search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Update copyright dates with scripts/update-copyrights.
[glibc.git] / malloc / hooks.c
blob0c4816fcaefde9f3ff63c6e0905417049a87f876
1 /* Malloc implementation for multiple threads without lock contention.
2 Copyright (C) 2001-2015 Free Software Foundation, Inc.
3 This file is part of the GNU C Library.
4 Contributed by Wolfram Gloger <wg@malloc.de>, 2001.
5
6 The GNU C Library is free software; you can redistribute it and/or
7 modify it under the terms of the GNU Lesser General Public License as
8 published by the Free Software Foundation; either version 2.1 of the
9 License, or (at your option) any later version.
10
11 The GNU C Library is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 Lesser General Public License for more details.
15
16 You should have received a copy of the GNU Lesser General Public
17 License along with the GNU C Library; see the file COPYING.LIB. If
18 not, see <http://www.gnu.org/licenses/>. */
19
20 /* What to do if the standard debugging hooks are in place and a
21 corrupt pointer is detected: do nothing (0), print an error message
22 (1), or call abort() (2). */
23
24 /* Hooks for debugging versions. The initial hooks just call the
25 initialization routine, then do the normal work. */
26
27 static void *
28 malloc_hook_ini (size_t sz, const void *caller)
29 {
30 __malloc_hook = NULL;
31 ptmalloc_init ();
32 return __libc_malloc (sz);
33 }
34
35 static void *
36 realloc_hook_ini (void *ptr, size_t sz, const void *caller)
37 {
38 __malloc_hook = NULL;
39 __realloc_hook = NULL;
40 ptmalloc_init ();
41 return __libc_realloc (ptr, sz);
42 }
43
44 static void *
45 memalign_hook_ini (size_t alignment, size_t sz, const void *caller)
46 {
47 __memalign_hook = NULL;
48 ptmalloc_init ();
49 return __libc_memalign (alignment, sz);
50 }
51
52 /* Whether we are using malloc checking. */
53 static int using_malloc_checking;
54
55 /* A flag that is set by malloc_set_state, to signal that malloc checking
56 must not be enabled on the request from the user (via the MALLOC_CHECK_
57 environment variable). It is reset by __malloc_check_init to tell
58 malloc_set_state that the user has requested malloc checking.
59
60 The purpose of this flag is to make sure that malloc checking is not
61 enabled when the heap to be restored was constructed without malloc
62 checking, and thus does not contain the required magic bytes.
63 Otherwise the heap would be corrupted by calls to free and realloc. If
64 it turns out that the heap was created with malloc checking and the
65 user has requested it malloc_set_state just calls __malloc_check_init
66 again to enable it. On the other hand, reusing such a heap without
67 further malloc checking is safe. */
68 static int disallow_malloc_check;
69
70 /* Activate a standard set of debugging hooks. */
71 void
72 __malloc_check_init (void)
73 {
74 if (disallow_malloc_check)
75 {
76 disallow_malloc_check = 0;
77 return;
78 }
79 using_malloc_checking = 1;
80 __malloc_hook = malloc_check;
81 __free_hook = free_check;
82 __realloc_hook = realloc_check;
83 __memalign_hook = memalign_check;
84 }
85
86 /* A simple, standard set of debugging hooks. Overhead is `only' one
87 byte per chunk; still this will catch most cases of double frees or
