Ivan Maidanski [Wed, 7 Dec 2016 07:40:15 +0000 (10:40 +0300)]
Workaround 'pointer used before comparison to null' code defect (pthread)
(fix commit 31b3afc)
* pthread_support.c [GC_PTHREADS && !GC_WIN32_THREADS && DEBUG_THREADS]
(GC_pthread_create): Do not check new_thread is non-NULL (because
new_thread is first passed to the underlying pthread_create() where
the argument is marked with "nonnull" attribute).
Ivan Maidanski [Wed, 7 Dec 2016 07:22:09 +0000 (10:22 +0300)]
Fix '32-bit value shift followed by expansion to 64-bit' code defect
* gcj_mlc.c [GC_GCJ_SUPPORT] (GC_core_gcj_malloc,
GC_gcj_malloc_ignore_off_page): Cast lg local variable to word before
passing it to GRANULES_TO_BYTES (so that value type widening does not
occur after the value left shift).
* malloc.c (GC_generic_malloc_inner, GC_malloc_kind_global,
GC_generic_malloc_uncollectable): Likewise.
* typd_mlc.c (GC_malloc_explicitly_typed_ignore_off_page): Likewise.
* misc.c (block_add_size): Cast hhdr->hb_sz to word before passing it
to WORDS_TO_BYTES; cast HBLKSIZE-1 to word before "~" operation.
Ivan Maidanski [Mon, 5 Dec 2016 23:06:36 +0000 (02:06 +0300)]
Fix message of VDB implementation used if MPROTECT_VDB+GWW_VDB (gctest)
* tests/test.c [!PCR && !GC_WIN32_THREADS && !GC_PTHREADS
&& !NO_INCREMENTAL] (main): If MPROTECT_VDB and GWW_VDB are both
defined then also print "Using GetWriteWatch-based implementation"
message.
Ivan Maidanski [Mon, 5 Dec 2016 22:38:49 +0000 (01:38 +0300)]
Test GCJ object creation with length-based descriptor (gctest)
* tests/test.c [GC_GCJ_SUPPORT] (gcj_cons): Define new static variable
obj_cnt; increment obj_cnt on each call; if obj_cnt is odd then pass
gcj_class_struct1 to GC_GCJ_MALLOC instead of gcj_class_struct2.
Ivan Maidanski [Mon, 5 Dec 2016 21:49:33 +0000 (00:49 +0300)]
Fix potential data race in GC_SysVGetDataStart (SPARC)
* os_dep.c [SVR4 || AUX || DGUX || LINUX && SPARC]
(GC_SysVGetDataStart): Use AO_fetch_and_add(p,0) if available instead
of non-atomic read/write in *p = *p statement (thus, to avoid data race
though it is highly unlikely).
Ivan Maidanski [Fri, 25 Nov 2016 11:10:37 +0000 (14:10 +0300)]
Suppress 'taking address of label non-standard' GCC/Clang pedantic warning
* mark.c [WRAP_MARK_SOME && __GNUC__ && (MSWIN32 || MSWINCE)]
(GC_mark_some): Use pragma "GCC diagnostic ignored" to temporarily
suppress "taking the address of a label is non-standard" (or
"use of GNU address-of-label extension" in case of Clang) warning for
"&&handle_ex" expression.
Ivan Maidanski [Wed, 23 Nov 2016 01:47:19 +0000 (04:47 +0300)]
Fix Solaris/sparc detection in case of strict C compliance is enforced
* include/gc_config_macros.h [__i386__ || __amd64__] (GC_SOLARIS_THREADS):
Define also if __sun is defined (treat __sun as a synonym to sun).
* include/private/gcconfig.h [__i386__ || __amd64] (SOLARIS):
Likewise.
* include/gc_config_macros.h [sun] (GC_SOLARIS_THREADS): Define also
if __amd64 is defined (treat __amd64 as a synonym to __amd64__).
* include/gc_config_macros.h [sparc && unix] (DRSNX): Do not define if
SPARC and SOLARIS are already defined.
Ivan Maidanski [Tue, 22 Nov 2016 12:18:36 +0000 (15:18 +0300)]
Report gcc/clang pedantic warnings (configure)
* configure.ac [GCC] (WPEDANTIC): New variable (set to
"-Wpedantic -Wno-long-long" if supported by the compiler).
* configure.ac [GCC] (CFLAGS): Add $WPEDANTIC.
