Ivan Maidanski [Fri, 17 Mar 2017 08:05:56 +0000 (11:05 +0300)]
Allow HAVE_DL_ITERATE_PHDR to be defined by client (musl)
Do not redefine HAVE_DL_ITERATE_PHDR macro if already defined.
* dyn_load.c [OPENBSD>=200519] (HAVE_DL_ITERATE_PHDR): Do not define
if already defined.
* dyn_load.c [!USE_PROC_FOR_LIBRARIES && (__GLIBC__>=2
|| PLATFORM_ANDROID)] (HAVE_DL_ITERATE_PHDR): Likewise.
* dyn_load.c [!USE_PROC_FOR_LIBRARIES && HAVE_DL_ITERATE_PHDR
&& !DL_ITERATE_PHDR_STRONG] (dl_iterate_phdr): Define as weak symbol
(even if HAVE_DL_ITERATE_PHDR is defined outside this file).
Ivan Maidanski [Thu, 16 Mar 2017 07:22:29 +0000 (10:22 +0300)]
Eliminate 'ISO C forbids object to function pointer conversion' warning
(Cherry-pick commit c69ae9c from 'release-7_6' branch.)
* dyn_load.c [SOLARISDL && !USE_PROC_FOR_LIBRARIES
&& SUNOS53_SHARED_LIB] (GC_FirstDLOpenedLinkMap): Cast result of dlsym()
to word type before casting it to a function pointer.
* pthread_support.c [GC_USE_DLOPEN_WRAP] (GC_init_real_syms): Likewise.
Ivan Maidanski [Thu, 30 Mar 2017 19:06:09 +0000 (22:06 +0300)]
Fix mixed include of GC public header and gc_priv.h in disclaim bench/test
Include gc_priv.h should be avoided in tests (if possible) or, at
least, this include should not precede include of the public GC
headers (because, e.g., gc_priv.h define GC_BUILD which influences
declspec of the GC public symbols in case of a shared library).
* tests/disclaim_bench.c: Move include gc_priv.h to be after
gc_disclaim.h; add comment.
* tests/disclaim_bench.c [HAVE_CONFIG_H]: Include "config.h" (before
include gc_disclaim.h).
Ivan Maidanski [Tue, 14 Mar 2017 22:58:41 +0000 (01:58 +0300)]
Fix GC_SIZE_MAX definition (Linux/musl-gcc)
(Cherry-pick commit f40fab8 from 'release-7_6' branch.)
* include/private/gc_priv.h [SIZE_MAX] (GC_SIZE_MAX): Cast
SIZE_MAX to size_t explicitly (to workaround incorrect definition
of SIZE_MAX - e.g. it is defined as ~0ULL in musl-tools which is not
correct for a 32-bit target).
Ivan Maidanski [Thu, 30 Mar 2017 21:11:04 +0000 (00:11 +0300)]
Fix gc.h compliance to strict ANSI (pthreads)
(Cherry-pick commits 1554297, 0970110 from 'master' branch.)
If -std=cXX option is passed to gcc/clang then sigset_t is undefined,
thus GC_pthread_sigmask declaration should be omitted. However, this
symbol should be available during GC source code audit by cppcheck.
* include/gc_pthread_redirects.h [!GC_NO_PTHREAD_SIGMASK]
(GC_pthread_sigmask): Declare only if GC_PTHREAD_SIGMASK_NEEDED or
_POSIX_C_SOURCE >= 199506 or _XOPEN_SOURCE >= 500, or _BSD_SOURCE
or _GNU_SOURCE.
* tests/test.c [CPPCHECK && !_GNU_SOURCE && GC_PTHREADS] (_GNU_SOURCE):
Likewise.
Ivan Maidanski [Thu, 23 Mar 2017 20:12:07 +0000 (23:12 +0300)]
Fix finalize.c compilation in 'strict ANSI' mode
This and some other GC .c files include gc_pmark.h directly (not
gc_priv.h), so the compiler complains that sigset_t (used in
gc_pthread_redirects.h) is undefined if 'strict ANSI' mode is on and
_GNU_SOURCE is not defined before including system headers.
