1 /* xalloc.h -- malloc with out-of-memory checking
3 Copyright (C) 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 1998,
4 1999, 2000, 2003, 2004, 2006 Free Software Foundation, Inc.
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2, or (at your option)
9 any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software Foundation,
18 Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */
20 #ifndef XALLOC_H_
21 # define XALLOC_H_
23 # include <stddef.h>
26 # ifdef __cplusplus
27 extern "C" {
28 # endif
31 # ifndef __attribute__
32 # if __GNUC__ < 2 || (__GNUC__ == 2 && __GNUC_MINOR__ < 8) || __STRICT_ANSI__
33 # define __attribute__(x)
34 # endif
35 # endif
37 # ifndef ATTRIBUTE_NORETURN
38 # define ATTRIBUTE_NORETURN __attribute__ ((__noreturn__))
39 # endif
41 /* This function is always triggered when memory is exhausted.
42 It must be defined by the application, either explicitly
43 or by using gnulib's xalloc-die module. This is the
44 function to call when one wants the program to die because of a
45 memory allocation failure. */
46 extern void xalloc_die (void) ATTRIBUTE_NORETURN;
48 void *xmalloc (size_t s);
49 void *xzalloc (size_t s);
50 void *xcalloc (size_t n, size_t s);
51 void *xrealloc (void *p, size_t s);
52 void *x2realloc (void *p, size_t *pn);
53 void *xmemdup (void const *p, size_t s);
54 char *xstrdup (char const *str);
56 /* Return 1 if an array of N objects, each of size S, cannot exist due
57 to size arithmetic overflow. S must be positive and N must be
58 nonnegative. This is a macro, not an inline function, so that it
59 works correctly even when SIZE_MAX < N.
61 By gnulib convention, SIZE_MAX represents overflow in size
62 calculations, so the conservative dividend to use here is
63 SIZE_MAX - 1, since SIZE_MAX might represent an overflowed value.
64 However, malloc (SIZE_MAX) fails on all known hosts where
65 sizeof (ptrdiff_t) <= sizeof (size_t), so do not bother to test for
66 exactly-SIZE_MAX allocations on such hosts; this avoids a test and
67 branch when S is known to be 1. */
68 # define xalloc_oversized(n, s) \
69 ((size_t) (sizeof (ptrdiff_t) <= sizeof (size_t) ? -1 : -2) / (s) < (n))
72 /* In the following macros, T must be an elementary or structure/union or
73 typedef'ed type, or a pointer to such a type. To apply one of the
74 following macros to a function pointer or array type, you need to typedef
75 it first and use the typedef name. */
77 /* Allocate an object of type T dynamically, with error checking. */
78 /* extern t *XMALLOC (typename t); */
79 # define XMALLOC(t) ((t *) xmalloc (sizeof (t)))
81 /* Allocate memory for N elements of type T, with error checking. */
82 /* extern t *XNMALLOC (size_t n, typename t); */
83 # define XNMALLOC(n, t) \
84 ((t *) (sizeof (t) == 1 ? xmalloc (n) : xnmalloc (n, sizeof (t))))
86 /* Allocate an object of type T dynamically, with error checking,
87 and zero it. */
88 /* extern t *XZALLOC (typename t); */
89 # define XZALLOC(t) ((t *) xzalloc (sizeof (t)))
91 /* Allocate memory for N elements of type T, with error checking,
92 and zero it. */
93 /* extern t *XCALLOC (size_t n, typename t); */
94 # define XCALLOC(n, t) \
95 ((t *) (sizeof (t) == 1 ? xzalloc (n) : xcalloc (n, sizeof (t))))
98 # if HAVE_INLINE
99 # define static_inline static inline
100 # else
101 void *xnmalloc (size_t n, size_t s);
102 void *xnrealloc (void *p, size_t n, size_t s);
103 void *x2nrealloc (void *p, size_t *pn, size_t s);
104 char *xcharalloc (size_t n);
105 # endif
107 # ifdef static_inline
109 /* Allocate an array of N objects, each with S bytes of memory,
110 dynamically, with error checking. S must be nonzero. */
112 static_inline void *
113 xnmalloc (size_t n, size_t s)
114 {
115 if (xalloc_oversized (n, s))
116 xalloc_die ();
117 return xmalloc (n * s);
118 }
120 /* Change the size of an allocated block of memory P to an array of N
121 objects each of S bytes, with error checking. S must be nonzero. */
123 static_inline void *
124 xnrealloc (void *p, size_t n, size_t s)
125 {
126 if (xalloc_oversized (n, s))
127 xalloc_die ();
128 return xrealloc (p, n * s);
129 }
131 /* If P is null, allocate a block of at least *PN such objects;
132 otherwise, reallocate P so that it contains more than *PN objects
133 each of S bytes. *PN must be nonzero unless P is null, and S must
134 be nonzero. Set *PN to the new number of objects, and return the
135 pointer to the new block. *PN is never set to zero, and the
136 returned pointer is never null.
