mc_include.h revision 9eecbbb9a9cbbd30b903c09a9e04d8efc20bda33 
1
2/*--------------------------------------------------------------------*/
3/*--- A header file for all parts of the MemCheck tool.            ---*/
4/*---                                                 mc_include.h ---*/
5/*--------------------------------------------------------------------*/
6
7/*
8   This file is part of MemCheck, a heavyweight Valgrind tool for
9   detecting memory errors.
10
11   Copyright (C) 2000-2010 Julian Seward
12      jseward@acm.org
13
14   This program is free software; you can redistribute it and/or
15   modify it under the terms of the GNU General Public License as
16   published by the Free Software Foundation; either version 2 of the
17   License, or (at your option) any later version.
18
19   This program is distributed in the hope that it will be useful, but
20   WITHOUT ANY WARRANTY; without even the implied warranty of
21   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
22   General Public License for more details.
23
24   You should have received a copy of the GNU General Public License
25   along with this program; if not, write to the Free Software
26   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
27   02111-1307, USA.
28
29   The GNU General Public License is contained in the file COPYING.
30*/
31
32#ifndef __MC_INCLUDE_H
33#define __MC_INCLUDE_H
34
35#define MC_(str)    VGAPPEND(vgMemCheck_,str)
36
37
38/* This is a private header file for use only within the
39   memcheck/ directory. */
40
41/*------------------------------------------------------------*/
42/*--- Tracking the heap                                    ---*/
43/*------------------------------------------------------------*/
44
45/* We want at least a 16B redzone on client heap blocks for Memcheck */
46#define MC_MALLOC_REDZONE_SZB    16
47
48/* For malloc()/new/new[] vs. free()/delete/delete[] mismatch checking. */
49typedef
50   enum {
51      MC_AllocMalloc = 0,
52      MC_AllocNew    = 1,
53      MC_AllocNewVec = 2,
54      MC_AllocCustom = 3
55   }
56   MC_AllocKind;
57
58/* This describes a heap block. Nb: first two fields must match core's
59 * VgHashNode. */
60typedef
61   struct _MC_Chunk {
62      struct _MC_Chunk* next;
63      Addr         data;            // Address of the actual block.
64      SizeT        szB : (sizeof(SizeT)*8)-2; // Size requested; 30 or 62 bits.
65      MC_AllocKind allockind : 2;   // Which operation did the allocation.
66      ExeContext*  where;           // Where it was allocated.
67   }
68   MC_Chunk;
69
70/* Memory pool.  Nb: first two fields must match core's VgHashNode. */
71typedef
72   struct _MC_Mempool {
73      struct _MC_Mempool* next;
74      Addr          pool;           // pool identifier
75      SizeT         rzB;            // pool red-zone size
76      Bool          is_zeroed;      // allocations from this pool are zeroed
77      VgHashTable   chunks;         // chunks associated with this pool
78   }
79   MC_Mempool;
80
81
82void* MC_(new_block)  ( ThreadId tid,
83                        Addr p, SizeT size, SizeT align,
84                        Bool is_zeroed, MC_AllocKind kind,
85                        VgHashTable table);
86void MC_(handle_free) ( ThreadId tid,
87                        Addr p, UInt rzB, MC_AllocKind kind );
88
89void MC_(create_mempool)  ( Addr pool, UInt rzB, Bool is_zeroed );
90void MC_(destroy_mempool) ( Addr pool );
91void MC_(mempool_alloc)   ( ThreadId tid, Addr pool,
92                            Addr addr, SizeT size );
93void MC_(mempool_free)    ( Addr pool, Addr addr );
94void MC_(mempool_trim)    ( Addr pool, Addr addr, SizeT size );
95void MC_(move_mempool)    ( Addr poolA, Addr poolB );
96void MC_(mempool_change)  ( Addr pool, Addr addrA, Addr addrB, SizeT size );
97Bool MC_(mempool_exists)  ( Addr pool );
98
99MC_Chunk* MC_(get_freed_list_head)( void );