* include/private/gc_pmark.h [(__linux__ || __GLIBC__ || __GNU__)
&& GC_PTHREADS && !GC_NO_PTHREAD_SIGMASK] (_GNU_SOURCE): Define (before
including other headers).
Ivan Maidanski [Thu, 23 Mar 2017 19:44:11 +0000 (22:44 +0300)]
Fix static assertion violation in LONG_MULT for 64-bit targets
* include/private/gc_pmark.h [MARK_BIT_PER_OBJ] (PUSH_CONTENTS_HDR):
Cast displ to unsigned32 when passed to LONG_MULT (it is safe because
displ is less than HBLKSIZE).
* include/private/gc_pmark.h [MARK_BIT_PER_OBJ] (PUSH_CONTENTS_HDR):
Declare "obj_displ" local variable at the beginning of the block (not
after GC_STATIC_ASSERT).
Ivan Maidanski [Wed, 1 Mar 2017 08:10:00 +0000 (11:10 +0300)]
Move libraries version info to the beginning of Makefile.am
(code refactoring)
* Makefile.am (LIBGC_VER_INFO, LIBGCCPP_VER_INFO): New variable; add
comment about the version update rule.
* cord/cord.am (LIBCORD_VER_INFO): Likewise.
* Makefile.am (libgc_la_LDFLAGS, libgccpp_la_LDFLAGS): Use
LIBGC[CPP]_VER_INFO instead the direct hard-coding of version info.
* cord/cord.am (libcord_la_LDFLAGS): Likewise.
Ivan Maidanski [Tue, 31 Jan 2017 23:30:18 +0000 (02:30 +0300)]
Fix enable_parallel_mark condition in CMake script
* CMakeLists.txt [enable_parallel_mark] (ADD_DEFINITIONS): Add
-DPARALLEL_MARK; remove ADD_DEFINITIONS("-DPARALLEL_MARK") in other
places; remove ${} for enable_parallel_mark in IF.
Ivan Maidanski [Fri, 9 Dec 2016 23:07:25 +0000 (02:07 +0300)]
Workaround 'index out of bounds' UBSan false warning in push_marked
* mark.c (GC_push_marked): Cast (h+1)->hb_body to word before
subtraction of sz value (and cast the result back to ptr_t).
* mark.c [ENABLE_DISCLAIM] (GC_push_unconditionally): Likewise.
* tools/if_mach.c (main): Cast the 2nd argument of execvp to void* (to
avoid compiler warning as the argument of execvp() prototype could be
of "const char* const*" or "char**" type).
* tools/if_not_there.c (main): Likewise.
Ivan Maidanski [Tue, 15 Nov 2016 07:48:31 +0000 (10:48 +0300)]
Suppress 'tainted string passed to vulnerable operation' false defects
* include/private/gc_priv.h (TRUSTED_STRING): New tagging macro; add
comment.
* misc.c (GC_init): Process the result of GETENV("GC_LOG_FILE") by
TRUSTED_STRING.
* tools/if_mach.c (main): Process argv[3] by TRUSTED_STRING (before
passing the string to execvp).
* tools/if_not_there.c (main): Declare "fname" local variable;
process argv[1] and argv[2] by TRUSTED_STRING (before passing the
strings to fopen/opendir and execvp, respectively).
Ivan Maidanski [Tue, 20 Dec 2016 07:21:07 +0000 (10:21 +0300)]
Fix (adjust) GC_scratch_alloc actual argument type
* dyn_load.c [IRIX5 || USE_PROC_FOR_LIBRARIES && !LINUX]
(GC_register_dynamic_libraries): Do not cast GC_scratch_alloc argument
to word type (it should be of size_t).
* headers.c (alloc_hdr, GC_init_headers, get_index): Likewise.
* os_dep.c [PROC_VDB] (GC_proc_buf_size): Change type from word to size_t.
* os_dep.c [PROC_VDB] (GC_read_dirty): Change type of new_size local
variable (which is passed to GC_scratch_alloc) from word to size_t.
Ivan Maidanski [Mon, 12 Dec 2016 23:34:28 +0000 (02:34 +0300)]
Fix GC_noop6 definition to avoid its calls to be optimized away
(fix commits e3ec4a5, 1586a21)
* include/private/gc_priv.h (GC_ATTR_NOINLINE): New macro (effective
for GCC/Clang and MS VC currently).
