1/* xalloc.h -- malloc with out-of-memory checking
2
3 Copyright (C) 1990-2000, 2003-2004, 2006-2019 Free Software Foundation, Inc.
4
5 This program is free software: you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; either version 3 of the License, or
8 (at your option) any later version.
9
10 This program is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 GNU General Public License for more details.
14
15 You should have received a copy of the GNU General Public License
16 along with this program. If not, see <https://www.gnu.org/licenses/>. */
17
18#ifndef XALLOC_H_
19#define XALLOC_H_
20
21#include <stddef.h>
22#include <stdint.h>
23
24#include "xalloc-oversized.h"
25
26#ifndef _GL_INLINE_HEADER_BEGIN
27 #error "Please include config.h first."
28#endif
29_GL_INLINE_HEADER_BEGIN
30#ifndef XALLOC_INLINE
31# define XALLOC_INLINE _GL_INLINE
32#endif
33
34#ifdef __cplusplus
35extern "C" {
36#endif
37
38
39#if ! defined __clang__ && \
40 (__GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 3))
41# define _GL_ATTRIBUTE_ALLOC_SIZE(args) __attribute__ ((__alloc_size__ args))
42#else
43# define _GL_ATTRIBUTE_ALLOC_SIZE(args)
44#endif
45
46/* This function is always triggered when memory is exhausted.
47 It must be defined by the application, either explicitly
48 or by using gnulib's xalloc-die module. This is the
49 function to call when one wants the program to die because of a
50 memory allocation failure. */
51extern _Noreturn void xalloc_die (void);
52
53void *xmalloc (size_t s)
54 _GL_ATTRIBUTE_MALLOC _GL_ATTRIBUTE_ALLOC_SIZE ((1));
55void *xzalloc (size_t s)
56 _GL_ATTRIBUTE_MALLOC _GL_ATTRIBUTE_ALLOC_SIZE ((1));
57void *xcalloc (size_t n, size_t s)
58 _GL_ATTRIBUTE_MALLOC _GL_ATTRIBUTE_ALLOC_SIZE ((1, 2));
59void *xrealloc (void *p, size_t s)
60 _GL_ATTRIBUTE_ALLOC_SIZE ((2));
61void *x2realloc (void *p, size_t *pn);
62void *xmemdup (void const *p, size_t s)
63 _GL_ATTRIBUTE_ALLOC_SIZE ((2));
64char *xstrdup (char const *str)
65 _GL_ATTRIBUTE_MALLOC;
66
67/* In the following macros, T must be an elementary or structure/union or
68 typedef'ed type, or a pointer to such a type. To apply one of the
69 following macros to a function pointer or array type, you need to typedef
70 it first and use the typedef name. */
71
72/* Allocate an object of type T dynamically, with error checking. */
73/* extern t *XMALLOC (typename t); */
74#define XMALLOC(t) ((t *) xmalloc (sizeof (t)))
75
76/* Allocate memory for N elements of type T, with error checking. */
77/* extern t *XNMALLOC (size_t n, typename t); */
78#define XNMALLOC(n, t) \
79 ((t *) (sizeof (t) == 1 ? xmalloc (n) : xnmalloc (n, sizeof (t))))
80
81/* Allocate an object of type T dynamically, with error checking,
82 and zero it. */
83/* extern t *XZALLOC (typename t); */
84#define XZALLOC(t) ((t *) xzalloc (sizeof (t)))
85
86/* Allocate memory for N elements of type T, with error checking,
87 and zero it. */
88/* extern t *XCALLOC (size_t n, typename t); */
89#define XCALLOC(n, t) \
90 ((t *) (sizeof (t) == 1 ? xzalloc (n) : xcalloc (n, sizeof (t))))
91
92
93/* Allocate an array of N objects, each with S bytes of memory,
94 dynamically, with error checking. S must be nonzero. */
95
96XALLOC_INLINE void *xnmalloc (size_t n, size_t s)
97 _GL_ATTRIBUTE_MALLOC _GL_ATTRIBUTE_ALLOC_SIZE ((1, 2));
98XALLOC_INLINE void *
99xnmalloc (size_t n, size_t s)
100{
101 if (xalloc_oversized (n, s))
102 xalloc_die ();
103 return xmalloc (n * s);
104}
105
106/* Change the size of an allocated block of memory P to an array of N
107 objects each of S bytes, with error checking. S must be nonzero. */
108
109XALLOC_INLINE void *xnrealloc (void *p, size_t n, size_t s)
110 _GL_ATTRIBUTE_ALLOC_SIZE ((2, 3));
111XALLOC_INLINE void *
112xnrealloc (void *p, size_t n, size_t s)
113{
114 if (xalloc_oversized (n, s))
115 xalloc_die ();
116 return xrealloc (p, n * s);
117}
118
119/* If P is null, allocate a block of at least *PN such objects;
120 otherwise, reallocate P so that it contains more than *PN objects
121 each of S bytes. S must be nonzero. Set *PN to the new number of
122 objects, and return the pointer to the new block. *PN is never set
123 to zero, and the returned pointer is never null.
