| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
| |
* match.c (h_trailer): Prevent LOG_MATCH call from
being evaluated in failed case, when the position is nil.
This situation triggers an exception, because LOG_MATCH
prints the position as an integer using ~d.
|
| |
|
|
|
|
|
|
|
|
| |
* RELNOTES: Updated.
* configure, txr.1: Bumped version and date.
* share/txr/stdlib/ver.tl: Likewise.
* txr.vim, tl.vim, protsym.c: Regenerated.
|
| |
|
|
|
|
|
|
|
|
|
| |
* arith.c (do_mp_error): New function.
(num_from_buffer, plus, minus, mul, floordiv, expt, exptmod,
logtrunc, sign_extend, ash, bit): Handle errors from select
MPI functions: those that have the mp_ign attribute.
* ffi.c (unum_carray, num_carray): Likewise.
* rand.c (random): Likewise.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Using a feature of GCC, we mark some functions with the
warn_unused_result attribute. Specifically, those functions
which could return the MP_TOOBIG overflow error.
* mpi/mpi.h (mp_nign): New macro.
(mp_init_size, mp_add_d, mp_sub_d, mp_mul_d, mp_mul_2,
mp_div_d, mp_div_2, mp_expt_d, mp_add, mp_sub, mp_mul,
mp_mul_2d, mp_sqr, mp_expt, mp_2expt, mp_sqrt, mp_addmod,
mp_submod, mp_mulmod, mp_sqrmod, mp_exptmod, mp_exptmod_d,
mp_lcm, mp_xgcd, mp_invmod, mp_trunc_comp, mp_trunc, mp_shift,
mp_to_double, mp_read_signed_bin, mp_read_unsigned_bin,
mp_read_radix): Functions attributed with unused result
warning.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The main purpose of this patch is to prevent two cases of
numeric overflow.
One is when an arithmetic operation produces a result which
would have more digits than can be represented by mp_size. The
calculation for the digits in the result operand will simply
overflow, resulting in an undersized buffer that is then
overrun.
Another overflow is in calculations which work with bit
indexing. Even if the digits is in range of mp_size, the bit
number is eight times larger and can be out of range.
We can address both problems by clamping integers to have only
so many digits, that every bit has an offset that fits into
mp_size. If mp_size is 32 bits, that means we can still have
bignums that are half a gigabyte, which seems reasonable for
nearly any conceivable application of bignums.
After this patch, we must adjust the code in arith.c and
other places to detect errors, at least out of the functions
that can produce larger integers than their inputs.
* mpi/mpi-types.h (MP_MAX_BITS, MP_MAX_DIGITS): New macro.
* mpi/mpi.c (mp_err_string): New entry corresponding to the
new MP_TOOBIG error.
(mp_init_size, s_mp_grow): Reject, with the MP_TOOBIG error,
attemps to create or grow an mp_int mp_int such that it would
have more digits than MP_MAX_DIGITS.
* mpi/mpi.h (MP_TOOBIG): New macro code.
(MP_LAST_CODE): Redefined to MP_TOOBIG.
|
| |
|
|
|
|
|
|
|
|
|
| |
* mpi.c (s_mp_cmp): Rewrite loop as a for with
a bottom test, and the increments in the usual place.
ap and bp aren't decremented if the index is zero.
Ironic to fix this, given that we march through the
stack in the garbage collector.
(s_mp_ispow2): Similar restructuring, with an additional
guard around ix being set up to descend from the
second-to-last digit.
|
| |
|
|
| |
* mpi/mpi-config.h (MP_DEFPREC): Change from 16 to 8.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
MPI has a mp_size type for sizing of the digit arrays and some
other uses. It is not consistently used. Moreover, it is
typedef'd as a signed type. The type int is used for
iterating over digits, instead of the matching mpi_size type.
The int type is used as a size argument in some functions,
and in functions that return the number of bits.
This patch makes mp_size unsigned and replaces most uses of
int with a more appropriate type.
