong answer on Fedora x86-64
+ with GCC 4.6.1 when configured with CC='gcc -m32' --with-wide-int;
+ this makes Emacs dump core during garbage collection on rare
+ occasions. sizeof is obviously inferior to offsetof here, so
+ stick with offsetof.
+ (GC_POINTER_ALIGNMENT): New macro.
+ (mark_memory): Omit 3rd (offset) arg; caller changed.
+ Don't assume EMACS_INT alignment is the same as pointer alignment.
+
+2011-10-03 Stefan Monnier <monnier@iro.umontreal.ca>
+
+ * keyboard.c (read_key_sequence_remapped): New var.
+ (read_key_sequence): Compute remapping in the right buffer.
+ (command_loop_1): Use read_key_sequence's remapping directly.
+
+2011-10-02 Stefan Monnier <monnier@iro.umontreal.ca>
+
+ * dired.c (file_name_completion): Don't expand file name.
+ (Ffile_name_completion, Ffile_name_all_completions): Expand file name
+ before checking file name handler.
+
+ * minibuf.c (Finternal_complete_buffer): Only show internal buffers if
+ they've been requested explicitly (bug#9591).
+
+2011-10-01 Andreas Schwab <schwab@linux-m68k.org>
+
+ * keymap.c (Fsingle_key_description): Use make_specified_string
+ instead of build_string to build string from push_key_description.
+ (Bug#5193)
+
+2011-09-30 Paul Eggert <eggert@cs.ucla.edu>
+
+ * buffer.h (struct buffer): Use time_t, not int, for a time stamp.
+ This fixes a Y2038 bug on 64-bit hosts.
+ * buffer.c (reset_buffer):
+ * fileio.c (Fdo_auto_save, Fset_buffer_auto_saved)
+ (Fclear_buffer_auto_save_failure):
+ Use 0, not -1, to represent an unset failure time, since time_t
+ might not be signed.
+
+ Remove dependency on glibc malloc internals.
+ * alloc.c (XMALLOC_OVERRUN_CHECK_OVERHEAD, XMALLOC_OVERRUN_CHECK_SIZE):
+ Move back here from lisp.h, but with their new implementations.
+ (XMALLOC_BASE_ALIGNMENT, COMMON_MULTIPLE, XMALLOC_HEADER_ALIGNMENT)
+ (XMALLOC_OVERRUN_SIZE_SIZE): Move these new lisp.h macros here.
+ * charset.c (charset_table_init): New static var.
+ (syms_of_charset): Use it instead of xmalloc. This removes a
+ dependency on glibc malloc internals. See Eli Zaretskii's comment in
+ <http://lists.gnu.org/archive/html/emacs-devel/2011-09/msg00815.html>.
+ * lisp.h (XMALLOC_OVERRUN_CHECK_OVERHEAD, XMALLOC_OVERRUN_CHECK_SIZE):
+ Move back to alloc.c.
+ (XMALLOC_BASE_ALIGNMENT, COMMON_MULTIPLE, XMALLOC_HEADER_ALIGNMENT)
+ (XMALLOC_OVERRUN_SIZE_SIZE): Move to alloc.c.
+
+2011-09-30 Jan Djärv <jan.h.d@swipnet.se>
+
+ * nsterm.m (windowDidResize): Call x_set_window_size only when
+ ns_in_resize is true. Otherwise set pixelwidth/height and
+ call change_frame_size (Bug#9628).
+
+2011-09-30 Paul Eggert <eggert@cs.ucla.edu>
+
+ Port --enable-checking=all to Fedora 14 x86-64.
+ * charset.c (syms_of_charset): Also account for glibc malloc's
+ internal overhead when calculating the initial malloc maximum.
+
+ Port --enable-checking=all to Fedora 14 x86.
+ * alloc.c (XMALLOC_OVERRUN_CHECK_OVERHEAD, XMALLOC_OVERRUN_CHECK_SIZE):
+ Move to lisp.h.
+ (xmalloc_put_size, xmalloc_get_size, overrun_check_malloc)
+ (overrun_check_realloc, overrun_check_free):
+ Use XMALLOC_OVERRUN_SIZE_SIZE, not sizeof (size_t).
+ That way, xmalloc returns a properly-aligned pointer even if
+ XMALLOC_OVERRUN_CHECK is defined. The old debugging code happened
+ to align OK on typical 64-bit hosts, but not on Fedora 14 x86.
+ * charset.c (syms_of_charset): Take XMALLOC_OVERRUN_CHECK_OVERHEAD
+ into account when calculating the initial malloc maximum.
+ * lisp.h (XMALLOC_OVERRUN_CHECK_OVERHEAD, XMALLOC_OVERRUN_CHECK_SIZE):
+ Move here from alloc.c, so that charset.c can use it too.
+ Properly align; the old code wasn't right for common 32-bit hosts
+ when configured with --enable-checking=all.
+ (XMALLOC_BASE_ALIGNMENT, COMMON_MULTIPLE, XMALLOC_HEADER_ALIGNMENT)
+ (XMALLOC_OVERRUN_SIZE_SIZE): New macros.
