Errors building from master with a clean repository

Errors building from master with a clean repository

[Alex Gramiak]

Building with:
./configure --enable-checking=all --enable-check-lisp-object-type \
CFLAGS='-Og -gdwarf-4'

Results in errors (included below).

Also, I have two new warnings:

term.c: In function ‘term_get_fkeys_1’:
term.c:1410:25: warning: ‘%d’ directive writing between 1 and 11 bytes into a region of size 3 [-Wformat-overflow=]
        sprintf (fkey, "f%d", i);
                         ^~
term.c:1410:23: note: directive argument in the range [-2147483648, 63]
        sprintf (fkey, "f%d", i);
                       ^~~~~
In file included from /usr/include/stdio.h:873,
                 from ../lib/stdio.h:43,
                 from termchar.h:22,
                 from term.c:31:
/usr/include/bits/stdio2.h:36:10: note: ‘__builtin___sprintf_chk’ output between 3 and 13 bytes into a destination of size 4
   return __builtin___sprintf_chk (__s, __USE_FORTIFY_LEVEL - 1,
          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
       __bos (__s), __fmt, __va_arg_pack ());


In file included from filelock.c:48:
filelock.c: In function ‘get_boot_time’:
filelock.c:197:8: warning: ‘%d’ directive writing between 1 and 11 bytes into a region of size 6 [-Wformat-overflow=]
        sprintf (cmd_string, "%s.%d", WTMP_FILE, counter));
        ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
lisp.h:4967:34: note: in definition of macro ‘AUTO_STRING_WITH_LEN’
      : make_unibyte_string (str, len))
                                  ^~~
filelock.c:197:8: note: directive argument in the range [-2147483648, 19]
        sprintf (cmd_string, "%s.%d", WTMP_FILE, counter));
        ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
lisp.h:4967:34: note: in definition of macro ‘AUTO_STRING_WITH_LEN’
      : make_unibyte_string (str, len))
                                  ^~~
In file included from /usr/include/stdio.h:873,
                 from ../lib/stdio.h:43,
                 from filelock.c:29:
/usr/include/bits/stdio2.h:36:10: note: ‘__builtin___sprintf_chk’ output between 16 and 26 bytes into a destination of size 20
   return __builtin___sprintf_chk (__s, __USE_FORTIFY_LEVEL - 1,
          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
       __bos (__s), __fmt, __va_arg_pack ());


--------------------------------


 GEN      dmpstruct.h
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
-r: No such file or directory
  CC       pdumper.o
pdumper.c: In function ‘dump_cons’:
pdumper.c:2036:3: error: #error "Lisp_Cons changed. See CHECK_STRUCTS comment."
 # error "Lisp_Cons changed. See CHECK_STRUCTS comment."
   ^~~~~
pdumper.c: In function ‘dump_interval_tree’:
pdumper.c:2051:3: error: #error "interval changed. See CHECK_STRUCTS comment."
 # error "interval changed. See CHECK_STRUCTS comment."
   ^~~~~
pdumper.c: In function ‘dump_string’:
pdumper.c:2095:3: error: #error "Lisp_String changed. See CHECK_STRUCTS comment."
 # error "Lisp_String changed. See CHECK_STRUCTS comment."
   ^~~~~
pdumper.c: In function ‘dump_marker’:
pdumper.c:2141:3: error: #error "Lisp_Marker changed. See CHECK_STRUCTS comment."
 # error "Lisp_Marker changed. See CHECK_STRUCTS comment."
   ^~~~~
pdumper.c: In function ‘dump_overlay’:
pdumper.c:2164:3: error: #error "Lisp_Overlay changed. See CHECK_STRUCTS comment."
 # error "Lisp_Overlay changed. See CHECK_STRUCTS comment."
   ^~~~~
pdumper.c: In function ‘dump_finalizer’:
pdumper.c:2192:3: error: #error "Lisp_Finalizer changed. See CHECK_STRUCTS comment."
 # error "Lisp_Finalizer changed. See CHECK_STRUCTS comment."
   ^~~~~
pdumper.c: In function ‘dump_bignum’:
pdumper.c:2214:3: error: #error "Lisp_Bignum changed. See CHECK_STRUCTS comment."
 # error "Lisp_Bignum changed. See CHECK_STRUCTS comment."
   ^~~~~
pdumper.c: In function ‘dump_float’:
pdumper.c:2252:3: error: #error "Lisp_Float changed. See CHECK_STRUCTS comment."
 # error "Lisp_Float changed. See CHECK_STRUCTS comment."
   ^~~~~
pdumper.c: In function ‘dump_fwd_int’:
pdumper.c:2265:3: error: #error "Lisp_Intfwd changed. See CHECK_STRUCTS comment."
 # error "Lisp_Intfwd changed. See CHECK_STRUCTS comment."
   ^~~~~
pdumper.c: In function ‘dump_fwd_bool’:
pdumper.c:2279:3: error: #error "Lisp_Boolfwd changed. See CHECK_STRUCTS comment."
 # error "Lisp_Boolfwd changed. See CHECK_STRUCTS comment."
   ^~~~~
pdumper.c: In function ‘dump_fwd_obj’:
pdumper.c:2293:3: error: #error "Lisp_Objfwd changed. See CHECK_STRUCTS comment."
 # error "Lisp_Objfwd changed. See CHECK_STRUCTS comment."
   ^~~~~
pdumper.c: In function ‘dump_fwd_buffer_obj’:
pdumper.c:2311:3: error: #error "Lisp_Buffer_Objfwd changed. See CHECK_STRUCTS comment."
 # error "Lisp_Buffer_Objfwd changed. See CHECK_STRUCTS comment."
   ^~~~~
pdumper.c: In function ‘dump_fwd_kboard_obj’:
pdumper.c:2327:3: error: #error "Lisp_Intfwd changed. See CHECK_STRUCTS comment."
 # error "Lisp_Intfwd changed. See CHECK_STRUCTS comment."
   ^~~~~
pdumper.c: In function ‘dump_fwd’:
pdumper.c:2340:3: error: #error "Lisp_Fwd_Type changed. See CHECK_STRUCTS comment."
 # error "Lisp_Fwd_Type changed. See CHECK_STRUCTS comment."
   ^~~~~
pdumper.c: In function ‘dump_blv’:
pdumper.c:2374:3: error: #error "Lisp_Buffer_Local_Value changed. See CHECK_STRUCTS comment."
 # error "Lisp_Buffer_Local_Value changed. See CHECK_STRUCTS comment."
   ^~~~~
pdumper.c: In function ‘dump_symbol’:
pdumper.c:2439:3: error: #error "Lisp_Symbol changed. See CHECK_STRUCTS comment."
 # error "Lisp_Symbol changed. See CHECK_STRUCTS comment."
   ^~~~~
pdumper.c:2442:3: error: #error "symbol_redirect changed. See CHECK_STRUCTS comment."
 # error "symbol_redirect changed. See CHECK_STRUCTS comment."
   ^~~~~
pdumper.c: In function ‘dump_vectorlike_generic’:
pdumper.c:2535:3: error: #error "vectorlike_header changed. See CHECK_STRUCTS comment."
 # error "vectorlike_header changed. See CHECK_STRUCTS comment."
   ^~~~~
pdumper.c: In function ‘dump_hash_table’:
pdumper.c:2695:3: error: #error "Lisp_Hash_Table changed. See CHECK_STRUCTS comment."
 # error "Lisp_Hash_Table changed. See CHECK_STRUCTS comment."
   ^~~~~
pdumper.c: In function ‘dump_buffer’:
pdumper.c:2763:3: error: #error "buffer changed. See CHECK_STRUCTS comment."
 # error "buffer changed. See CHECK_STRUCTS comment."
   ^~~~~
pdumper.c: In function ‘dump_bool_vector’:
pdumper.c:2899:3: error: #error "Lisp_Vector changed. See CHECK_STRUCTS comment."
 # error "Lisp_Vector changed. See CHECK_STRUCTS comment."
   ^~~~~
pdumper.c: In function ‘dump_subr’:
pdumper.c:2916:3: error: #error "Lisp_Subr changed. See CHECK_STRUCTS comment."
 # error "Lisp_Subr changed. See CHECK_STRUCTS comment."
   ^~~~~
pdumper.c: In function ‘dump_vectorlike’:
pdumper.c:2955:3: error: #error "pvec_type changed. See CHECK_STRUCTS comment."
 # error "pvec_type changed. See CHECK_STRUCTS comment."
   ^~~~~
pdumper.c: In function ‘dump_object’:
pdumper.c:3065:3: error: #error "Lisp_Type changed. See CHECK_STRUCTS comment."
 # error "Lisp_Type changed. See CHECK_STRUCTS comment."
   ^~~~~
pdumper.c: In function ‘dump_charset’:
pdumper.c:3170:3: error: #error "charset changed. See CHECK_STRUCTS comment."
 # error "charset changed. See CHECK_STRUCTS comment."
   ^~~~~
make[1]: *** [Makefile:394: pdumper.o] Error 1
make[1]: Leaving directory '/home/alex/emacs-other/src'
make: *** [Makefile:423: src] Error 2

