GCC has removed the -fcheck-pointer bounds option, and the Linux
kernel has also removed support for Intel MPX, so there’s no point
to keeping this debugging option within Emacs.
* src/bytecode.c (BYTE_CODE_THREADED):
* src/lisp.h (DEFINE_LISP_SYMBOL, XSYMBOL, make_lisp_symbol):
Assume __CHKP__ is not defined.
* src/ptr-bounds.h: Remove. All uses of ptr_bounds_clip,
ptr_bounds_copy, ptr_bounds_init, ptr_bounds_set removed.
* src/alloc.c (mark_maybe_object):
Use simpler way to avoid -fsanitize=undefined false alarms,
by converting the word tag to intptr_t first.
Omit now-unnecessary runtime overflow check.
(mark_memory): Work even if UINTPTR_MAX <= INT_MAX (!).
We perform weird pointer arithmetic due to the layout of Lisp_Objects
holding symbols. ASan/UBSan warns about that (Bug#42530). Suppress
the warnings by performing the arithmetic on integer types and casting
back to pointers.
* src/alloc.c (mark_maybe_object, mark_memory): Temporarily cast
pointer to 'intptr_t'.
* src/alloc.c (__builtin_unwind_init) [!HAVE___BUILTIN_UNWIND_INIT]:
Move from here ...
* src/lisp.h: ... to here, since flush_stack_call_func uses it.
* src/pdumper.c (dump_off_from_lisp): Avoid ‘return n;;’ to pacify
Oracle Studio.
(live_string_holding, live_cons_holding, live_symbol_holding)
(live_float_p, live_vector_holding):
Assert that m->type is correct, instead of testing this at
runtime. All callers changed.
(live_large_vector_holding, live_small_vector_holding):
Now two functions instead of the old live_vector_holding.
All callers changed.
(live_large_vector_p, live_small_vector_p):
Now two functions instead of the old live_vector_p.
All callers changed.
(mark_maybe_object): Ignore Lisp_Type_Unused0 quickly too,
since that cannot possibly be an object.
(CHECK_LIVE, CHECK_ALLOCATED_AND_LIVE):
New arg MEM_TYPE. All callers changed.
(CHECK_ALLOCATED_AND_LIVE_SYMBOL): Simplify by combining
GC_CHECK_MARKED_OBJECTS code.
* src/alloc.c (live_string_holding, live_cons_holding)
(live_symbol_holding, live_vector_holding):
Return a C pointer, not a Lisp_Object. All callers changed.
This helps the compiler a bit.
(live_string_p, live_cons_p, live_symbol_p, live_vector_p):
Require that P point directly at the object, rather than
somewhere within the object. This fixes some false positives
with valid_lisp_object_p (used only in debugging).
(mark_maybe_object): Rely on the new accuracy.
* src/alloc.c (USE_VALGRIND): If not defined, don’t default it to
1 unless ENABLE_CHECKING. The Valgrind hooks bloat the garbage
collector a bit in production, and there’s no need for them these
days if one has a Valgrind suppressions file (which one needs anyway).
(mark_maybe_pointer): Use ‘#if USE_VALGRIND’ instead of ‘#ifdef
USE_VALGRIND’ for consistency with other uses of USE_VALGRIND.
This is in case someone builds with ‘-DENABLE_CHECKING
-DUSE_VALGRIND=0’ in CFLAGS.
Simplified version of a patch from Pip Cet (Bug#41321#299).
* src/alloc.c (maybe_lisp_pointer): Remove. All uses removed.
(mark_memory): Also look at the pointer offset by ‘lispsym’,
for symbols.
Performance issue reported by Eli Zaretskii (Bug#41321#149).
* src/alloc.c (GC_OBJECT_ALIGNMENT_MINIMUM): New constant.
(maybe_lisp_pointer): Use it instead of GCALIGNMENT.
* src/alloc.c (union emacs_align_type): Move to here ...
* src/lisp.h: ... from here, and uncomment out some of the
types that alloc.c can see but lisp.h cannot.
* src/alloc.c (MALLOC_ALIGNMENT_BOUND): Remove.
(LISP_ALIGNMENT): Go back to yesterday’s version, except use
union emacs_align_type instead of max_align_t.
(MALLOC_IS_LISP_ALIGNED): Go back to yesterday’s version.
(maybe_lisp_pointer): Check against GCALIGNMENT, not LISP_ALIGNMENT.
* src/lisp.h (union emacs_align_type): Bring back.
This is simpler, and fixes a bug in the previous fix.
* src/alloc.c (MALLOC_ALIGNMENT_BOUND): Simplify by
using max_align_t, since the buggy implementations won’t
break this simpler implementation.
(LISP_ALIGNMENT): Simplify by just using GCALIGNMENT, since the
fancier implementation wasn’t correct anyway, and fixing it
isn’t worth the trouble on practical platforms.