+
+2011-09-29 Eli Zaretskii <eliz@gnu.org>
+
+ * sysdep.c (snprintf) [!EOVERFLOW]: If EOVERFLOW is not defined,
+ use EDOM.
+
+2011-09-28 Eli Zaretskii <eliz@gnu.org>
+
+ * xdisp.c (compute_display_string_end): If there's no display
+ string at CHARPOS, return -1.
+
+ * bidi.c (bidi_fetch_char): When compute_display_string_end
+ returns a negative value, treat the character as a normal
+ character not covered by a display string. (Bug#9624)
+
+2011-09-28 Juanma Barranquero <lekktu@gmail.com>
+
+ * lread.c (Fread_from_string): Fix typo in docstring.
+
+2011-09-27 Eli Zaretskii <eliz@gnu.org>
+
+ * xdisp.c (handle_invisible_prop): If invisible text ends on a
+ newline, reseat the iterator instead of bidi-iterating there one
+ character at a time. (Bug#9610)
+ (BUFFER_POS_REACHED_P, move_it_in_display_line_to): Bail when past
+ TO_CHARPOS if the bidi iterator is at base embedding level.
+
+2011-09-27 Andreas Schwab <schwab@linux-m68k.org>
+
+ * lread.c (readevalloop): Use correct code for NBSP.
+ (read1): Likewise. (Bug#9608)
+
+2011-09-25 Michael Albinus <michael.albinus@gmx.de>
+
+ * dbusbind.c (Fdbus_register_signal): When service is not
+ registered, use nil in Vdbus_registered_objects_table. (Bug#9581)
+
2011-09-25 Glenn Morris <rgm@gnu.org>
* buffer.c (truncate-lines): Doc fix.
2011-09-24 Eli Zaretskii <eliz@gnu.org>
- * dispnew.c (syms_of_display) <redisplay-dont-pause>: Default
- value is now t. Doc fix.
+ * dispnew.c (syms_of_display) <redisplay-dont-pause>:
+ Default value is now t. Doc fix.
* indent.c (Fvertical_motion): Compute and apply the overshoot
logic when moving up, not only when moving down. Fix the
* dbusbind.c (Fdbus_register_signal): Add match rule to
Vdbus_registered_objects_table. (Bug#9581)
- (Fdbus_register_method, Vdbus_registered_objects_table): Fix
- docstring.
+ (Fdbus_register_method, Vdbus_registered_objects_table):
+ Fix docstring.
2011-09-24 Jim Meyering <meyering@redhat.com>
* term.c (tty_append_glyph): New function.
(produce_stretch_glyph): Static function and its prototype deleted.
- * dispextern.h (produce_stretch_glyph, tty_append_glyph): Add
- prototypes.
+ * dispextern.h (produce_stretch_glyph, tty_append_glyph):
+ Add prototypes.
2011-08-29 Paul Eggert <eggert@cs.ucla.edu>
* image.c (parse_image_spec): Check for nonnegative, not for positive,
when checking :margin (Bug#9390).
(IMAGE_NON_NEGATIVE_INTEGER_VALUE_OR_PAIR):
- Renamed from IMAGE_POSITIVE_INTEGER_VALUE_OR_PAIR,
+ Rename from IMAGE_POSITIVE_INTEGER_VALUE_OR_PAIR,
so that the name doesn't mislead. All uses changed.
2011-08-28 Johan Bockgård <bojohan@gnu.org>
(read_char_minibuf_menu_prompt, follow_key, read_key_sequence):
Use ptrdiff_t, not int, to count maps.
(read_char_minibuf_menu_prompt): Check for overflow in size
- calculations. Don't update size until allocation succeeds. Redo
- calculations to avoid overflow.
+ calculations. Don't update size until allocation succeeds.
+ Redo calculations to avoid overflow.
* keyboard.h: Change prototypes to match the above.
* keymap.c (cmm_size, current_minor_maps): Use ptrdiff_t, not int,
* indent.c (MULTIBYTE_BYTES_WIDTH):
Use sanitize_char_width to avoid undefined and/or bad behavior
with outlandish widths.
- * character.h (sanitize_tab_width): Renamed from sanitize_width,
+ * character.h (sanitize_tab_width): Rename from sanitize_width,
now that we have two such functions. All uses changed.
(sanitize_char_width): New inline function.
(png_load, gif_load, svg_load_image):
Prefer int to unsigned where either will do.
(tiff_handler): New function, combining the cores of the
- old tiff_error_handler and tiff_warning_handler. This
- function is rewritten to use vsnprintf and thereby avoid
+ old tiff_error_handler and tiff_warning_handler.
+ This function is rewritten to use vsnprintf and thereby avoid
stack buffer overflows. It uses only the features of vsnprintf
that are common to both POSIX and native Microsoft.
(tiff_error_handler, tiff_warning_handler): Use it.
`(space ...)', and specifies display in the text area, return 2
rather than 1.
(try_cursor_movement): Check for the need to scroll more
- accurately, and prefer exact match for point under bidi. Don't
- advance `row' beyond the last row of the window.
+ accurately, and prefer exact match for point under bidi.
+ Don't advance `row' beyond the last row of the window.
* dispextern.h (struct bidi_it): Rename the disp_prop_p member
into disp_prop; all users changed.