Errors building from master with a clean repository

[Paul Eggert]

[-- Attachment #1: Type: text/plain, Size: 1163 bytes --]

On 4/18/19 12:21 PM, Alex Gramiak wrote:

> ./configure --enable-checking=all --enable-check-lisp-object-type \
> CFLAGS='-Og -gdwarf-4'

--enable-checking=all hasn't worked for a while. Although your email prompted me 
to write and install patches to fix multiple bugs in this area, the remaining 
buggy suboptions --enablechecking=conslist and --enable-checking=xmallocoverrun 
are more trouble than they're worth to fix, and should go. (GCC's 
AddressSanitizer has made both options obsolete anyway.) Please try the two 
attached patches and then try the above 'configure' line again.

Also, if you use older GCC or unusual GCC flags like '-Og' with 
--enable-gcc-warnings=warn-only (which is the default in developer builds), GCC 
will sometimes report false alarms. Typically I don't worry about these, as it's 
already plenty of work to pacify recent GCC with default options. A superficial 
look at the warnings you forwarded suggested that they're all false alarms.


>   GEN      dmpstruct.h
> -r: No such file or directory

That one was my fault. Fixed in commits df5ca4f7e66fe075d1ad12a0e2831c4ed91fd186 
and 856806d30fb16dbe695633a2dbe35a8fb4348998.


[-- Attachment #2: 0001-Remove-enablechecking-conslist-configure-option.patch --]
[-- Type: text/x-patch, Size: 7195 bytes --]

From 9280a1ce1cb2a086fbfa53390ff29eadd779d739 Mon Sep 17 00:00:00 2001
From: Paul Eggert <eggert@cs.ucla.edu>
Date: Fri, 19 Apr 2019 17:37:35 -0700
Subject: [PATCH 1/2] Remove --enablechecking=conslist configure option

* configure.ac: Remove the option.
* configure.ac (ac_gc_check_cons_list, GC_CHECK_CONS_LIST):
* src/alloc.c (check_cons_list) [GC_CHECK_CONS_LIST]:
* src/lisp.h (lisp_h_check_cons_list, check_cons_list):
Remove.  All uses removed.
* etc/NEWS: Mention this.
---
 configure.ac |  9 +--------
 etc/NEWS     |  5 +++++
 src/alloc.c  | 16 ----------------
 src/eval.c   |  9 ---------
 src/lisp.h   | 11 -----------
 5 files changed, 6 insertions(+), 44 deletions(-)

diff --git a/configure.ac b/configure.ac
index 9d39bdd76b..b7bdce66ae 100644
--- a/configure.ac
+++ b/configure.ac
@@ -545,7 +545,7 @@ AC_DEFUN
 		 enable only specific categories of checks.
 		 Categories are: all,yes,no.
 		 Flags are: stringbytes, stringoverrun, stringfreelist,
-		 structs, xmallocoverrun, conslist, glyphs])],
+		 structs, xmallocoverrun, glyphs])],
 [ac_checking_flags="${enableval}"],[])
 IFS="${IFS= 	}"; ac_save_IFS="$IFS"; IFS="$IFS,"
 CHECK_STRUCTS=false
@@ -560,7 +560,6 @@ AC_DEFUN
 	                ac_gc_check_string_overrun= ;
 	                ac_gc_check_string_free_list= ;
 	                ac_xmalloc_overrun= ;
-	                ac_gc_check_cons_list= ;
 			ac_glyphs_debug= ;;
 	all)		ac_enable_checking=1 ;
 			CHECK_STRUCTS=true
@@ -568,7 +567,6 @@ AC_DEFUN
 	                ac_gc_check_string_overrun=1 ;
 	                ac_gc_check_string_free_list=1 ;
 	                ac_xmalloc_overrun=1 ;
-	                ac_gc_check_cons_list=1 ;
 			ac_glyphs_debug=1 ;;
 	# these enable particular checks
 	stringbytes)	ac_gc_check_stringbytes=1 ;;
@@ -576,7 +574,6 @@ AC_DEFUN
 	stringfreelist) ac_gc_check_string_free_list=1 ;;
 	structs)	CHECK_STRUCTS=true ;;
 	xmallocoverrun)	ac_xmalloc_overrun=1 ;;
-	conslist)	ac_gc_check_cons_list=1 ;;
 	glyphs)		ac_glyphs_debug=1 ;;
 	*)	AC_MSG_ERROR(unknown check category $check) ;;
 	esac
@@ -614,10 +611,6 @@ AC_DEFUN
   AC_DEFINE(XMALLOC_OVERRUN_CHECK, 1,
 [Define this to check for malloc buffer overrun.])
 fi
-if test x$ac_gc_check_cons_list != x ; then
-  AC_DEFINE(GC_CHECK_CONS_LIST, 1,
-[Define this to check for errors in cons list.])
-fi
 if test x$ac_glyphs_debug != x ; then
   AC_DEFINE(GLYPH_DEBUG, 1,
 [Define this to enable glyphs debugging code.])
diff --git a/etc/NEWS b/etc/NEWS
index 4d76143b13..f991dbaf97 100644
--- a/etc/NEWS
+++ b/etc/NEWS
@@ -89,6 +89,11 @@ Options" in the Emacs manual for more information.
 check that the portable dumper code has been updated to match the last
 change to one of the data structures that it relies on.
 
