mc_include.h revision 9f207460d70d38c46c9e81996a3dcdf90961c6db 
1
2/*--------------------------------------------------------------------*/
3/*--- A header file for all parts of the MemCheck tool.            ---*/
4/*---                                                 mc_include.h ---*/
5/*--------------------------------------------------------------------*/
6
7/*
8   This file is part of MemCheck, a heavyweight Valgrind tool for
9   detecting memory errors.
10
11   Copyright (C) 2000-2009 Julian Seward
12      jseward@acm.org
13
14   This program is free software; you can redistribute it and/or
15   modify it under the terms of the GNU General Public License as
16   published by the Free Software Foundation; either version 2 of the
17   License, or (at your option) any later version.
18
19   This program is distributed in the hope that it will be useful, but
20   WITHOUT ANY WARRANTY; without even the implied warranty of
21   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
22   General Public License for more details.
23
24   You should have received a copy of the GNU General Public License
25   along with this program; if not, write to the Free Software
26   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
27   02111-1307, USA.
28
29   The GNU General Public License is contained in the file COPYING.
30*/
31
32#ifndef __MC_INCLUDE_H
33#define __MC_INCLUDE_H
34
35#define MC_(str)    VGAPPEND(vgMemCheck_,str)
36
37
38/* This is a private header file for use only within the
39   memcheck/ directory. */
40
41/*------------------------------------------------------------*/
42/*--- Tracking the heap                                    ---*/
43/*------------------------------------------------------------*/
44
45/* We want at least a 16B redzone on client heap blocks for Memcheck */
46#define MC_MALLOC_REDZONE_SZB    16
47
48/* For malloc()/new/new[] vs. free()/delete/delete[] mismatch checking. */
49typedef
50   enum {
51      MC_AllocMalloc = 0,
52      MC_AllocNew    = 1,
53      MC_AllocNewVec = 2,
54      MC_AllocCustom = 3
55   }
56   MC_AllocKind;
57
58/* This describes a heap block. Nb: first two fields must match core's
59 * VgHashNode. */
60typedef
61   struct _MC_Chunk {
62      struct _MC_Chunk* next;
63      Addr         data;            // Address of the actual block.
64      SizeT        szB : (sizeof(SizeT)*8)-2; // Size requested; 30 or 62 bits.
65      MC_AllocKind allockind : 2;   // Which operation did the allocation.
66      ExeContext*  where;           // Where it was allocated.
67   }
68   MC_Chunk;
69
70/* Memory pool.  Nb: first two fields must match core's VgHashNode. */
71typedef
72   struct _MC_Mempool {
73      struct _MC_Mempool* next;
74      Addr          pool;           // pool identifier
75      SizeT         rzB;            // pool red-zone size
76      Bool          is_zeroed;      // allocations from this pool are zeroed
77      VgHashTable   chunks;         // chunks associated with this pool
78   }
79   MC_Mempool;
80
81
82void* MC_(new_block)  ( ThreadId tid,
83                        Addr p, SizeT size, SizeT align,
84                        Bool is_zeroed, MC_AllocKind kind,
85                        VgHashTable table);
86void MC_(handle_free) ( ThreadId tid,
87                        Addr p, UInt rzB, MC_AllocKind kind );
88
89void MC_(create_mempool)  ( Addr pool, UInt rzB, Bool is_zeroed );
90void MC_(destroy_mempool) ( Addr pool );
91void MC_(mempool_alloc)   ( ThreadId tid, Addr pool,
92                            Addr addr, SizeT size );
93void MC_(mempool_free)    ( Addr pool, Addr addr );
94void MC_(mempool_trim)    ( Addr pool, Addr addr, SizeT size );
95void MC_(move_mempool)    ( Addr poolA, Addr poolB );
96void MC_(mempool_change)  ( Addr pool, Addr addrA, Addr addrB, SizeT size );
97Bool MC_(mempool_exists)  ( Addr pool );
98
99MC_Chunk* MC_(get_freed_list_head)( void );
100
101/* For tracking malloc'd blocks */
102extern VgHashTable MC_(malloc_list);
103
104/* For tracking memory pools. */
105extern VgHashTable MC_(mempool_list);
106
107/* Shadow memory functions */