88 overruns. The goal here is to avoid obscure crashes due to invalid
89 usage, unlike in the MALLOC_DEBUG code. */
90
91 #define MAGICBYTE(p) ((((size_t) p >> 3) ^ ((size_t) p >> 11)) & 0xFF)
92
93 /* Visualize the chunk as being partitioned into blocks of 256 bytes from the
94 highest address of the chunk, downwards. The beginning of each block tells
95 us the size of the previous block, up to the actual size of the requested
96 memory. Our magic byte is right at the end of the requested size, so we
97 must reach it with this iteration, otherwise we have witnessed a memory
98 corruption. */
99 static size_t
100 malloc_check_get_size (mchunkptr p)
101 {
102 size_t size;
103 unsigned char c;
104 unsigned char magic = MAGICBYTE (p);
105
106 assert (using_malloc_checking == 1);
107
108 for (size = chunksize (p) - 1 + (chunk_is_mmapped (p) ? 0 : SIZE_SZ);
109 (c = ((unsigned char *) p)[size]) != magic;
110 size -= c)
111 {
112 if (c <= 0 || size < (c + 2 * SIZE_SZ))
113 {
114 malloc_printerr (check_action, "malloc_check_get_size: memory corruption",
115 chunk2mem (p));
116 return 0;
117 }
118 }
119
120 /* chunk2mem size. */
121 return size - 2 * SIZE_SZ;
122 }
123
124 /* Instrument a chunk with overrun detector byte(s) and convert it
125 into a user pointer with requested size sz. */
126
127 static void *
128 internal_function
129 mem2mem_check (void *ptr, size_t sz)
130 {
131 mchunkptr p;
132 unsigned char *m_ptr = ptr;
133 size_t i;
134
135 if (!ptr)
136 return ptr;
137
138 p = mem2chunk (ptr);
139 for (i = chunksize (p) - (chunk_is_mmapped (p) ? 2 * SIZE_SZ + 1 : SIZE_SZ + 1);
140 i > sz;
141 i -= 0xFF)
142 {
143 if (i - sz < 0x100)
144 {
145 m_ptr[i] = (unsigned char) (i - sz);
146 break;
147 }
148 m_ptr[i] = 0xFF;
149 }
150 m_ptr[sz] = MAGICBYTE (p);
151 return (void *) m_ptr;
152 }
153
154 /* Convert a pointer to be free()d or realloc()ed to a valid chunk
155 pointer. If the provided pointer is not valid, return NULL. */
156
157 static mchunkptr
158 internal_function
159 mem2chunk_check (void *mem, unsigned char **magic_p)
160 {
161 mchunkptr p;
162 INTERNAL_SIZE_T sz, c;
163 unsigned char magic;
164
165 if (!aligned_OK (mem))
166 return NULL;
167
168 p = mem2chunk (mem);
169 if (!chunk_is_mmapped (p))
170 {
171 /* Must be a chunk in conventional heap memory. */
172 int contig = contiguous (&main_arena);
173 sz = chunksize (p);
174 if ((contig &&
175 ((char *) p < mp_.sbrk_base ||
176 ((char *) p + sz) >= (mp_.sbrk_base + main_arena.system_mem))) ||
177 sz < MINSIZE || sz & MALLOC_ALIGN_MASK || !inuse (p) ||
178 (!prev_inuse (p) && (p->prev_size & MALLOC_ALIGN_MASK ||
179 (contig && (char *) prev_chunk (p) < mp_.sbrk_base) ||
180 next_chunk (prev_chunk (p)) != p)))
181 return NULL;
182
183 magic = MAGICBYTE (p);
184 for (sz += SIZE_SZ - 1; (c = ((unsigned char *) p)[sz]) != magic; sz -= c)
185 {
186 if (c <= 0 || sz < (c + 2 * SIZE_SZ))
187 return NULL;
188 }
189 }
190 else
191 {
192 unsigned long offset, page_mask = GLRO (dl_pagesize) - 1;
193
194 /* mmap()ed chunks have MALLOC_ALIGNMENT or higher power-of-two
195 alignment relative to the beginning of a page. Check this
196 first. */
197 offset = (unsigned long) mem & page_mask;
198 if ((offset != MALLOC_ALIGNMENT && offset != 0 && offset != 0x10 &&
199 offset != 0x20 && offset != 0x40 && offset != 0x80 && offset != 0x100 &&