++++
+** The configure option '--enable-checking=conslist' has been withdrawn.
+It made Emacs irredeemably slow, and is no longer useful with modern
+debugging tools.
+
 ---
 ** Emacs now requires GTK 2.24 and GTK 3.10 for the GTK 2 and GTK 3
 builds respectively.
diff --git a/src/alloc.c b/src/alloc.c
index b5b6dc2f05..b51c205fa9 100644
--- a/src/alloc.c
+++ b/src/alloc.c
@@ -2831,18 +2831,6 @@ DEFUN ("cons", Fcons, Scons, 2, 2, 0,
   return val;
 }
 
-#ifdef GC_CHECK_CONS_LIST
-/* Get an error now if there's any junk in the cons free list.  */
-void
-check_cons_list (void)
-{
-  struct Lisp_Cons *tail = cons_free_list;
-
-  while (tail)
-    tail = tail->u.s.u.chain;
-}
-#endif
-
 /* Make a list of 1, 2, 3, 4 or 5 specified objects.  */
 
 Lisp_Object
@@ -6033,8 +6021,6 @@ garbage_collect_1 (struct gcstat *gcst)
   /* Record this function, so it appears on the profiler's backtraces.  */
   record_in_backtrace (QAutomatic_GC, 0, 0);
 
-  check_cons_list ();
-
   /* Don't keep undo information around forever.
      Do this early on, so it is no problem if the user quits.  */
   FOR_EACH_BUFFER (nextb)
@@ -6154,8 +6140,6 @@ garbage_collect_1 (struct gcstat *gcst)
 
   unmark_main_thread ();
 
-  check_cons_list ();
-
   gc_in_progress = 0;
 
   unblock_input ();
diff --git a/src/eval.c b/src/eval.c
index a636f6c50a..4693767ce7 100644
--- a/src/eval.c
+++ b/src/eval.c
@@ -2210,8 +2210,6 @@ eval_sub (Lisp_Object form)
       Lisp_Object args_left = original_args;
       ptrdiff_t numargs = list_length (args_left);
 
-      check_cons_list ();
-
       if (numargs < XSUBR (fun)->min_args
 	  || (XSUBR (fun)->max_args >= 0
 	      && XSUBR (fun)->max_args < numargs))
@@ -2240,7 +2238,6 @@ eval_sub (Lisp_Object form)
 
 	  val = XSUBR (fun)->function.aMANY (argnum, vals);
 
-	  check_cons_list ();
 	  lisp_eval_depth--;
 	  /* Do the debug-on-exit now, while VALS still exists.  */
 	  if (backtrace_debug_on_exit (specpdl + count))
@@ -2346,7 +2343,6 @@ eval_sub (Lisp_Object form)
       else
 	xsignal1 (Qinvalid_function, original_fun);
     }
-  check_cons_list ();
 
   lisp_eval_depth--;
   if (backtrace_debug_on_exit (specpdl + count))
@@ -2786,8 +2782,6 @@ usage: (funcall FUNCTION &rest ARGUMENTS)  */)
   if (debug_on_next_call)
     do_debug_on_call (Qlambda, count);
 
-  check_cons_list ();
-
   original_fun = args[0];
 
  retry:
@@ -2817,13 +2811,11 @@ usage: (funcall FUNCTION &rest ARGUMENTS)  */)
       else if (EQ (funcar, Qautoload))
 	{
 	  Fautoload_do_load (fun, original_fun, Qnil);
-	  check_cons_list ();
 	  goto retry;
 	}
       else
 	xsignal1 (Qinvalid_function, original_fun);
     }
-  check_cons_list ();
   lisp_eval_depth--;
   if (backtrace_debug_on_exit (specpdl + count))
     val = call_debugger (list2 (Qexit, val));
@@ -2935,7 +2927,6 @@ apply_lambda (Lisp_Object fun, Lisp_Object args, ptrdiff_t count)
   set_backtrace_args (specpdl + count, arg_vector, numargs);
   tem = funcall_lambda (fun, numargs, arg_vector);
 
-  check_cons_list ();
   lisp_eval_depth--;
   /* Do the debug-on-exit now, while arg_vector still exists.  */
   if (backtrace_debug_on_exit (specpdl + count))
diff --git a/src/lisp.h b/src/lisp.h
index c2cb89de9d..3377ea3807 100644
--- a/src/lisp.h
+++ b/src/lisp.h
@@ -413,9 +413,6 @@ typedef EMACS_INT Lisp_Word;
 #define lisp_h_XCONS(a) \
    (eassert (CONSP (a)), XUNTAG (a, Lisp_Cons, struct Lisp_Cons))
 #define lisp_h_XHASH(a) XUFIXNUM (a)
-#ifndef GC_CHECK_CONS_LIST
-# define lisp_h_check_cons_list() ((void) 0)
-#endif
 #if USE_LSB_TAG
 # define lisp_h_make_fixnum(n) \
     XIL ((EMACS_INT) (((EMACS_UINT) (n) << INTTYPEBITS) + Lisp_Int0))
@@ -472,9 +469,6 @@ typedef EMACS_INT Lisp_Word;
 # define XCDR(c) lisp_h_XCDR (c)
 # define XCONS(a) lisp_h_XCONS (a)
 # define XHASH(a) lisp_h_XHASH (a)
-# ifndef GC_CHECK_CONS_LIST
-#  define check_cons_list() lisp_h_check_cons_list ()
-# endif
 # if USE_LSB_TAG
 #  define make_fixnum(n) lisp_h_make_fixnum (n)
 #  define XFIXNAT(a) lisp_h_XFIXNAT (a)
@@ -3983,11 +3977,6 @@ extern void init_alloc (void);
 extern void syms_of_alloc (void);
 extern struct buffer * allocate_buffer (void);
 extern int valid_lisp_object_p (Lisp_Object);
-#ifdef GC_CHECK_CONS_LIST
-extern void check_cons_list (void);
-#else
-INLINE void (check_cons_list) (void) { lisp_h_check_cons_list (); }
-#endif
 
 /* Defined in gmalloc.c.  */
 #if !defined DOUG_LEA_MALLOC && !defined HYBRID_MALLOC && !defined SYSTEM_MALLOC
-- 
2.20.1