Because mp_size is now used for indexing, and is unsigned,
some downward loop termination tests have to be changed;
the always true condition ix >= 0 cannot be used.
* arith.c (width): Use mp_size for local variable which
iterates over digits inside mpi_int object, and for bit
count. Use unum to convert bit count to Lisp integer:
mp_size could be out of range of cnum.
* mpi/mpi-types.h (mp_size): Typedef to unsigned.
(MP_SIZE_MAX): New macro.
(MP_DIGIT_BIT, MP_WORD_BIT): Cast the value to mp_size rather
than to int.
* mpi/mpi.c (s_mp_defprec): Declare variable as mp_size.
(s_mp_setz, s_mp_copy, mp_size, s_highest_bit_mp,
s_mp_set_bit, s_mp_ispow2, s_mp_outlen, mp_set_int,
mp_set_uintptr, mp_set_double_intptr, mp_expt, mp_sqrt,
mp_exptmod, mp_hash, mp_gcd, mp_shift, mp_bit, mp_to_double,
mp_print, mp_read_signed_bin, mp_signed_bin_size,
mp_read_unsigned_bin, mp_unsigned_bin_size,
mp_to_unsigned_bin, mp_to_unsigned_buf, mp_count_bits,
mp_is_pow_two, mp_read_radix, mp_radix_size,
mp_value_radix_size, mp_toradix_case, s_mp_setz, s_mp_copy,
mp_size, s_highest_bit_mp, s_mp_set_bit, s_mp_mul_2,
s_mp_mod_2d, s_mp_div_2d, s_mp_div_d, s_mp_sqr, s_mp_sqr,
s_mp_div, s_mp_cmp, s_mp_cmp_d, s_mp_ispow2, s_mp_outlen): In
all these functions, use size_t for external size, mp_size for
number of digits and bits, in return values, arguments and
local variables. Tests in descending loops are adjusted for
unsigned logic.
* mpi/mpi.h (mp_get_prec, mp_set_prec, mp_read_signed_bin,
mp_signed_bin_size, mp_read_unsigned_bin,
mp_unsigned_bin_size, mp_to_unsigned_buf, mp_count_bits,
mp_is_pow_two, mp_radix_size, mp_value_radix_size):
Declarations updated.
* mpi/mplogic.c (mpl_not, mpl_and, mpl_or, mpl_xor, mpl_rsh,
mpl_lsh, mpl_num_set, mpl_num_clear, mpl_parity): Just like
in mpi.c
* rand.c (make_random_state): Use mp_size and ucnum for local
variables holding digit and bit counts.
* sysif.c (off_t_num): Use mp_size for digit count.
|
| |
|
|
|
|
|
|
|
| |
mp_shift takes an int argument, but we decode bits to
a cnum, leaving possible room for overflow, such as
when cnum is 64 bits and int is 32. If the value
* arith.c (ash): Check that the value is in the range
of INT_MIN to INT_MAX.
|
| |
|
|
|
| |
* arith.c (ash): Refer to ash in error messages rather than
ashift.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Multi-line expressions can now be entered just using
Enter for line breaks without Ctrl-V.
Multi-line mode becomes default.
* parser.c (is_balanced_line): New static function.
(repl): Install is_balanced_line as enter callback
in linenoise object.
(parse_init): Default *listener-multi-line-p* variable to t.
* txr.1: Documentation about multi-line mode updated.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The idea is that when the user types Enter to submit a line,
it can be checked whether it is complete syntax using a
callback. If the callback indicates that the syntax is
incomplete (there are open expressions, string literals or
whatever), then Enter is inserted verbatim. This is active
in multi-line mode only.
* linenoise.c (struct lino_state): New members, enter_callback
and ce_ctx.
(lino_set_enter_cb): New function.
(edit): If enter is issued, and multi-line mode is in effect,
and there is an enter callback, then call it. If the callback
returns false, then just insert the character.
