| blob | 7b4c555cab355f443558d4b39bfc720e9da77e38 |
2 /*--------------------------------------------------------------------*/
3 /*--- A header file for all parts of the MemCheck tool. ---*/
4 /*--- mc_include.h ---*/
5 /*--------------------------------------------------------------------*/
7 /*
8 This file is part of MemCheck, a heavyweight Valgrind tool for
9 detecting memory errors.
11 Copyright (C) 2000-2017 Julian Seward
12 jseward@acm.org
14 This program is free software; you can redistribute it and/or
15 modify it under the terms of the GNU General Public License as
16 published by the Free Software Foundation; either version 2 of the
17 License, or (at your option) any later version.
19 This program is distributed in the hope that it will be useful, but
20 WITHOUT ANY WARRANTY; without even the implied warranty of
21 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
22 General Public License for more details.
24 You should have received a copy of the GNU General Public License
25 along with this program; if not, write to the Free Software
26 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
27 02111-1307, USA.
29 The GNU General Public License is contained in the file COPYING.
30 */
32 #ifndef __MC_INCLUDE_H
33 #define __MC_INCLUDE_H
35 #define MC_(str) VGAPPEND(vgMemCheck_,str)
38 /* This is a private header file for use only within the
39 memcheck/ directory. */
41 /*------------------------------------------------------------*/
42 /*--- Tracking the heap ---*/
43 /*------------------------------------------------------------*/
45 /* By default, we want at least a 16B redzone on client heap blocks
46 for Memcheck.
47 The default can be modified by --redzone-size. */
48 #define MC_MALLOC_DEFAULT_REDZONE_SZB 16
49 // effective redzone, as (possibly) modified by --redzone-size:
52 /* For malloc()/new/new[] vs. free()/delete/delete[] mismatch checking. */
53 typedef
59 }
60 MC_AllocKind;
62 /* This describes a heap block. Nb: first two fields must match core's
63 * VgHashNode. */
64 typedef
71 /* Variable-length array. The size depends on MC_(clo_keep_stacktraces).
72 This array optionally stores the alloc and/or free stack trace. */
73 }
74 MC_Chunk;
76 /* Returns the execontext where the MC_Chunk was allocated/freed.
77 Returns VG_(null_ExeContext)() if the execontext has not been recorded (due
78 to MC_(clo_keep_stacktraces) and/or because block not yet freed). */
82 /* Records and sets execontext according to MC_(clo_keep_stacktraces) */
86 /* number of pointers needed according to MC_(clo_keep_stacktraces). */
89 /* Memory pool. Nb: first two fields must match core's VgHashNode. */
90 typedef
98 // memory, and used as pool.
100 }
101 MC_Mempool;
123 /* Searches for a recently freed block which might bracket Addr a.
124 Return the MC_Chunk* for this block or NULL if no bracketting block
125 is found. */
128 /* For efficient pooled alloc/free of the MC_Chunk. */
131 /* For tracking malloc'd blocks. Nb: it's quite important that it's a
132 VgHashTable, because VgHashTable allows duplicate keys without complaint.
133 This can occur if a user marks a malloc() block as also a custom block with
134 MALLOCLIKE_BLOCK. */
137 /* For tracking memory pools. */
140 /* Shadow memory functions */
150 /* nr of free operations done */
168 /*------------------------------------------------------------*/
169 /*--- Origin tracking translate-time support ---*/
170 /*------------------------------------------------------------*/
172 /* See detailed comments in mc_machine.c. */
176 /* Constants which are used as the lowest 2 bits in origin tags.
178 An origin tag comprises an upper 30-bit ECU field and a lower 2-bit
179 'kind' field. The ECU field is a number given out by m_execontext
180 and has a 1-1 mapping with ExeContext*s. An ECU can be used
181 directly as an origin tag (otag), but in fact we want to put
182 additional information 'kind' field to indicate roughly where the
183 tag came from. This helps print more understandable error messages
184 for the user -- it has no other purpose.
186 Hence the following 2-bit constants are needed for 'kind' field.
188 To summarise:
190 * Both ECUs and origin tags are represented as 32-bit words
192 * m_execontext and the core-tool interface deal purely in ECUs.