138 Repeated reallocations are guaranteed to make progress, either by
139 allocating an initial block with a nonzero size, or by allocating a
140 larger block.
142 In the following implementation, nonzero sizes are doubled so that
143 repeated reallocations have O(N log N) overall cost rather than
144 O(N**2) cost, but the specification for this function does not
145 guarantee that sizes are doubled.
147 Here is an example of use:
149 int *p = NULL;
150 size_t used = 0;
151 size_t allocated = 0;
153 void
154 append_int (int value)
155 {
156 if (used == allocated)
157 p = x2nrealloc (p, &allocated, sizeof *p);
158 p[used++] = value;
159 }
161 This causes x2nrealloc to allocate a block of some nonzero size the
162 first time it is called.
164 To have finer-grained control over the initial size, set *PN to a
165 nonzero value before calling this function with P == NULL. For
166 example:
168 int *p = NULL;
169 size_t used = 0;
170 size_t allocated = 0;
171 size_t allocated1 = 1000;
173 void
174 append_int (int value)
175 {
176 if (used == allocated)
177 {
178 p = x2nrealloc (p, &allocated1, sizeof *p);
179 allocated = allocated1;
180 }
181 p[used++] = value;
182 }
184 */
186 static_inline void *
187 x2nrealloc (void *p, size_t *pn, size_t s)
188 {
189 size_t n = *pn;
191 if (! p)
192 {
193 if (! n)
194 {
195 /* The approximate size to use for initial small allocation
196 requests, when the invoking code specifies an old size of
197 zero. 64 bytes is the largest "small" request for the
198 GNU C library malloc. */
199 enum { DEFAULT_MXFAST = 64 };
201 n = DEFAULT_MXFAST / s;
202 n += !n;
203 }
204 }
205 else
206 {
207 if (((size_t) -1) / 2 / s < n)
208 xalloc_die ();
209 n *= 2;
210 }
212 *pn = n;
213 return xrealloc (p, n * s);
214 }
216 /* Return a pointer to a new buffer of N bytes. This is like xmalloc,
217 except it returns char *. */
219 static_inline char *
220 xcharalloc (size_t n)
221 {
222 return XNMALLOC (n, char);
223 }
225 # endif
227 # ifdef __cplusplus
228 }
230 /* C++ does not allow conversions from void * to other pointer types
231 without a cast. Use templates to work around the problem when
232 possible. */
234 template <typename T> inline T *
235 xrealloc (T *p, size_t s)
236 {
237 return (T *) xrealloc ((void *) p, s);
238 }
240 template <typename T> inline T *
241 xnrealloc (T *p, size_t n, size_t s)
242 {
243 return (T *) xnrealloc ((void *) p, n, s);
244 }
246 template <typename T> inline T *
247 x2realloc (T *p, size_t *pn)
248 {
249 return (T *) x2realloc ((void *) p, pn);
250 }
252 template <typename T> inline T *
253 x2nrealloc (T *p, size_t *pn, size_t s)
254 {
255 return (T *) x2nrealloc ((void *) p, pn, s);
256 }
258 template <typename T> inline T *
259 xmemdup (T const *p, size_t s)
260 {
261 return (T *) xmemdup ((void const *) p, s);
262 }
264 # endif
267 #endif /* !XALLOC_H_ */