Ejemplo n.º 1
0
int main(void)
{
   int *array, *array3;
   int x;

   array = custom_alloc(sizeof(int) * 10);
   array[8]  = 8;
   array[9]  = 8;
   array[10] = 10;      // invalid write (ok w/o MALLOCLIKE -- in superblock)

   custom_free(array);  // ok

   custom_free((void*)0x1);  // invalid free

   array3 = malloc(sizeof(int) * 10);
   custom_free(array3); // mismatched free (ok without MALLOCLIKE)

   make_leak();
   x = array[0];        // use after free (ok without MALLOCLIKE/MAKE_MEM_NOACCESS)
                        // (nb: initialised because is_zeroed==1 above)
                        // unfortunately not identified as being in a free'd
                        // block because the freeing of the block and shadow
                        // chunk isn't postponed.

   // Bug 137073: passing 0 to MALLOCLIKE_BLOCK was causing an assertion
   // failure.  Test for this (and likewise for FREELIKE_BLOCK).
   VALGRIND_MALLOCLIKE_BLOCK(0,0,0,0);
   VALGRIND_FREELIKE_BLOCK(0,0);
   
   return x;

   // leak from make_leak()
}
Ejemplo n.º 2
0
Archivo: pool.c Proyecto: DevL/ponyc
void pool_free(size_t index, void* p)
{
#ifdef USE_VALGRIND
  VALGRIND_DISABLE_ERROR_REPORTING;
#endif

  TRACK_FREE(p, POOL_MIN << index);
  assert(index < POOL_COUNT);

  pool_local_t* thread = &pool_local[index];
  pool_global_t* global = &pool_global[index];

  if(thread->length >= global->count)
    pool_push(thread, global);

  pool_item_t* lp = (pool_item_t*)p;
  lp->next = thread->pool;
  thread->pool = (pool_item_t*)p;
  thread->length++;

#ifdef USE_VALGRIND
  VALGRIND_ENABLE_ERROR_REPORTING;
  VALGRIND_FREELIKE_BLOCK(p, 0);
#endif
}
Ejemplo n.º 3
0
void	releaseToIonMemory(char *fileName, int lineNbr, void *block)
{
	PsmPartition	ionwm = _ionwm(NULL);

	Psm_free(fileName, lineNbr, ionwm, psa(ionwm, (char *) block));
#ifdef HAVE_VALGRIND_VALGRIND_H
    VALGRIND_FREELIKE_BLOCK(block, 0);
#endif
}
Ejemplo n.º 4
0
void free_mem(unsigned long int size, void *location) {
    size_t msize = get_multiple_of_pagesize(size);

    /* we ignore the return value, because the only way this will return in a
       bad way is whenever people pass invalid data to this function, which in
       turn would either lead to serious issues with the kernel or other parts
       of the programme. */
    (void)munmap (location, msize);

    VALGRIND_FREELIKE_BLOCK(location, 0);
}
Ejemplo n.º 5
0
int
GDKmunmap(void *addr, size_t size)
{
	int ret;

	ALLOCDEBUG fprintf(stderr, "#GDKmunmap " SZFMT " " PTRFMT "\n", size, PTRFMTCAST addr);
	ret = MT_munmap(addr, size);
	VALGRIND_FREELIKE_BLOCK(addr, 0);
	if (ret == 0)
		memdec(size, "GDKunmap");
	return ret;
}
Ejemplo n.º 6
0
void
qxl_free             (struct qxl_mem         *mem,
		      void                   *d)
{
    mspace_free (mem->space, d);
#ifdef DEBUG_QXL_MEM
#ifdef DEBUG_QXL_MEM_VERBOSE
    fprintf(stderr, "free  %p\n", d);
#endif
    VALGRIND_FREELIKE_BLOCK(d, 0);
#endif
}
Ejemplo n.º 7
0
void pool_free_size(size_t size, void* p)
{
  size_t index = pool_index(size);

  if(index < POOL_COUNT)
    return pool_free(index, p);

  virtual_free(p, size);