193 They have no knowledge of origin tags - that is a purely
194 Memcheck-internal matter.
196 * all valid ECUs have the lowest 2 bits zero and at least
197 one of the upper 30 bits nonzero (see VG_(is_plausible_ECU))
199 * to convert from an ECU to an otag, OR in one of the MC_OKIND_
200 constants below
202 * to convert an otag back to an ECU, AND it with ~3
203 */
211 /*------------------------------------------------------------*/
212 /*--- Profiling of memory events ---*/
213 /*------------------------------------------------------------*/
215 /* Define to collect detailed performance info. */
216 /* #define MC_PROFILE_MEMORY */
217 #ifdef MC_PROFILE_MEMORY
219 /* Order of enumerators does not matter. But MCPE_LAST has to be the
220 last entry in the list as it is used as an array bound. */
222 MCPE_LOADV8,
223 MCPE_LOADV8_SLOW1,
224 MCPE_LOADV8_SLOW2,
225 MCPE_LOADV16,
226 MCPE_LOADV16_SLOW1,
227 MCPE_LOADV16_SLOW2,
228 MCPE_LOADV32,
229 MCPE_LOADV32_SLOW1,
230 MCPE_LOADV32_SLOW2,
231 MCPE_LOADV64,
232 MCPE_LOADV64_SLOW1,
233 MCPE_LOADV64_SLOW2,
234 MCPE_LOADV_128_OR_256,
235 MCPE_LOADV_128_OR_256_SLOW_LOOP,
236 MCPE_LOADV_128_OR_256_SLOW1,
237 MCPE_LOADV_128_OR_256_SLOW2,
238 MCPE_LOADVN_SLOW,
239 MCPE_LOADVN_SLOW_LOOP,
240 MCPE_STOREV8,
241 MCPE_STOREV8_SLOW1,
242 MCPE_STOREV8_SLOW2,
243 MCPE_STOREV8_SLOW3,
244 MCPE_STOREV8_SLOW4,
245 MCPE_STOREV16,
246 MCPE_STOREV16_SLOW1,
247 MCPE_STOREV16_SLOW2,
248 MCPE_STOREV16_SLOW3,
249 MCPE_STOREV16_SLOW4,
250 MCPE_STOREV32,
251 MCPE_STOREV32_SLOW1,
252 MCPE_STOREV32_SLOW2,
253 MCPE_STOREV32_SLOW3,
254 MCPE_STOREV32_SLOW4,
255 MCPE_STOREV64,
256 MCPE_STOREV64_SLOW1,
257 MCPE_STOREV64_SLOW2,
258 MCPE_STOREV64_SLOW3,
259 MCPE_STOREV64_SLOW4,
260 MCPE_STOREVN_SLOW,
261 MCPE_STOREVN_SLOW_LOOP,
262 MCPE_MAKE_ALIGNED_WORD32_UNDEFINED,
263 MCPE_MAKE_ALIGNED_WORD32_UNDEFINED_SLOW,
264 MCPE_MAKE_ALIGNED_WORD64_UNDEFINED,
265 MCPE_MAKE_ALIGNED_WORD64_UNDEFINED_SLOW,
266 MCPE_MAKE_ALIGNED_WORD32_NOACCESS,
267 MCPE_MAKE_ALIGNED_WORD32_NOACCESS_SLOW,
268 MCPE_MAKE_ALIGNED_WORD64_NOACCESS,
269 MCPE_MAKE_ALIGNED_WORD64_NOACCESS_SLOW,
270 MCPE_MAKE_MEM_NOACCESS,
271 MCPE_MAKE_MEM_UNDEFINED,
272 MCPE_MAKE_MEM_UNDEFINED_W_OTAG,
273 MCPE_MAKE_MEM_DEFINED,
274 MCPE_CHEAP_SANITY_CHECK,
275 MCPE_EXPENSIVE_SANITY_CHECK,
276 MCPE_COPY_ADDRESS_RANGE_STATE,
277 MCPE_COPY_ADDRESS_RANGE_STATE_LOOP1,
278 MCPE_COPY_ADDRESS_RANGE_STATE_LOOP2,
279 MCPE_CHECK_MEM_IS_NOACCESS,
280 MCPE_CHECK_MEM_IS_NOACCESS_LOOP,
281 MCPE_IS_MEM_ADDRESSABLE,
282 MCPE_IS_MEM_ADDRESSABLE_LOOP,
283 MCPE_IS_MEM_DEFINED,
284 MCPE_IS_MEM_DEFINED_LOOP,
285 MCPE_IS_MEM_DEFINED_COMPREHENSIVE,
286 MCPE_IS_MEM_DEFINED_COMPREHENSIVE_LOOP,
287 MCPE_IS_DEFINED_ASCIIZ,
288 MCPE_IS_DEFINED_ASCIIZ_LOOP,
289 MCPE_FIND_CHUNK_FOR_OLD,
290 MCPE_FIND_CHUNK_FOR_OLD_LOOP,
291 MCPE_SET_ADDRESS_RANGE_PERMS,