[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #3: 0002-Remove-enable-checking-xmallocoverrun.patch --]
[-- Type: text/x-patch; name="0002-Remove-enable-checking-xmallocoverrun.patch", Size: 9912 bytes --]

From f80a8246bef0e3aa756282625fe69ac69dd0c177 Mon Sep 17 00:00:00 2001
From: Paul Eggert <eggert@cs.ucla.edu>
Date: Fri, 19 Apr 2019 17:37:35 -0700
Subject: [PATCH 2/2] Remove --enable-checking=xmallocoverrun
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

It doesn’t work anymore, and these days ‘gcc -fsanitize=address’
does a better job anyway.
* configure.ac: Remove the option.
* configure.ac (ac_xmalloc_overrun, XMALLOC_OVERRUN_CHECK):
* src/alloc.c (XMALLOC_OVERRUN_CHECK_OVERHEAD)
(XMALLOC_OVERRUN_CHECK_SIZE, XMALLOC_OVERRUN_SIZE_SIZE)
(xmalloc_overrun_check_header, xmalloc_overrun_check_trailer)
(xmalloc_put_size, xmalloc_get_size, overrun_check_malloc)
(overrun_check_realloc, overrun_check_free):
Remove.  All uses removed.
* etc/NEWS: Mention this.
---
 configure.ac |   9 +--
 etc/NEWS     |   7 ++-
 src/alloc.c  | 169 +--------------------------------------------------
 3 files changed, 6 insertions(+), 179 deletions(-)

diff --git a/configure.ac b/configure.ac
index b7bdce66ae..32b8ce5019 100644
--- a/configure.ac
+++ b/configure.ac
@@ -545,7 +545,7 @@ AC_DEFUN
 		 enable only specific categories of checks.
 		 Categories are: all,yes,no.
 		 Flags are: stringbytes, stringoverrun, stringfreelist,
-		 structs, xmallocoverrun, glyphs])],
+		 structs, glyphs])],
 [ac_checking_flags="${enableval}"],[])
 IFS="${IFS= 	}"; ac_save_IFS="$IFS"; IFS="$IFS,"
 CHECK_STRUCTS=false
@@ -559,21 +559,18 @@ AC_DEFUN
 			ac_gc_check_stringbytes= ;
 	                ac_gc_check_string_overrun= ;
 	                ac_gc_check_string_free_list= ;
-	                ac_xmalloc_overrun= ;
 			ac_glyphs_debug= ;;
 	all)		ac_enable_checking=1 ;
 			CHECK_STRUCTS=true
 			ac_gc_check_stringbytes=1 ;
 	                ac_gc_check_string_overrun=1 ;
 	                ac_gc_check_string_free_list=1 ;
-	                ac_xmalloc_overrun=1 ;
 			ac_glyphs_debug=1 ;;
 	# these enable particular checks
 	stringbytes)	ac_gc_check_stringbytes=1 ;;
 	stringoverrun)	ac_gc_check_string_overrun=1 ;;
 	stringfreelist) ac_gc_check_string_free_list=1 ;;
 	structs)	CHECK_STRUCTS=true ;;
-	xmallocoverrun)	ac_xmalloc_overrun=1 ;;
 	glyphs)		ac_glyphs_debug=1 ;;
 	*)	AC_MSG_ERROR(unknown check category $check) ;;
 	esac
@@ -607,10 +604,6 @@ AC_DEFUN
   AC_DEFINE(GC_CHECK_STRING_FREE_LIST, 1,
 [Define this to check the string free list.])
 fi
-if test x$ac_xmalloc_overrun != x ; then
-  AC_DEFINE(XMALLOC_OVERRUN_CHECK, 1,
-[Define this to check for malloc buffer overrun.])
-fi
 if test x$ac_glyphs_debug != x ; then
   AC_DEFINE(GLYPH_DEBUG, 1,
 [Define this to enable glyphs debugging code.])
diff --git a/etc/NEWS b/etc/NEWS
index f991dbaf97..051063171e 100644
--- a/etc/NEWS
+++ b/etc/NEWS
@@ -90,9 +90,10 @@ check that the portable dumper code has been updated to match the last
 change to one of the data structures that it relies on.
 
 +++
-** The configure option '--enable-checking=conslist' has been withdrawn.
-It made Emacs irredeemably slow, and is no longer useful with modern
-debugging tools.
+** The configure options '--enable-checking=conslist' and
+'--enable-checking=xmallocoverrun' have been withdrawn.  The former
+made Emacs irredeemably slow, and the latter made it crash.  Neither
+option was useful with modern debugging tools.
 
 ---
 ** Emacs now requires GTK 2.24 and GTK 3.10 for the GTK 2 and GTK 3
diff --git a/src/alloc.c b/src/alloc.c
index b51c205fa9..35751faed8 100644
--- a/src/alloc.c
+++ b/src/alloc.c
@@ -151,9 +151,7 @@ malloc_initialize_hook (void)
 
       if (malloc_set_state (malloc_state_ptr) != 0)
 	emacs_abort ();
-# ifndef XMALLOC_OVERRUN_CHECK
       alloc_unexec_post ();
-# endif
     }
 }
 
@@ -681,171 +679,6 @@ verify (LISP_ALIGNMENT % GCALIGNMENT == 0);
    it never does anything that requires an alignment of 16.  */
 enum { MALLOC_IS_LISP_ALIGNED = alignof (max_align_t) % LISP_ALIGNMENT == 0 };
 