108Bool MC_(check_mem_is_noaccess)( Addr a, SizeT len, Addr* bad_addr );
109void MC_(make_mem_noaccess)        ( Addr a, SizeT len );
110void MC_(make_mem_undefined_w_otag)( Addr a, SizeT len, UInt otag );
111void MC_(make_mem_defined)         ( Addr a, SizeT len );
112void MC_(copy_address_range_state) ( Addr src, Addr dst, SizeT len );
113
114void MC_(print_malloc_stats) ( void );
115
116void* MC_(malloc)               ( ThreadId tid, SizeT n );
117void* MC_(__builtin_new)        ( ThreadId tid, SizeT n );
118void* MC_(__builtin_vec_new)    ( ThreadId tid, SizeT n );
119void* MC_(memalign)             ( ThreadId tid, SizeT align, SizeT n );
120void* MC_(calloc)               ( ThreadId tid, SizeT nmemb, SizeT size1 );
121void  MC_(free)                 ( ThreadId tid, void* p );
122void  MC_(__builtin_delete)     ( ThreadId tid, void* p );
123void  MC_(__builtin_vec_delete) ( ThreadId tid, void* p );
124void* MC_(realloc)              ( ThreadId tid, void* p, SizeT new_size );
125SizeT MC_(malloc_usable_size)   ( ThreadId tid, void* p );
126
127
128/*------------------------------------------------------------*/
129/*--- Origin tracking translate-time support               ---*/
130/*------------------------------------------------------------*/
131
132/* See detailed comments in mc_machine.c. */
133Int MC_(get_otrack_shadow_offset) ( Int offset, Int szB );
134IRType MC_(get_otrack_reg_array_equiv_int_type) ( IRRegArray* arr );
135
136/* Constants which are used as the lowest 2 bits in origin tags.
137
138   An origin tag comprises an upper 30-bit ECU field and a lower 2-bit
139   'kind' field.  The ECU field is a number given out by m_execontext
140   and has a 1-1 mapping with ExeContext*s.  An ECU can be used
141   directly as an origin tag (otag), but in fact we want to put
142   additional information 'kind' field to indicate roughly where the
143   tag came from.  This helps print more understandable error messages
144   for the user -- it has no other purpose.
145
146   Hence the following 2-bit constants are needed for 'kind' field.
147
148   To summarise:
149
150   * Both ECUs and origin tags are represented as 32-bit words
151
152   * m_execontext and the core-tool interface deal purely in ECUs.
153     They have no knowledge of origin tags - that is a purely
154     Memcheck-internal matter.
155
156   * all valid ECUs have the lowest 2 bits zero and at least
157     one of the upper 30 bits nonzero (see VG_(is_plausible_ECU))
158
159   * to convert from an ECU to an otag, OR in one of the MC_OKIND_
160     constants below
161
162   * to convert an otag back to an ECU, AND it with ~3
163*/
164
165#define MC_OKIND_UNKNOWN  0  /* unknown origin */
166#define MC_OKIND_HEAP     1  /* this is a heap origin */
167#define MC_OKIND_STACK    2  /* this is a stack origin */
168#define MC_OKIND_USER     3  /* arises from user-supplied client req */
169
170
171/*------------------------------------------------------------*/
172/*--- Profiling of memory events                           ---*/
173/*------------------------------------------------------------*/
174
175/* Define to collect detailed performance info. */
176/* #define MC_PROFILE_MEMORY */
177
178#ifdef MC_PROFILE_MEMORY
179#  define N_PROF_EVENTS 500
180
181UInt   MC_(event_ctr)[N_PROF_EVENTS];
182HChar* MC_(event_ctr_name)[N_PROF_EVENTS];
183
184#  define PROF_EVENT(ev, name)                                \
185   do { tl_assert((ev) >= 0 && (ev) < N_PROF_EVENTS);         \
186        /* crude and inaccurate check to ensure the same */   \
187        /* event isn't being used with > 1 name */            \
188        if (MC_(event_ctr_name)[ev])                         \
189           tl_assert(name == MC_(event_ctr_name)[ev]);       \
190        MC_(event_ctr)[ev]++;                                \
191        MC_(event_ctr_name)[ev] = (name);                    \
192   } while (False);
193
194#else
195
196#  define PROF_EVENT(ev, name) /* */
197
198#endif   /* MC_PROFILE_MEMORY */
199
200
201/*------------------------------------------------------------*/