#ifdef USE_VALGRIND
  VALGRIND_FREELIKE_BLOCK(p, 0);
#endif
}
Ejemplo n.º 8
0
int main(void)
{
   int *array, *array3;
   int x;

   array = custom_alloc(sizeof(int) * 10);
   array[8]  = 8;
   array[9]  = 8;
   array[10] = 10;      // invalid write (ok w/o MALLOCLIKE -- in superblock)

   VALGRIND_RESIZEINPLACE_BLOCK(array, sizeof(int) * 10, sizeof(int) * 5, RZ);
   array[4] = 7;
   array[5] = 9; // invalid write

   // Make the entire array defined again such that it can be verified whether
   // the red zone is marked properly when resizing in place.
   VALGRIND_MAKE_MEM_DEFINED(array, sizeof(int) * 10);

   VALGRIND_RESIZEINPLACE_BLOCK(array, sizeof(int) * 5, sizeof(int) * 7, RZ);
   if (array[5]) array[4]++; // uninitialized read of array[5]
   array[5]  = 11;
   array[6]  = 7;
   array[7] = 8; // invalid write

   // invalid realloc
   VALGRIND_RESIZEINPLACE_BLOCK(array+1, sizeof(int) * 7, sizeof(int) * 8, RZ);

   custom_free(array);  // ok

   custom_free((void*)0x1);  // invalid free

   array3 = malloc(sizeof(int) * 10);
   custom_free(array3); // mismatched free (ok without MALLOCLIKE)

   make_leak();
   x = array[0];        // use after free (ok without MALLOCLIKE/MAKE_MEM_NOACCESS)
                        // (nb: initialised because is_zeroed==1 above)
                        // unfortunately not identified as being in a free'd
                        // block because the freeing of the block and shadow
                        // chunk isn't postponed.

   // Bug 137073: passing 0 to MALLOCLIKE_BLOCK was causing an assertion
   // failure.  Test for this (and likewise for FREELIKE_BLOCK).
   VALGRIND_MALLOCLIKE_BLOCK(0,0,0,0);
   VALGRIND_FREELIKE_BLOCK(0,0);
   
   return x;

   // leak from make_leak()
}
Ejemplo n.º 9
0
void
egg_secure_free_full (void *memory, int flags)
{
	Block *block = NULL;

	if (memory == NULL)
		return;

	DO_LOCK ();

		/* Find out where it belongs to */
		for (block = all_blocks; block; block = block->next) {
			if (sec_is_valid_word (block, memory))
				break;
		}

#ifdef WITH_VALGRIND
		/* We like valgrind's warnings, so give it a first whack at checking for errors */
		if (block != NULL || !(flags & GKR_SECURE_USE_FALLBACK))
			VALGRIND_FREELIKE_BLOCK (memory, sizeof (word_t));
#endif

		if (block != NULL) {
			sec_free (block, memory);
			if (block->used == 0)
				sec_block_destroy (block);
		}

	DO_UNLOCK ();

	if (!block) {
		if ((flags & GKR_SECURE_USE_FALLBACK)) {
			egg_memory_fallback (memory, 0);
		} else {
			if (egg_secure_warnings)
				fprintf (stderr, "memory does not belong to mate-keyring: 0x%08lx\n",
				         (unsigned long)memory);
			ASSERT (0 && "memory does does not belong to mate-keyring");
		}
	}
}
Ejemplo n.º 10
0
void stat_mem_deallocate(void *ptr) {
    stat_mem_block_t *info = NULL;

    if (GMQCC_UNLIKELY(!ptr))
        return;

    info = ((stat_mem_block_t*)ptr - 1);