* mark.c (GC_noop6): Use GC_ATTR_NOINLINE attribute; call
AO_compiler_barrier if PARALLEL_MARK (or GC_PTHREADS and not
GC_WIN32_THREADS), otherwise call GC_noop1(0); add
comment.
Ivan Maidanski [Thu, 22 Dec 2016 21:39:10 +0000 (00:39 +0300)]
Fix bm_huge initialization for 64-bit targets (gctest)
* tests/test.c (bm_huge): Make array size depend on word size
(5 elements for 64-bit targets); initialize elements (except the last
one) to -1 instead of 0xffffffff (so that all bits are ones even on
a 64-bit target); initialize last element to ((word)-1)>>8 instead of
0x00ffffff value.
* tests/test.c (typed_test): Fail if bm_huge descriptor contains wrong
bit values at certain positions (as it had before this fix).
Ivan Maidanski [Mon, 19 Dec 2016 21:54:32 +0000 (00:54 +0300)]
Fix storage class of local variable in register_dynamic_libraries (Irix)
* dyn_load.c [IRIX5 || USE_PROC_FOR_LIBRARIES && !LINUX]
(GC_register_dynamic_libraries): Remove "static" for needed_sz local
variable (and initialize it to zero).
Ivan Maidanski [Sat, 10 Dec 2016 07:37:04 +0000 (10:37 +0300)]
Fix GC_mark_stack_top assertion violation properly in mark_local
(fix commit a563b883)
* mark.c (GC_mark_local): Remove assertion checking that
global_first_nonempty is not greater than GC_mark_stack_top+1 (because
global_first_nonempty could be bigger slightly more at some moments due
to concurrency between the markers); replace n_on_stack==0 with
my_top<my_first_nonempty (the latter is equivalent to
(signed_word)n_on_stack<=0).
Ivan Maidanski [Sat, 10 Dec 2016 07:14:39 +0000 (10:14 +0300)]
Fix assertion in GC_steal_mark_stack for non-heap regions
(similar to commit da2fcda)
* mark.c (GC_steal_mark_stack): Replace top->mse_descr.w with descr
in assertion; relax assertion condition for descr (length-containing
mse_descr.w could be larger than the current GC heap size if
mse_start points to a region in a stack or a program data root;
e.g. it could happen if MemorySanitizer is used).
Ivan Maidanski [Fri, 9 Dec 2016 23:19:32 +0000 (02:19 +0300)]
Fix gc_cleanup destructor for non-heap objects (gc_cpp)
(Cherry-pick commit ed19165 from 'release-7_6' branch.)
* include/gc_cpp.h (gc_cleanup::~gc_cleanup): If GC_base(this) returns
null (could be if the object is not allocated dynamically) then do not
call GC_register_finalizer_ignore_self.
Ivan Maidanski [Wed, 7 Dec 2016 08:32:30 +0000 (11:32 +0300)]
Fix '~' operator application to unsigned values shorter than word
Without the fix, unsigned result of "~" operator is zero-extended
to a wide type (word) thus the result has leading zeros (which is
not expected to be).
* dyn_load.c [HAVE_DL_ITERATE_PHDR] (GC_register_dynlib_callback):
Cast (sizeof(word)-1) to word before "~" operation.
* mark.c (GC_mark_from): Likewise.
* mark_rts.c (GC_add_roots_inner, GC_exclude_static_roots): Likewise.
* mark_rts.c [!MSWIN32 && !MSWINCE && !CYGWIN32]
(GC_remove_roots_inner): Likewise.
* os_dep.c [SVR4 || AUX || DGUX || LINUX && SPARC]
(GC_SysVGetDataStart): Likewise.
* os_dep.c [!MSWIN32 && DATASTART_USES_BSDGETDATASTART]
(GC_FreeBSDGetDataStart): Likewise.
* dyn_load.c [(MSWIN32 || MSWINCE || CYGWIN32) && !GC_WIN32_THREADS]
(GC_cond_add_roots): Cast (dwAllocationGranularity-1) to word before
"~" operation.
* include/private/gc_priv.h (HBLKPTR): Cast (HBLKSIZE-1) to word
before "~" operation.