Ivan Maidanski [Sat, 19 Nov 2016 17:37:04 +0000 (20:37 +0300)]
Fix assertion violation in GC_repeat_read if --enable-redirect-malloc
* malloc.c [REDIRECT_MALLOC && GC_LINUX_THREADS] (GC_init_lib_bounds):
Declare cancel_state local variable; DISABLE_CANCEL for GC_text_mapping
(because GC_repeat_read expects the cancellation state off); call
RESTORE_CANCEL on return.
Ivan Maidanski [Fri, 18 Nov 2016 14:16:32 +0000 (17:16 +0300)]
Ensure oom_fn callback executed on out-of-memory in calloc
(fix commits e10c1eb, 4e1a6f9)
* malloc.c [REDIRECT_MALLOC && !REDIRECT_MALLOC_IN_HEADER] (calloc):
Call oom_fn(SIZE_MAX) (instead of returning NULL) if n*lb overflows.
* typd_mlc.c (GC_calloc_explicitly_typed): Likewise.
* typd_mlc.c (GC_calloc_explicitly_typed): If register_disappearing_link
failed due to lack of memory then call oom_fn(lb) instead of
GC_malloc(lb); update comment.
Ivan Maidanski [Wed, 16 Nov 2016 09:05:43 +0000 (12:05 +0300)]
Document configure 'syntax error' issue in README
* README.md (Installation and Portability): Add information how to
avoid "syntax error near unexpected token ATOMIC_OPS" configure failure
(caused by lack of pkg.m4).
Ivan Maidanski [Tue, 15 Nov 2016 12:25:54 +0000 (15:25 +0300)]
Fix potential integer overflow in GC_find_limit_* functions
* os_dep.c [OPENBSD] (GC_find_limit_openbsd, GC_skip_hole_openbsd): Add
assertion for the minimum value of bound; increment result by pgsz only
if no overflow is guaranteed.
* os_dep.c [USE_PROC_FOR_LIBRARIES && THREADS || NEED_FIND_LIMIT]
(GC_find_limit_with_bound): Add assertion for the minimum/maximum value
of bound; increment/decrement result by MIN_PAGE_SIZE only if no
overflow/underflow is guaranteed.
Ivan Maidanski [Tue, 15 Nov 2016 07:48:31 +0000 (10:48 +0300)]
Suppress 'tainted string passed to vulnerable operation' false defects
* include/private/gc_priv.h (TRUSTED_STRING): New tagging macro; add
comment.
* misc.c (GC_init): Process the result of GETENV("GC_LOG_FILE") by
TRUSTED_STRING.
* tools/if_mach.c (main): Process argv[3] by TRUSTED_STRING (before
passing the string to execvp).
* tools/if_not_there.c (main): Declare "fname" local variable;
process argv[1] and argv[2] by TRUSTED_STRING (before passing the
strings to fopen/opendir and execvp, respectively).
Ivan Maidanski [Mon, 14 Nov 2016 07:58:26 +0000 (10:58 +0300)]
Eliminate 'GC_record_fault is never used' cppcheck style warning
* checksums.c [CHECKSUMS] (GC_record_fault): Do not define unless
MPROTECT_VDB and not DARWIN.
* os_dep.c [MPROTECT_VDB && CHECKSUMS] (GC_record_fault): Do not
declare if DARWIN.
Ivan Maidanski [Mon, 14 Nov 2016 07:12:32 +0000 (10:12 +0300)]
Replace C++ style comments to C ones, remove commented out code (extra)
* extra/AmigaOS.c (GC_amiga_get_mem, GC_amiga_allocwrapper_any,
GC_amiga_allocwrapper_fast): Replace the style of comments from C++
to C.
* extra/MacOS.c (CodeZeroPtr, GC_MacTemporaryNewPtr): Likewise.
* extra/Mac_files/MacOS_config.h: Likewise.
* extra/AmigaOS.c (GC_amiga_get_mem, GC_amiga_rec_alloc,
GC_amiga_allocwrapper_any, GC_amiga_allocwrapper_fast): Remove
commented out code.
* extra/Mac_files/MacOS_config.h: Likewise.
Ivan Maidanski [Mon, 31 Oct 2016 07:09:10 +0000 (10:09 +0300)]
Export GC_print_free_list()
Note: this function is not used by GC itself.
* include/gc_inline.h (GC_print_free_list): New public API prototype.
* reclaim.c [!NO_DEBUGGING]: Include gc_inline.h (to check that
GC_print_free_list prototype matches the definition).
* reclaim.c [!NO_DEBUGGING] (GC_print_free_list): Define as public
(GC_API+GC_CALL); remove "ok" local variable; add assertions about kind
and sz_in_granules maximum values.
