| 1 | /* Safe automatic memory allocation.
|
|---|
| 2 | Copyright (C) 2003-2006 Free Software Foundation, Inc.
|
|---|
| 3 | Written by Bruno Haible <bruno@clisp.org>, 2003.
|
|---|
| 4 |
|
|---|
| 5 | This program is free software; you can redistribute it and/or modify
|
|---|
| 6 | it under the terms of the GNU General Public License as published by
|
|---|
| 7 | the Free Software Foundation; either version 2, or (at your option)
|
|---|
| 8 | any later version.
|
|---|
| 9 |
|
|---|
| 10 | This program is distributed in the hope that it will be useful,
|
|---|
| 11 | but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|---|
| 12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|---|
| 13 | GNU General Public License for more details.
|
|---|
| 14 |
|
|---|
| 15 | You should have received a copy of the GNU General Public License
|
|---|
| 16 | along with this program; if not, write to the Free Software Foundation,
|
|---|
| 17 | Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */
|
|---|
| 18 |
|
|---|
| 19 | #ifndef _ALLOCSA_H
|
|---|
| 20 | #define _ALLOCSA_H
|
|---|
| 21 |
|
|---|
| 22 | #include <alloca.h>
|
|---|
| 23 | #include <stddef.h>
|
|---|
| 24 | #include <stdlib.h>
|
|---|
| 25 |
|
|---|
| 26 |
|
|---|
| 27 | #ifdef __cplusplus
|
|---|
| 28 | extern "C" {
|
|---|
| 29 | #endif
|
|---|
| 30 |
|
|---|
| 31 |
|
|---|
| 32 | /* safe_alloca(N) is equivalent to alloca(N) when it is safe to call
|
|---|
| 33 | alloca(N); otherwise it returns NULL. It either returns N bytes of
|
|---|
| 34 | memory allocated on the stack, that lasts until the function returns,
|
|---|
| 35 | or NULL.
|
|---|
| 36 | Use of safe_alloca should be avoided:
|
|---|
| 37 | - inside arguments of function calls - undefined behaviour,
|
|---|
| 38 | - in inline functions - the allocation may actually last until the
|
|---|
| 39 | calling function returns.
|
|---|
| 40 | */
|
|---|
| 41 | #if HAVE_ALLOCA
|
|---|
| 42 | /* The OS usually guarantees only one guard page at the bottom of the stack,
|
|---|
| 43 | and a page size can be as small as 4096 bytes. So we cannot safely
|
|---|
| 44 | allocate anything larger than 4096 bytes. Also care for the possibility
|
|---|
| 45 | of a few compiler-allocated temporary stack slots.
|
|---|
| 46 | This must be a macro, not an inline function. */
|
|---|
| 47 | # define safe_alloca(N) ((N) < 4032 ? alloca (N) : NULL)
|
|---|
| 48 | #else
|
|---|
| 49 | # define safe_alloca(N) ((N), NULL)
|
|---|
| 50 | #endif
|
|---|
| 51 |
|
|---|
| 52 | /* allocsa(N) is a safe variant of alloca(N). It allocates N bytes of
|
|---|
| 53 | memory allocated on the stack, that must be freed using freesa() before
|
|---|
| 54 | the function returns. Upon failure, it returns NULL. */
|
|---|
| 55 | #if HAVE_ALLOCA
|
|---|
| 56 | # define allocsa(N) \
|
|---|
| 57 | ((N) < 4032 - sa_increment \
|
|---|
| 58 | ? (void *) ((char *) alloca ((N) + sa_increment) + sa_increment) \
|
|---|
| 59 | : mallocsa (N))
|
|---|
| 60 | #else
|
|---|
| 61 | # define allocsa(N) \
