Ivan Maidanski [Fri, 18 Nov 2016 14:16:32 +0000 (17:16 +0300)]
Ensure oom_fn callback executed on out-of-memory in calloc
(fix commits e10c1eb, 4e1a6f9)
* malloc.c [REDIRECT_MALLOC && !REDIRECT_MALLOC_IN_HEADER] (calloc):
Call oom_fn(SIZE_MAX) (instead of returning NULL) if n*lb overflows.
* typd_mlc.c (GC_calloc_explicitly_typed): Likewise.
* typd_mlc.c (GC_calloc_explicitly_typed): If register_disappearing_link
failed due to lack of memory then call oom_fn(lb) instead of
GC_malloc(lb); update comment.
Ivan Maidanski [Wed, 16 Nov 2016 09:05:43 +0000 (12:05 +0300)]
Document configure 'syntax error' issue in README
* README.md (Installation and Portability): Add information how to
avoid "syntax error near unexpected token ATOMIC_OPS" configure failure
(caused by lack of pkg.m4).
Ivan Maidanski [Tue, 15 Nov 2016 12:25:54 +0000 (15:25 +0300)]
Fix potential integer overflow in GC_find_limit_* functions
* os_dep.c [OPENBSD] (GC_find_limit_openbsd, GC_skip_hole_openbsd): Add
assertion for the minimum value of bound; increment result by pgsz only
if no overflow is guaranteed.
* os_dep.c [USE_PROC_FOR_LIBRARIES && THREADS || NEED_FIND_LIMIT]
(GC_find_limit_with_bound): Add assertion for the minimum/maximum value
of bound; increment/decrement result by MIN_PAGE_SIZE only if no
overflow/underflow is guaranteed.
Ivan Maidanski [Tue, 15 Nov 2016 07:48:31 +0000 (10:48 +0300)]
Suppress 'tainted string passed to vulnerable operation' false defects
* include/private/gc_priv.h (TRUSTED_STRING): New tagging macro; add
comment.
* misc.c (GC_init): Process the result of GETENV("GC_LOG_FILE") by
TRUSTED_STRING.
* tools/if_mach.c (main): Process argv[3] by TRUSTED_STRING (before
passing the string to execvp).
* tools/if_not_there.c (main): Declare "fname" local variable;
process argv[1] and argv[2] by TRUSTED_STRING (before passing the
strings to fopen/opendir and execvp, respectively).
Ivan Maidanski [Mon, 14 Nov 2016 07:58:26 +0000 (10:58 +0300)]
Eliminate 'GC_record_fault is never used' cppcheck style warning
* checksums.c [CHECKSUMS] (GC_record_fault): Do not define unless
MPROTECT_VDB and not DARWIN.
* os_dep.c [MPROTECT_VDB && CHECKSUMS] (GC_record_fault): Do not
declare if DARWIN.
Ivan Maidanski [Mon, 14 Nov 2016 07:12:32 +0000 (10:12 +0300)]
Replace C++ style comments to C ones, remove commented out code (extra)
* extra/AmigaOS.c (GC_amiga_get_mem, GC_amiga_allocwrapper_any,
GC_amiga_allocwrapper_fast): Replace the style of comments from C++
to C.
* extra/MacOS.c (CodeZeroPtr, GC_MacTemporaryNewPtr): Likewise.
* extra/Mac_files/MacOS_config.h: Likewise.
* extra/AmigaOS.c (GC_amiga_get_mem, GC_amiga_rec_alloc,
GC_amiga_allocwrapper_any, GC_amiga_allocwrapper_fast): Remove
commented out code.
* extra/Mac_files/MacOS_config.h: Likewise.
Ivan Maidanski [Mon, 31 Oct 2016 07:09:10 +0000 (10:09 +0300)]
Export GC_print_free_list()
Note: this function is not used by GC itself.
* include/gc_inline.h (GC_print_free_list): New public API prototype.
* reclaim.c [!NO_DEBUGGING]: Include gc_inline.h (to check that
GC_print_free_list prototype matches the definition).
* reclaim.c [!NO_DEBUGGING] (GC_print_free_list): Define as public
(GC_API+GC_CALL); remove "ok" local variable; add assertions about kind
and sz_in_granules maximum values.
