Add assertion to LONG_MULT and remove useless assert in PUSH_CONTENTS_HDR

* include/private/gc_pmark.h (LONG_MULT): Add static assertion that
the size of variable is large enough to hold multiplication result.
* include/private/gc_pmark.h (PUSH_CONTENTS_HDR): Remove useless
assertion check for a unsigned "high_prod" value to be non-negative
(only if MARK_BIT_PER_OBJ).

diff --git a/include/private/gc_pmark.h b/include/private/gc_pmark.h
index 67b6416..0192ef7 100644 (file)
--- a/include/private/gc_pmark.h
+++ b/include/private/gc_pmark.h
@@ -229,6 +229,7 @@ GC_INNER mse * GC_signal_mark_stack_overflow(mse *msp);
     do { \
         unsigned long long prod = (unsigned long long)(x) \
                                   * (unsigned long long)(y); \
+        GC_STATIC_ASSERT(sizeof(x) + sizeof(y) <= sizeof(prod)); \
         hprod = prod >> 32; \
         lprod = (unsigned32)prod; \
     } while (0)
@@ -345,7 +346,7 @@ GC_INNER mse * GC_signal_mark_stack_overflow(mse *msp);
     } \
     /* May get here for pointer to start of block not at        */ \
     /* beginning of object.  If so, it's valid, and we're fine. */ \
-    GC_ASSERT(high_prod >= 0 && high_prod <= HBLK_OBJS(hhdr -> hb_sz)); \
+    GC_ASSERT(high_prod <= HBLK_OBJS(hhdr -> hb_sz)); \
     TRACE(source, GC_log_printf("GC #%u: passed validity tests\n", \
                                 (unsigned)GC_gc_no)); \
     SET_MARK_BIT_EXIT_IF_SET(hhdr, high_prod, exit_label); \