|
|---|
| 62 | mallocsa (N)
|
|---|
| 63 | #endif
|
|---|
| 64 | extern void * mallocsa (size_t n);
|
|---|
| 65 |
|
|---|
| 66 | /* Free a block of memory allocated through allocsa(). */
|
|---|
| 67 | #if HAVE_ALLOCA
|
|---|
| 68 | extern void freesa (void *p);
|
|---|
| 69 | #else
|
|---|
| 70 | # define freesa free
|
|---|
| 71 | #endif
|
|---|
| 72 |
|
|---|
| 73 | /* Maybe we should also define a variant
|
|---|
| 74 | nallocsa (size_t n, size_t s) - behaves like allocsa (n * s)
|
|---|
| 75 | If this would be useful in your application. please speak up. */
|
|---|
| 76 |
|
|---|
| 77 |
|
|---|
| 78 | #ifdef __cplusplus
|
|---|
| 79 | }
|
|---|
| 80 | #endif
|
|---|
| 81 |
|
|---|
| 82 |
|
|---|
| 83 | /* ------------------- Auxiliary, non-public definitions ------------------- */
|
|---|
| 84 |
|
|---|
| 85 | /* Determine the alignment of a type at compile time. */
|
|---|
| 86 | #if defined __GNUC__
|
|---|
| 87 | # define sa_alignof __alignof__
|
|---|
| 88 | #elif defined __cplusplus
|
|---|
| 89 | template <class type> struct sa_alignof_helper { char __slot1; type __slot2; };
|
|---|
| 90 | # define sa_alignof(type) offsetof (sa_alignof_helper<type>, __slot2)
|
|---|
| 91 | #elif defined __hpux
|
|---|
| 92 | /* Work around a HP-UX 10.20 cc bug with enums constants defined as offsetof
|
|---|
| 93 | values. */
|
|---|
| 94 | # define sa_alignof(type) (sizeof (type) <= 4 ? 4 : 8)
|
|---|
| 95 | #elif defined _AIX
|
|---|
| 96 | /* Work around an AIX 3.2.5 xlc bug with enums constants defined as offsetof
|
|---|
| 97 | values. */
|
|---|
| 98 | # define sa_alignof(type) (sizeof (type) <= 4 ? 4 : 8)
|
|---|
| 99 | #else
|
|---|
| 100 | # define sa_alignof(type) offsetof (struct { char __slot1; type __slot2; }, __slot2)
|
|---|
| 101 | #endif
|
|---|
| 102 |
|
|---|
| 103 | enum
|
|---|
| 104 | {
|
|---|
| 105 | /* The desired alignment of memory allocations is the maximum alignment
|
|---|
| 106 | among all elementary types. */
|
|---|
| 107 | sa_alignment_long = sa_alignof (long),
|
|---|
| 108 | sa_alignment_double = sa_alignof (double),
|
|---|
| 109 | #ifdef HAVE_LONG_LONG_INT
|
|---|
| 110 | sa_alignment_longlong = sa_alignof (long long),
|
|---|
| 111 | #endif
|
|---|
| 112 | #ifdef HAVE_LONG_DOUBLE
|
|---|
| 113 | sa_alignment_longdouble = sa_alignof (long double),
|
|---|
| 114 | #endif
|
|---|
| 115 | sa_alignment_max = ((sa_alignment_long - 1) | (sa_alignment_double - 1)
|
|---|
| 116 | #ifdef HAVE_LONG_LONG_INT
|
|---|
| 117 | | (sa_alignment_longlong - 1)
|
|---|
| 118 | #endif
|
|---|
| 119 | #ifdef HAVE_LONG_DOUBLE
|
|---|
| 120 | | (sa_alignment_longdouble - 1)
|
|---|
| 121 | #endif
|
|---|
| 122 | ) + 1,
|
|---|
| 123 | /* The increment that guarantees room for a magic word must be >= sizeof (int)
|
|---|
| 124 | and a multiple of sa_alignment_max. */
|
|---|
| 125 | sa_increment = ((sizeof (int) + sa_alignment_max - 1) / sa_alignment_max) * sa_alignment_max
|
|---|
| 126 | };
|
|---|
| 127 |
|
|---|
| 128 | #endif /* _ALLOCSA_H */
|
|---|