* linenoise.h (lino_enter_cb_t): New typedef.
(lino_set_enter_cb): Declared.
|
| |
|
|
|
|
| |
* lib.c (toseq, reverse, nreverse): Classify the
sequence with seq_info, and simplify the code by
just dealing with the sequence kinds.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This will help simplify writing generic sequence code, while
allowing lists and vectors to be handled specially.
* lib.h (enum seq_kind, seq_kind_t): New enum and typedef.
(struct seq_info, seq_info_t): New struct and typedef.
(seq_kind_tab, seq_info): Declared.
* lib.c (seq_kind_tab): New global array.
(seq_info): New function.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With this change, nreverse is possible on a struct,
if it has lambda, lambda-set and length methods.
* lib.c (length_s): New symbol variable.
(length): Check for length method and call it,
in preference to checking for car method and falling
back on cdr-based length.
(empty): If object has a length method, call it and
compare result to zero.
(obj_init): Initialize length_s.
* txr.1: Documented. We now have the concepts of structs
being vector-like sequences or list-like sequences.
|
| |
|
|
|
|
|
|
|
|
|
| |
* lib.c (ref, refset): Check for lambda and lambda-set,
respectively, and use it.
* txr.1: Documented.
* tests/012/aseq.tl (add lambda): Fix previously unused
broken method which now causes test to go into infinite
recursion.
|
| |
|
|
|
|
|
|
| |
* lib.c (reverse): Support COBJ via list
operations, but handle carray via vector case.
(nreverse): Support COBJ via vector case.
This will work for carray. Fixes are needed in
ref and refset to work with structs.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* ffi.c (copy_carray): New function
(ffi_init): Register copy-carray intrinsic.
* ffi.h (copy_carray): Declared.
* lib.c (copy): Call copy_array for carray objects.
* txr.1: Documented copy-carray and updated
copy description.
|
| |
|
|
|
|
|
|
|
|
| |
* ffi.c (put_carray, fill_carray): New functions.
(ffi_init): put-carray and fill-carray intrinsics
registered.
* ffi.h (put_carray, fill_carray): Declared.
* txr.1: Documented.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* ffi.c (carray_unum, carray_num, unum_carray, num_carray):
New functions.
(ffi_init): New intrinsics registered: carray-unum,
carray-num, unum-carray, num-carray.
* ffi.h (carray_unum, carray_num, unum_carray, num_carray):
Declared.
* txr.1: Documented.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* arith.c (sign_extend): After taking the two's complement
which works at the granularity of digits, not the exact
number of bits, we must truncate the number to the
exact number of bits before negating. Otherwise we end up
with an excessively large value. For instance if a bignum
like #x80... is sign extended tightly to the upper
1 bit, the resulting value is something like #-xFFFF80...,
rather than #x-80... as it should be. There are extra
1 bits padding up to the bignum digit. These must be
chopped away.
|
| |
|
|
|
|
|
|
| |
* mpi/logtab.h, mpi/mpi-config.h mpi/mpi-types.h mpi/mpi.c,
mpi/mpi.h mpi/mplogic.c mpi/mplogic.h: Reformatted comments.
Removed useless comments. Removed superfluous blank lines and
whitespace. Added space between C keywords if, for, while,
sizeof and opening parens. Removed #if 0 blocks. Tabs to spaces.
|
| |
|
|
| |
* txr.c (banner): Text updated.
|
| |
|
|
|
| |
* linenoise/linenoise.c (show_help): New static function.
(edit): Call show_help on Ctrl-X ?.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* lisplib.c (ffi_set_entries): Register carray-sub
for autoload.
* share/txr/stdlib/ffi.tl (carray-sub): New place
macro, aliases to sub. This is not 100% correct since
that means it will admit non-carray objects, but
the alternative is to clone the entire sub expander
with a few changes, or else factor out sub expansion
into a shared routine. Bleh ...