    /*
     * we need access to the redzone that represents the info block
     * so lets do that.
     */
    VALGRIND_MAKE_MEM_DEFINED(info, sizeof(stat_mem_block_t));

    stat_mem_deallocated       += info->size;
    stat_mem_high              -= info->size;
    stat_mem_deallocated_total ++;

    if (info->prev) {
        /* just need access for a short period */
        VALGRIND_MAKE_MEM_DEFINED(info->prev, sizeof(stat_mem_block_t));
        info->prev->next = info->next;
        /* don't need access anymore */
        VALGRIND_MAKE_MEM_NOACCESS(info->prev, sizeof(stat_mem_block_t));
    }
    if (info->next) {
        /* just need access for a short period */
        VALGRIND_MAKE_MEM_DEFINED(info->next, sizeof(stat_mem_block_t));
        info->next->prev = info->prev;
        /* don't need access anymore */
        VALGRIND_MAKE_MEM_NOACCESS(info->next, sizeof(stat_mem_block_t));
    }

    /* move ahead */
    if (info == stat_mem_block_root)
        stat_mem_block_root = info->next;

    free(info);
    VALGRIND_MAKE_MEM_NOACCESS(info, sizeof(stat_mem_block_t));
    VALGRIND_FREELIKE_BLOCK(ptr, sizeof(stat_mem_block_t));
}
Ejemplo n.º 11
0
Archivo: pool.c Proyecto: DevL/ponyc
void pool_free_size(size_t size, void* p)
{
  size_t index = pool_index(size);

  if(index < POOL_COUNT)
    return pool_free(index, p);

#ifdef USE_VALGRIND
  VALGRIND_DISABLE_ERROR_REPORTING;
#endif

  size = pool_adjust_size(size);
  pool_free_pages(p, size);

  TRACK_FREE(p, size);

#ifdef USE_VALGRIND
  VALGRIND_ENABLE_ERROR_REPORTING;
  VALGRIND_FREELIKE_BLOCK(p, 0);
#endif
}
Ejemplo n.º 12
0
void*
egg_secure_realloc_full (void *memory, size_t length, int flags)
{
	Block *block = NULL;
	size_t previous = 0;
	int donew = 0;
	void *alloc = NULL;

	if (length > 0xFFFFFFFF / 2) {
		if (egg_secure_warnings)
			fprintf (stderr, "tried to allocate an insane amount of memory: %lu\n",
			         (unsigned long)length);
		return NULL;
	}

	if (memory == NULL)
		return egg_secure_alloc_full (length, flags);
	if (!length) {
		egg_secure_free_full (memory, flags);
		return NULL;
	}

	DO_LOCK ();

		/* Find out where it belongs to */
		for (block = all_blocks; block; block = block->next) {
			if (sec_is_valid_word (block, memory)) {
				previous = sec_allocated (block, memory);

#ifdef WITH_VALGRIND
				/* Let valgrind think we are unallocating so that it'll validate */
				VALGRIND_FREELIKE_BLOCK (memory, sizeof (word_t));
#endif

				alloc = sec_realloc (block, memory, length);

#ifdef WITH_VALGRIND
				/* Now tell valgrind about either the new block or old one */
				VALGRIND_MALLOCLIKE_BLOCK (alloc ? alloc : memory,
				                           alloc ? length : previous,
				                           sizeof (word_t), 1);
#endif
				break;
			}
		}

		/* If it didn't work we may need to allocate a new block */
		if (block && !alloc)
			donew = 1;

		if (block && block->used == 0)
			sec_block_destroy (block);

	DO_UNLOCK ();

	if (!block) {
		if ((flags & GKR_SECURE_USE_FALLBACK)) {
			/*
			 * In this case we can't zero the returned memory,
			 * because we don't know what the block size was.
			 */
			return egg_memory_fallback (memory, length);
		} else {
			if (egg_secure_warnings)
				fprintf (stderr, "memory does not belong to mate-keyring: 0x%08lx\n",
				         (unsigned long)memory);
			ASSERT (0 && "memory does does not belong to mate-keyring");
			return NULL;
		}
	}

	if (donew) {
		alloc = egg_secure_alloc_full (length, flags);
		if (alloc) {
			memcpy (alloc, memory, previous);
			egg_secure_free_full (memory, flags);
		}
	}

	if (!alloc)
		errno = ENOMEM;

	return alloc;
}
Ejemplo n.º 13
0
static void custom_free(void* p)
{
   // don't actually free any memory... but mark it as freed
   VALGRIND_FREELIKE_BLOCK( p, RZ );
}
Ejemplo n.º 14
0
void *stat_mem_reallocate(void *ptr, size_t size, size_t line, const char *file) {
    stat_mem_block_t *oldinfo = NULL;
    stat_mem_block_t *newinfo;

    if (GMQCC_UNLIKELY(!ptr))
        return stat_mem_allocate(size, line, file);