* os_dep.c [USE_WINALLOC || CYGWIN32] (GC_win32_get_mem): Likewise.
* mark.c (GC_mark_from): Change type of new_size local variable from
int to word.
* os_dep.c [OPENBSD] (GC_find_limit_openbsd, GC_skip_hole_openbsd):
Change type of pgsz local variable from size_t to word (to avoid
implicit unsigned value extension after "~" operation).
* os_dep.c [PROC_VDB] (GC_read_dirty): Cast (sizeof(long)-1) to word
before "~" operation.
Ivan Maidanski [Wed, 7 Dec 2016 08:02:59 +0000 (11:02 +0300)]
Fix 'bogus LR' detection in FindTopOfStack (Darwin)
(fix commit 5742f86)
* darwin_stop_world.c [!DARWIN_DONT_PARSE_STACK] (GC_FindTopOfStack):
Use "UL" suffix (instead of "U") for 0x3 (on the right side of the
comparison) to avoid implicit unsigned int-to-long value extension
of "~" operator result.
Ivan Maidanski [Mon, 5 Dec 2016 21:49:33 +0000 (00:49 +0300)]
Fix potential data race in GC_SysVGetDataStart (SPARC)
* os_dep.c [SVR4 || AUX || DGUX || LINUX && SPARC]
(GC_SysVGetDataStart): Use AO_fetch_and_add(p,0) if available instead
of non-atomic read/write in *p = *p statement (thus, to avoid data race
though it is highly unlikely).
Because it breaks gctest "list reversal" if compiled with
GC_GCJ_SUPPORT for MinGW/x86. This is caused by the fact that static
data roots could be between two GC heap regions thus GC with the patch
skips scanning of a reachable GCJ object with a descriptor located in
the static data roots.
To fix the issue (#92) of mistaking the free list pointers in free
objects for being type descriptor pointers, another approach should be
taken (e.g. marking objects in free lists).
Ivan Maidanski [Wed, 11 Jan 2017 08:26:11 +0000 (11:26 +0300)]
Fix gc_backptr.h, gc_mark.h, GC_DS_TAGS names in documentation
(Cherry-pick commit d4eb7ca from 'release-7_6' branch.)
* doc/debugging.html: Rename backptr.h to gc_backptr.h.
* include/gc_mark.h (GC_DS_PER_OBJECT): Rename DS_TAGS to GC_DS_TAGS in
the comment.
* include/private/gc_priv.h (hblkhdr.hb_descr): Rename mark.h to
gc_mark.h in the comment.
Ivan Maidanski [Wed, 23 Nov 2016 01:47:19 +0000 (04:47 +0300)]
Fix Solaris/sparc detection in case of strict C compliance is enforced
* include/gc_config_macros.h [__i386__ || __amd64__] (GC_SOLARIS_THREADS):
Define also if __sun is defined (treat __sun as a synonym to sun).
* include/private/gcconfig.h [__i386__ || __amd64] (SOLARIS):
Likewise.
* include/gc_config_macros.h [sun] (GC_SOLARIS_THREADS): Define also
if __amd64 is defined (treat __amd64 as a synonym to __amd64__).
* include/gc_config_macros.h [sparc && unix] (DRSNX): Do not define if
SPARC and SOLARIS are already defined.
Ivan Maidanski [Fri, 18 Nov 2016 14:16:32 +0000 (17:16 +0300)]
Ensure oom_fn callback executed on out-of-memory in calloc
(Cherry-pick commit 80f428f from 'release-7_6' branch.)
* malloc.c [REDIRECT_MALLOC] (calloc):
Call oom_fn(SIZE_MAX) (instead of returning NULL) if n*lb overflows.
* typd_mlc.c (GC_calloc_explicitly_typed): Likewise.
* typd_mlc.c (GC_calloc_explicitly_typed): If register_disappearing_link
failed due to lack of memory then call oom_fn(lb) instead of
GC_malloc(lb); update comment.
Ivan Maidanski [Sat, 19 Nov 2016 17:37:04 +0000 (20:37 +0300)]
Fix assertion violation in GC_repeat_read if --enable-redirect-malloc
(Cherry-pick commit aed7ec5 from 'release-7_6' branch.)