100
101/* For tracking malloc'd blocks.  Nb: it's quite important that it's a
102   VgHashTable, because VgHashTable allows duplicate keys without complaint.
103   This can occur if a user marks a malloc() block as also a custom block with
104   MALLOCLIKE_BLOCK. */
105extern VgHashTable MC_(malloc_list);
106
107/* For tracking memory pools. */
108extern VgHashTable MC_(mempool_list);
109
110/* Shadow memory functions */
111Bool MC_(check_mem_is_noaccess)( Addr a, SizeT len, Addr* bad_addr );
112void MC_(make_mem_noaccess)        ( Addr a, SizeT len );
113void MC_(make_mem_undefined_w_otag)( Addr a, SizeT len, UInt otag );
114void MC_(make_mem_defined)         ( Addr a, SizeT len );
115void MC_(copy_address_range_state) ( Addr src, Addr dst, SizeT len );
116
117void MC_(print_malloc_stats) ( void );
118
119void* MC_(malloc)               ( ThreadId tid, SizeT n );
120void* MC_(__builtin_new)        ( ThreadId tid, SizeT n );
121void* MC_(__builtin_vec_new)    ( ThreadId tid, SizeT n );
122void* MC_(memalign)             ( ThreadId tid, SizeT align, SizeT n );
123void* MC_(calloc)               ( ThreadId tid, SizeT nmemb, SizeT size1 );
124void  MC_(free)                 ( ThreadId tid, void* p );
125void  MC_(__builtin_delete)     ( ThreadId tid, void* p );
126void  MC_(__builtin_vec_delete) ( ThreadId tid, void* p );
127void* MC_(realloc)              ( ThreadId tid, void* p, SizeT new_size );
128SizeT MC_(malloc_usable_size)   ( ThreadId tid, void* p );
129
130
131/*------------------------------------------------------------*/
132/*--- Origin tracking translate-time support               ---*/
133/*------------------------------------------------------------*/
134
135/* See detailed comments in mc_machine.c. */
136Int MC_(get_otrack_shadow_offset) ( Int offset, Int szB );
137IRType MC_(get_otrack_reg_array_equiv_int_type) ( IRRegArray* arr );
138
139/* Constants which are used as the lowest 2 bits in origin tags.
140
141   An origin tag comprises an upper 30-bit ECU field and a lower 2-bit
142   'kind' field.  The ECU field is a number given out by m_execontext
143   and has a 1-1 mapping with ExeContext*s.  An ECU can be used
144   directly as an origin tag (otag), but in fact we want to put
145   additional information 'kind' field to indicate roughly where the
146   tag came from.  This helps print more understandable error messages
147   for the user -- it has no other purpose.
148
149   Hence the following 2-bit constants are needed for 'kind' field.
150
151   To summarise:
152
153   * Both ECUs and origin tags are represented as 32-bit words
154
155   * m_execontext and the core-tool interface deal purely in ECUs.
156     They have no knowledge of origin tags - that is a purely
157     Memcheck-internal matter.
158
159   * all valid ECUs have the lowest 2 bits zero and at least
160     one of the upper 30 bits nonzero (see VG_(is_plausible_ECU))
161
162   * to convert from an ECU to an otag, OR in one of the MC_OKIND_
163     constants below
164
165   * to convert an otag back to an ECU, AND it with ~3
166*/
167
168#define MC_OKIND_UNKNOWN  0  /* unknown origin */
169#define MC_OKIND_HEAP     1  /* this is a heap origin */
170#define MC_OKIND_STACK    2  /* this is a stack origin */
171#define MC_OKIND_USER     3  /* arises from user-supplied client req */
172
173
174/*------------------------------------------------------------*/
175/*--- Profiling of memory events                           ---*/
176/*------------------------------------------------------------*/
177
178/* Define to collect detailed performance info. */
179/* #define MC_PROFILE_MEMORY */
180
181#ifdef MC_PROFILE_MEMORY
182#  define N_PROF_EVENTS 500
183
184UInt   MC_(event_ctr)[N_PROF_EVENTS];
185HChar* MC_(event_ctr_name)[N_PROF_EVENTS];
186
187#  define PROF_EVENT(ev, name)                                \
188   do { tl_assert((ev) >= 0 && (ev) < N_PROF_EVENTS);         \
189        /* crude and inaccurate check to ensure the same */   \
190        /* event isn't being used with > 1 name */            \
191        if (MC_(event_ctr_name)[ev])                         \
192           tl_assert(name == MC_(event_ctr_name)[ev]);       \
193        MC_(event_ctr)[ev]++;                                \
194        MC_(event_ctr_name)[ev] = (name);                    \
195   } while (False);
196
197#else
198
199#  define PROF_EVENT(ev, name) /* */
200
201#endif   /* MC_PROFILE_MEMORY */
202
203
204/*------------------------------------------------------------*/
205/*--- V and A bits (Victoria & Albert ?)                   ---*/
206/*------------------------------------------------------------*/
207
208/* The number of entries in the primary map can be altered.  However
209   we hardwire the assumption that each secondary map covers precisely
210   64k of address space. */
211#define SM_SIZE 65536            /* DO NOT CHANGE */
212#define SM_MASK (SM_SIZE-1)      /* DO NOT CHANGE */
213
214#define V_BIT_DEFINED         0
215#define V_BIT_UNDEFINED       1
216
217#define V_BITS8_DEFINED       0
218#define V_BITS8_UNDEFINED     0xFF
219
220#define V_BITS16_DEFINED      0
221#define V_BITS16_UNDEFINED    0xFFFF
222
223#define V_BITS32_DEFINED      0
224#define V_BITS32_UNDEFINED    0xFFFFFFFF
225
226#define V_BITS64_DEFINED      0ULL
227#define V_BITS64_UNDEFINED    0xFFFFFFFFFFFFFFFFULL
228
229
230/*------------------------------------------------------------*/
231/*--- Leak checking                                        ---*/
232/*------------------------------------------------------------*/
233
234typedef
235   enum {
236      // Nb: the order is important -- it dictates the order of loss records
237      // of equal sizes.