* src/lisp.h (union emacs_align_type): Remove.
Problem reported by Eli Zaretskii (Bug#41321).
* src/alloc.c (MALLOC_ALIGNMENT_BOUND): New constant.
(LISP_ALIGNMENT): Lower it to avoid crashes on MinGW and similarly
buggy platforms where malloc returns pointers not aligned to
alignof (max_align_t). But keep it higher on platforms where this
is known to work, as it helps GC performance.
(MALLOC_IS_LISP_ALIGNED): Define in terms of the other two.
* src/alloc.c (stacktop_sentry):
* src/thread.c (run_thread):
Don’t overalign or oversize stack sentries; they need to be
aligned only for pointers and Lisp_Object, not for arbitrary
pseudovector contents.
* src/lisp.h (union emacs_align_type): New type, used for
LISP_ALIGNMENT.
Check Lisp_Compiled objects better as they’re created,
so that the byte-code interpreter needn’t do the checks
each time it executes them. This improved performance
of ‘make compile-always’ by 1.5% on my platform. Also,
improve the quality of the (still-incomplete) checks, as
this is more practical now that they’re done less often.
* src/alloc.c (make_byte_code): Remove. All uses removed.
(Fmake_byte_code): Put a better (though still incomplete)
check here instead. Simplify by using Fvector instead
of make_uninit_vector followed by memcpy, and by using
XSETPVECTYPE instead of make_byte_code followed by XSETCOMPILED.
* src/bytecode.c (Fbyte_code): Do sanity check and conditional
translation to unibyte here instead of each time the function is
executed.
(exec_byte_code): Omit no-longer-necessary sanity and
unibyte checking. Use SCHARS instead of SBYTES where
either will do, as SCHARS is faster.
* src/eval.c (fetch_and_exec_byte_code): New function.
(funcall_lambda): Use it.
(funcall_lambda, lambda_arity, Ffetch_bytecode):
Omit no-longer-necessary sanity checks.
(Ffetch_bytecode): Add sanity check if actually fetching.
* src/lisp.h (XSETCOMPILED): Remove. All uses removed.
* src/lread.c (read1): Check byte-code objects more thoroughly,
albeit still incompletely, and do translation to unibyte here
instead of each time the function is executed.
(read1): Use XSETPVECYPE instead of make_byte_code.
(read_vector): Omit no-longer-necessary sanity check.
* src/alloc.c (SET_STACK_TOP_ADDRESS): Do not call
__builtin_unwind_init.
(flush_stack_call_func1): Rename from 'flush_stack_call_func'.
(flush_stack_call_func): New function to spill all registers
before calling 'flush_stack_call_func1'. This to make sure the
top of the stack identified includes those registers.
* src/alloc.c (enum mem_type): Remove MEM_TYPE_BUFFER.
(allocate_buffer): Allocate like any other pseudovector.
Don't register on `all_buffers` any more.
(live_buffer_holding, live_buffer_p): Delete functions.
(mark_maybe_object, valid_lisp_object_p): Don't pay attention to
MEM_TYPE_BUFFER any more.
(garbage_collect): Only compact the live buffers.
(mark_buffer): Mark the undo_list of dead buffers here.
(mark_object): Buffers are normal pseudovectors now.
(sweep_buffers): Don't do the actual sweep here, just cleanup the
markers and only for live buffers.
* src/buffer.c (all_buffers): Remove variable.
(Fkill_buffer): Don't check indirect dead buffers.
Set the undo_list before we remove ourselves from the list of live buffers.
(Fbuffer_swap_text, Fset_buffer_multibyte): Don't check indirect dead
buffers.
(init_buffer_once): Don't set `all_buffers`.
(init_buffer): Don't map new memory for dead buffers.
* src/buffer.h (struct buffer): Remove `next` field.
(FOR_EACH_BUFFER): Remove macro.
* src/pdumper.c (dump_buffer): Don't dump the `next` field.
* src/alloc.c (live_buffer_holding): Rename ALL_BUFFERS ti
IGNORE_KILLED, and reverse the condition for returning killed
buffers.
(live_buffer_p): Add commentary.
(live_buffer_p, mark_maybe_object, mark_maybe_pointer): Reverse
the 2nd argument to live_buffer_holding. (Bug#39962)
* src/alloc.c (resize_string_data): The string must be multibyte.
When not bothering to reallocate, do bother to change the byte count.
* test/src/alloc-tests.el (aset-nbytes-change) New test.
This removes some old 32-bit assumptions in Emacs allocator tuning,
and improves performance of ‘make compile-always’ by about 7% on a
couple of 64-bit GNU/Linux platforms I tried it on. It should not
affect performance on 32-bit platforms.
