Add a few safety checks when ENABLE_CHECKING

This was motivated by the recent addition of module code, which added some ENABLE_CHECKING-enabled checks that are useful elsewhere too. * src/alloc.c (compact_font_cache_entry): * src/fns.c (sweep_weak_table): * src/lread.c (oblookup): Use gc_asize rather than doing it by hand. * src/emacs-module.c (module_make_global_ref) (module_free_global_ref, module_vec_size): Omit assertions that lisp.h now checks. * src/lisp.h (XFASTINT, ASIZE): In functional implementations, check that the result is nonnegative. Use eassume, as this info can help a bit when optimizing production code. (XSYMBOL) [!USE_LSB_TAG]: Assert that argument is a symbol, to be consistent with the USE_LSB_TAG case. (gc_asize): New function, when ASIZE is needed in the gc. (gc_aset): Use it. (HASH_TABLE_P): Move definition up, so that it can be used ... (XHASH_TABLE): ... here, to assert that the arg is a hash table.
author: Paul Eggert 2015-11-21 10:38:19 -0800
committer: Paul Eggert 2015-11-21 10:44:04 -0800
commit: 8afaa1321f8088bfb877fe4b6676e8517adb0bb7 (patch)
tree: 7e865f4b42fc44ba38abf7d0188db0aa05096fbd /src/lisp.h
parent: d696d62fea48096680d6d511a71c4df56d00a51f (diff)
download: emacs-8afaa1321f8088bfb877fe4b6676e8517adb0bb7.tar.gz
emacs-8afaa1321f8088bfb877fe4b6676e8517adb0bb7.zip
1 files changed, 23 insertions, 10 deletions
diff --git a/src/lisp.h b/src/lisp.h
index 71dca7201d0..9af13a85557 100644
--- a/src/lisp.h
+++ b/src/lisp.h
@@ -847,7 +847,9 @@ INLINE EMACS_INT
 INLINE EMACS_INT
 (XFASTINT) (Lisp_Object a)
 {
-  return lisp_h_XFASTINT (a);
+  EMACS_INT n = lisp_h_XFASTINT (a);
+  eassume (0 <= n);
+  return n;
 }
 INLINE struct Lisp_Symbol *
@@ -915,7 +917,7 @@ XFASTINT (Lisp_Object a)
 {
  EMACS_INT int0 = Lisp_Int0;
  EMACS_INT n = USE_LSB_TAG ? XINT (a) : XLI (a) - (int0 << VALBITS);
-  eassert (0 <= n);
+  eassume (0 <= n);
  return n;
 }
@@ -923,6 +925,7 @@ XFASTINT (Lisp_Object a)
 INLINE struct Lisp_Symbol *
 XSYMBOL (Lisp_Object a)
 {
+  eassert (SYMBOLP (a));
  uintptr_t i = (uintptr_t) XUNTAG (a, Lisp_Symbol);
  void *p = (char *) lispsym + i;
  return p;
@@ -1536,7 +1539,16 @@ aref_addr (Lisp_Object array, ptrdiff_t idx)
 INLINE ptrdiff_t
 ASIZE (Lisp_Object array)
 {
-  return XVECTOR (array)->header.size;
+  ptrdiff_t size = XVECTOR (array)->header.size;
+  eassume (0 <= size);
+  return size;
+}
+INLINE ptrdiff_t
+gc_asize (Lisp_Object array)
+{
+  /* Like ASIZE, but also can be used in the garbage collector.  */
+  return XVECTOR (array)->header.size & ~ARRAY_MARK_FLAG;
 }
 INLINE void
@@ -1551,7 +1563,7 @@ gc_aset (Lisp_Object array, ptrdiff_t idx, Lisp_Object val)
 {
  /* Like ASET, but also can be used in the garbage collector:
     sweep_weak_table calls set_hash_key etc. while the table is marked.  */
-  eassert (0 <= idx && idx < (ASIZE (array) & ~ARRAY_MARK_FLAG));
+  eassert (0 <= idx && idx < gc_asize (array));
  XVECTOR (array)->contents[idx] = val;
 }
@@ -1933,21 +1945,22 @@ struct Lisp_Hash_Table
 };
+INLINE bool
+HASH_TABLE_P (Lisp_Object a)
+{
+  return PSEUDOVECTORP (a, PVEC_HASH_TABLE);
+}
 INLINE struct Lisp_Hash_Table *
 XHASH_TABLE (Lisp_Object a)
 {
+  eassert (HASH_TABLE_P (a));
  return XUNTAG (a, Lisp_Vectorlike);
 }
 #define XSET_HASH_TABLE(VAR, PTR) \
     (XSETPSEUDOVECTOR (VAR, PTR, PVEC_HASH_TABLE))
-INLINE bool
-HASH_TABLE_P (Lisp_Object a)
-{
-  return PSEUDOVECTORP (a, PVEC_HASH_TABLE);
-}
 /* Value is the key part of entry IDX in hash table H.  */
 INLINE Lisp_Object
 HASH_KEY (struct Lisp_Hash_Table *h, ptrdiff_t idx)
author	Paul Eggert	2015-11-21 10:38:19 -0800
committer	Paul Eggert	2015-11-21 10:44:04 -0800
commit	8afaa1321f8088bfb877fe4b6676e8517adb0bb7 (patch)
tree	7e865f4b42fc44ba38abf7d0188db0aa05096fbd /src/lisp.h
parent	d696d62fea48096680d6d511a71c4df56d00a51f (diff)
download	emacs-8afaa1321f8088bfb877fe4b6676e8517adb0bb7.tar.gz emacs-8afaa1321f8088bfb877fe4b6676e8517adb0bb7.zip