diff options
| author | Paul Eggert | 2019-04-21 21:47:10 -0700 |
|---|---|---|
| committer | Paul Eggert | 2019-04-21 23:16:48 -0700 |
| commit | 1ea048f6e02e56891278a040a5b21678c661764a (patch) | |
| tree | 07121fd5272f4bba48d96f22a3f65396c0071c01 /src/alloc.c | |
| parent | 72067661fef9cb9e1a746a7a825053c8204c7a38 (diff) | |
| download | emacs-1ea048f6e02e56891278a040a5b21678c661764a.tar.gz emacs-1ea048f6e02e56891278a040a5b21678c661764a.zip | |
Remove --enable-checking=xmallocoverrun
It doesn’t work anymore, and these days ‘gcc -fsanitize=address’
does a better job anyway.
* configure.ac: Remove the option.
* configure.ac (ac_xmalloc_overrun, XMALLOC_OVERRUN_CHECK):
* src/alloc.c (XMALLOC_OVERRUN_CHECK_OVERHEAD)
(XMALLOC_OVERRUN_CHECK_SIZE, XMALLOC_OVERRUN_SIZE_SIZE)
(xmalloc_overrun_check_header, xmalloc_overrun_check_trailer)
(xmalloc_put_size, xmalloc_get_size, overrun_check_malloc)
(overrun_check_realloc, overrun_check_free):
Remove. All uses removed.
* etc/NEWS: Mention this.
Diffstat (limited to 'src/alloc.c')
| -rw-r--r-- | src/alloc.c | 169 |
1 files changed, 1 insertions, 168 deletions
diff --git a/src/alloc.c b/src/alloc.c index d279b6f872e..402fada1ad2 100644 --- a/src/alloc.c +++ b/src/alloc.c | |||
| @@ -151,9 +151,7 @@ malloc_initialize_hook (void) | |||
| 151 | 151 | ||
| 152 | if (malloc_set_state (malloc_state_ptr) != 0) | 152 | if (malloc_set_state (malloc_state_ptr) != 0) |
| 153 | emacs_abort (); | 153 | emacs_abort (); |
| 154 | # ifndef XMALLOC_OVERRUN_CHECK | ||
| 155 | alloc_unexec_post (); | 154 | alloc_unexec_post (); |
| 156 | # endif | ||
| 157 | } | 155 | } |
| 158 | } | 156 | } |
| 159 | 157 | ||
| @@ -651,171 +649,6 @@ verify (LISP_ALIGNMENT % GCALIGNMENT == 0); | |||
| 651 | it never does anything that requires an alignment of 16. */ | 649 | it never does anything that requires an alignment of 16. */ |
| 652 | enum { MALLOC_IS_LISP_ALIGNED = alignof (max_align_t) % LISP_ALIGNMENT == 0 }; | 650 | enum { MALLOC_IS_LISP_ALIGNED = alignof (max_align_t) % LISP_ALIGNMENT == 0 }; |
| 653 | 651 | ||
| 654 | #ifndef XMALLOC_OVERRUN_CHECK | ||
| 655 | #define XMALLOC_OVERRUN_CHECK_OVERHEAD 0 | ||
| 656 | #else | ||
| 657 | |||
| 658 | /* Check for overrun in malloc'ed buffers by wrapping a header and trailer | ||
| 659 | around each block. | ||
| 660 | |||
| 661 | The header consists of XMALLOC_OVERRUN_CHECK_SIZE fixed bytes | ||
| 662 | followed by XMALLOC_OVERRUN_SIZE_SIZE bytes containing the original | ||
| 663 | block size in little-endian order. The trailer consists of | ||
| 664 | XMALLOC_OVERRUN_CHECK_SIZE fixed bytes. | ||
| 665 | |||
| 666 | The header is used to detect whether this block has been allocated | ||
| 667 | through these functions, as some low-level libc functions may | ||
| 668 | bypass the malloc hooks. */ | ||
| 669 | |||
| 670 | #define XMALLOC_OVERRUN_CHECK_SIZE 16 | ||
| 671 | #define XMALLOC_OVERRUN_CHECK_OVERHEAD \ | ||
| 672 | (2 * XMALLOC_OVERRUN_CHECK_SIZE + XMALLOC_OVERRUN_SIZE_SIZE) | ||
| 673 | |||
| 674 | /* Define XMALLOC_OVERRUN_SIZE_SIZE so that (1) it's large enough to | ||
| 675 | hold a size_t value and (2) the header size is a multiple of the | ||
| 676 | alignment that Emacs needs for C types and for USE_LSB_TAG. */ | ||
| 677 | #define XMALLOC_OVERRUN_SIZE_SIZE \ | ||