202/*--- V and A bits (Victoria & Albert ?)                   ---*/
203/*------------------------------------------------------------*/
204
205/* The number of entries in the primary map can be altered.  However
206   we hardwire the assumption that each secondary map covers precisely
207   64k of address space. */
208#define SM_SIZE 65536            /* DO NOT CHANGE */
209#define SM_MASK (SM_SIZE-1)      /* DO NOT CHANGE */
210
211#define V_BIT_DEFINED         0
212#define V_BIT_UNDEFINED       1
213
214#define V_BITS8_DEFINED       0
215#define V_BITS8_UNDEFINED     0xFF
216
217#define V_BITS16_DEFINED      0
218#define V_BITS16_UNDEFINED    0xFFFF
219
220#define V_BITS32_DEFINED      0
221#define V_BITS32_UNDEFINED    0xFFFFFFFF
222
223#define V_BITS64_DEFINED      0ULL
224#define V_BITS64_UNDEFINED    0xFFFFFFFFFFFFFFFFULL
225
226
227/*------------------------------------------------------------*/
228/*--- Leak checking                                        ---*/
229/*------------------------------------------------------------*/
230
231typedef
232   enum {
233      Unreached    =0,  // Not reached, ie. leaked.
234                        //   (At best, only reachable from itself via a cycle.
235      IndirectLeak =1,  // Leaked, but reachable from another leaked block
236                        //   (be it Unreached or IndirectLeak).
237      Possible     =2,  // Possibly reachable from root-set;  involves at
238                        //   least one interior-pointer along the way.
239      Reachable    =3   // Definitely reachable from root-set.
240  }
241  Reachedness;
242
243/* For VALGRIND_COUNT_LEAKS client request */
244extern SizeT MC_(bytes_leaked);
245extern SizeT MC_(bytes_indirect);
246extern SizeT MC_(bytes_dubious);
247extern SizeT MC_(bytes_reachable);
248extern SizeT MC_(bytes_suppressed);
249
250/* For VALGRIND_COUNT_LEAK_BLOCKS client request */
251extern SizeT MC_(blocks_leaked);
252extern SizeT MC_(blocks_indirect);
253extern SizeT MC_(blocks_dubious);
254extern SizeT MC_(blocks_reachable);
255extern SizeT MC_(blocks_suppressed);
256
257typedef
258   enum {
259      LC_Off,
260      LC_Summary,
261      LC_Full,
262   }
263   LeakCheckMode;
264
265/* A block record, used for generating err msgs. */
266typedef
267   struct _LossRecord {
268      struct _LossRecord* next;
269      /* Where these lost blocks were allocated. */
270      ExeContext*  allocated_at;
271      /* Their reachability. */
272      Reachedness  loss_mode;
273      /* Number of blocks and total # bytes involved. */
274      SizeT        total_bytes;
275      SizeT        indirect_szB;
276      UInt         num_blocks;
277   }
278   LossRecord;
279
280void MC_(detect_memory_leaks) ( ThreadId tid, LeakCheckMode mode );
281
282Bool MC_(is_valid_aligned_word)     ( Addr a );
283Bool MC_(is_within_valid_secondary) ( Addr a );
284
285void MC_(pp_LeakError)(UInt n_this_record, UInt n_total_records,
286                       LossRecord* l);
287
288
289/*------------------------------------------------------------*/
290/*--- Errors and suppressions                              ---*/
291/*------------------------------------------------------------*/
292
293/* Did we show to the user, any errors for which an uninitialised
294   value origin could have been collected (but wasn't) ?  If yes,
295   then, at the end of the run, print a 1 line message advising that a
296   rerun with --track-origins=yes might help. */
297extern Bool MC_(any_value_errors);
298
299/* Standard functions for error and suppressions as required by the
300   core/tool iface */
301Bool MC_(eq_Error) ( VgRes res, Error* e1, Error* e2 );
302void MC_(pp_Error) ( Error* err );
303UInt MC_(update_Error_extra)( Error* err );
304
305Bool MC_(is_recognised_suppression) ( Char* name, Supp* su );
306
307Bool MC_(read_extra_suppression_info) ( Int fd, Char* buf,
308                                        Int nBuf, Supp *su );
309
310Bool MC_(error_matches_suppression) ( Error* err, Supp* su );
311
312void MC_(print_extra_suppression_info) ( Error* err );
313
314Char* MC_(get_error_name) ( Error* err );
315
316/* Recording of errors */