Ivan Maidanski [Sat, 29 Oct 2016 14:49:37 +0000 (17:49 +0300)]
Eliminate 'null dereference' code defect warning in register_finalizer
* finalize.c (GC_register_finalizer_inner): Add GC_ASSERT that fn is
non-zero (instead of specifying this in a comment) for the case when
new_fo is non-NULL (new_fo is returned by GC_oom_fn).
* finalize.c [LINT2] (GC_register_finalizer_inner): Call ABORT if hhdr
is NULL (for the case when new_fo is non-NULL).
Ivan Maidanski [Sat, 29 Oct 2016 07:14:42 +0000 (10:14 +0300)]
Export GC_is_tmp_root() and GC_print_trace[_inner]()
Note: these 3 functions are not used by GC itself.
* include/gc_mark.h (GC_is_tmp_root, GC_print_trace,
GC_print_trace_inner): New public API prototype.
* mark.c [TRACE_BUF] (GC_print_trace_inner, GC_print_trace): Define as
public (GC_API+GC_CALL).
* mark_rts.c [MSWIN32 && !NO_DEBUGGING] (GC_is_tmp_root): Likewise.
* mark_rts.c [MSWIN32 && !NO_DEBUGGING] (GC_is_tmp_root): Replace
GC_bool return type with int, replace ptr_t argument type to void*
(because GC_bool and ptr_t are not exported from GC).
Ivan Maidanski [Fri, 28 Oct 2016 21:23:02 +0000 (00:23 +0300)]
Export GC_dump_finalization/regions()
Note: these 2 functions are not used by GC itself.
* allchblk.c [!NO_DEBUGGING] (GC_dump_regions): Turn into a public
definition (add GC_API+GC_CALL).
* finalize.c [!NO_DEBUGGING] (GC_dump_finalization): Likewise.
* include/gc.h (GC_dump_regions, GC_dump_finalization): New public API
prototype.
Ivan Maidanski [Fri, 28 Oct 2016 08:45:48 +0000 (11:45 +0300)]
Eliminate duplicate log messages in GC_mark_from
This change also eliminates 'bad copy-paste' code defect in GC_mark_from.
* mark.c [ENABLE_TRACE] (GC_mark_from): Combine 2 logged messages
about "large section" and "splitting" into a single one;
replace "Tracing from" logged message with "small object" message
(which is not logged for large objects).
Ivan Maidanski [Fri, 28 Oct 2016 07:07:43 +0000 (10:07 +0300)]
Fix 'address of fudged_set is used out of scope' code defect (sigmask)
(fix commit 81d04a6)
* pthread_support.c [!GC_NO_PTHREAD_SIGMASK] (pthread_sigmask): Move
fudged_set to the outer scope where REAL_FUNC(pthread_sigmask) is
called (a pointer to fudged_set could be passed to the latter function).
Ivan Maidanski [Fri, 28 Oct 2016 06:35:33 +0000 (09:35 +0300)]
Eliminate 'unsafe vsprintf is deprecated' compiler warning
Replacement of vsprintf to vsnprintf (or similar) if available.
Note that no buffer overflow occurs in CORD_vsprintf as buf is
allocated dynamically based on format string.
* cord/cordprnt.c (GC_VSNPRINTF): New macro (the definition is copied
from misc.c).
* cord/cordprnt.c (CORD_vsprintf): Replace vsprintf(buf,...) call with
GC_VSNPRINTF(buf,max_size+1,...).
* cord/tests/de.c (generic_init): Replace initial==CORD_EMPTY check
with 0==len where len is CORD_len(initial) (to outline that len-1
cannot cause underflow).
Ivan Maidanski [Thu, 27 Oct 2016 08:24:26 +0000 (11:24 +0300)]
Eliminate 'CORD_*printf is never used' cppcheck style warnings (cordtest)
Minimal testing of CORD_[v][f]printf is added to cordtest.
* cord/tests/cordtest.c: Include stdarg.h.
* cord/tests/cordtest.c: Reformat the comment describing cordtest.
* cord/tests/cordtest.c (wrap_vprintf, wrap_vfprintf): New function
(calling CORD_v[f]printf).
* cord/tests/cordtest.c (test_printf): Call CORD_printf, wrap_vfprintf,
wrap_vprintf for CORD_EMPTY (with the output to stdout); add TODO item.