200 offset != 0x200 && offset != 0x400 && offset != 0x800 && offset != 0x1000 &&
201 offset < 0x2000) ||
202 !chunk_is_mmapped (p) || (p->size & PREV_INUSE) ||
203 ((((unsigned long) p - p->prev_size) & page_mask) != 0) ||
204 ((sz = chunksize (p)), ((p->prev_size + sz) & page_mask) != 0))
205 return NULL;
206
207 magic = MAGICBYTE (p);
208 for (sz -= 1; (c = ((unsigned char *) p)[sz]) != magic; sz -= c)
209 {
210 if (c <= 0 || sz < (c + 2 * SIZE_SZ))
211 return NULL;
212 }
213 }
214 ((unsigned char *) p)[sz] ^= 0xFF;
215 if (magic_p)
216 *magic_p = (unsigned char *) p + sz;
217 return p;
218 }
219
220 /* Check for corruption of the top chunk, and try to recover if
221 necessary. */
222
223 static int
224 internal_function
225 top_check (void)
226 {
227 mchunkptr t = top (&main_arena);
228 char *brk, *new_brk;
229 INTERNAL_SIZE_T front_misalign, sbrk_size;
230 unsigned long pagesz = GLRO (dl_pagesize);
231
232 if (t == initial_top (&main_arena) ||
233 (!chunk_is_mmapped (t) &&
234 chunksize (t) >= MINSIZE &&
235 prev_inuse (t) &&
236 (!contiguous (&main_arena) ||
237 (char *) t + chunksize (t) == mp_.sbrk_base + main_arena.system_mem)))
238 return 0;
239
240 malloc_printerr (check_action, "malloc: top chunk is corrupt", t);
241
242 /* Try to set up a new top chunk. */
243 brk = MORECORE (0);
244 front_misalign = (unsigned long) chunk2mem (brk) & MALLOC_ALIGN_MASK;
245 if (front_misalign > 0)
246 front_misalign = MALLOC_ALIGNMENT - front_misalign;
247 sbrk_size = front_misalign + mp_.top_pad + MINSIZE;
248 sbrk_size += pagesz - ((unsigned long) (brk + sbrk_size) & (pagesz - 1));
249 new_brk = (char *) (MORECORE (sbrk_size));
250 if (new_brk == (char *) (MORECORE_FAILURE))
251 {
252 __set_errno (ENOMEM);
253 return -1;
254 }
255 /* Call the `morecore' hook if necessary. */
256 void (*hook) (void) = atomic_forced_read (__after_morecore_hook);
257 if (hook)
258 (*hook)();
259 main_arena.system_mem = (new_brk - mp_.sbrk_base) + sbrk_size;
260
261 top (&main_arena) = (mchunkptr) (brk + front_misalign);
262 set_head (top (&main_arena), (sbrk_size - front_misalign) | PREV_INUSE);
263
264 return 0;
265 }
266
267 static void *
268 malloc_check (size_t sz, const void *caller)
269 {
270 void *victim;
271
272 if (sz + 1 == 0)
273 {
274 __set_errno (ENOMEM);
275 return NULL;
276 }
277
278 (void) mutex_lock (&main_arena.mutex);
279 victim = (top_check () >= 0) ? _int_malloc (&main_arena, sz + 1) : NULL;
280 (void) mutex_unlock (&main_arena.mutex);
281 return mem2mem_check (victim, sz);
282 }
283
284 static void
285 free_check (void *mem, const void *caller)
286 {
287 mchunkptr p;
288
289 if (!mem)
290 return;
291
292 (void) mutex_lock (&main_arena.mutex);
293 p = mem2chunk_check (mem, NULL);
294 if (!p)
295 {
296 (void) mutex_unlock (&main_arena.mutex);
297
298 malloc_printerr (check_action, "free(): invalid pointer", mem);
299 return;
300 }
301 if (chunk_is_mmapped (p))
302 {
303 (void) mutex_unlock (&main_arena.mutex);
304 munmap_chunk (p);
305 return;
306 }
307 _int_free (&main_arena, p, 1);
308 (void) mutex_unlock (&main_arena.mutex);
309 }
310
311 static void *
312 realloc_check (void *oldmem, size_t bytes, const void *caller)
313 {
314 INTERNAL_SIZE_T nb;
315 void *newmem = 0;
316 unsigned char *magic_p;
317
318 if (bytes + 1 == 0)
319 {
320 __set_errno (ENOMEM);
321 return NULL;