-#ifndef XMALLOC_OVERRUN_CHECK
-#define XMALLOC_OVERRUN_CHECK_OVERHEAD 0
-#else
-
-/* Check for overrun in malloc'ed buffers by wrapping a header and trailer
-   around each block.
-
-   The header consists of XMALLOC_OVERRUN_CHECK_SIZE fixed bytes
-   followed by XMALLOC_OVERRUN_SIZE_SIZE bytes containing the original
-   block size in little-endian order.  The trailer consists of
-   XMALLOC_OVERRUN_CHECK_SIZE fixed bytes.
-
-   The header is used to detect whether this block has been allocated
-   through these functions, as some low-level libc functions may
-   bypass the malloc hooks.  */
-
-#define XMALLOC_OVERRUN_CHECK_SIZE 16
-#define XMALLOC_OVERRUN_CHECK_OVERHEAD \
-  (2 * XMALLOC_OVERRUN_CHECK_SIZE + XMALLOC_OVERRUN_SIZE_SIZE)
-
-/* Define XMALLOC_OVERRUN_SIZE_SIZE so that (1) it's large enough to
-   hold a size_t value and (2) the header size is a multiple of the
-   alignment that Emacs needs for C types and for USE_LSB_TAG.  */
-#define XMALLOC_OVERRUN_SIZE_SIZE				\
-   (((XMALLOC_OVERRUN_CHECK_SIZE + sizeof (size_t)		\
-      + LISP_ALIGNMENT - 1)					\
-     / LISP_ALIGNMENT * LISP_ALIGNMENT)				\
-    - XMALLOC_OVERRUN_CHECK_SIZE)
-
-static char const xmalloc_overrun_check_header[XMALLOC_OVERRUN_CHECK_SIZE] =
-  { '\x9a', '\x9b', '\xae', '\xaf',
-    '\xbf', '\xbe', '\xce', '\xcf',
-    '\xea', '\xeb', '\xec', '\xed',
-    '\xdf', '\xde', '\x9c', '\x9d' };
-
-static char const xmalloc_overrun_check_trailer[XMALLOC_OVERRUN_CHECK_SIZE] =
-  { '\xaa', '\xab', '\xac', '\xad',
-    '\xba', '\xbb', '\xbc', '\xbd',
-    '\xca', '\xcb', '\xcc', '\xcd',
-    '\xda', '\xdb', '\xdc', '\xdd' };
-
-/* Insert and extract the block size in the header.  */
-
-static void
-xmalloc_put_size (unsigned char *ptr, size_t size)
-{
-  int i;
-  for (i = 0; i < XMALLOC_OVERRUN_SIZE_SIZE; i++)
-    {
-      *--ptr = size & ((1 << CHAR_BIT) - 1);
-      size >>= CHAR_BIT;
-    }
-}
-
-static size_t
-xmalloc_get_size (unsigned char *ptr)
-{
-  size_t size = 0;
-  int i;
-  ptr -= XMALLOC_OVERRUN_SIZE_SIZE;
-  for (i = 0; i < XMALLOC_OVERRUN_SIZE_SIZE; i++)
-    {
-      size <<= CHAR_BIT;
-      size += *ptr++;
-    }
-  return size;
-}
-
-
-/* Like malloc, but wraps allocated block with header and trailer.  */
-
-static void *
-overrun_check_malloc (size_t size)
-{
-  register unsigned char *val;
-  if (SIZE_MAX - XMALLOC_OVERRUN_CHECK_OVERHEAD < size)
-    emacs_abort ();
-
-  val = malloc (size + XMALLOC_OVERRUN_CHECK_OVERHEAD);
-  if (val)
-    {
-      memcpy (val, xmalloc_overrun_check_header, XMALLOC_OVERRUN_CHECK_SIZE);
-      val += XMALLOC_OVERRUN_CHECK_SIZE + XMALLOC_OVERRUN_SIZE_SIZE;
-      xmalloc_put_size (val, size);
-      memcpy (val + size, xmalloc_overrun_check_trailer,
-	      XMALLOC_OVERRUN_CHECK_SIZE);
-    }
-  return val;
-}
-
-
-/* Like realloc, but checks old block for overrun, and wraps new block
-   with header and trailer.  */
-
-static void *
-overrun_check_realloc (void *block, size_t size)
-{
-  register unsigned char *val = (unsigned char *) block;
-  if (SIZE_MAX - XMALLOC_OVERRUN_CHECK_OVERHEAD < size)
-    emacs_abort ();
-
-  if (val
-      && memcmp (xmalloc_overrun_check_header,
-		 val - XMALLOC_OVERRUN_CHECK_SIZE - XMALLOC_OVERRUN_SIZE_SIZE,
-		 XMALLOC_OVERRUN_CHECK_SIZE) == 0)
-    {
-      size_t osize = xmalloc_get_size (val);
-      if (memcmp (xmalloc_overrun_check_trailer, val + osize,
-		  XMALLOC_OVERRUN_CHECK_SIZE))
-	emacs_abort ();
-      memset (val + osize, 0, XMALLOC_OVERRUN_CHECK_SIZE);
-      val -= XMALLOC_OVERRUN_CHECK_SIZE + XMALLOC_OVERRUN_SIZE_SIZE;
-      memset (val, 0, XMALLOC_OVERRUN_CHECK_SIZE + XMALLOC_OVERRUN_SIZE_SIZE);
-    }
-
-  val = realloc (val, size + XMALLOC_OVERRUN_CHECK_OVERHEAD);
-
-  if (val)
-    {
-      memcpy (val, xmalloc_overrun_check_header, XMALLOC_OVERRUN_CHECK_SIZE);
-      val += XMALLOC_OVERRUN_CHECK_SIZE + XMALLOC_OVERRUN_SIZE_SIZE;
-      xmalloc_put_size (val, size);
-      memcpy (val + size, xmalloc_overrun_check_trailer,
-	      XMALLOC_OVERRUN_CHECK_SIZE);
-    }
-  return val;
-}
-
-/* Like free, but checks block for overrun.  */
-
-static void
-overrun_check_free (void *block)
-{
-  unsigned char *val = (unsigned char *) block;
-
-  if (val
-      && memcmp (xmalloc_overrun_check_header,
-		 val - XMALLOC_OVERRUN_CHECK_SIZE - XMALLOC_OVERRUN_SIZE_SIZE,
-		 XMALLOC_OVERRUN_CHECK_SIZE) == 0)
-    {
-      size_t osize = xmalloc_get_size (val);
-      if (memcmp (xmalloc_overrun_check_trailer, val + osize,
-		  XMALLOC_OVERRUN_CHECK_SIZE))
-	emacs_abort ();
-#ifdef XMALLOC_CLEAR_FREE_MEMORY
-      val -= XMALLOC_OVERRUN_CHECK_SIZE + XMALLOC_OVERRUN_SIZE_SIZE;
-      memset (val, 0xff, osize + XMALLOC_OVERRUN_CHECK_OVERHEAD);
-#else
-      memset (val + osize, 0, XMALLOC_OVERRUN_CHECK_SIZE);
-      val -= XMALLOC_OVERRUN_CHECK_SIZE + XMALLOC_OVERRUN_SIZE_SIZE;
-      memset (val, 0, XMALLOC_OVERRUN_CHECK_SIZE + XMALLOC_OVERRUN_SIZE_SIZE);
-#endif
-    }
-
-  free (val);
-}
-
-#undef malloc
-#undef realloc
-#undef free
-#define malloc overrun_check_malloc
-#define realloc overrun_check_realloc
-#define free overrun_check_free
-#endif
-
 /* If compiled with XMALLOC_BLOCK_INPUT_CHECK, define a symbol
    BLOCK_INPUT_IN_MEMORY_ALLOCATORS that is visible to the debugger.
    If that variable is set, block input while in one of Emacs's memory
@@ -1820,7 +1653,7 @@ static char const string_overrun_cookie[GC_STRING_OVERRUN_COOKIE_SIZE] =
    calculating a value to be passed to malloc.  */
 static ptrdiff_t const STRING_BYTES_MAX =
   min (STRING_BYTES_BOUND,
-       ((SIZE_MAX - XMALLOC_OVERRUN_CHECK_OVERHEAD
+       ((SIZE_MAX
 	 - GC_STRING_EXTRA
 	 - offsetof (struct sblock, data)
 	 - SDATA_DATA_OFFSET)
-- 
2.20.1

Re: Errors building from master with a clean repository

[Eli Zaretskii]

> From: Paul Eggert <eggert@cs.ucla.edu>
> Date: Fri, 19 Apr 2019 18:05:35 -0700
> Cc: emacs-devel@gnu.org
> 
> > ./configure --enable-checking=all --enable-check-lisp-object-type \
> > CFLAGS='-Og -gdwarf-4'
> 
> --enable-checking=all hasn't worked for a while. Although your email prompted me 
> to write and install patches to fix multiple bugs in this area, the remaining 
> buggy suboptions --enablechecking=conslist and --enable-checking=xmallocoverrun 
> are more trouble than they're worth to fix, and should go. (GCC's 
> AddressSanitizer has made both options obsolete anyway.) Please try the two 
> attached patches and then try the above 'configure' line again.

