# HG changeset patch
# User Paul Eggert <eggert@cs.ucla.edu>
# Date 1517615235 -3600
# Node ID e5bf6ab0bb97695d6bb8025de542c79f530f5f1d
# Parent  a675c796ba51b3f2ab3477e1755709f93e82eead
malloca: Add a compile-time verification.

* lib/malloca.c (small_t): Verify that it is wide enough.
* modules/malloca (Depends-on): Add verify.

diff -r a675c796ba51 -r e5bf6ab0bb97 ChangeLog
--- a/ChangeLog	Sat Feb 03 00:32:41 2018 +0100
+++ b/ChangeLog	Sat Feb 03 00:47:15 2018 +0100
@@ -1,3 +1,9 @@
+2018-02-02  Paul Eggert  <eggert@cs.ucla.edu>
+
+	malloca: Add a compile-time verification.
+	* lib/malloca.c (small_t): Verify that it is wide enough.
+	* modules/malloca (Depends-on): Add verify.
+
 2018-02-02  Bruno Haible  <bruno@clisp.org>
 
 	malloca: Add an argument check.
diff -r a675c796ba51 -r e5bf6ab0bb97 lib/malloca.c
--- a/lib/malloca.c	Sat Feb 03 00:32:41 2018 +0100
+++ b/lib/malloca.c	Sat Feb 03 00:47:15 2018 +0100
@@ -21,6 +21,8 @@
 /* Specification.  */
 #include "malloca.h"
 
+#include "verify.h"
+
 /* The speed critical point in this file is freea() applied to an alloca()
    result: it must be fast, to match the speed of alloca().  The speed of
    mmalloca() and freea() in the other case are not critical, because they
@@ -34,6 +36,8 @@
 
 /* Type for holding very small pointer differences.  */
 typedef unsigned char small_t;
+/* Verify that it is wide enough.  */
+verify (2 * sa_alignment_max - 1 <= (small_t) -1);
 
 void *
 mmalloca (size_t n)
diff -r a675c796ba51 -r e5bf6ab0bb97 modules/malloca
--- a/modules/malloca	Sat Feb 03 00:32:41 2018 +0100
+++ b/modules/malloca	Sat Feb 03 00:47:15 2018 +0100
@@ -11,6 +11,7 @@
 Depends-on:
 alloca-opt
 stdint
+verify
 xalloc-oversized
 
 configure.ac: