From: Paul Eggert <eggert@cs.ucla.edu>
Date: Sun, 30 Nov 2014 07:30:22 +0000 (-0800)
Subject: Port better to AddressSanitizer.
X-Git-Tag: emacs-25.0.90~2635^2~266
X-Git-Url: http://git.eshelyaron.com/gitweb/?a=commitdiff_plain;h=3517da701ea5d16c296745d6678988b06bee615d;p=emacs.git

Port better to AddressSanitizer.

These changes suffice for temacs on x86-64 with GCC 4.9.2 and
-fsanitize=address.
* alloc.c (valid_pointer_p) [ADDRESS_SANITIZER]:
Return -1 or 0, as the pipe trick doesn't work.
* alloc.c (relocatable_string_data_p, mark_object, sweep_symbols):
* data.c (Ffset):
* print.c (print_object):
When a pointer-check primitive returns -1, do not assume this
means the pointer is valid or that the underlying system has failed.
It could just be that addresses are being sanitized so Emacs can't
test for pointer validity.
* lisp.h (defined_GC_CHECK_STRING_BYTES): New constant.
(USE_STACK_STRING) [GC_CHECK_STRING_BYTES]: Now false, since the
string validity checker doesn't work on stack-based strings.
---

diff --git a/src/ChangeLog b/src/ChangeLog
index 668c3e809f6..c977eb490f5 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,3 +1,21 @@
+2014-11-30  Paul Eggert  <eggert@cs.ucla.edu>
+
+	Port better to AddressSanitizer.
+	These changes suffice for temacs on x86-64 with GCC 4.9.2 and
+	-fsanitize=address.
+	* alloc.c (valid_pointer_p) [ADDRESS_SANITIZER]:
+	Return -1 or 0, as the pipe trick doesn't work.
+	* alloc.c (relocatable_string_data_p, mark_object, sweep_symbols):
+	* data.c (Ffset):
+	* print.c (print_object):
+	When a pointer-check primitive returns -1, do not assume this
+	means the pointer is valid or that the underlying system has failed.
+	It could just be that addresses are being sanitized so Emacs can't
+	test for pointer validity.
+	* lisp.h (defined_GC_CHECK_STRING_BYTES): New constant.
+	(USE_STACK_STRING) [GC_CHECK_STRING_BYTES]: Now false, since the
+	string validity checker doesn't work on stack-based strings.
+
 2014-11-29  Paul Eggert  <eggert@cs.ucla.edu>
 
 	Improve clarity of USE_LSB_TAG definition.
diff --git a/src/alloc.c b/src/alloc.c
index faad0b59c87..1019c2af6cc 100644
--- a/src/alloc.c
+++ b/src/alloc.c
@@ -4934,6 +4934,10 @@ valid_pointer_p (void *p)
 #ifdef WINDOWSNT
   return w32_valid_pointer_p (p, 16);
 #else
+
+  if (ADDRESS_SANITIZER)
+    return p ? -1 : 0;
+
   int fd[2];
 
   /* Obviously, we cannot just access it (we would SEGV trying), so we
@@ -4949,7 +4953,7 @@ valid_pointer_p (void *p)
       return valid;
     }
 
-    return -1;
+  return -1;
 #endif
 }
 
@@ -5048,8 +5052,8 @@ relocatable_string_data_p (const char *str)
       struct sdata *sdata
 	= (struct sdata *) (str - offsetof (struct sdata, data));
 
-      if (valid_pointer_p (sdata)
-	  && valid_pointer_p (sdata->string)
+      if (0 < valid_pointer_p (sdata)
+	  && 0 < valid_pointer_p (sdata->string)
 	  && maybe_lisp_pointer (sdata->string))
 	return (valid_lisp_object_p
 		(make_lisp_ptr (sdata->string, Lisp_String))
@@ -6364,7 +6368,7 @@ mark_object (Lisp_Object arg)
 	CHECK_ALLOCATED_AND_LIVE (live_symbol_p);
 	ptr->gcmarkbit = 1;
 	/* Attempt to catch bogus objects.  */
-        eassert (valid_lisp_object_p (ptr->function) >= 1);
+        eassert (valid_lisp_object_p (ptr->function));
 	mark_object (ptr->function);
 	mark_object (ptr->plist);
 	switch (ptr->redirect)
@@ -6749,7 +6753,7 @@ sweep_symbols (void)
               ++num_used;
               sym->s.gcmarkbit = 0;
               /* Attempt to catch bogus objects.  */
-              eassert (valid_lisp_object_p (sym->s.function) >= 1);
+              eassert (valid_lisp_object_p (sym->s.function));
             }
         }
 
diff --git a/src/data.c b/src/data.c
index 9977a3aaadd..b48dbbebabc 100644
--- a/src/data.c
+++ b/src/data.c
@@ -729,7 +729,7 @@ DEFUN ("fset", Ffset, Sfset, 2, 2, 0,
 
   /* Convert to eassert or remove after GC bug is found.  In the
      meantime, check unconditionally, at a slight perf hit.  */
-  if (valid_lisp_object_p (definition) < 1)
+  if (! valid_lisp_object_p (definition))
     emacs_abort ();
 
   set_symbol_function (symbol, definition);
diff --git a/src/lisp.h b/src/lisp.h
index 42bb33704fa..a56c4a73bf8 100644
--- a/src/lisp.h
+++ b/src/lisp.h
@@ -4604,6 +4604,12 @@ lisp_word_count (ptrdiff_t nbytes)
 # define USE_STACK_LISP_OBJECTS false
 #endif
 
+#ifdef GC_CHECK_STRING_BYTES
+enum { defined_GC_CHECK_STRING_BYTES = true };
+#else
+enum { defined_GC_CHECK_STRING_BYTES = false };
+#endif
+
 /* Struct inside unions that are typically no larger and aligned enough.  */
 
 union Aligned_Cons
@@ -4628,6 +4634,7 @@ enum
     USE_STACK_CONS = (USE_STACK_LISP_OBJECTS
 		      && alignof (union Aligned_Cons) % GCALIGNMENT == 0),
     USE_STACK_STRING = (USE_STACK_CONS
+			&& !defined_GC_CHECK_STRING_BYTES
 			&& alignof (union Aligned_String) % GCALIGNMENT == 0)
   };
 
diff --git a/src/print.c b/src/print.c
index 49331ef0984..7723b98348a 100644
--- a/src/print.c
+++ b/src/print.c
@@ -2098,14 +2098,16 @@ print_object (Lisp_Object obj, Lisp_Object printcharfun, bool escapeflag)
 		for (i = 0; i < limit; i++)
 		  {
 		    Lisp_Object maybe = area[i];
+		    int valid = valid_lisp_object_p (maybe);
 
-		    if (valid_lisp_object_p (maybe) > 0)
+		    if (0 < valid)
 		      {
 			PRINTCHAR (' ');
 			print_object (maybe, printcharfun, escapeflag);
 		      }
 		    else
-		      strout (" <invalid>", -1, -1, printcharfun);
+		      strout (valid ? " <some>" : " <invalid>",
+			      -1, -1, printcharfun);
 		  }
 		if (i == limit && i < amount)
 		  strout (" ...", 4, 4, printcharfun);