* src/alloc.c (MALLOC_SIZE_NEAR): New macro.
(MALLOC_ALIGNMENT): New constant.
(INTERVAL_BLOCK_SIZE, SBLOCK_SIZE, STRING_BLOCK_SIZE): Use the new
macro. Make these enum constants since they need not be macros.
* src/alloc.c (allocate_string_data): Now static.
Remove code for when Faset calls this function when S
already has data assigned, as that can no longer happen.
(resize_string_data): New function, which avoids relocation in
more cases than the old code did, by not bothering to relocate
when the size changes falls within the alignment slop.
* src/data.c (Faset): Use resize_string_data.
Change a while to a do-while since it must iterate at least once.
On my platform, this sped up (make-string 4000000000 0) from 2.5
to 0.015 seconds (not that people should want to do this much :-).
* src/alloc.c (allocate_string_data): New arg CLEARIT.
Callers changed.
(Fmake_string): Prefer calloc to malloc+memset when allocating a
large string of NUL bytes.
(make_clear_string): New function.
(make_uninit_string): Use it.
(make_clear_multibyte_string): New function.
(make_uninit_multibyte_string): Use it.
* src/module-env-28.h: Add new module environment functions to
module environment for Emacs 28.
* src/emacs-module.h.in: Document that 'emacs_finalizer' also works
for function finalizers.
* src/emacs-module.c (CHECK_MODULE_FUNCTION): New function.
(struct Lisp_Module_Function): Add finalizer data member.
(module_make_function): Initialize finalizer.
(module_get_function_finalizer)
(module_set_function_finalizer): New module environment functions.
(module_finalize_function): New function.
(initialize_environment): Initialize new environment functions.
* src/alloc.c (cleanup_vector): Call potential module function
finalizer during garbage collection.
* test/data/emacs-module/mod-test.c (signal_error): New helper
function.
(memory_full): Use it.
(finalizer): New example function finalizer.
(Fmod_test_make_function_with_finalizer)
(Fmod_test_function_finalizer_calls): New test module functions.
(emacs_module_init): Define them.
* test/src/emacs-module-tests.el (module/function-finalizer): New unit
test.
* doc/lispref/internals.texi (Module Functions): Document new
functionality.
(Module Misc): Move description of 'emacs_finalizer' type to 'Module
Functions' node, and add a reference to it.
* etc/NEWS: Mention new functionality.
Prefer calloc to malloc+memset when allocating large zeroed objects.
This avoids page thrashing when (make-vector 1000000000 nil)
allocates a large nil vector, as Emacs need not touch the
vector’s pages. This wins on platforms like GNU/Linux where
calloc can fiddle with page tables to create a block of memory
that is lazily zeroed.
* src/alloc.c (lisp_malloc, lmalloc, allocate_vectorlike):
New arg CLEARIT to tell callee whether to use malloc or calloc.
All callers changed.
(allocate_clear_vector, allocate_nil_vector): New functions.
* src/alloc.c (xzalloc, make_vector):
* src/lisp.h (make_nil_vector):
Prefer calloc to malloc + memset(...,0,...).
* doc/lispref/internals.texi (Garbage Collection)
(Pure Storage):
* src/alloc.c (Fgarbage_collect): Update the documentation of
pure-space overflow for when pdumper is used. (Bug#38492)
The old calculation relied on a hodgpodge of partly updated GC
stats to find a number to multiply gc-cons-percentage by.
The new one counts data found by the previous GC, plus half of
the data allocated since then; this is more systematic albeit
still ad hoc.
* src/alloc.c (consing_until_gc, gc_threshold, consing_threshold):
Now EMACS_INT, not intmax_t.
(HI_THRESHOLD): New macro.
(tally_consing): New function.
(make_interval, allocate_string, allocate_string_data)
(make_float, free_cons, allocate_vectorlike, Fmake_symbol): Use it.
(allow_garbage_collection, inhibit_garbage_collection)
(consing_threshold, garbage_collect):
Use HI_THRESHOLD rather than INTMAX_MAX.
(consing_threshold): New arg SINCE_GC. All callers changed.
(bump_consing_until_gc): Return new consing_until_gc, instead of
nil. All callers changed. Don’t worry about overflow since we
now saturate at HI_THRESHOLD. Guess that half of
recently-allocated objects are still alive, instead of relying on
the previous (even less-accurate) hodgepodge.
(maybe_garbage_collect): New function.
(garbage_collect): Work even if a finalizer disables or enables
memory profiling. Do not use malloc_probe if GC reclaimed nothing.
* src/lisp.h (maybe_gc): Call maybe_garbage_collect instead
of garbage_collect.
* src/alloc.c (make_interval, allocate_string, make_float)
(free_cons, Fcons, setup_on_free_list)
(allocate_vector_from_block, Fmake_symbol):
Do not update gcstat, since it is for statistics from the most
recent GC, not for a partially-updated hodgepodge.