* malloc.c [REDIRECT_MALLOC && GC_LINUX_THREADS] (GC_init_lib_bounds):
Declare cancel_state local variable; DISABLE_CANCEL for GC_text_mapping
(because GC_repeat_read expects the cancellation state off); call
RESTORE_CANCEL on return.
Ivan Maidanski [Mon, 14 Nov 2016 07:12:32 +0000 (10:12 +0300)]
Replace C++ style comments to C ones, remove commented out code (extra)
* extra/AmigaOS.c (GC_amiga_get_mem, GC_amiga_allocwrapper_any,
GC_amiga_allocwrapper_fast): Replace the style of comments from C++
to C.
* extra/MacOS.c (CodeZeroPtr, GC_MacTemporaryNewPtr): Likewise.
* extra/Mac_files/MacOS_config.h: Likewise.
* extra/AmigaOS.c (GC_amiga_get_mem, GC_amiga_rec_alloc,
GC_amiga_allocwrapper_any, GC_amiga_allocwrapper_fast): Remove
commented out code.
* extra/Mac_files/MacOS_config.h: Likewise.
Ivan Maidanski [Tue, 15 Nov 2016 12:25:54 +0000 (15:25 +0300)]
Fix potential integer overflow in GC_find_limit_* functions
* os_dep.c [OPENBSD] (GC_find_limit_openbsd, GC_skip_hole_openbsd): Add
assertion for the minimum value of bound; increment result by pgsz only
if no overflow is guaranteed.
* os_dep.c [USE_PROC_FOR_LIBRARIES && THREADS || NEED_FIND_LIMIT]
(GC_find_limit_with_bound): Add assertion for the minimum/maximum value
of bound; increment/decrement result by MIN_PAGE_SIZE only if no
overflow/underflow is guaranteed.
Ivan Maidanski [Fri, 28 Oct 2016 08:45:48 +0000 (11:45 +0300)]
Eliminate duplicate log messages in GC_mark_from
(Cherry-pick commit ecf300b from 'release-7_6' branch.)
This change also eliminates 'bad copy-paste' code defect in GC_mark_from.
* mark.c [ENABLE_TRACE] (GC_mark_from): Combine 2 logged messages
about "large section" and "splitting" into a single one;
replace "Tracing from" logged message with "small object" message
(which is not logged for large objects).
Ivan Maidanski [Mon, 19 Sep 2016 21:07:47 +0000 (00:07 +0300)]
Fix malloc routines to prevent size value wrap-around
(Cherry-pick commit f9c8aa3 from 'release-7_6' branch.)
See issue #135 on Github.
* allchblk.c (GC_allochblk, GC_allochblk_nth): Use
OBJ_SZ_TO_BLOCKS_CHECKED instead of OBJ_SZ_TO_BLOCKS.
* malloc.c (GC_alloc_large): Likewise.
* alloc.c (GC_expand_hp_inner): Type of "bytes" local variable changed
from word to size_t; cast ROUNDUP_PAGESIZE argument to size_t; prevent
overflow when computing GC_heapsize+bytes > GC_max_heapsize.
* dbg_mlc.c (GC_debug_malloc, GC_debug_malloc_ignore_off_page,
GC_debug_malloc_atomic_ignore_off_page,
GC_debug_generic_malloc_inner,
GC_debug_generic_malloc_inner_ignore_off_page,
GC_debug_malloc_stubborn, GC_debug_malloc_atomic,
GC_debug_malloc_uncollectable, GC_debug_malloc_atomic_uncollectable):
Use SIZET_SAT_ADD (instead of "+" operator) to add extra bytes to lb
value.
* fnlz_mlc.c (GC_finalized_malloc): Likewise.
* gcj_mlc.c (GC_debug_gcj_malloc): Likewise.
* include/private/gc_priv.h (ROUNDUP_GRANULE_SIZE, ROUNDED_UP_GRANULES,
ADD_SLOP, ROUNDUP_PAGESIZE): Likewise.
* include/private/gcconfig.h (GET_MEM): Likewise.
* mallocx.c (GC_malloc_many, GC_memalign): Likewise.
* os_dep.c (GC_wince_get_mem, GC_win32_get_mem): Likewise.