* txr.1: Documented. We don't cover up the ruse we
perpetrated, and reveal that it's just a place macro
targetting sub.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
TXR Lisp doesn't autoload the definition of places.
For instance if a (set (foo x) y) appears out of the
blue and foo is keyed for autoload, it doesn't happen.
The right place to fix this is to do the autload check
in the place macro expander, since every place form is
tried as a macro.
We need to expose the lisplib_try_load function as a Lisp
intrinsic.
* lisplib.c (lisplib_init): Register sys:try-load
intrinsic, mapped to lisplib_try_load.
* share/txr/stdlib/place.tl (sys:get-place-macro):
New function.
(sys:pl-expand): Use sys:get-place-macro instead of
direct lookup in *place-macro* hash. The new function
tries to autoload the symbol if it finds no place
macro for it.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* ffi.c (make_ffi_type_struct): When there is no room in the
current bitfield, two mistakes are made. When bit_offs is
reset to zero in this case, the dependent variable bits_alloc
that was calculated from it (bits allocated to current unit)
must also be reset. The subsequent shift depends on it.
Secondly, when we establish the memb[i].offs field, that
must come from offs, not from unit_offs, because unit_offs
is always the base offset of the existing cell (which doesn't
have room for the new bitfield in this case); the main offset
variable offs is what gets gets adjusted to the cell which has
room for the new bitfield.
|
| |
|
|
|
|
|
|
|
|
| |
* RELNOTES: Updated.
* configure, txr.1: Bumped version and date.
* share/txr/stdlib/ver.tl: Likewise.
* txr.vim, tl.vim, protsym.c: Regenerated.
|
| |
|
|
|
|
|
|
|
| |
* ffi.c (ffi_generic_sbit_put, fi_generic_sbit_get,
ffi_generic_ubit_put, fi_generic_ubit_get): Add needed
coerce from zalloca to mem_t *.
(make_ffi_type_struct): Fix signed/unsigned comparison.
* lib.c (vector): Fix signed/unsigned comparison.
|
| |
|
|
|
| |
* genprotsym.txr: Sort groups so that the protsym.c
deltas, going forward, are more stable.
|
| |
|
|
|
|
| |
* genprotsym.txr: use @(first) directive trick to
eliminate leading blank lines in front of items
that are not controlled by a preprocessor symbol.
|
| |
|
|
|
|
|
|
|
| |
* buf.c (bufp): New function.
(buf_init): Registered bufp intrisic.
* buf.h (bufp): Declared.
* txr.1: Documented.
|
| |
|
|
|
|
|
|
|
|
| |
* share/txr/stdlib/conv.tl (sys:conv-let): New
local functions c and cz, using the new #\c
radix conversion.
* txr.1: Documented new extension under the fconv
awk macro. Also fixed a typo here; the b conversion
was exemplified as (c str).
|
| |
|
|
|
|
|
|
|
| |
* lib.c (int_str): Support #\c base, recognizing
0x as hex and leading 0 as octal. We don't rely on
the wcstol function's ability to do this conversion,
but scan it ourselves.
* txr.1: Documented.
|
| |
|
|
|
| |
* txr.1: Put carray and buf cases into the description of
the indexing notation under the dwim operator.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* ffi.c (make_ffi_type_struct): Use chk_xalloc instead of
chk_malloc.
(make_ffi_type_array): Use chk_xalloc. Since there are
multiple callers, take a self argument to pass down to
chk_xalloc.
(ffi_type_compile): Pass self down to make_ffi_type_array.
(ffi_make_call_desc): Use chk_xalloc.
(carray_ensure_artype): Take a self argument and pass down to
make_ffi_type_array.
(carray_get_common, carray_put_common): Pass self down to
carray_ensure_artype.
|
| |
|
|
|
|
|
|
|
| |
* stream.c (open_process): Check that manipulations of nargs
do not overflow int type. Use chk_xalloc. Allocation is
done before pipe so we have no file descriptors to clean up
if chk_xalloc throws.