Ivan Maidanski [Sat, 29 Oct 2016 14:49:37 +0000 (17:49 +0300)]
Eliminate 'null dereference' code defect warning in register_finalizer
* finalize.c (GC_register_finalizer_inner): Add GC_ASSERT that fn is
non-zero (instead of specifying this in a comment) for the case when
new_fo is non-NULL (new_fo is returned by GC_oom_fn).
* finalize.c [LINT2] (GC_register_finalizer_inner): Call ABORT if hhdr
is NULL (for the case when new_fo is non-NULL).
Ivan Maidanski [Sat, 29 Oct 2016 07:14:42 +0000 (10:14 +0300)]
Export GC_is_tmp_root() and GC_print_trace[_inner]()
Note: these 3 functions are not used by GC itself.
* include/gc_mark.h (GC_is_tmp_root, GC_print_trace,
GC_print_trace_inner): New public API prototype.
* mark.c [TRACE_BUF] (GC_print_trace_inner, GC_print_trace): Define as
public (GC_API+GC_CALL).
* mark_rts.c [MSWIN32 && !NO_DEBUGGING] (GC_is_tmp_root): Likewise.
* mark_rts.c [MSWIN32 && !NO_DEBUGGING] (GC_is_tmp_root): Replace
GC_bool return type with int, replace ptr_t argument type to void*
(because GC_bool and ptr_t are not exported from GC).
Ivan Maidanski [Fri, 28 Oct 2016 21:23:02 +0000 (00:23 +0300)]
Export GC_dump_finalization/regions()
Note: these 2 functions are not used by GC itself.
* allchblk.c [!NO_DEBUGGING] (GC_dump_regions): Turn into a public
definition (add GC_API+GC_CALL).
* finalize.c [!NO_DEBUGGING] (GC_dump_finalization): Likewise.
* include/gc.h (GC_dump_regions, GC_dump_finalization): New public API
prototype.
Ivan Maidanski [Fri, 28 Oct 2016 08:45:48 +0000 (11:45 +0300)]
Eliminate duplicate log messages in GC_mark_from
This change also eliminates 'bad copy-paste' code defect in GC_mark_from.
* mark.c [ENABLE_TRACE] (GC_mark_from): Combine 2 logged messages
about "large section" and "splitting" into a single one;
replace "Tracing from" logged message with "small object" message
(which is not logged for large objects).
Ivan Maidanski [Fri, 28 Oct 2016 07:07:43 +0000 (10:07 +0300)]
Fix 'address of fudged_set is used out of scope' code defect (sigmask)
(fix commit 81d04a6)
* pthread_support.c [!GC_NO_PTHREAD_SIGMASK] (pthread_sigmask): Move
fudged_set to the outer scope where REAL_FUNC(pthread_sigmask) is
called (a pointer to fudged_set could be passed to the latter function).
Ivan Maidanski [Fri, 28 Oct 2016 06:35:33 +0000 (09:35 +0300)]
Eliminate 'unsafe vsprintf is deprecated' compiler warning
Replacement of vsprintf to vsnprintf (or similar) if available.
Note that no buffer overflow occurs in CORD_vsprintf as buf is
allocated dynamically based on format string.
* cord/cordprnt.c (GC_VSNPRINTF): New macro (the definition is copied
from misc.c).
* cord/cordprnt.c (CORD_vsprintf): Replace vsprintf(buf,...) call with
GC_VSNPRINTF(buf,max_size+1,...).
* cord/tests/de.c (generic_init): Replace initial==CORD_EMPTY check
with 0==len where len is CORD_len(initial) (to outline that len-1
cannot cause underflow).
Ivan Maidanski [Thu, 27 Oct 2016 08:24:26 +0000 (11:24 +0300)]
Eliminate 'CORD_*printf is never used' cppcheck style warnings (cordtest)
Minimal testing of CORD_[v][f]printf is added to cordtest.
* cord/tests/cordtest.c: Include stdarg.h.
* cord/tests/cordtest.c: Reformat the comment describing cordtest.
* cord/tests/cordtest.c (wrap_vprintf, wrap_vfprintf): New function
(calling CORD_v[f]printf).
* cord/tests/cordtest.c (test_printf): Call CORD_printf, wrap_vfprintf,
wrap_vprintf for CORD_EMPTY (with the output to stdout); add TODO item.
Ivan Maidanski [Wed, 26 Oct 2016 21:31:14 +0000 (00:31 +0300)]
Fix null dereference in GC_stack_range_for if not DARWIN_DONT_PARSE_STACK
(fix commit 4ceae609)
* darwin_stop_world.c (GC_stack_range_for): Use GC_ATTR_UNUSED for
paltstack_hi argument (because the latter is not used currently if
!DARWIN_DONT_PARSE_STACK); do not access p->altstack[_size] unless
DARWIN_DONT_PARSE_STACK; add TODO item.