* typd_mlc.c (GC_malloc_explicitly_typed,
GC_malloc_explicitly_typed_ignore_off_page,
GC_calloc_explicitly_typed): Likewise.
* headers.c (GC_scratch_alloc): Change type of bytes_to_get from word
to size_t (because ROUNDUP_PAGESIZE_IF_MMAP result type changed).
* include/private/gc_priv.h: Include limits.h (unless SIZE_MAX already
defined).
* include/private/gc_priv.h (GC_SIZE_MAX, GC_SQRT_SIZE_MAX): Move from
malloc.c file.
* include/private/gc_priv.h (SIZET_SAT_ADD): New macro (defined before
include gcconfig.h).
* include/private/gc_priv.h (EXTRA_BYTES, GC_page_size): Change type
to size_t.
* os_dep.c (GC_page_size): Likewise.
* include/private/gc_priv.h (ROUNDUP_GRANULE_SIZE, ROUNDED_UP_GRANULES,
ADD_SLOP, ROUNDUP_PAGESIZE): Add comment about the argument.
* include/private/gcconfig.h (GET_MEM): Likewise.
* include/private/gc_priv.h (ROUNDUP_GRANULE_SIZE, ROUNDED_UP_GRANULES,
ADD_SLOP, OBJ_SZ_TO_BLOCKS, ROUNDUP_PAGESIZE,
ROUNDUP_PAGESIZE_IF_MMAP): Rename argument to "lb".
* include/private/gc_priv.h (OBJ_SZ_TO_BLOCKS_CHECKED): New macro.
* include/private/gcconfig.h (GC_win32_get_mem, GC_wince_get_mem,
GC_unix_get_mem): Change argument type from word to int.
* os_dep.c (GC_unix_mmap_get_mem, GC_unix_get_mem,
GC_unix_sbrk_get_mem, GC_wince_get_mem, GC_win32_get_mem): Likewise.
* malloc.c (GC_alloc_large_and_clear): Call OBJ_SZ_TO_BLOCKS only
if no value wrap around is guaranteed.
* malloc.c (GC_generic_malloc): Do not check for lb_rounded < lb case
(because ROUNDED_UP_GRANULES and GRANULES_TO_BYTES guarantees no value
wrap around).
* mallocx.c (GC_generic_malloc_ignore_off_page): Likewise.
* misc.c (GC_init_size_map): Change "i" local variable type from int
to size_t.
* os_dep.c (GC_write_fault_handler, catch_exception_raise): Likewise.
* misc.c (GC_envfile_init): Cast len to size_t when passed to
ROUNDUP_PAGESIZE_IF_MMAP.
* os_dep.c (GC_setpagesize): Cast GC_sysinfo.dwPageSize and
GETPAGESIZE() to size_t (when setting GC_page_size).
* os_dep.c (GC_unix_mmap_get_mem):
Expand ROUNDUP_PAGESIZE macro but without value wrap-around checking
(the argument is of word type).
* os_dep.c (GC_unix_mmap_get_mem): Replace -GC_page_size with
~GC_page_size+1 (because GC_page_size is unsigned); remove redundant
cast to size_t.
* os_dep.c (GC_unix_sbrk_get_mem): Add explicit cast of GC_page_size
to SBRK_ARG_T.
* os_dep.c (GC_wince_get_mem): Change type of res_bytes local variable
to size_t.
* typd_mlc.c: Do not include limits.h.
* typd_mlc.c (GC_SIZE_MAX, GC_SQRT_SIZE_MAX): Remove (as defined in
gc_priv.h now).
Ivan Maidanski [Thu, 15 Sep 2016 15:40:21 +0000 (18:40 +0300)]
Fix calloc_explicitly_typed in case of lb*n overflow
(Cherry-pick commit b9d1634 from 'release-7_6' branch.)
* typd_mlc.c: Include limits.h (for SIZE_MAX).
* typd_mlc.c (GC_SIZE_MAX, GC_SQRT_SIZE_MAX): New macro (same as in
malloc.c).
* typd_mlc.c (GC_calloc_explicitly_typed): Return NULL if lb * n
overflows (same algorithm as in calloc defined in malloc.c); eliminate
lb *= n code duplication.