From: Paul Eggert <eggert@cs.ucla.edu>
Date: Sun, 18 Aug 2019 19:11:06 +0000 (-0700)
Subject: Improve bignum_integer static checking
X-Git-Tag: emacs-27.0.90~1572
X-Git-Url: http://git.eshelyaron.com/gitweb/?a=commitdiff_plain;h=780509f29f0aa006a578744f7e871eb6d5ce5931;p=emacs.git

Improve bignum_integer static checking

* src/bignum.h (bignum_integer): Now returns pointer-to-const,
to catch trivial mistakes where the caller might try to modify
a Lisp bignum.  Lisp bignums are supposed to be immutable.
All callers changed.
---

diff --git a/src/bignum.h b/src/bignum.h
index 743a18fc0f7..a9c7a0a09a8 100644
--- a/src/bignum.h
+++ b/src/bignum.h
@@ -83,7 +83,7 @@ mpz_set_uintmax (mpz_t result, uintmax_t v)
 /* Return a pointer to an mpz_t that is equal to the Lisp integer I.
    If I is a bignum this returns a pointer to I's representation;
    otherwise this sets *TMP to I's value and returns TMP.  */
-INLINE mpz_t *
+INLINE mpz_t const *
 bignum_integer (mpz_t *tmp, Lisp_Object i)
 {
   if (FIXNUMP (i))
diff --git a/src/data.c b/src/data.c
index 6db8ea144dd..cf9f8e56133 100644
--- a/src/data.c
+++ b/src/data.c
@@ -2871,7 +2871,7 @@ static Lisp_Object
 bignum_arith_driver (enum arithop code, ptrdiff_t nargs, Lisp_Object *args,
 		     ptrdiff_t argnum, intmax_t iaccum, Lisp_Object val)
 {
-  mpz_t *accum;
+  mpz_t const *accum;
   if (argnum == 0)
     {
       accum = bignum_integer (&mpz[0], val);
@@ -2882,7 +2882,7 @@ bignum_arith_driver (enum arithop code, ptrdiff_t nargs, Lisp_Object *args,
 
   while (true)
     {
-      mpz_t *next = bignum_integer (&mpz[1], val);
+      mpz_t const *next = bignum_integer (&mpz[1], val);
 
       switch (code)
 	{
@@ -3099,7 +3099,7 @@ integer_mod (Lisp_Object x, Lisp_Object y)
     }
   else
     {
-      mpz_t *ym = bignum_integer (&mpz[1], y);
+      mpz_t const *ym = bignum_integer (&mpz[1], y);
       bool neg_y = mpz_sgn (*ym) < 0;
       mpz_mod (mpz[0], *bignum_integer (&mpz[0], x), *ym);
 
@@ -3269,7 +3269,7 @@ In this case, the sign bit is duplicated.  */)
 	}
     }
 
-  mpz_t *zval = bignum_integer (&mpz[0], value);
+  mpz_t const *zval = bignum_integer (&mpz[0], value);
   if (XFIXNUM (count) < 0)
     {
       if (TYPE_MAXIMUM (mp_bitcnt_t) < - XFIXNUM (count))
diff --git a/src/timefns.c b/src/timefns.c
index bf49843aae7..3948f873354 100644
--- a/src/timefns.c
+++ b/src/timefns.c
@@ -423,7 +423,7 @@ decode_float_time (double t, struct lisp_time *result)
 static Lisp_Object
 ticks_hz_list4 (Lisp_Object ticks, Lisp_Object hz)
 {
-  mpz_t *zticks = bignum_integer (&mpz[0], ticks);
+  mpz_t const *zticks = bignum_integer (&mpz[0], ticks);
 #if FASTER_TIMEFNS && TRILLION <= ULONG_MAX
   mpz_mul_ui (mpz[0], *zticks, TRILLION);
 #else
@@ -557,8 +557,8 @@ frac_to_double (Lisp_Object numerator, Lisp_Object denominator)
 
   verify (FLT_RADIX == 2 || FLT_RADIX == 16);
   enum { LOG2_FLT_RADIX = FLT_RADIX == 2 ? 1 : 4 };
-  mpz_t *n = bignum_integer (&mpz[0], numerator);
-  mpz_t *d = bignum_integer (&mpz[1], denominator);
+  mpz_t const *n = bignum_integer (&mpz[0], numerator);
+  mpz_t const *d = bignum_integer (&mpz[1], denominator);
   ptrdiff_t nbits = mpz_sizeinbase (*n, 2);
   ptrdiff_t dbits = mpz_sizeinbase (*d, 2);
   eassume (0 < nbits);
@@ -1061,8 +1061,8 @@ time_arith (Lisp_Object a, Lisp_Object b, bool subtract)
     {
       /* The plan is to decompose ta into na/da and tb into nb/db.
 	 Start by computing da and db.  */
-      mpz_t *da = bignum_integer (&mpz[1], ta.hz);
-      mpz_t *db = bignum_integer (&mpz[2], tb.hz);
+      mpz_t const *da = bignum_integer (&mpz[1], ta.hz);
+      mpz_t const *db = bignum_integer (&mpz[2], tb.hz);
 
       /* The plan is to compute (na * (db/g) + nb * (da/g)) / lcm (da, db)
 	 where g = gcd (da, db).  Start by computing g.  */
@@ -1082,9 +1082,9 @@ time_arith (Lisp_Object a, Lisp_Object b, bool subtract)
 
       /* ticks = (fb * na) OPER (fa * nb), where OPER is + or -.
 	 OP is the multiply-add or multiply-sub form of OPER.  */
-      mpz_t *na = bignum_integer (&mpz[0], ta.ticks);
+      mpz_t const *na = bignum_integer (&mpz[0], ta.ticks);
       mpz_mul (mpz[0], *fb, *na);
-      mpz_t *nb = bignum_integer (&mpz[3], tb.ticks);
+      mpz_t const *nb = bignum_integer (&mpz[3], tb.ticks);
       (subtract ? mpz_submul : mpz_addmul) (mpz[0], *fa, *nb);
       ticks = make_integer_mpz ();
     }
@@ -1144,8 +1144,8 @@ time_cmp (Lisp_Object a, Lisp_Object b)
     return 0;
 
   struct lisp_time tb = lisp_time_struct (b, 0);
-  mpz_t *za = bignum_integer (&mpz[0], ta.ticks);
-  mpz_t *zb = bignum_integer (&mpz[1], tb.ticks);
+  mpz_t const *za = bignum_integer (&mpz[0], ta.ticks);
+  mpz_t const *zb = bignum_integer (&mpz[1], tb.ticks);
   if (! (FASTER_TIMEFNS && EQ (ta.hz, tb.hz)))
     {
       /* This could be sped up by looking at the signs, sizes, and