| 678 | (((XMALLOC_OVERRUN_CHECK_SIZE + sizeof (size_t) \ | ||
| 679 | + LISP_ALIGNMENT - 1) \ | ||
| 680 | / LISP_ALIGNMENT * LISP_ALIGNMENT) \ | ||
| 681 | - XMALLOC_OVERRUN_CHECK_SIZE) | ||
| 682 | |||
| 683 | static char const xmalloc_overrun_check_header[XMALLOC_OVERRUN_CHECK_SIZE] = | ||
| 684 | { '\x9a', '\x9b', '\xae', '\xaf', | ||
| 685 | '\xbf', '\xbe', '\xce', '\xcf', | ||
| 686 | '\xea', '\xeb', '\xec', '\xed', | ||
| 687 | '\xdf', '\xde', '\x9c', '\x9d' }; | ||
| 688 | |||
| 689 | static char const xmalloc_overrun_check_trailer[XMALLOC_OVERRUN_CHECK_SIZE] = | ||
| 690 | { '\xaa', '\xab', '\xac', '\xad', | ||
| 691 | '\xba', '\xbb', '\xbc', '\xbd', | ||
| 692 | '\xca', '\xcb', '\xcc', '\xcd', | ||
| 693 | '\xda', '\xdb', '\xdc', '\xdd' }; | ||
| 694 | |||
| 695 | /* Insert and extract the block size in the header. */ | ||
| 696 | |||
| 697 | static void | ||
| 698 | xmalloc_put_size (unsigned char *ptr, size_t size) | ||
| 699 | { | ||
| 700 | int i; | ||
| 701 | for (i = 0; i < XMALLOC_OVERRUN_SIZE_SIZE; i++) | ||
| 702 | { | ||
| 703 | *--ptr = size & ((1 << CHAR_BIT) - 1); | ||
| 704 | size >>= CHAR_BIT; | ||
| 705 | } | ||
| 706 | } | ||
| 707 | |||
| 708 | static size_t | ||
| 709 | xmalloc_get_size (unsigned char *ptr) | ||
| 710 | { | ||
| 711 | size_t size = 0; | ||
| 712 | int i; | ||
| 713 | ptr -= XMALLOC_OVERRUN_SIZE_SIZE; | ||
| 714 | for (i = 0; i < XMALLOC_OVERRUN_SIZE_SIZE; i++) | ||
| 715 | { | ||
| 716 | size <<= CHAR_BIT; | ||
| 717 | size += *ptr++; | ||
| 718 | } | ||
| 719 | return size; | ||
| 720 | } | ||
| 721 | |||
| 722 | |||
| 723 | /* Like malloc, but wraps allocated block with header and trailer. */ | ||
| 724 | |||
| 725 | static void * | ||
| 726 | overrun_check_malloc (size_t size) | ||
| 727 | { | ||
| 728 | register unsigned char *val; | ||
| 729 | if (SIZE_MAX - XMALLOC_OVERRUN_CHECK_OVERHEAD < size) | ||
| 730 | emacs_abort (); | ||
| 731 | |||
| 732 | val = malloc (size + XMALLOC_OVERRUN_CHECK_OVERHEAD); | ||
| 733 | if (val) | ||
| 734 | { | ||
| 735 | memcpy (val, xmalloc_overrun_check_header, XMALLOC_OVERRUN_CHECK_SIZE); | ||
| 736 | val += XMALLOC_OVERRUN_CHECK_SIZE + XMALLOC_OVERRUN_SIZE_SIZE; | ||
| 737 | xmalloc_put_size (val, size); | ||
| 738 | memcpy (val + size, xmalloc_overrun_check_trailer, | ||
| 739 | XMALLOC_OVERRUN_CHECK_SIZE); | ||
| 740 | } | ||
| 741 | return val; | ||
| 742 | } | ||
| 743 | |||
| 744 | |||
| 745 | /* Like realloc, but checks old block for overrun, and wraps new block | ||
| 746 | with header and trailer. */ | ||
| 747 | |||
| 748 | static void * | ||
| 749 | overrun_check_realloc (void *block, size_t size) | ||
| 750 | { | ||
| 751 | register unsigned char *val = (unsigned char *) block; | ||
| 752 | if (SIZE_MAX - XMALLOC_OVERRUN_CHECK_OVERHEAD < size) | ||
| 753 | emacs_abort (); | ||
| 754 | |||
| 755 | if (val | ||
| 756 | && memcmp (xmalloc_overrun_check_header, | ||
| 757 | val - XMALLOC_OVERRUN_CHECK_SIZE - XMALLOC_OVERRUN_SIZE_SIZE, | ||
| 758 | XMALLOC_OVERRUN_CHECK_SIZE) == 0) | ||
| 759 | { | ||
| 760 | size_t osize = xmalloc_get_size (val); | ||
| 761 | if (memcmp (xmalloc_overrun_check_trailer, val + osize, | ||
| 762 | XMALLOC_OVERRUN_CHECK_SIZE)) | ||
| 763 | emacs_abort (); | ||