    /* stay consistent with glibc */
    if (GMQCC_UNLIKELY(!size)) {
        stat_mem_deallocate(ptr);
        return NULL;
    }

    oldinfo = ((stat_mem_block_t*)ptr - 1);
    newinfo = ((stat_mem_block_t*)malloc(sizeof(stat_mem_block_t) + size));

    if (GMQCC_UNLIKELY(!newinfo)) {
        stat_mem_deallocate(ptr);
        return NULL;
    }

    VALGRIND_MALLOCLIKE_BLOCK(newinfo + 1, size, sizeof(stat_mem_block_t), 0);

    /* we need access to the old info redzone */
    VALGRIND_MAKE_MEM_DEFINED(oldinfo, sizeof(stat_mem_block_t));

    memcpy(newinfo+1, oldinfo+1, oldinfo->size);

    if (oldinfo->prev) {
        /* just need access for a short period */
        VALGRIND_MAKE_MEM_DEFINED(oldinfo->prev, sizeof(stat_mem_block_t));
        oldinfo->prev->next = oldinfo->next;
        /* don't need access anymore */
        VALGRIND_MAKE_MEM_NOACCESS(oldinfo->prev, sizeof(stat_mem_block_t));
    }

    if (oldinfo->next) {
        /* just need access for a short period */
        VALGRIND_MAKE_MEM_DEFINED(oldinfo->next, sizeof(stat_mem_block_t));
        oldinfo->next->prev = oldinfo->prev;
        /* don't need access anymore */
        VALGRIND_MAKE_MEM_NOACCESS(oldinfo->next, sizeof(stat_mem_block_t));
    }

    /* move ahead */
    if (oldinfo == stat_mem_block_root)
        stat_mem_block_root = oldinfo->next;

    /* we need access to the redzone for the newinfo block */
    VALGRIND_MAKE_MEM_DEFINED(newinfo, sizeof(stat_mem_block_t));

    newinfo->line = line;
    newinfo->size = size;
    newinfo->file = file;
    newinfo->prev = NULL;
    newinfo->next = stat_mem_block_root;

    /*
     * likely since the only time there is no root is when it's
     * being initialized first.
     */
    if (GMQCC_LIKELY(stat_mem_block_root != NULL)) {
        /* we need access to the root */
        VALGRIND_MAKE_MEM_DEFINED(stat_mem_block_root, sizeof(stat_mem_block_t));
        stat_mem_block_root->prev = newinfo;
        /* kill access */
        VALGRIND_MAKE_MEM_NOACCESS(stat_mem_block_root, sizeof(stat_mem_block_t));
    }

    stat_mem_block_root = newinfo;
    stat_mem_allocated -= oldinfo->size;
    stat_mem_high      -= oldinfo->size;
    stat_mem_allocated += newinfo->size;
    stat_mem_high      += newinfo->size;

    /*
     * we're finished with the redzones, lets kill the access
     * to them.
     */
    VALGRIND_MAKE_MEM_NOACCESS(newinfo, sizeof(stat_mem_block_t));
    VALGRIND_MAKE_MEM_NOACCESS(oldinfo, sizeof(stat_mem_block_t));

    if (stat_mem_high > stat_mem_peak)
        stat_mem_peak = stat_mem_high;

    free(oldinfo);
    VALGRIND_FREELIKE_BLOCK(ptr, sizeof(stat_mem_block_t));
    return newinfo + 1;
}
Ejemplo n.º 15
0
void
valgrind_freelike_block(void *ptr, size_t usize)
{