238      Reachable    =0,  // Definitely reachable from root-set.
239      Possible     =1,  // Possibly reachable from root-set;  involves at
240                        //   least one interior-pointer along the way.
241      IndirectLeak =2,  // Leaked, but reachable from another leaked block
242                        //   (be it Unreached or IndirectLeak).
243      Unreached    =3,  // Not reached, ie. leaked.
244                        //   (At best, only reachable from itself via a cycle.)
245  }
246  Reachedness;
247
248/* For VALGRIND_COUNT_LEAKS client request */
249extern SizeT MC_(bytes_leaked);
250extern SizeT MC_(bytes_indirect);
251extern SizeT MC_(bytes_dubious);
252extern SizeT MC_(bytes_reachable);
253extern SizeT MC_(bytes_suppressed);
254
255/* For VALGRIND_COUNT_LEAK_BLOCKS client request */
256extern SizeT MC_(blocks_leaked);
257extern SizeT MC_(blocks_indirect);
258extern SizeT MC_(blocks_dubious);
259extern SizeT MC_(blocks_reachable);
260extern SizeT MC_(blocks_suppressed);
261
262typedef
263   enum {
264      LC_Off,
265      LC_Summary,
266      LC_Full,
267   }
268   LeakCheckMode;
269
270/* When a LossRecord is put into an OSet, these elements represent the key. */
271typedef
272   struct _LossRecordKey {
273      Reachedness  state;        // LC_Extra.state value shared by all blocks.
274      ExeContext*  allocated_at; // Where they were allocated.
275   }
276   LossRecordKey;
277
278/* A loss record, used for generating err msgs.  Multiple leaked blocks can be
279 * merged into a single loss record if they have the same state and similar
280 * enough allocation points (controlled by --leak-resolution). */
281typedef
282   struct _LossRecord {
283      LossRecordKey key;  // Key, when used in an OSet.
284      SizeT szB;          // Sum of all MC_Chunk.szB values.
285      SizeT indirect_szB; // Sum of all LC_Extra.indirect_szB values.
286      UInt  num_blocks;   // Number of blocks represented by the record.
287   }
288   LossRecord;
289
290void MC_(detect_memory_leaks) ( ThreadId tid, LeakCheckMode mode );
291
292Bool MC_(is_valid_aligned_word)     ( Addr a );
293Bool MC_(is_within_valid_secondary) ( Addr a );
294
295void MC_(pp_LeakError)(UInt n_this_record, UInt n_total_records,
296                       LossRecord* l);
297
298
299/*------------------------------------------------------------*/
300/*--- Errors and suppressions                              ---*/
301/*------------------------------------------------------------*/
302
303/* Did we show to the user, any errors for which an uninitialised
304   value origin could have been collected (but wasn't) ?  If yes,
305   then, at the end of the run, print a 1 line message advising that a
306   rerun with --track-origins=yes might help. */
307extern Bool MC_(any_value_errors);
308
309/* Standard functions for error and suppressions as required by the
310   core/tool iface */
311Bool MC_(eq_Error)           ( VgRes res, Error* e1, Error* e2 );
312void MC_(before_pp_Error)    ( Error* err );
313void MC_(pp_Error)           ( Error* err );
314UInt MC_(update_Error_extra) ( Error* err );
315
316Bool MC_(is_recognised_suppression) ( Char* name, Supp* su );
317
318Bool MC_(read_extra_suppression_info) ( Int fd, Char** buf,
319                                        SizeT* nBuf, Supp *su );
320
321Bool MC_(error_matches_suppression) ( Error* err, Supp* su );
322
323Bool MC_(get_extra_suppression_info) ( Error* err,
324                                       /*OUT*/Char* buf, Int nBuf );
325
326Char* MC_(get_error_name) ( Error* err );
327
328/* Recording of errors */
329void MC_(record_address_error) ( ThreadId tid, Addr a, Int szB,
330                                 Bool isWrite );
331void MC_(record_cond_error)    ( ThreadId tid, UInt otag );
332void MC_(record_value_error)   ( ThreadId tid, Int szB, UInt otag );
333void MC_(record_jump_error)    ( ThreadId tid, Addr a );
334
335void MC_(record_free_error)            ( ThreadId tid, Addr a );
336void MC_(record_illegal_mempool_error) ( ThreadId tid, Addr a );
337void MC_(record_freemismatch_error)    ( ThreadId tid, MC_Chunk* mc );
338