292 MCPE_SET_ADDRESS_RANGE_PERMS_SINGLE_SECMAP,
293 MCPE_SET_ADDRESS_RANGE_PERMS_STARTOF_SECMAP,
294 MCPE_SET_ADDRESS_RANGE_PERMS_MULTIPLE_SECMAPS,
295 MCPE_SET_ADDRESS_RANGE_PERMS_DIST_SM1,
296 MCPE_SET_ADDRESS_RANGE_PERMS_DIST_SM2,
297 MCPE_SET_ADDRESS_RANGE_PERMS_DIST_SM1_QUICK,
298 MCPE_SET_ADDRESS_RANGE_PERMS_DIST_SM2_QUICK,
299 MCPE_SET_ADDRESS_RANGE_PERMS_LOOP1A,
300 MCPE_SET_ADDRESS_RANGE_PERMS_LOOP1B,
301 MCPE_SET_ADDRESS_RANGE_PERMS_LOOP1C,
302 MCPE_SET_ADDRESS_RANGE_PERMS_LOOP8A,
303 MCPE_SET_ADDRESS_RANGE_PERMS_LOOP8B,
304 MCPE_SET_ADDRESS_RANGE_PERMS_LOOP64K,
305 MCPE_SET_ADDRESS_RANGE_PERMS_LOOP64K_FREE_DIST_SM,
306 MCPE_NEW_MEM_STACK,
307 MCPE_NEW_MEM_STACK_4,
308 MCPE_NEW_MEM_STACK_8,
309 MCPE_NEW_MEM_STACK_12,
310 MCPE_NEW_MEM_STACK_16,
311 MCPE_NEW_MEM_STACK_32,
312 MCPE_NEW_MEM_STACK_112,
313 MCPE_NEW_MEM_STACK_128,
314 MCPE_NEW_MEM_STACK_144,
315 MCPE_NEW_MEM_STACK_160,
316 MCPE_DIE_MEM_STACK,
317 MCPE_DIE_MEM_STACK_4,
318 MCPE_DIE_MEM_STACK_8,
319 MCPE_DIE_MEM_STACK_12,
320 MCPE_DIE_MEM_STACK_16,
321 MCPE_DIE_MEM_STACK_32,
322 MCPE_DIE_MEM_STACK_112,
323 MCPE_DIE_MEM_STACK_128,
324 MCPE_DIE_MEM_STACK_144,
325 MCPE_DIE_MEM_STACK_160,
326 MCPE_MAKE_STACK_UNINIT_W_O,
327 MCPE_MAKE_STACK_UNINIT_NO_O,
328 MCPE_MAKE_STACK_UNINIT_128_NO_O,
329 MCPE_MAKE_STACK_UNINIT_128_NO_O_ALIGNED_16,
330 MCPE_MAKE_STACK_UNINIT_128_NO_O_ALIGNED_8,
331 MCPE_MAKE_STACK_UNINIT_128_NO_O_SLOWCASE,
332 /* Do not add enumerators past this line. */
333 MCPE_LAST
334 };
338 # define PROF_EVENT(ev) \
339 do { tl_assert((ev) >= 0 && (ev) < MCPE_LAST); \
340 MC_(event_ctr)[ev]++; \
341 } while (False);
343 #else
350 /*------------------------------------------------------------*/
351 /*--- V and A bits (Victoria & Albert ?) ---*/
352 /*------------------------------------------------------------*/
354 /* The number of entries in the primary map can be altered. However
355 we hardwire the assumption that each secondary map covers precisely
356 64k of address space. */
360 #define V_BIT_DEFINED 0
361 #define V_BIT_UNDEFINED 1
363 #define V_BITS8_DEFINED 0
364 #define V_BITS8_UNDEFINED 0xFF
366 #define V_BITS16_DEFINED 0
367 #define V_BITS16_UNDEFINED 0xFFFF
369 #define V_BITS32_DEFINED 0
370 #define V_BITS32_UNDEFINED 0xFFFFFFFF
372 #define V_BITS64_DEFINED 0ULL
373 #define V_BITS64_UNDEFINED 0xFFFFFFFFFFFFFFFFULL
375 /* Set to 1 to enable handwritten assembly helpers on targets for
376 which it is supported. */
377 #define ENABLE_ASSEMBLY_HELPERS 1
379 /* Comment the below to disable the fast case LOADV */
380 #define PERF_FAST_LOADV 1
382 /*------------------------------------------------------------*/
383 /*--- Leak checking ---*/
384 /*------------------------------------------------------------*/
386 typedef
388 // Nb: the order is important -- it dictates the order of loss records
389 // of equal sizes.