If we remove these options, let's have reasonably detailed
instructions for how to use the alternatives.  Because this, for
example:

> ++++
> +** The configure option '--enable-checking=conslist' has been withdrawn.
> +It made Emacs irredeemably slow, and is no longer useful with modern
> +debugging tools.

is not detailed enough to be useful, unless one is already an expert
in using the modern debugging tools.  Can we please at least mention
specific compiler options and any other tools that could be used
instead of the built-in facilities we are removing?  Bonus points for
adding to etc/DEBUG a section with more details about the compiler
options, tools, and techniques of using them for debugging specific
Emacs problems for which these configure options were introduced.

Thanks.

Re: Errors building from master with a clean repository

[Alex Gramiak]

Paul Eggert <eggert@cs.ucla.edu> writes:

> On 4/18/19 12:21 PM, Alex Gramiak wrote:
>
>> ./configure --enable-checking=all --enable-check-lisp-object-type \
>> CFLAGS='-Og -gdwarf-4'
>
> --enable-checking=all hasn't worked for a while. Although your email prompted me
> to write and install patches to fix multiple bugs in this area, the remaining
> buggy suboptions --enablechecking=conslist and --enable-checking=xmallocoverrun
> are more trouble than they're worth to fix, and should go. (GCC's
> AddressSanitizer has made both options obsolete anyway.) Please try the two
> attached patches and then try the above 'configure' line again.

Applying the two patches allowed me to build successfully, thanks.

Re: Errors building from master with a clean repository

[Paul Eggert]

[-- Attachment #1: Type: text/plain, Size: 534 bytes --]

Eli Zaretskii wrote:
> Can we please at least mention
> specific compiler options and any other tools that could be used
> instead of the built-in facilities we are removing?  Bonus points for
> adding to etc/DEBUG a section with more details about the compiler
> options, tools, and techniques of using them for debugging specific
> Emacs problems for which these configure options were introduced.

OK, I tried to earn bonus points by installing the attached patch into master, 
on top of the two other patches I mentioned earlier.

[-- Attachment #2: 0001-Mention-AddressSanitizer-etc.-in-etc-DEBUG.patch --]
[-- Type: text/x-patch, Size: 9061 bytes --]

From b20d8a932240d5332b4f44b95b2bc1d6fc74c7b0 Mon Sep 17 00:00:00 2001
From: Paul Eggert <eggert@cs.ucla.edu>
Date: Sun, 21 Apr 2019 23:15:42 -0700
Subject: [PATCH] Mention AddressSanitizer etc. in etc/DEBUG

* etc/DEBUG: Modernize for AddressSanitizer etc.
* etc/NEWS: Defer to etc/DEBUG for this.
---
 etc/DEBUG | 126 ++++++++++++++++++++++++++++++++++--------------------
 etc/NEWS  |   3 +-
 2 files changed, 82 insertions(+), 47 deletions(-)

diff --git a/etc/DEBUG b/etc/DEBUG
index d401d0be90..717553871a 100644
--- a/etc/DEBUG
+++ b/etc/DEBUG
@@ -12,24 +12,21 @@ debugging techniques.
 *** Configuring Emacs for debugging
 
 It is best to configure and build Emacs with special options that will
-make the debugging easier.  Here's the configure-time options we
+make the debugging easier.  Here are the configure-time options we
 recommend (they are in addition to any other options you might need,
 such as --prefix):
 
   ./configure --enable-checking='yes,glyphs' --enable-check-lisp-object-type \
     CFLAGS='-O0 -g3'
 
-The CFLAGS value is important: debugging optimized code can be very
-hard.  (If the problem only happens with optimized code, you may need
-to enable optimizations.  If that happens, try using -Og first,
-instead of -O2, as the former will disable some optimizations that
-make debugging some code exceptionally hard.)
+The -O0 flag is important, as debugging optimized code can be hard.
+If the problem happens only with optimized code, you may need to
+enable optimizations.  If that happens, try using -Og first instead of
+-O2, as -Og disables some optimizations that make debugging some code
+exceptionally hard.
 
-Modern versions of GCC support more elaborate debug info that is
-available by just using the -g3 compiler switch.  Try using -gdwarf-4
-in addition to -g3, and if that fails, try -gdwarf-3.  This is
-especially important if you have to debug optimized code.  More info
-about this is available below; search for "analyze failed assertions".
+Older versions of GCC may need more than just the -g3 flag.  For more,
+search for "analyze failed assertions" below.
 
 The 2 --enable-* switches are optional.  They don't have any effect on
 debugging with GDB, but will compile additional code that might catch
@@ -184,20 +181,15 @@ Good luck!
 
 ** When you are trying to analyze failed assertions or backtraces, it
 is essential to compile Emacs with flags suitable for debugging.
-With GCC 4.8 or later, you can invoke 'make' with CFLAGS="-Og -g3".
-With older GCC or non-GCC compilers, you can use CFLAGS="-O0 -g3".
+With GCC 4.8 or later, you can invoke 'make' with CFLAGS="-O0 -g3".
+With older GCC, you can use CFLAGS="-O0 -g3 -gdwarf-4", replacing "4"
+by the highest version of DWARF that your compiler supports;
+with non-GCC compilers, "-O0 -g3" may be the best you can do.
 With GCC and higher optimization levels such as -O2, the
 -fno-omit-frame-pointer and -fno-crossjumping options are often
 essential.  The latter prevents GCC from using the same abort call for
 all assertions in a given function, rendering the stack backtrace
 useless for identifying the specific failed assertion.
-Some versions of GCC support recent versions of the DWARF standard for
-debugging info, but default to older versions; for example, they could
-support -gdwarf-4 compiler option (for DWARF v4), but default to
-version 2 of the DWARF standard.  For best results in debugging
-abilities, find out the highest version of DWARF your GCC can support,
-and use the corresponding -gdwarf-N switch instead of just -g (you
-will still need -g3, as in "-gdwarf-4 -g3").
 