	VALGRIND_FREELIKE_BLOCK(ptr, usize);
}
Ejemplo n.º 16
0
void stat_mem_deallocate(void *ptr, size_t line, const char *file) {
    stat_mem_block_t *info  = NULL;
    char             *ident = (char *)ptr - IDENT_SIZE;
    
    if (GMQCC_UNLIKELY(!ptr))
        return;

    /* Validate usage */
    VALGRIND_MAKE_MEM_DEFINED(ident, IDENT_SIZE);
    if (!strcmp(ident, IDENT_VEC)) {
        vector_t         *vec   = (vector_t*)((char *)ptr - IDENT_VEC_TOP);
        stat_mem_block_t *block = (stat_mem_block_t*)((char *)vec - IDENT_MEM_TOP);
        
        VALGRIND_MAKE_MEM_DEFINED(block, sizeof(stat_mem_block_t));
        con_err("internal warning: invalid use of mem_d:\n");
        con_err("internal warning:    vector (used elements: %u, allocated elements: %u)\n",
            (unsigned)vec->used,
            (unsigned)vec->allocated
        );
        con_err("internal warning:    vector was last (re)allocated with (size: %u (bytes), at location: %s:%u)\n",
            (unsigned)block->size,
            block->file,
            (unsigned)block->line
        );
        con_err("internal warning:    released with wrong routine at %s:%u\n", file, (unsigned)line);
        con_err("internal warning:    forwarding to vec_free, please fix it\n");
        VALGRIND_MAKE_MEM_NOACCESS(block, sizeof(stat_mem_block_t));
        VALGRIND_MAKE_MEM_NOACCESS(ident, IDENT_SIZE);
        vec_free(ptr);
        return;
    }
    VALGRIND_MAKE_MEM_NOACCESS(ident, IDENT_SIZE);
    info = (stat_mem_block_t*)((char *)ptr - IDENT_MEM_TOP);

    /*
     * we need access to the redzone that represents the info block
     * so lets do that.
     */
    VALGRIND_MAKE_MEM_DEFINED(info, IDENT_MEM_TOP);

    stat_mem_deallocated       += info->size;
    stat_mem_high              -= info->size;
    stat_mem_deallocated_total ++;

    if (info->prev) {
        /* just need access for a short period */
        VALGRIND_MAKE_MEM_DEFINED(info->prev, IDENT_MEM_TOP);
        info->prev->next = info->next;
        /* don't need access anymore */
        VALGRIND_MAKE_MEM_NOACCESS(info->prev, IDENT_MEM_TOP);
    }
    if (info->next) {
        /* just need access for a short period */
        VALGRIND_MAKE_MEM_DEFINED(info->next, IDENT_MEM_TOP);
        info->next->prev = info->prev;
        /* don't need access anymore */
        VALGRIND_MAKE_MEM_NOACCESS(info->next, IDENT_MEM_TOP);
    }

    /* move ahead */
    if (info == stat_mem_block_root)
        stat_mem_block_root = info->next;

    free(info);
    VALGRIND_MAKE_MEM_NOACCESS(info, IDENT_MEM_TOP);
    VALGRIND_FREELIKE_BLOCK(ptr, IDENT_MEM_TOP);
}
Ejemplo n.º 17
0
static inline void ucm_mem_free(void *ptr, size_t size)
{
    VALGRIND_FREELIKE_BLOCK(ptr, 0);
    VALGRIND_MAKE_MEM_UNDEFINED(ptr, size); /* Make memory accessible to ptmalloc3 */
    ucm_dlfree(ptr);
}
Ejemplo n.º 18
0
/* This is just a wrapper around munmap, but it also notifies valgrind that
 * this map is no longer valid.  Pair this with anv_gem_mmap().
 */
void
anv_gem_munmap(void *p, uint64_t size)
{
   VG(VALGRIND_FREELIKE_BLOCK(p, 0));
   munmap(p, size);
}