322 }
323 if (oldmem == 0)
324 return malloc_check (bytes, NULL);
325
326 if (bytes == 0)
327 {
328 free_check (oldmem, NULL);
329 return NULL;
330 }
331 (void) mutex_lock (&main_arena.mutex);
332 const mchunkptr oldp = mem2chunk_check (oldmem, &magic_p);
333 (void) mutex_unlock (&main_arena.mutex);
334 if (!oldp)
335 {
336 malloc_printerr (check_action, "realloc(): invalid pointer", oldmem);
337 return malloc_check (bytes, NULL);
338 }
339 const INTERNAL_SIZE_T oldsize = chunksize (oldp);
340
341 checked_request2size (bytes + 1, nb);
342 (void) mutex_lock (&main_arena.mutex);
343
344 if (chunk_is_mmapped (oldp))
345 {
346 #if HAVE_MREMAP
347 mchunkptr newp = mremap_chunk (oldp, nb);
348 if (newp)
349 newmem = chunk2mem (newp);
350 else
351 #endif
352 {
353 /* Note the extra SIZE_SZ overhead. */
354 if (oldsize - SIZE_SZ >= nb)
355 newmem = oldmem; /* do nothing */
356 else
357 {
358 /* Must alloc, copy, free. */
359 if (top_check () >= 0)
360 newmem = _int_malloc (&main_arena, bytes + 1);
361 if (newmem)
362 {
363 memcpy (newmem, oldmem, oldsize - 2 * SIZE_SZ);
364 munmap_chunk (oldp);
365 }
366 }
367 }
368 }
369 else
370 {
371 if (top_check () >= 0)
372 {
373 INTERNAL_SIZE_T nb;
374 checked_request2size (bytes + 1, nb);
375 newmem = _int_realloc (&main_arena, oldp, oldsize, nb);
376 }
377 }
378
379 /* mem2chunk_check changed the magic byte in the old chunk.
380 If newmem is NULL, then the old chunk will still be used though,
381 so we need to invert that change here. */
382 if (newmem == NULL)
383 *magic_p ^= 0xFF;
384
385 (void) mutex_unlock (&main_arena.mutex);
386
387 return mem2mem_check (newmem, bytes);
388 }
389
390 static void *
391 memalign_check (size_t alignment, size_t bytes, const void *caller)
392 {
393 void *mem;
394
395 if (alignment <= MALLOC_ALIGNMENT)
396 return malloc_check (bytes, NULL);
397
398 if (alignment < MINSIZE)
399 alignment = MINSIZE;
400
401 /* If the alignment is greater than SIZE_MAX / 2 + 1 it cannot be a
402 power of 2 and will cause overflow in the check below. */
403 if (alignment > SIZE_MAX / 2 + 1)
404 {
405 __set_errno (EINVAL);
406 return 0;
407 }
408
409 /* Check for overflow. */
410 if (bytes > SIZE_MAX - alignment - MINSIZE)
411 {
412 __set_errno (ENOMEM);
413 return 0;
414 }
415
416 /* Make sure alignment is power of 2. */
417 if (!powerof2 (alignment))
418 {
419 size_t a = MALLOC_ALIGNMENT * 2;
420 while (a < alignment)
421 a <<= 1;
422 alignment = a;
423 }
424
425 (void) mutex_lock (&main_arena.mutex);
426 mem = (top_check () >= 0) ? _int_memalign (&main_arena, alignment, bytes + 1) :
427 NULL;
428 (void) mutex_unlock (&main_arena.mutex);
429 return mem2mem_check (mem, bytes);
430 }
431
432
433 /* Get/set state: malloc_get_state() records the current state of all
434 malloc variables (_except_ for the actual heap contents and `hook'
435 function pointers) in a system dependent, opaque data structure.
436 This data structure is dynamically allocated and can be free()d
437 after use. malloc_set_state() restores the state of all malloc
438 variables to the previously obtained state. This is especially
439 useful when using this malloc as part of a shared library, and when
440 the heap contents are saved/restored via some other method. The
441 primary example for this is GNU Emacs with its `dumping' procedure.