 ** It is a good idea to run Emacs under GDB (or some other suitable
 debugger) *all the time*.  Then, when Emacs crashes, you will be able
@@ -923,41 +915,83 @@ setting the new-console option before running Emacs under GDB:
   (gdb) set new-console 1
   (gdb) run
 
-** Running Emacs built with malloc debugging packages
+** Running Emacs with undefined-behavior sanitization
 
-If Emacs exhibits bugs that seem to be related to use of memory
-allocated off the heap, it might be useful to link Emacs with a
-special debugging library, such as Electric Fence (a.k.a. efence) or
-GNU Checker, which helps find such problems.
+Building Emacs with undefined-behavior sanitization can help debug
+integer overflow and other undefined behavior in C code.  To use
+UndefinedBehaviorSanitizer with GCC and similar compilers, append
+'-fsanitize=undefined' to CFLAGS, either when running 'configure' or
+running 'make'.  For example:
 
-Emacs compiled with such packages might not run without some hacking,
-because Emacs replaces the system's memory allocation functions with
-its own versions, and because the dumping process might be
-incompatible with the way these packages use to track allocated
-memory.  Here are some of the changes you might find necessary:
+  ./configure CFLAGS='-O0 -g3 -fsanitize=undefined'
 
-  - Make sure unexec is disabled, e.g., './configure --without-unexec'.
+You may need to append '-static-libubsan' to CFLAGS if your version of
+GCC is installed in an unusual location.
 
-  - Configure with a different --prefix= option.  If you use GCC,
-    version 2.7.2 is preferred, as some malloc debugging packages
-    work a lot better with it than with 2.95 or later versions.
+When using GDB to debug an executable with undefined-behavior
+sanitization, the GDB command:
 
-  - Type "make" then "make -k install".
+  (gdb) rbreak ^__ubsan_handle_
 
-  - If required, invoke the package-specific command to prepare
-    src/temacs for execution.
+will let you gain control when an error is detected and before
+UndefinedBehaviorSanitizer outputs to stderr or terminates the
+program.
 
-  - cd ..; src/temacs
+** Running Emacs with address sanitization
 
-(Note that this runs 'temacs' instead of the usual 'emacs' executable.
-This avoids problems with dumping Emacs mentioned above.)
+Building Emacs with address sanitization can help debug memory-use
+problems.  To use AddressSanitizer with GCC and similar compilers,
+append '-fsanitize=address' to CFLAGS, either when running 'configure'
+or running 'make'.  Configure, build and run Emacs with
+ASAN_OPTIONS='detect_leaks=0' in the environment to suppress
+diagnostics of minor memory leaks in Emacs.  For example:
 
-Some malloc debugging libraries might print lots of false alarms for
-bitfields used by Emacs in some data structures.  If you want to get
-rid of the false alarms, you will have to hack the definitions of
-these data structures on the respective headers to remove the ':N'
-bitfield definitions (which will cause each such field to use a full
-int).
+  export ASAN_OPTIONS='detect_leaks=0'
+  ./configure CFLAGS='-O0 -g3 -fsanitize=address'
+  make
+  src/emacs
+
+You may need to append '-static-libasan' to CFLAGS if your version of
+GCC is installed in an unusual location.
+
+When using GDB to debug an executable with address sanitization, the
+GDB command:
+
+  (gdb) rbreak ^__asan_report_
+
+will let you gain control when an error is detected and before
+AddressSanitizer outputs to stderr or terminates the program.
+
+Address sanitization is incompatible with undefined-behavior
+sanitization, unfortunately.  Address sanitization is also
+incompatible with the --with-dumping=unexec option of 'configure'.
+
+** Running Emacs under Valgrind
+
+Valgrind <http://valgrind.org/> is free software that can be useful
+when debugging low-level Emacs problems.  Unlike GCC sanitizers,
+Valgrind does not need you to compile Emacs with special debugging
+flags, so it can be helpful in investigating problems that vanish when
+Emacs is recompiled with debugging enabled.  However, by default
+Valgrind generates many false alarms with Emacs, and you will need to
+maintain a suppressions file to suppress these false alarms and use
+Valgrind effectively.  For example, you might invoke Valgrind this
+way:
+
+   valgrind --suppressions=valgrind.supp ./emacs
+
+where valgrind.supp contains groups of lines like the following, which
+suppresses some Valgrind false alarms during Emacs garbage collection:
+
+   {
+     Fgarbage_collect Cond - conservative garbage collection
+     Memcheck:Cond
+     ...
+     fun:Fgarbage_collect
+   }
+
+Unfortunately Valgrind suppression files tend to be system-dependent,
+so you will need to keep one around that matches your system.
 
 ** How to recover buffer contents from an Emacs core dump file
 
diff --git a/etc/NEWS b/etc/NEWS
index 051063171e..b444fc5967 100644
--- a/etc/NEWS
+++ b/etc/NEWS
@@ -93,7 +93,8 @@ change to one of the data structures that it relies on.
 ** The configure options '--enable-checking=conslist' and
 '--enable-checking=xmallocoverrun' have been withdrawn.  The former
 made Emacs irredeemably slow, and the latter made it crash.  Neither
-option was useful with modern debugging tools.
+option was useful with modern debugging tools such as AddressSanitizer
+(see etc/DEBUG).
 
 ---
 ** Emacs now requires GTK 2.24 and GTK 3.10 for the GTK 2 and GTK 3
-- 
2.17.1

Re: Errors building from master with a clean repository

[Eli Zaretskii]

> Cc: agrambot@gmail.com, emacs-devel@gnu.org
> From: Paul Eggert <eggert@cs.ucla.edu>
> Date: Sun, 21 Apr 2019 23:22:19 -0700
> 
> > Can we please at least mention
> > specific compiler options and any other tools that could be used
> > instead of the built-in facilities we are removing?  Bonus points for
> > adding to etc/DEBUG a section with more details about the compiler
> > options, tools, and techniques of using them for debugging specific
> > Emacs problems for which these configure options were introduced.
> 
> OK, I tried to earn bonus points by installing the attached patch into master, 
> on top of the two other patches I mentioned earlier.

Thanks, I have a few comments:

> -Modern versions of GCC support more elaborate debug info that is
> -available by just using the -g3 compiler switch.  Try using -gdwarf-4
> -in addition to -g3, and if that fails, try -gdwarf-3.  This is
> -especially important if you have to debug optimized code.  More info
> -about this is available below; search for "analyze failed assertions".
> +Older versions of GCC may need more than just the -g3 flag.  For more,
> +search for "analyze failed assertions" below.

You have consistently removed the references to -gdwarf-N compiler
option, presumably on the assumption that GCC nowadays automatically
uses the highest supported version?  But that doesn't seem to be the
case here, at least with GCC 7.3.0 on MS-Windows: using -g3 produces
DWARF2 info Version 4, but I can use -gdwarf-5 to produce Version 5.
So I wonder whether the assumption about -g3 is valid.