124
125 Repeated reallocations are guaranteed to make progress, either by
126 allocating an initial block with a nonzero size, or by allocating a
127 larger block.
128
129 In the following implementation, nonzero sizes are increased by a
130 factor of approximately 1.5 so that repeated reallocations have
131 O(N) overall cost rather than O(N**2) cost, but the
132 specification for this function does not guarantee that rate.
133
134 Here is an example of use:
135
136 int *p = NULL;
137 size_t used = 0;
138 size_t allocated = 0;
139
140 void
141 append_int (int value)
142 {
143 if (used == allocated)
144 p = x2nrealloc (p, &allocated, sizeof *p);
145 p[used++] = value;
146 }
147
148 This causes x2nrealloc to allocate a block of some nonzero size the
149 first time it is called.
150
151 To have finer-grained control over the initial size, set *PN to a
152 nonzero value before calling this function with P == NULL. For
153 example:
154
155 int *p = NULL;
156 size_t used = 0;
157 size_t allocated = 0;
158 size_t allocated1 = 1000;
159
160 void
161 append_int (int value)
162 {
163 if (used == allocated)
164 {
165 p = x2nrealloc (p, &allocated1, sizeof *p);
166 allocated = allocated1;
167 }
168 p[used++] = value;
169 }
170
171 */
172
173XALLOC_INLINE void *
174x2nrealloc (void *p, size_t *pn, size_t s)
175{
176 size_t n = *pn;
177
178 if (! p)
179 {
180 if (! n)
181 {
182 /* The approximate size to use for initial small allocation
183 requests, when the invoking code specifies an old size of
184 zero. This is the largest "small" request for the GNU C
185 library malloc. */
186 enum { DEFAULT_MXFAST = 64 * sizeof (size_t) / 4 };
187
188 n = DEFAULT_MXFAST / s;
189 n += !n;
190 }
191 if (xalloc_oversized (n, s))
192 xalloc_die ();
193 }
194 else
195 {
196 /* Set N = floor (1.5 * N) + 1 so that progress is made even if N == 0.
197 Check for overflow, so that N * S stays in both ptrdiff_t and
198 size_t range. The check may be slightly conservative, but an
199 exact check isn't worth the trouble. */
200 if ((PTRDIFF_MAX < SIZE_MAX ? PTRDIFF_MAX : SIZE_MAX) / 3 * 2 / s
201 <= n)
202 xalloc_die ();
203 n += n / 2 + 1;
204 }
205
206 *pn = n;
207 return xrealloc (p, n * s);
208}
209
210/* Return a pointer to a new buffer of N bytes. This is like xmalloc,
211 except it returns char *. */
212
213XALLOC_INLINE char *xcharalloc (size_t n)
214 _GL_ATTRIBUTE_MALLOC _GL_ATTRIBUTE_ALLOC_SIZE ((1));
215XALLOC_INLINE char *
216xcharalloc (size_t n)
217{
218 return XNMALLOC (n, char);
219}
220
221#ifdef __cplusplus
222}
223
224/* C++ does not allow conversions from void * to other pointer types
225 without a cast. Use templates to work around the problem when
226 possible. */
227
228template <typename T> inline T *
229xrealloc (T *p, size_t s)
230{
231 return (T *) xrealloc ((void *) p, s);
232}
233
234template <typename T> inline T *
235xnrealloc (T *p, size_t n, size_t s)
236{
237 return (T *) xnrealloc ((void *) p, n, s);
238}
239
240template <typename T> inline T *
241x2realloc (T *p, size_t *pn)
242{
243 return (T *) x2realloc ((void *) p, pn);
244}
245
246template <typename T> inline T *
247x2nrealloc (T *p, size_t *pn, size_t s)
248{
249 return (T *) x2nrealloc ((void *) p, pn, s);
250}
251
252template <typename T> inline T *
253xmemdup (T const *p, size_t s)
254{
255 return (T *) xmemdup ((void const *) p, s);
256}
257
258#endif
259
260_GL_INLINE_HEADER_END
261
262#endif /* !XALLOC_H_ */
263