442 `Hook' function pointers are never saved or restored by these
443 functions, with two exceptions: If malloc checking was in use when
444 malloc_get_state() was called, then malloc_set_state() calls
445 __malloc_check_init() if possible; if malloc checking was not in
446 use in the recorded state but the user requested malloc checking,
447 then the hooks are reset to 0. */
448
449 #define MALLOC_STATE_MAGIC 0x444c4541l
450 #define MALLOC_STATE_VERSION (0 * 0x100l + 4l) /* major*0x100 + minor */
451
452 struct malloc_save_state
453 {
454 long magic;
455 long version;
456 mbinptr av[NBINS * 2 + 2];
457 char *sbrk_base;
458 int sbrked_mem_bytes;
459 unsigned long trim_threshold;
460 unsigned long top_pad;
461 unsigned int n_mmaps_max;
462 unsigned long mmap_threshold;
463 int check_action;
464 unsigned long max_sbrked_mem;
465 unsigned long max_total_mem;
466 unsigned int n_mmaps;
467 unsigned int max_n_mmaps;
468 unsigned long mmapped_mem;
469 unsigned long max_mmapped_mem;
470 int using_malloc_checking;
471 unsigned long max_fast;
472 unsigned long arena_test;
473 unsigned long arena_max;
474 unsigned long narenas;
475 };
476
477 void *
478 __malloc_get_state (void)
479 {
480 struct malloc_save_state *ms;
481 int i;
482 mbinptr b;
483
484 ms = (struct malloc_save_state *) __libc_malloc (sizeof (*ms));
485 if (!ms)
486 return 0;
487
488 (void) mutex_lock (&main_arena.mutex);
489 malloc_consolidate (&main_arena);
490 ms->magic = MALLOC_STATE_MAGIC;
491 ms->version = MALLOC_STATE_VERSION;
492 ms->av[0] = 0;
493 ms->av[1] = 0; /* used to be binblocks, now no longer used */
494 ms->av[2] = top (&main_arena);
495 ms->av[3] = 0; /* used to be undefined */
496 for (i = 1; i < NBINS; i++)
497 {
498 b = bin_at (&main_arena, i);
499 if (first (b) == b)
500 ms->av[2 * i + 2] = ms->av[2 * i + 3] = 0; /* empty bin */
501 else
502 {
503 ms->av[2 * i + 2] = first (b);
504 ms->av[2 * i + 3] = last (b);
505 }
506 }
507 ms->sbrk_base = mp_.sbrk_base;
508 ms->sbrked_mem_bytes = main_arena.system_mem;
509 ms->trim_threshold = mp_.trim_threshold;
510 ms->top_pad = mp_.top_pad;
511 ms->n_mmaps_max = mp_.n_mmaps_max;
512 ms->mmap_threshold = mp_.mmap_threshold;
513 ms->check_action = check_action;
514 ms->max_sbrked_mem = main_arena.max_system_mem;
515 ms->max_total_mem = 0;
516 ms->n_mmaps = mp_.n_mmaps;
517 ms->max_n_mmaps = mp_.max_n_mmaps;
518 ms->mmapped_mem = mp_.mmapped_mem;
519 ms->max_mmapped_mem = mp_.max_mmapped_mem;
520 ms->using_malloc_checking = using_malloc_checking;
521 ms->max_fast = get_max_fast ();
522 ms->arena_test = mp_.arena_test;
523 ms->arena_max = mp_.arena_max;
524 ms->narenas = narenas;
525 (void) mutex_unlock (&main_arena.mutex);
526 return (void *) ms;
527 }
528
529 int
530 __malloc_set_state (void *msptr)
531 {
532 struct malloc_save_state *ms = (struct malloc_save_state *) msptr;
533 size_t i;
534 mbinptr b;
535
536 disallow_malloc_check = 1;
537 ptmalloc_init ();
538 if (ms->magic != MALLOC_STATE_MAGIC)
539 return -1;
540
541 /* Must fail if the major version is too high. */
542 if ((ms->version & ~0xffl) > (MALLOC_STATE_VERSION & ~0xffl))
543 return -2;