(run): In both versions of run, check that manipulations of
nargs don't overflow int and use chk_xalloc.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* sysif.c (excec_wrap): Check that our nargs manipulation
doesn't exceed INT_MAX. Use chk_xalloc to allocate the
argument vector, providing an overflow check. Use self
variable in place function name embedded in literal.
(getgroups_wrap): Use chk_xalloc instead of chk_malloc,
so multiplication overflow is checked. Use self variable
in place function name embedded in literal.
(setgroups_wrap): Revamp existing overflow check. Use
ucnum for the size, check that it can convert to size_t
and back without loss of value, and use chk_xalloc
instead of chk_malloc.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* lib.c (vector): Bugfix: we are checking whether
length + 2 is negative, not length. Check the original
value, and simplify everything using check_mulloc.
(list_vec, sub_vec): Use chk_xalloc just in case. There
shouldn't be any overflow if the vector was constructed and
manipulated properly.
(replace_vec): Replace division-based oveflow check with
a simple test that total + 2 doesn't overflow; then
rely on chk_xalloc to do the multiplication overflow
check.
|
| |
|
|
|
| |
* lib.c (chk_wmalloc): Drop the incorrect multiplication
overflow test, and just call chk_xalloc.
|
| |
|
|
|
|
|
|
|
| |
This will simplify code that allocates an array-like
object whose size is the product of two numbers.
* lib.c (chk_xalloc): New function.
* lib.h (chk_xalloc): Declared.
|
| |
|
|
|
|
|
|
| |
* ffi.c (carray_dup): Do size multiplication using unsigned
type, then coerce back to signed. Check for overflow correctly
by first testing result for negative, then doing division check.
(carray_replace): Add check for negative size, which confirms
overflow.
|
| |
|
|
|
|
|
|
|
| |
* ffi.c (carrayp): New function.
(ffi_init): Register carrayp intrinsic.
* ffi.h (carrayp): Declared.
* txr.1: Documented.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Thanks to this (set [ca from..to] list) works.
* ffi.c (carray_replace): New function.
(ffi_init): Register carray-replace intrinsic.
* ffi.h (carray_replace): Declared.
* ffi.c (replace): Hook in carray_replace.
* txr.1: Mention carray under replace, and document
carray-replace.
|
| |
|
|
|
|
|
|
|
| |
* ffi.c (carray_pun): New function.
(ffi_init): Registered carray-pun intrinsic.
* ffi.h (carray_pun): Declared.
* txr.1: Documented.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Thus, [ca 3..5] syntax works for slice extraction.
However, this works referentially, not by making a copy.
The extracted subarray points to the original memory,
until carray-dup is invoked on it.
* ffi.c (carray_sub): New function.
(ffi_init): carray-sub intrinsic registered.
* ffi.h (carray_sub): Declared.
* lib.c (sub): Handle carray via carray_sub.
* txr.1: Documented changes in sub.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Thus (select ca '(0 3 4 ...)) works and so does the
sytnax [ca '(0 3 4 ...)]. This is inefficiently implemented.
The selected elements are extracted to a list which is then
converted to a carray of the same kind agan.
* ffi.c (carray_list): New function.
(ffi_init): Register carray-list intrinsic.
* ffi.h (carray_list): Declared.
* lib.c (make_like): Add carray case, so we can turn
a list into a carray based on an example carray.
This uses carray_list, with the type pulled from the
original carray. The target isn't null terminated.
(sel): Handle carray via vector case.
* txr.1: Document changes in select and make-like.
|
| |
|
|
| |
* lib.c (generic_funcall, ref, refset): Handle BUF.
|
| |
|
|
|
|
| |
* lib.c (length): Handle COBJ of carray type.
* txr.1: Documented.
|
| |
|
|
|
| |
* txr.1: Restructure the length documentation to use
definition-style paragraphs, and add buf.
|