339void MC_(record_overlap_error)  ( ThreadId tid, Char* function,
340                                  Addr src, Addr dst, SizeT szB );
341void MC_(record_core_mem_error) ( ThreadId tid, Char* msg );
342void MC_(record_regparam_error) ( ThreadId tid, Char* msg, UInt otag );
343void MC_(record_memparam_error) ( ThreadId tid, Addr a,
344                                  Bool isAddrErr, Char* msg, UInt otag );
345void MC_(record_user_error)     ( ThreadId tid, Addr a,
346                                  Bool isAddrErr, UInt otag );
347
348Bool MC_(record_leak_error)     ( ThreadId tid,
349                                  UInt n_this_record,
350                                  UInt n_total_records,
351                                  LossRecord* lossRecord,
352                                  Bool print_record,
353                                  Bool count_error );
354
355/* Is this address in a user-specified "ignored range" ? */
356Bool MC_(in_ignored_range) ( Addr a );
357
358
359/*------------------------------------------------------------*/
360/*--- Client blocks                                        ---*/
361/*------------------------------------------------------------*/
362
363/* Describes a client block.  See mc_main.c.  An unused block has
364   start == size == 0.  */
365typedef
366   struct {
367      Addr        start;
368      SizeT       size;
369      ExeContext* where;
370      Char*       desc;
371   }
372   CGenBlock;
373
374/* Get access to the client block array. */
375void MC_(get_ClientBlock_array)( /*OUT*/CGenBlock** blocks,
376                                 /*OUT*/UWord* nBlocks );
377
378
379/*------------------------------------------------------------*/
380/*--- Command line options + defaults                      ---*/
381/*------------------------------------------------------------*/
382
383/* Allow loads from partially-valid addresses?  default: YES */
384extern Bool MC_(clo_partial_loads_ok);
385
386/* Max volume of the freed blocks queue. */
387extern Long MC_(clo_freelist_vol);
388
389/* Do leak check at exit?  default: NO */
390extern LeakCheckMode MC_(clo_leak_check);
391
392/* How closely should we compare ExeContexts in leak records? default: 2 */
393extern VgRes MC_(clo_leak_resolution);
394
395/* In leak check, show reachable-but-not-freed blocks?  default: NO */
396extern Bool MC_(clo_show_reachable);
397
398/* Assume accesses immediately below %esp are due to gcc-2.96 bugs.
399 * default: NO */
400extern Bool MC_(clo_workaround_gcc296_bugs);
401
402/* Fill malloc-d/free-d client blocks with a specific value?  -1 if
403   not, else 0x00 .. 0xFF indicating the fill value to use.  Can be
404   useful for causing programs with bad heap corruption to fail in
405   more repeatable ways.  Note that malloc-filled and free-filled
406   areas are still undefined and noaccess respectively.  This merely
407   causes them to contain the specified values. */
408extern Int MC_(clo_malloc_fill);
409extern Int MC_(clo_free_fill);
410
411/* Indicates the level of instrumentation/checking done by Memcheck.
412
413   1 = No undefined value checking, Addrcheck-style behaviour only:
414       only address checking is done.  This is faster but finds fewer
415       errors.  Note that although Addrcheck had 1 bit per byte
416       overhead vs the old Memcheck's 9 bits per byte, with this mode
417       and compressed V bits, no memory is saved with this mode --
418       it's still 2 bits per byte overhead.  This is a little wasteful
419       -- it could be done with 1 bit per byte -- but lets us reuse
420       the many shadow memory access functions.  Note that in this
421       mode neither the secondary V bit table nor the origin-tag cache
422       are used.
423
424   2 = Address checking and Undefined value checking are performed,
425       but origins are not tracked.  So the origin-tag cache is not
426       used in this mode.  This setting is the default and corresponds
427       to the "normal" Memcheck behaviour that has shipped for years.
428
429   3 = Address checking, undefined value checking, and origins for
430       undefined values are tracked.