* darwin_stop_world.c [!DARWIN_DONT_PARSE_STACK] (GC_push_all_stacks):
Do not use altstack_hi and altstack_lo; add TODO item.
* include/gc_cpp.h (gc_cleanup::gc_cleanup): Define this_ptr void
pointer; use this_ptr instead of this keyword to outline that the
pointer subtraction is intentional (i.e., "this->" was not intended).
* dyn_load.c [HAVE_DL_ITERATE_PHDR]
(GC_register_dynamic_libraries_dl_iterate_phdr): Cast datastart to
char*volatile* before dereferencing and checking against NULL.
Ivan Maidanski [Tue, 25 Oct 2016 08:37:40 +0000 (11:37 +0300)]
Workaround 'condition is always false' cppcheck warning in get_next_stack
* win32_threads.c [CPPCHECK] (GC_get_next_stack): Set thread a non-null
value (near current_min assignment) even if GC_win32_dll_threads (to
avoid cppcheck complain that if(thread!=0) is always false (thus
UNPROTECT_THREAD(thread) is never reached) if GC_DISCOVER_TASK_THREADS.
Ivan Maidanski [Mon, 24 Oct 2016 08:06:33 +0000 (11:06 +0300)]
Workaround 'value of macro unknown' cppcheck info messages
The messages are eliminated for the macros: __int64, _SIGRTMIN,
ARM_THREAD_STATE32, ARM_UNIFIED_THREAD_STATE, FIXUP_POINTER,
GC_COLLECT_AT_MALLOC, GC_FREE_SPACE_DIVISOR, GC_FULL_FREQ,
GC_INITIAL_HEAP_SIZE, GC_MAX_RETRIES, GC_MAXIMUM_HEAP_SIZE,
GC_MIN_MARKERS, GC_SIG_SUSPEND, GC_SIG_THR_RESTART, GC_TIME_LIMIT,
HEURISTIC2_LIMIT, MAP_ANONYMOUS, RTLD_DI_LINKMAP, SAVE_CALL_COUNT,
SIZE_MAX.
* alloc.c (GC_full_freq, GC_free_space_divisor, GC_time_limit): Define
to default immediate value if CPPCHECK.
* darwin_stop_world.c [ARM32 && ARM_THREAD_STATE32]
(GC_ARM_UNIFIED_THREAD_STATE): New macro (defined to
ARM_UNIFIED_THREAD_STATE unless CPPCHECK).
* darwin_stop_world.c [ARM32 && ARM_THREAD_STATE32]
(GC_stack_range_for): Use GC_ARM_UNIFIED_THREAD_STATE; do not use value
of ARM_THREAD_STATE32 if CPPCHECK.
* dyn_load.c [!USE_PROC_FOR_LIBRARIES] (GC_RTLD_DI_LINKMAP): New macro
(defined to RTLD_DI_LINKMAP unless CPPCHECK).
* dyn_load.c [!USE_PROC_FOR_LIBRARIES] (GC_FirstDLOpenedLinkMap): Use
GC_RTLD_DI_LINKMAP.
* include/gc.h (GC_word, GC_signed_word): Do not define to __int64 if
CPPCHECK.
* include/gc.h (GC_INIT_CONF_MAX_RETRIES,
GC_INIT_CONF_FREE_SPACE_DIVISOR, GC_INIT_CONF_FULL_FREQ,
GC_INIT_CONF_TIME_LIMIT, GC_INIT_CONF_SUSPEND_SIGNAL,
GC_INIT_CONF_THR_RESTART_SIGNAL, GC_MAXIMUM_HEAP_SIZE,
GC_INITIAL_HEAP_SIZE): Define to empty if CPPCHECK.
* include/private/gc_priv.h [SIZE_MAX] (GC_SIZE_MAX): Do not define to
SIZE_MAX if CPPCHECK.
* include/private/gc_priv.h [DARWIN && ARM32
&& ARM_UNIFIED_THREAD_STATE] (GC_MACH_THREAD_STATE): Do not define to
ARM_UNIFIED_THREAD_STATE if CPPCHECK.
* include/private/gc_priv.h [GC_PTHREADS && _SIGRTMIN] (SIG_SUSPEND):
Do not define to _SIGRTMIN if CPPCHECK.
* pthread_stop_world.c [!SIG_THR_RESTART && _SIGRTMIN]
(SIG_THR_RESTART): Likewise.