Ivan Maidanski [Wed, 26 Oct 2016 21:31:14 +0000 (00:31 +0300)]
Fix null dereference in GC_stack_range_for if not DARWIN_DONT_PARSE_STACK
(fix commit 4ceae609)
* darwin_stop_world.c (GC_stack_range_for): Use GC_ATTR_UNUSED for
paltstack_hi argument (because the latter is not used currently if
!DARWIN_DONT_PARSE_STACK); do not access p->altstack[_size] unless
DARWIN_DONT_PARSE_STACK; add TODO item.
* darwin_stop_world.c [!DARWIN_DONT_PARSE_STACK] (GC_push_all_stacks):
Do not use altstack_hi and altstack_lo; add TODO item.
* include/gc_cpp.h (gc_cleanup::gc_cleanup): Define this_ptr void
pointer; use this_ptr instead of this keyword to outline that the
pointer subtraction is intentional (i.e., "this->" was not intended).
* dyn_load.c [HAVE_DL_ITERATE_PHDR]
(GC_register_dynamic_libraries_dl_iterate_phdr): Cast datastart to
char*volatile* before dereferencing and checking against NULL.
Ivan Maidanski [Tue, 25 Oct 2016 08:37:40 +0000 (11:37 +0300)]
Workaround 'condition is always false' cppcheck warning in get_next_stack
* win32_threads.c [CPPCHECK] (GC_get_next_stack): Set thread a non-null
value (near current_min assignment) even if GC_win32_dll_threads (to
avoid cppcheck complain that if(thread!=0) is always false (thus
UNPROTECT_THREAD(thread) is never reached) if GC_DISCOVER_TASK_THREADS.
Ivan Maidanski [Mon, 24 Oct 2016 08:06:33 +0000 (11:06 +0300)]
Workaround 'value of macro unknown' cppcheck info messages
The messages are eliminated for the macros: __int64, _SIGRTMIN,
ARM_THREAD_STATE32, ARM_UNIFIED_THREAD_STATE, FIXUP_POINTER,
GC_COLLECT_AT_MALLOC, GC_FREE_SPACE_DIVISOR, GC_FULL_FREQ,
GC_INITIAL_HEAP_SIZE, GC_MAX_RETRIES, GC_MAXIMUM_HEAP_SIZE,
GC_MIN_MARKERS, GC_SIG_SUSPEND, GC_SIG_THR_RESTART, GC_TIME_LIMIT,
HEURISTIC2_LIMIT, MAP_ANONYMOUS, RTLD_DI_LINKMAP, SAVE_CALL_COUNT,
SIZE_MAX.
* alloc.c (GC_full_freq, GC_free_space_divisor, GC_time_limit): Define
to default immediate value if CPPCHECK.
* darwin_stop_world.c [ARM32 && ARM_THREAD_STATE32]
(GC_ARM_UNIFIED_THREAD_STATE): New macro (defined to
ARM_UNIFIED_THREAD_STATE unless CPPCHECK).
* darwin_stop_world.c [ARM32 && ARM_THREAD_STATE32]
(GC_stack_range_for): Use GC_ARM_UNIFIED_THREAD_STATE; do not use value
of ARM_THREAD_STATE32 if CPPCHECK.
* dyn_load.c [!USE_PROC_FOR_LIBRARIES] (GC_RTLD_DI_LINKMAP): New macro
(defined to RTLD_DI_LINKMAP unless CPPCHECK).
* dyn_load.c [!USE_PROC_FOR_LIBRARIES] (GC_FirstDLOpenedLinkMap): Use
GC_RTLD_DI_LINKMAP.
* include/gc.h (GC_word, GC_signed_word): Do not define to __int64 if
CPPCHECK.
* include/gc.h (GC_INIT_CONF_MAX_RETRIES,
GC_INIT_CONF_FREE_SPACE_DIVISOR, GC_INIT_CONF_FULL_FREQ,
GC_INIT_CONF_TIME_LIMIT, GC_INIT_CONF_SUSPEND_SIGNAL,
GC_INIT_CONF_THR_RESTART_SIGNAL, GC_MAXIMUM_HEAP_SIZE,
GC_INITIAL_HEAP_SIZE): Define to empty if CPPCHECK.
* include/private/gc_priv.h [SIZE_MAX] (GC_SIZE_MAX): Do not define to
SIZE_MAX if CPPCHECK.