392 // least one interior-pointer along the way.
394 // (be it Unreached or IndirectLeak).
396 // (At best, only reachable from itself via a cycle.)
397 }
398 Reachedness;
400 // Build mask to check or set Reachedness r membership
401 #define R2S(r) (1 << (r))
402 // Reachedness r is member of the Set s ?
403 #define RiS(r,s) ((s) & R2S(r))
404 // Returns a set containing all Reachedness
407 /* For VALGRIND_COUNT_LEAKS client request */
414 /* For VALGRIND_COUNT_LEAK_BLOCKS client request */
421 typedef
423 LC_Off,
424 LC_Summary,
425 LC_Full,
426 }
427 LeakCheckMode;
429 typedef
434 //decrease in size or blocks
435 }
436 LeakCheckDeltaMode;
438 /* When a LossRecord is put into an OSet, these elements represent the key. */
439 typedef
443 }
444 LossRecordKey;
446 /* A loss record, used for generating err msgs. Multiple leaked blocks can be
447 * merged into a single loss record if they have the same state and similar
448 * enough allocation points (controlled by --leak-resolution). */
449 typedef
458 }
459 LossRecord;
461 typedef
463 LeakCheckMode mode;
464 UInt show_leak_kinds;
465 UInt errors_for_leak_kinds;
466 UInt heuristics;
467 LeakCheckDeltaMode deltamode;
471 }
472 LeakCheckParams;
476 // Each time a leak search is done, the leak search generation
477 // MC_(leak_search_gen) is incremented.
480 // maintains the lcp.deltamode given in the last call to detect_memory_leaks
483 // prints the list of blocks corresponding to the given loss_record_nr slice
484 // (from/to) (up to maximum max_blocks)
485 // Returns True if loss_record_nr_from identifies a correct loss record
486 // from last leak search, returns False otherwise.
487 // Note that loss_record_nr_to can be bigger than the nr of loss records. All
488 // loss records after from will then be examined and maybe printed.
489 // If heuristics != 0, print only the loss records/blocks found via
490 // one of the heuristics in the set.
494 // Prints the addresses/registers/... at which a pointer to
495 // the given range [address, address+szB[ is found.
498 // if delta_mode == LCD_Any, prints in buf an empty string
499 // otherwise prints a delta in the layout " (+%'lu)" or " (-%'lu)"
502 LeakCheckDeltaMode delta_mode);
508 // Prints as user msg a description of the given loss record.
513 /*------------------------------------------------------------*/
514 /*--- Errors and suppressions ---*/
515 /*------------------------------------------------------------*/
517 /* Did we show to the user, any errors for which an uninitialised
518 value origin could have been collected (but wasn't) ? If yes,
519 then, at the end of the run, print a 1 line message advising that a
520 rerun with --track-origins=yes might help. */
523 /* Standard functions for error and suppressions as required by the
524 core/tool iface */
545 /* Recording of errors */
547 Bool isWrite );
566 UInt n_this_record,
567 UInt n_total_records,
569 Bool print_record,
570 Bool count_error );
575 /* Leak kinds tokens to call VG_(parse_enum_set). */
578 /* prints a description of address a in the specified debuginfo epoch */
581 /* Is this address in a user-specified "ignored range" ? */
584 /* Is this address in a user-specified "ignored range of offsets below
585 the current thread's stack pointer?" */
589 /*------------------------------------------------------------*/
590 /*--- Client blocks ---*/
591 /*------------------------------------------------------------*/
593 /* Describes a client block. See mc_main.c. An unused block has
594 start == size == 0. */
595 typedef
597 Addr start;
598 SizeT size;
601 }
602 CGenBlock;
604 /* Get access to the client block array. */
609 /*------------------------------------------------------------*/
610 /*--- Command line options + defaults ---*/
611 /*------------------------------------------------------------*/
613 /* Allow loads from partially-valid addresses? default: YES */
616 /* Max volume of the freed blocks queue. */
619 /* Blocks with a size >= MC_(clo_freelist_big_blocks) will be put
620 in the "big block" freed blocks queue. */
623 /* Do leak check at exit? default: NO */
626 /* How closely should we compare ExeContexts in leak records? default: 2 */
629 /* In leak check, show loss records if their R2S(reachedness) is set.