544
545 (void) mutex_lock (&main_arena.mutex);
546 /* There are no fastchunks. */
547 clear_fastchunks (&main_arena);
548 if (ms->version >= 4)
549 set_max_fast (ms->max_fast);
550 else
551 set_max_fast (64); /* 64 used to be the value we always used. */
552 for (i = 0; i < NFASTBINS; ++i)
553 fastbin (&main_arena, i) = 0;
554 for (i = 0; i < BINMAPSIZE; ++i)
555 main_arena.binmap[i] = 0;
556 top (&main_arena) = ms->av[2];
557 main_arena.last_remainder = 0;
558 for (i = 1; i < NBINS; i++)
559 {
560 b = bin_at (&main_arena, i);
561 if (ms->av[2 * i + 2] == 0)
562 {
563 assert (ms->av[2 * i + 3] == 0);
564 first (b) = last (b) = b;
565 }
566 else
567 {
568 if (ms->version >= 3 &&
569 (i < NSMALLBINS || (largebin_index (chunksize (ms->av[2 * i + 2])) == i &&
570 largebin_index (chunksize (ms->av[2 * i + 3])) == i)))
571 {
572 first (b) = ms->av[2 * i + 2];
573 last (b) = ms->av[2 * i + 3];
574 /* Make sure the links to the bins within the heap are correct. */
575 first (b)->bk = b;
576 last (b)->fd = b;
577 /* Set bit in binblocks. */
578 mark_bin (&main_arena, i);
579 }
580 else
581 {
582 /* Oops, index computation from chunksize must have changed.
583 Link the whole list into unsorted_chunks. */
584 first (b) = last (b) = b;
585 b = unsorted_chunks (&main_arena);
586 ms->av[2 * i + 2]->bk = b;
587 ms->av[2 * i + 3]->fd = b->fd;
588 b->fd->bk = ms->av[2 * i + 3];
589 b->fd = ms->av[2 * i + 2];
590 }
591 }
592 }
593 if (ms->version < 3)
594 {
595 /* Clear fd_nextsize and bk_nextsize fields. */
596 b = unsorted_chunks (&main_arena)->fd;
597 while (b != unsorted_chunks (&main_arena))
598 {
599 if (!in_smallbin_range (chunksize (b)))
600 {
601 b->fd_nextsize = NULL;
602 b->bk_nextsize = NULL;
603 }
604 b = b->fd;
605 }
606 }
607 mp_.sbrk_base = ms->sbrk_base;
608 main_arena.system_mem = ms->sbrked_mem_bytes;
609 mp_.trim_threshold = ms->trim_threshold;
610 mp_.top_pad = ms->top_pad;
611 mp_.n_mmaps_max = ms->n_mmaps_max;
612 mp_.mmap_threshold = ms->mmap_threshold;
613 check_action = ms->check_action;
614 main_arena.max_system_mem = ms->max_sbrked_mem;
615 mp_.n_mmaps = ms->n_mmaps;
616 mp_.max_n_mmaps = ms->max_n_mmaps;
617 mp_.mmapped_mem = ms->mmapped_mem;
618 mp_.max_mmapped_mem = ms->max_mmapped_mem;
619 /* add version-dependent code here */
620 if (ms->version >= 1)
621 {
622 /* Check whether it is safe to enable malloc checking, or whether
623 it is necessary to disable it. */
624 if (ms->using_malloc_checking && !using_malloc_checking &&
625 !disallow_malloc_check)
626 __malloc_check_init ();
627 else if (!ms->using_malloc_checking && using_malloc_checking)
628 {
629 __malloc_hook = NULL;
630 __free_hook = NULL;
631 __realloc_hook = NULL;
632 __memalign_hook = NULL;
633 using_malloc_checking = 0;
634 }
635 }
636 if (ms->version >= 4)
637 {
638 mp_.arena_test = ms->arena_test;
639 mp_.arena_max = ms->arena_max;
640 narenas = ms->narenas;
641 }
642 check_malloc_state (&main_arena);
643
644 (void) mutex_unlock (&main_arena.mutex);
645 return 0;
646 }
647
648 /*
649 * Local variables:
650 * c-basic-offset: 2
651 * End:
652 */
sources.redhat.com git mirror of glibc CVS