* include/private/gc_priv.h [DARWIN && ARM32
&& ARM_UNIFIED_THREAD_STATE] (GC_MACH_THREAD_STATE): Do not define to
ARM_UNIFIED_THREAD_STATE if CPPCHECK.
* include/private/gc_priv.h [GC_PTHREADS && _SIGRTMIN] (SIG_SUSPEND):
Do not define to _SIGRTMIN if CPPCHECK.
* pthread_stop_world.c [!SIG_THR_RESTART && _SIGRTMIN]
(SIG_THR_RESTART): Likewise.
* include/private/gcconfig.h [SAVE_CALL_CHAIN && SAVE_CALL_COUNT]
(NFRAMES): Define to immediate value (do not use value of
SAVE_CALL_COUNT) if CPPCHECK.
* include/private/gcconfig.h [!FIXUP_POINTER && POINTER_MASK]
(FIXUP_POINTER): Define to a sample expression (not using values of
POINTER_MASK and POINTER_SHIFT) if CPPCHECK.
* malloc.c [GC_COLLECT_AT_MALLOC] (GC_dbg_collect_at_malloc_min_lb):
Define to sample value (not using value of GC_COLLECT_AT_MALLOC) if
CPPCHECK.
* misc.c [GC_INITIAL_HEAP_SIZE] (GC_init): Define to default immediate
value if CPPCHECK.
* os_dep.c [!BEOS && !OS2 && !SWIN32 && !GC_OPENBSD_THREADS
&& !STACKBOTTOM && HEURISTIC2_LIMIT] (GC_get_main_stack_base): Do not
use value of HEURISTIC2_LIMIT if CPPCHECK.
* os_dep.c [USE_MMAP_ANON && MAP_ANONYMOUS] (OPT_MAP_ANON): Do not use
value of MAP_ANONYMOUS if CPPCHECK.
* pthread_stop_world.c [GC_ENABLE_SUSPEND_THREAD && !GC_TIME_LIMIT]
(GC_TIME_LIMIT): Do not define.
* pthread_stop_world.c [GC_ENABLE_SUSPEND_THREAD]
(GC_brief_async_signal_safe_sleep): Do not use value of GC_TIME_LIMIT
if CPPCHECK.
* pthread_support.c [PARALLEL_MARK && GC_MIN_MARKERS] (GC_thr_init):
Do not use value of GC_MIN_MARKERS if CPPCHECK.
* win32_threads.c [PARALLEL_MARK && GC_MIN_MARKERS] (GC_thr_init):
Likewise.
* tests/test.c [GC_DEBUG && SAVE_CALL_CHAIN && SAVE_CALL_COUNT]
(check_heap_stats): Use NFRAMES instead of SAVE_CALL_COUNT (i.e. do not
use value of SAVE_CALL_COUNT).
Ivan Maidanski [Fri, 21 Oct 2016 18:57:15 +0000 (21:57 +0300)]
Workaround 'tainted int used as loop bound' static analysis tool warning
No need to check upper bound of n here, so a dummy check is added.
* tests/test_cpp.cc (main) [LINT2]: Check upper bound of n local
variable (the check is actually dummy).
* tests/test_cpp.cc (main): Reformat code (which handles n variable).
Ivan Maidanski [Fri, 21 Oct 2016 08:42:26 +0000 (11:42 +0300)]
Fix 'ISO C90 forbids mixed declarations and code' compiler warning
* pthread_support.c [GC_PTHREADS && !GC_WIN32_THREADS]
(GC_thread_exit_proc): Move GC_log_printf() call down to be after local
variables declarations.
* thread_local_alloc.c [THREAD_LOCAL_ALLOC && USE_PTHREAD_SPECIFIC
&& !USE_WIN32_SPECIFIC]: Add {} to have "k" local variable declaration
before any statement in a block.
Ivan Maidanski [Tue, 18 Oct 2016 21:42:29 +0000 (00:42 +0300)]
Workaround 'variable reassigned before old value used' cppcheck warnings
* misc.c (GC_call_with_gc_active): Call GC_noop1 for
GC_traced_stack_sect and GC_blocked_sp (before restoring their original
values) if CPPCHECK.
* win32_threads.c (GC_do_blocking_inner): Call GC_noop1 for
thread_blocked_sp field (before restoring its original value)
if CPPCHECK.