| 764 | memset (val + osize, 0, XMALLOC_OVERRUN_CHECK_SIZE); | ||
| 765 | val -= XMALLOC_OVERRUN_CHECK_SIZE + XMALLOC_OVERRUN_SIZE_SIZE; | ||
| 766 | memset (val, 0, XMALLOC_OVERRUN_CHECK_SIZE + XMALLOC_OVERRUN_SIZE_SIZE); | ||
| 767 | } | ||
| 768 | |||
| 769 | val = realloc (val, size + XMALLOC_OVERRUN_CHECK_OVERHEAD); | ||
| 770 | |||
| 771 | if (val) | ||
| 772 | { | ||
| 773 | memcpy (val, xmalloc_overrun_check_header, XMALLOC_OVERRUN_CHECK_SIZE); | ||
| 774 | val += XMALLOC_OVERRUN_CHECK_SIZE + XMALLOC_OVERRUN_SIZE_SIZE; | ||
| 775 | xmalloc_put_size (val, size); | ||
| 776 | memcpy (val + size, xmalloc_overrun_check_trailer, | ||
| 777 | XMALLOC_OVERRUN_CHECK_SIZE); | ||
| 778 | } | ||
| 779 | return val; | ||
| 780 | } | ||
| 781 | |||
| 782 | /* Like free, but checks block for overrun. */ | ||
| 783 | |||
| 784 | static void | ||
| 785 | overrun_check_free (void *block) | ||
| 786 | { | ||
| 787 | unsigned char *val = (unsigned char *) block; | ||
| 788 | |||
| 789 | if (val | ||
| 790 | && memcmp (xmalloc_overrun_check_header, | ||
| 791 | val - XMALLOC_OVERRUN_CHECK_SIZE - XMALLOC_OVERRUN_SIZE_SIZE, | ||
| 792 | XMALLOC_OVERRUN_CHECK_SIZE) == 0) | ||
| 793 | { | ||
| 794 | size_t osize = xmalloc_get_size (val); | ||
| 795 | if (memcmp (xmalloc_overrun_check_trailer, val + osize, | ||
| 796 | XMALLOC_OVERRUN_CHECK_SIZE)) | ||
| 797 | emacs_abort (); | ||
| 798 | #ifdef XMALLOC_CLEAR_FREE_MEMORY | ||
| 799 | val -= XMALLOC_OVERRUN_CHECK_SIZE + XMALLOC_OVERRUN_SIZE_SIZE; | ||
| 800 | memset (val, 0xff, osize + XMALLOC_OVERRUN_CHECK_OVERHEAD); | ||
| 801 | #else | ||
| 802 | memset (val + osize, 0, XMALLOC_OVERRUN_CHECK_SIZE); | ||
| 803 | val -= XMALLOC_OVERRUN_CHECK_SIZE + XMALLOC_OVERRUN_SIZE_SIZE; | ||
| 804 | memset (val, 0, XMALLOC_OVERRUN_CHECK_SIZE + XMALLOC_OVERRUN_SIZE_SIZE); | ||
| 805 | #endif | ||
| 806 | } | ||
| 807 | |||
| 808 | free (val); | ||
| 809 | } | ||
| 810 | |||
| 811 | #undef malloc | ||
| 812 | #undef realloc | ||
| 813 | #undef free | ||
| 814 | #define malloc overrun_check_malloc | ||
| 815 | #define realloc overrun_check_realloc | ||
| 816 | #define free overrun_check_free | ||
| 817 | #endif | ||
| 818 | |||
| 819 | /* If compiled with XMALLOC_BLOCK_INPUT_CHECK, define a symbol | 652 | /* If compiled with XMALLOC_BLOCK_INPUT_CHECK, define a symbol |
| 820 | BLOCK_INPUT_IN_MEMORY_ALLOCATORS that is visible to the debugger. | 653 | BLOCK_INPUT_IN_MEMORY_ALLOCATORS that is visible to the debugger. |
| 821 | If that variable is set, block input while in one of Emacs's memory | 654 | If that variable is set, block input while in one of Emacs's memory |
| @@ -1790,7 +1623,7 @@ static char const string_overrun_cookie[GC_STRING_OVERRUN_COOKIE_SIZE] = | |||
| 1790 | calculating a value to be passed to malloc. */ | 1623 | calculating a value to be passed to malloc. */ |
| 1791 | static ptrdiff_t const STRING_BYTES_MAX = | 1624 | static ptrdiff_t const STRING_BYTES_MAX = |
| 1792 | min (STRING_BYTES_BOUND, | 1625 | min (STRING_BYTES_BOUND, |
| 1793 | ((SIZE_MAX - XMALLOC_OVERRUN_CHECK_OVERHEAD | 1626 | ((SIZE_MAX |
| 1794 | - GC_STRING_EXTRA | 1627 | - GC_STRING_EXTRA |
| 1795 | - offsetof (struct sblock, data) | 1628 | - offsetof (struct sblock, data) |
| 1796 | - SDATA_DATA_OFFSET) | 1629 | - SDATA_DATA_OFFSET) |