(sweep_vectors): Update gcstat, since setup_on_free_list
no longer does.
(garbage_collect_1): Rename to garbage_collect and adopt its API.
Remove the old garbage_collect, which is no longer needed.
All callers changed.
* src/alloc.c (memory_full): Just report "memory exhausted" if
failure occurs during initialization, since fancier recovery
schemes are not likely to work when not initialized.
* src/emacs.c (dump_error_to_string): Accept int, not enum
pdumper_load_result, since the result might not fit in the
enum. Use strerror if it was derived from errno. This is for
better diagnostics of pdump load failures.
(load_pdump_find_executable): Return char *, not enum. 2nd
arg is now pointer to buffer size, rather than pointer to
pointer to buffer. All callers changed. Use Emacs allocator
since they should now be OK even during early startup.
Use check_executable instead access, to use effective rather
than real permissions.
(load_pdump): Return void since callers ignore result.
Use int where enum could be too narrow. Use heap rather
than stack for possibly-long string. Prefer ptrdiff_t to
size_t.
* src/fileio.c (check_executable): Now extern.
* src/pdumper.c (pdumper_load): Return int that may have
errno added to it, for better diagnostics when loads fail.
Problem reported by Michael Heerdegen (Bug#37321).
* src/alloc.c (gc_threshold): New static var.
(bump_consing_until_gc): Change args from DIFF to THRESHOLD and
PERCENTAGE. All uses changed. When accounting for a changed
gc-cons-percentage, do not assume that total_bytes_of_live_objects
returns the same value now that it did the last time we were
called.
Problem reported by Joseph Mingrone (Bug#37006#72).
* src/alloc.c (watch_gc_cons_threshold)
(watch_gc_cons_percentage):
Don’t try to store an intmax_t into an int.
Redo to make the code clearer.
(watch_gc_cons_percentage):
Use gc_cons_threshold, not consing_until_gc.
* src/alloc.c (mark_maybe_pointer):
* src/pdumper.h (pdumper_object_p_precise):
Use pdumper_valid_object_type_p.
* src/pdumper.c (pdumper_find_object_type_impl):
* src/pdumper.h (pdumper_find_object_type):
Return int, not enum Lisp_Type. All callers changed.
* src/pdumper.h (PDUMPER_NO_OBJECT): Do not cast -1 to enum
Lisp_Type; in theory, C18 says this could yield 7, which would
mean PDUMPER_NO_OBJECT == Lisp_Float (!).
(pdumper_valid_object_type_p): New function.
Add watchers for gc-cons-threshold and gc-cons-percentage
that update consing_until_gc accordingly.
Suggested by Eli Zaretskii (Bug#37006#52).
* src/alloc.c (consing_threshold, bump_consing_until_gc)
(watch_gc_cons_threshold, watch_gc_cons_percentage):
New functions.
(garbage_collect_1): Use consing_threshold.
(syms_of_alloc): Arrange to watch gc-cons-threshold and
gc-cons-percentage.
This GC bug seems to have been fixed, so the check is no longer
needed in production code. From a suggestion by Pip Cet in:
https://lists.gnu.org/r/emacs-devel/2019-08/msg00316.html
* src/alloc.c (SUSPICIOUS_OBJECT_CHECKING) [!ENABLE_CHECKING]:
Do not define.
(find_suspicious_object_in_range, detect_suspicious_free):
Expand to proper dummy expressions if !SUSPICIOUS_OBJECT_CHECKING.
* src/data.c (Ffset): Convert test to an eassert.
This uses ‘const’ to be better at catching bugs that
mistakenly attempt to modify a bignum value.
Lisp bignums are supposed to be immutable.
* src/alloc.c (make_pure_bignum):
* src/fns.c (sxhash_bignum):
Accept Lisp_Object instead of struct Lisp_Bignum *, as that’s
simpler now. Caller changed.
* src/bignum.h (bignum_val, xbignum_val): New inline functions.
Prefer them to &i->value and XBIGNUM (i)->value, since they
apply ‘const’ to the result.
* src/timefns.c (lisp_to_timespec): Use mpz_t const *
to point to a bignum value.
* src/alloc.c (free_cons):
* src/casefiddle.c (do_casify_multibyte_string):
* src/editfns.c (styled_format):
* src/image.c (png_load_body):
Remove recent workarounds for INT_ADD_WRAPV bugs since
the bugs have been fixed (Bug#37006).
This builds on the previous patch.
* src/alloc.c (consing_until_gc): Now of type intmax_t,
since gc-cons-threshold can be up to INTMAX_MAX. All uses changed.
* src/lisp.h (CONSING_CT_MAX, consing_ct): Remove.