431
432   The default is 2.
433*/
434extern Int MC_(clo_mc_level);
435
436
437/*------------------------------------------------------------*/
438/*--- Instrumentation                                      ---*/
439/*------------------------------------------------------------*/
440
441/* Functions defined in mc_main.c */
442
443/* For the fail_w_o functions, the UWord arg is actually the 32-bit
444   origin tag and should really be UInt, but to be simple and safe
445   considering it's called from generated code, just claim it to be a
446   UWord. */
447VG_REGPARM(2) void MC_(helperc_value_checkN_fail_w_o) ( HWord, UWord );
448VG_REGPARM(1) void MC_(helperc_value_check8_fail_w_o) ( UWord );
449VG_REGPARM(1) void MC_(helperc_value_check4_fail_w_o) ( UWord );
450VG_REGPARM(1) void MC_(helperc_value_check1_fail_w_o) ( UWord );
451VG_REGPARM(1) void MC_(helperc_value_check0_fail_w_o) ( UWord );
452
453/* And call these ones instead to report an uninitialised value error
454   but with no origin available. */
455VG_REGPARM(1) void MC_(helperc_value_checkN_fail_no_o) ( HWord );
456VG_REGPARM(0) void MC_(helperc_value_check8_fail_no_o) ( void );
457VG_REGPARM(0) void MC_(helperc_value_check4_fail_no_o) ( void );
458VG_REGPARM(0) void MC_(helperc_value_check1_fail_no_o) ( void );
459VG_REGPARM(0) void MC_(helperc_value_check0_fail_no_o) ( void );
460
461/* V-bits load/store helpers */
462VG_REGPARM(1) void MC_(helperc_STOREV64be) ( Addr, ULong );
463VG_REGPARM(1) void MC_(helperc_STOREV64le) ( Addr, ULong );
464VG_REGPARM(2) void MC_(helperc_STOREV32be) ( Addr, UWord );
465VG_REGPARM(2) void MC_(helperc_STOREV32le) ( Addr, UWord );
466VG_REGPARM(2) void MC_(helperc_STOREV16be) ( Addr, UWord );
467VG_REGPARM(2) void MC_(helperc_STOREV16le) ( Addr, UWord );
468VG_REGPARM(2) void MC_(helperc_STOREV8)   ( Addr, UWord );
469
470VG_REGPARM(1) ULong MC_(helperc_LOADV64be) ( Addr );
471VG_REGPARM(1) ULong MC_(helperc_LOADV64le) ( Addr );
472VG_REGPARM(1) UWord MC_(helperc_LOADV32be) ( Addr );
473VG_REGPARM(1) UWord MC_(helperc_LOADV32le) ( Addr );
474VG_REGPARM(1) UWord MC_(helperc_LOADV16be) ( Addr );
475VG_REGPARM(1) UWord MC_(helperc_LOADV16le) ( Addr );
476VG_REGPARM(1) UWord MC_(helperc_LOADV8)    ( Addr );
477
478void MC_(helperc_MAKE_STACK_UNINIT) ( Addr base, UWord len,
479                                                 Addr nia );
480
481/* Origin tag load/store helpers */
482VG_REGPARM(2) void  MC_(helperc_b_store1) ( Addr a, UWord d32 );
483VG_REGPARM(2) void  MC_(helperc_b_store2) ( Addr a, UWord d32 );
484VG_REGPARM(2) void  MC_(helperc_b_store4) ( Addr a, UWord d32 );
485VG_REGPARM(2) void  MC_(helperc_b_store8) ( Addr a, UWord d32 );
486VG_REGPARM(2) void  MC_(helperc_b_store16)( Addr a, UWord d32 );
487VG_REGPARM(1) UWord MC_(helperc_b_load1) ( Addr a );
488VG_REGPARM(1) UWord MC_(helperc_b_load2) ( Addr a );
489VG_REGPARM(1) UWord MC_(helperc_b_load4) ( Addr a );
490VG_REGPARM(1) UWord MC_(helperc_b_load8) ( Addr a );
491VG_REGPARM(1) UWord MC_(helperc_b_load16)( Addr a );
492
493/* Functions defined in mc_translate.c */
494IRSB* MC_(instrument) ( VgCallbackClosure* closure,
495                        IRSB* bb_in,
496                        VexGuestLayout* layout,
497                        VexGuestExtents* vge,
498                        IRType gWordTy, IRType hWordTy );
499
500IRSB* MC_(final_tidy) ( IRSB* );
501
502#endif /* ndef __MC_INCLUDE_H */
503
504/*--------------------------------------------------------------------*/
505/*--- end                                                          ---*/
506/*--------------------------------------------------------------------*/
507