* include/private/gcconfig.h [SAVE_CALL_CHAIN && SAVE_CALL_COUNT]
(NFRAMES): Define to immediate value (do not use value of
SAVE_CALL_COUNT) if CPPCHECK.
* include/private/gcconfig.h [!FIXUP_POINTER && POINTER_MASK]
(FIXUP_POINTER): Define to a sample expression (not using values of
POINTER_MASK and POINTER_SHIFT) if CPPCHECK.
* malloc.c [GC_COLLECT_AT_MALLOC] (GC_dbg_collect_at_malloc_min_lb):
Define to sample value (not using value of GC_COLLECT_AT_MALLOC) if
CPPCHECK.
* misc.c [GC_INITIAL_HEAP_SIZE] (GC_init): Define to default immediate
value if CPPCHECK.
* os_dep.c [!BEOS && !OS2 && !SWIN32 && !GC_OPENBSD_THREADS
&& !STACKBOTTOM && HEURISTIC2_LIMIT] (GC_get_main_stack_base): Do not
use value of HEURISTIC2_LIMIT if CPPCHECK.
* os_dep.c [USE_MMAP_ANON && MAP_ANONYMOUS] (OPT_MAP_ANON): Do not use
value of MAP_ANONYMOUS if CPPCHECK.
* pthread_stop_world.c [GC_ENABLE_SUSPEND_THREAD && !GC_TIME_LIMIT]
(GC_TIME_LIMIT): Do not define.
* pthread_stop_world.c [GC_ENABLE_SUSPEND_THREAD]
(GC_brief_async_signal_safe_sleep): Do not use value of GC_TIME_LIMIT
if CPPCHECK.
* pthread_support.c [PARALLEL_MARK && GC_MIN_MARKERS] (GC_thr_init):
Do not use value of GC_MIN_MARKERS if CPPCHECK.
* win32_threads.c [PARALLEL_MARK && GC_MIN_MARKERS] (GC_thr_init):
Likewise.
* tests/test.c [GC_DEBUG && SAVE_CALL_CHAIN && SAVE_CALL_COUNT]
(check_heap_stats): Use NFRAMES instead of SAVE_CALL_COUNT (i.e. do not
use value of SAVE_CALL_COUNT).
Ivan Maidanski [Fri, 21 Oct 2016 18:57:15 +0000 (21:57 +0300)]
Workaround 'tainted int used as loop bound' static analysis tool warning
No need to check upper bound of n here, so a dummy check is added.
* tests/test_cpp.cc (main) [LINT2]: Check upper bound of n local
variable (the check is actually dummy).
* tests/test_cpp.cc (main): Reformat code (which handles n variable).
Ivan Maidanski [Fri, 21 Oct 2016 08:42:26 +0000 (11:42 +0300)]
Fix 'ISO C90 forbids mixed declarations and code' compiler warning
* pthread_support.c [GC_PTHREADS && !GC_WIN32_THREADS]
(GC_thread_exit_proc): Move GC_log_printf() call down to be after local
variables declarations.
* thread_local_alloc.c [THREAD_LOCAL_ALLOC && USE_PTHREAD_SPECIFIC
&& !USE_WIN32_SPECIFIC]: Add {} to have "k" local variable declaration
before any statement in a block.
Ivan Maidanski [Tue, 18 Oct 2016 21:42:29 +0000 (00:42 +0300)]
Workaround 'variable reassigned before old value used' cppcheck warnings
* misc.c (GC_call_with_gc_active): Call GC_noop1 for
GC_traced_stack_sect and GC_blocked_sp (before restoring their original
values) if CPPCHECK.
* win32_threads.c (GC_do_blocking_inner): Call GC_noop1 for
thread_blocked_sp field (before restoring its original value)
if CPPCHECK.
* win32_threads.c (GC_call_with_gc_active): Call GC_noop1 for
traced_stack_sect field (before restoring its original value)
if CPPCHECK.
Ivan Maidanski [Tue, 18 Oct 2016 09:24:34 +0000 (12:24 +0300)]
Workaround 'obsolete function alloca() called' cppcheck warnings
* dyn_load.c [AIX] (GC_register_dynamic_libraries): Code refactoring
to have alloca() call only once (at the beginning of a block); use
variable-length array instead of alloca() if CPPCHECK.
* include/private/gc_priv.h (GC_on_abort): Move definition upper (to be
before ABORT definition); define it to empty if PCR (this is needed for
CPPCHECK).
* include/private/gc_priv.h (ABORT): Specially define to
{GC_on_abort(msg);abort();} block statement if CPPCHECK.
* tests/test.c (chktree): Check for n is zero only once; add comment.