void torture_arena(PLArenaPool *pool) { while (___sl_get_nondet_int()) { PL_ArenaAllocate(pool, 0x100); while (___sl_get_nondet_int()) PL_FreeArenaPool(pool); } }
int main() { // initialize arena pool PLArenaPool pool; PL_InitArenaPool(&pool, "cool pool", 0x1000, 0x10); // trigger allocation of one arena void *ptr1 = PL_ArenaAllocate(&pool, 0x100); // attempt to reuse the existing arena void *ptr2 = PL_ArenaAllocate(&pool, 0x100); // free the arena pool twice PL_FreeArenaPool(&pool); PL_FreeArenaPool(&pool); ___sl_plot("01-PL_FreeArenaPool"); ptr1 = PL_ArenaAllocate(&pool, 0x100); ptr2 = PL_ArenaAllocate(&pool, 0x100); ___sl_plot("02-PL_ArenaAllocate"); // free the arena pool PL_FreeArenaPool(&pool); ___sl_plot("04-PL_FreeArenaPool", &ptr1, &ptr2); PL_ArenaFinish(); ___sl_plot("05-PL_ArenaFinish"); // XXX: this is misuse of the NSPR API void *ptr0 = PL_ArenaAllocate(&pool, 0x100); ___sl_plot("06-PL_ArenaAllocate"); // free the arena pool PL_FreeArenaPool(&pool); ___sl_plot("07-PL_FreeArenaPool"); PL_ArenaFinish(); ___sl_plot("08-PL_ArenaFinish"); return 0; }
void torture_arena(PLArenaPool *pool) { size_t size = ___sl_get_nondet_int(); if (size < 0x80) abort(); if (0x81 < size) abort(); size *= 0x10; while (___sl_get_nondet_int()) { PL_ArenaAllocate(pool, size); while (___sl_get_nondet_int()) PL_FreeArenaPool(pool); } }
void torture_arena(PLArenaPool *pool) { while (___sl_get_nondet_int()) { ssize_t size = ___sl_get_nondet_int(); if (size < sizeof(double)) abort(); if (0x1000 < size) abort(); size &= ~(sizeof(double) - 1); ___sl_plot("01-torture_arena", &pool, &size, &arena_freelist); PL_ArenaAllocate(pool, size); while (___sl_get_nondet_int()) PL_FreeArenaPool(pool); } }
int main() { // initialize arena pool PLArenaPool pool; PL_InitArenaPool(&pool, "cool pool", 0x1000, 0x10); // trigger allocation of one arena void *ptr = PL_ArenaAllocate(&pool, 0x100); __VERIFIER_plot("01-PL_ArenaAllocate", &ptr); // free the arena pool PL_FreeArenaPool(&pool); __VERIFIER_plot("02-PL_FreeArenaPool"); PL_ArenaFinish(); __VERIFIER_plot("03-PL_ArenaFinish"); return 0; }
__attribute__((visibility("default"))) void * PL_ArenaGrow( PLArenaPool *pool, void *p, PRUint32 size, PRUint32 incr) { void *newp; do { PLArena *_a = (pool)->current; PRUint32 _nb = (((PRUword)(size + incr) + (pool)->mask) & ~(pool)->mask); PRUword _p = _a->avail; PRUword _q = _p + _nb; if (_q > _a->limit) _p = (PRUword)PL_ArenaAllocate(pool, _nb); else _a->avail = _q; newp = (void *)_p; ; } while (0); if (newp) memcpy(newp, p, size); return newp; }
void *pool_alloc(pool_t *pool, size_t size) { return PL_ArenaAllocate((PLArenaPool*)pool, size); }
/* # 1022 "arena.c" */ extern void * nss_ZRealloc ( void *pointer, PRUint32 newSize ) { NSSArena *arena; struct pointer_header *h, *new_h; PRUint32 my_newSize = newSize + sizeof(struct pointer_header); void *rv; if( my_newSize < sizeof(struct pointer_header) ) { nss_SetError(NSS_ERROR_NO_MEMORY); return (void *)((void *)0); } if( (void *)((void *)0) == pointer ) { nss_SetError(NSS_ERROR_INVALID_POINTER); return (void *)((void *)0); } h = (struct pointer_header *)((char *)pointer - sizeof(struct pointer_header)); if( newSize == h->size ) { return pointer; } arena = h->arena; if (!arena) { new_h = (struct pointer_header *)PR_Calloc(1, my_newSize); if( (struct pointer_header *)((void *)0) == new_h ) { nss_SetError(NSS_ERROR_NO_MEMORY); return (void *)((void *)0); } new_h->arena = (NSSArena *)((void *)0); new_h->size = newSize; rv = (void *)((char *)new_h + sizeof(struct pointer_header)); if( newSize > h->size ) { (void)nsslibc_memcpy(rv, pointer, h->size); (void)nsslibc_memset(&((char *)rv)[ h->size ], 0, (newSize - h->size)); } else { (void)nsslibc_memcpy(rv, pointer, newSize); } (void)nsslibc_memset(pointer, 0, h->size); h->size = 0; PR_Free(h); return rv; } else { void *p; if (!arena->lock) { nss_SetError(NSS_ERROR_INVALID_POINTER); return (void *)((void *)0); } PR_Lock(arena->lock); /* # 1107 "arena.c" */ if( newSize < h->size ) { /* # 1120 "arena.c" */ char *extra = &((char *)pointer)[ newSize ]; (void)nsslibc_memset(extra, 0, (h->size - newSize)); PR_Unlock(arena->lock); return pointer; } do { PLArena *_a = (&arena->pool)->current; PRUint32 _nb = (((PRUword)(my_newSize) + (&arena->pool)->mask) & ~(&arena->pool)->mask); PRUword _p = _a->avail; PRUword _q = _p + _nb; if (_q > _a->limit) _p = (PRUword)PL_ArenaAllocate(&arena->pool, _nb); else _a->avail = _q; p = (void *)_p; ; } while (0); if( (void *)((void *)0) == p ) { PR_Unlock(arena->lock); nss_SetError(NSS_ERROR_NO_MEMORY); return (void *)((void *)0); } new_h = (struct pointer_header *)p; new_h->arena = arena; new_h->size = newSize; rv = (void *)((char *)new_h + sizeof(struct pointer_header)); if (rv != pointer) { (void)nsslibc_memcpy(rv, pointer, h->size); (void)nsslibc_memset(pointer, 0, h->size); } (void)nsslibc_memset(&((char *)rv)[ h->size ], 0, (newSize - h->size)); h->arena = (NSSArena *)((void *)0); h->size = 0; PR_Unlock(arena->lock); return rv; } }
static void * nss_zalloc_arena_locked ( NSSArena *arena, PRUint32 size ) { void *p; void *rv; struct pointer_header *h; PRUint32 my_size = size + sizeof(struct pointer_header); do { PLArena *_a = (&arena->pool)->current; PRUint32 _nb = (((PRUword)(my_size) + (&arena->pool)->mask) & ~(&arena->pool)->mask); PRUword _p = _a->avail; PRUword _q = _p + _nb; if (_q > _a->limit) _p = (PRUword)PL_ArenaAllocate(&arena->pool, _nb); else _a->avail = _q; p = (void *)_p; ; } while (0); if( (void *)((void *)0) == p ) { nss_SetError(NSS_ERROR_NO_MEMORY); return (void *)((void *)0); } h = (struct pointer_header *)p; h->arena = arena; h->size = size; rv = (void *)((char *)h + sizeof(struct pointer_header)); (void)nsslibc_memset(rv, 0, size); return rv; }