630 Default : R2S(Possible) | R2S(Unreached). */
633 /* In leak check, a loss record is an error if its R2S(reachedness) is set.
634 Default : R2S(Possible) | R2S(Unreached). */
637 /* Various leak check heuristics which can be activated/deactivated. */
638 typedef
641 // no heuristic.
643 // Consider interior pointer pointing at the array of char in a
644 // std::string as reachable.
646 // Consider interior pointer pointing at offset 64bit of a block as
647 // reachable, when the first 8 bytes contains the block size - 8.
648 // Such length+interior pointers are used by e.g. sqlite3MemMalloc.
649 // On 64bit platforms LchNewArray will also match these blocks.
651 // Consider interior pointer pointing at second word of a new[] array as
652 // reachable. Such interior pointers are used for arrays whose elements
653 // have a destructor.
655 // Conside interior pointer pointing just after what looks a vtable
656 // as reachable.
657 }
658 LeakCheckHeuristic;
660 // Nr of heuristics, including the LchNone heuristic.
661 #define N_LEAK_CHECK_HEURISTICS 5
663 // Build mask to check or set Heuristic h membership
664 #define H2S(h) (1 << (h))
665 // Heuristic h is member of the Set s ?
666 #define HiS(h,s) ((s) & H2S(h))
668 /* Heuristics set to use for the leak search.
669 Default : all heuristics. */
672 /* Assume accesses immediately below %esp are due to gcc-2.96 bugs.
673 * default: NO */
676 /* Fill malloc-d/free-d client blocks with a specific value? -1 if
677 not, else 0x00 .. 0xFF indicating the fill value to use. Can be
678 useful for causing programs with bad heap corruption to fail in
679 more repeatable ways. Note that malloc-filled and free-filled
680 areas are still undefined and noaccess respectively. This merely
681 causes them to contain the specified values. */
685 /* Which stack trace(s) to keep for malloc'd/free'd client blocks?
686 For each client block, the stack traces where it was allocated
687 and/or freed are optionally kept depending on MC_(clo_keep_stacktraces). */
688 typedef
695 }
696 KeepStacktraces;
699 /* Indicates the level of instrumentation/checking done by Memcheck.
701 1 = No undefined value checking, Addrcheck-style behaviour only:
702 only address checking is done. This is faster but finds fewer
703 errors. Note that although Addrcheck had 1 bit per byte
704 overhead vs the old Memcheck's 9 bits per byte, with this mode
705 and compressed V bits, no memory is saved with this mode --
706 it's still 2 bits per byte overhead. This is a little wasteful
707 -- it could be done with 1 bit per byte -- but lets us reuse
708 the many shadow memory access functions. Note that in this
709 mode neither the secondary V bit table nor the origin-tag cache
710 are used.
712 2 = Address checking and Undefined value checking are performed,
713 but origins are not tracked. So the origin-tag cache is not
714 used in this mode. This setting is the default and corresponds
715 to the "normal" Memcheck behaviour that has shipped for years.
717 3 = Address checking, undefined value checking, and origins for
718 undefined values are tracked.
720 The default is 2.
721 */
724 /* Should we show mismatched frees? Default: YES */
727 /* Indicates the level of detail for Vbit tracking through integer add,
728 subtract, and some integer comparison operations. */
729 typedef
733 EdcYES // All operations instrumented expensively
734 }
735 ExpensiveDefinednessChecks;
737 /* Level of expense in definedness checking for add/sub and compare
738 operations. Default: EdcAUTO */
741 /* Do we have a range of stack offsets to ignore? Default: NO */
747 /*------------------------------------------------------------*/
748 /*--- Instrumentation ---*/
749 /*------------------------------------------------------------*/
751 /* Functions defined in mc_main.c */
753 /* For the fail_w_o functions, the UWord arg is actually the 32-bit
754 origin tag and should really be UInt, but to be simple and safe
755 considering it's called from generated code, just claim it to be a
756 UWord. */
763 /* And call these ones instead to report an uninitialised value error
764 but with no origin available. */
771 /* V-bits load/store helpers */
801 /* Origin tag load/store helpers */
815 /* Functions defined in mc_translate.c */
825 /* Check some assertions to do with the instrumentation machinery. */
830 /*--------------------------------------------------------------------*/
831 /*--- end ---*/
832 /*--------------------------------------------------------------------*/