* win32_threads.c (GC_call_with_gc_active): Call GC_noop1 for
traced_stack_sect field (before restoring its original value)
if CPPCHECK.
Ivan Maidanski [Tue, 18 Oct 2016 09:24:34 +0000 (12:24 +0300)]
Workaround 'obsolete function alloca() called' cppcheck warnings
* dyn_load.c [AIX] (GC_register_dynamic_libraries): Code refactoring
to have alloca() call only once (at the beginning of a block); use
variable-length array instead of alloca() if CPPCHECK.
* include/private/gc_priv.h (GC_on_abort): Move definition upper (to be
before ABORT definition); define it to empty if PCR (this is needed for
CPPCHECK).
* include/private/gc_priv.h (ABORT): Specially define to
{GC_on_abort(msg);abort();} block statement if CPPCHECK.
* tests/test.c (chktree): Check for n is zero only once; add comment.
Ivan Maidanski [Tue, 18 Oct 2016 08:14:22 +0000 (11:14 +0300)]
Workaround 'passing untyped NULL to variadic function' cppcheck warning
The portability warning "Passing NULL after the last typed argument to
a variadic function leads to undefined behavior" was reported for
ABORT_ARG2(..., DATASTART, DATAEND) call in GC_register_data_segments.
Ivan Maidanski [Tue, 18 Oct 2016 07:59:20 +0000 (10:59 +0300)]
Workaround 'struct member is never used' cppcheck style warnings
* os_dep.c [OS2] (GC_register_data_segments): Assign 0 to
hdrdos.padding, hdr386.exe_format_level/os/padding1/padding2,
seg.pagemap/mapsize/reserved fields if CPPCHECK; add comment.
* os_dep.c [MPROTECT_VDB && DARWIN] (GC_mprotect_thread): Assign 0 to
the first element of reply.data, msg.data fields if CPPCHECK; add
comment.
* typd_mlc.c (TAG): Define to ad.ad_tag (instead of ld.ld_tag).
Ivan Maidanski [Mon, 17 Oct 2016 22:42:22 +0000 (01:42 +0300)]
Fix 'variable assigned a value that is never used' cppcheck style warnings
* dyn_load.c [USE_PROC_FOR_LIBRARIES] (GC_register_map_entries): Remove
datastart local variable.
* extra/AmigaOS.c [GC_AMIGA_DS] (GC_register_data_segments): Remove
num local variable.
* extra/MacOS.c (firstTime): Remove.
* extra/MacOS.c (GC_MacTemporaryNewPtr): Do not define firstTime if
SHARED_LIBRARY_BUILD.
* extra/MacOS.c (GC_MacFreeTemporaryMemory): Do not define (and update)
totalMemoryUsed if SHARED_LIBRARY_BUILD.
* extra/msvc_dbg.c (GetDescriptionFromAddress): Do not assign size
variable when its value no longer used.
* include/private/gc_locks.h [PCR && THREADS] (DCL_LOCK_STATE): Define
to empty if CPPCHECK.
* mach_dep.c [MACOS && __MWERKS__ && POWERPC] (getRegisters): Declare
as external of CPPCHECK (as cppcheck does not recognize "asm" in
function declaration).
Ivan Maidanski [Wed, 5 Oct 2016 08:32:00 +0000 (11:32 +0300)]
Eliminate 'address of local variable returned' static analyzer warning
* mark_rts.c [__GNUC__ >= 4] (GC_approx_sp): Use
__builtin_frame_address(0) instead of &sp (but still write the value to
the volatile local variable to force stack to grow if necessary).
* tools/setjmp_t.c [__GNUC__ >= 4] (nested_sp): Return
__builtin_frame_address(0) instead of sp.
Ivan Maidanski [Wed, 5 Oct 2016 08:04:25 +0000 (11:04 +0300)]
Fix tools/setjmp_t to prevent nested_sp inlining
Inlined nested_sp might cause incorrect result of nested_sp()<sp.
* tools/setjmp_t.c (nested_sp): Change return from int* to word.
* tools/setjmp_t.c (nested_sp_fn): New global volatile variable
initialized to nested_sp.
* tools/setjmp_t.c (main): Use nested_sp_fn instead of nested_sp;
remove redundant cast.