> -** Running Emacs built with malloc debugging packages
> +** Running Emacs with undefined-behavior sanitization
>  
> -If Emacs exhibits bugs that seem to be related to use of memory
> -allocated off the heap, it might be useful to link Emacs with a
> -special debugging library, such as Electric Fence (a.k.a. efence) or
> -GNU Checker, which helps find such problems.
> +Building Emacs with undefined-behavior sanitization can help debug
> +integer overflow and other undefined behavior in C code.  To use
> +UndefinedBehaviorSanitizer with GCC and similar compilers, append
> +'-fsanitize=undefined' to CFLAGS, either when running 'configure' or
> +running 'make'.  For example:

I think this section could greatly benefit from a short explanation
what "undefined behavior" means, or a couple of examples of it.

Re: Errors building from master with a clean repository

[Paul Eggert]

[-- Attachment #1: Type: text/plain, Size: 828 bytes --]

On 4/22/19 12:45 AM, Eli Zaretskii wrote:
>
> You have consistently removed the references to -gdwarf-N compiler
> option, presumably on the assumption that GCC nowadays automatically
> uses the highest supported version?

No, I was merely assuming that -gdwarf-4 is good enough to debug Emacs;
-gdwarf-5 is still marked as "experimental" in GCC 8's doc, and I
haven't used -gdwarf-5. If there's a significant advantage to using
-gdwarf-5 then discussion of it should be added to etc/DEBUG. In the
meantime I tried to improve the wording about this, in the attached patch.


> I think this section could greatly benefit from a short explanation
> what "undefined behavior" means, or a couple of examples of it.

It's hard to be brief as -fsanitize=undefined is a bit tricky, but I
took a shot at it by installing the attached.


[-- Attachment #2: 0001-Improve-UBSan-discussion-in-etc-DEBUG.patch --]
[-- Type: text/x-patch, Size: 3809 bytes --]

From afaab7395ddae3f6db79f2e9c46f8dfc83444b5e Mon Sep 17 00:00:00 2001
From: Paul Eggert <eggert@cs.ucla.edu>
Date: Mon, 22 Apr 2019 17:26:11 -0700
Subject: [PATCH] Improve UBSan discussion in etc/DEBUG

* etc/DEBUG: Improve -gdwarf-N documentation.
Go into more detail about UndefinedBehaviorSanitizer.
---
 etc/DEBUG | 40 +++++++++++++++++++++++++++-------------
 1 file changed, 27 insertions(+), 13 deletions(-)

diff --git a/etc/DEBUG b/etc/DEBUG
index 717553871a..836e820e4a 100644
--- a/etc/DEBUG
+++ b/etc/DEBUG
@@ -181,10 +181,10 @@ Good luck!
 
 ** When you are trying to analyze failed assertions or backtraces, it
 is essential to compile Emacs with flags suitable for debugging.
-With GCC 4.8 or later, you can invoke 'make' with CFLAGS="-O0 -g3".
-With older GCC, you can use CFLAGS="-O0 -g3 -gdwarf-4", replacing "4"
-by the highest version of DWARF that your compiler supports;
-with non-GCC compilers, "-O0 -g3" may be the best you can do.
+Although CFLAGS="-O0 -g3" often suffices with modern compilers,
+you may benefit further by using CFLAGS="-O0 -g3 -gdwarf-4", replacing
+"4" by the highest version of DWARF that your compiler supports;
+this is especially important for GCC versions older than 4.8.
 With GCC and higher optimization levels such as -O2, the
 -fno-omit-frame-pointer and -fno-crossjumping options are often
 essential.  The latter prevents GCC from using the same abort call for
@@ -917,13 +917,26 @@ setting the new-console option before running Emacs under GDB:
 
 ** Running Emacs with undefined-behavior sanitization
 
-Building Emacs with undefined-behavior sanitization can help debug
-integer overflow and other undefined behavior in C code.  To use
-UndefinedBehaviorSanitizer with GCC and similar compilers, append
-'-fsanitize=undefined' to CFLAGS, either when running 'configure' or
-running 'make'.  For example:
+Building Emacs with undefined-behavior sanitization can help find
+several kinds of low-level problems in C code, including:
 
-  ./configure CFLAGS='-O0 -g3 -fsanitize=undefined'
+  * Out-of-bounds access of many (but not all) arrays.
+  * Signed integer overflow, e.g., (INT_MAX + 1).
+  * Integer shifts by a negative or wider-than-word value.
+  * Misaligned pointers and pointer overflow.
+  * Loading a bool or enum value that is out of range for its type.
+  * Passing NULL to or returning NULL from a function requiring nonnull.
+  * Passing a size larger than the corresponding array to memcmp etc.
+  * Passing invalid values to some builtin functions, e.g., __builtin_clz (0).
+  * Reaching __builtin_unreachable calls (in Emacs, 'eassume' failure).
+
+To use UndefinedBehaviorSanitizer with GCC and similar compilers,
+append '-fsanitize=undefined' to CFLAGS, either when running
+'configure' or running 'make'.  When supported, you can also specify
+'bound-strict' and 'float-cast-overflow'.  For example:
+
+  ./configure \
+    CFLAGS='-O0 -g3 -fsanitize=undefined,bounds-strict,float-cast-overflow'
 
 You may need to append '-static-libubsan' to CFLAGS if your version of
 GCC is installed in an unusual location.
@@ -940,9 +953,10 @@ program.
 ** Running Emacs with address sanitization
 
 Building Emacs with address sanitization can help debug memory-use
-problems.  To use AddressSanitizer with GCC and similar compilers,
-append '-fsanitize=address' to CFLAGS, either when running 'configure'
-or running 'make'.  Configure, build and run Emacs with
+problems, such as freeing the same object twice.  To use
+AddressSanitizer with GCC and similar compilers, append
+'-fsanitize=address' to CFLAGS, either when running 'configure' or
+running 'make'.  Configure, build and run Emacs with
 ASAN_OPTIONS='detect_leaks=0' in the environment to suppress
 diagnostics of minor memory leaks in Emacs.  For example:
 
-- 
2.20.1

Re: Errors building from master with a clean repository

[Eli Zaretskii]

> Cc: agrambot@gmail.com, emacs-devel@gnu.org
> From: Paul Eggert <eggert@cs.ucla.edu>
> Date: Mon, 22 Apr 2019 17:31:44 -0700
> 
> No, I was merely assuming that -gdwarf-4 is good enough to debug Emacs;
> -gdwarf-5 is still marked as "experimental" in GCC 8's doc, and I
> haven't used -gdwarf-5. If there's a significant advantage to using
> -gdwarf-5 then discussion of it should be added to etc/DEBUG. In the
> meantime I tried to improve the wording about this, in the attached patch.
> 
> 
> > I think this section could greatly benefit from a short explanation
> > what "undefined behavior" means, or a couple of examples of it.
> 
> It's hard to be brief as -fsanitize=undefined is a bit tricky, but I
> took a shot at it by installing the attached.

Thanks, these are very useful additions, IMO.