317void MC_(record_address_error) ( ThreadId tid, Addr a, Int szB,
318                                 Bool isWrite );
319void MC_(record_cond_error)    ( ThreadId tid, UInt otag );
320void MC_(record_value_error)   ( ThreadId tid, Int szB, UInt otag );
321void MC_(record_jump_error)    ( ThreadId tid, Addr a );
322
323void MC_(record_free_error)            ( ThreadId tid, Addr a );
324void MC_(record_illegal_mempool_error) ( ThreadId tid, Addr a );
325void MC_(record_freemismatch_error)    ( ThreadId tid, MC_Chunk* mc );
326
327void MC_(record_overlap_error)  ( ThreadId tid, Char* function,
328                                  Addr src, Addr dst, SizeT szB );
329void MC_(record_core_mem_error) ( ThreadId tid, Char* msg );
330void MC_(record_regparam_error) ( ThreadId tid, Char* msg, UInt otag );
331void MC_(record_memparam_error) ( ThreadId tid, Addr a,
332                                  Bool isAddrErr, Char* msg, UInt otag );
333void MC_(record_user_error)     ( ThreadId tid, Addr a,
334                                  Bool isAddrErr, UInt otag );
335
336Bool MC_(record_leak_error)     ( ThreadId tid,
337                                  UInt n_this_record,
338                                  UInt n_total_records,
339                                  LossRecord* lossRecord,
340                                  Bool print_record );
341
342/* Is this address in a user-specified "ignored range" ? */
343Bool MC_(in_ignored_range) ( Addr a );
344
345
346/*------------------------------------------------------------*/
347/*--- Client blocks                                        ---*/
348/*------------------------------------------------------------*/
349
350/* Describes a client block.  See mc_main.c.  An unused block has
351   start == size == 0.  */
352typedef
353   struct {
354      Addr        start;
355      SizeT       size;
356      ExeContext* where;
357      Char*       desc;
358   }
359   CGenBlock;
360
361/* Get access to the client block array. */
362void MC_(get_ClientBlock_array)( /*OUT*/CGenBlock** blocks,
363                                 /*OUT*/UWord* nBlocks );
364
365
366/*------------------------------------------------------------*/
367/*--- Command line options + defaults                      ---*/
368/*------------------------------------------------------------*/
369
370/* Allow loads from partially-valid addresses?  default: YES */
371extern Bool MC_(clo_partial_loads_ok);
372
373/* Max volume of the freed blocks queue. */
374extern Long MC_(clo_freelist_vol);
375
376/* Do leak check at exit?  default: NO */
377extern LeakCheckMode MC_(clo_leak_check);
378
379/* How closely should we compare ExeContexts in leak records? default: 2 */
380extern VgRes MC_(clo_leak_resolution);
381
382/* In leak check, show reachable-but-not-freed blocks?  default: NO */
383extern Bool MC_(clo_show_reachable);
384
385/* Assume accesses immediately below %esp are due to gcc-2.96 bugs.
386 * default: NO */
387extern Bool MC_(clo_workaround_gcc296_bugs);
388
389/* Fill malloc-d/free-d client blocks with a specific value?  -1 if
390   not, else 0x00 .. 0xFF indicating the fill value to use.  Can be
391   useful for causing programs with bad heap corruption to fail in
392   more repeatable ways.  Note that malloc-filled and free-filled
393   areas are still undefined and noaccess respectively.  This merely
394   causes them to contain the specified values. */
395extern Int MC_(clo_malloc_fill);
396extern Int MC_(clo_free_fill);
397
398/* Indicates the level of instrumentation/checking done by Memcheck.
399
400   1 = No undefined value checking, Addrcheck-style behaviour only:
401       only address checking is done.  This is faster but finds fewer
402       errors.  Note that although Addrcheck had 1 bit per byte
403       overhead vs the old Memcheck's 9 bits per byte, with this mode
404       and compressed V bits, no memory is saved with this mode --
405       it's still 2 bits per byte overhead.  This is a little wasteful
406       -- it could be done with 1 bit per byte -- but lets us reuse
407       the many shadow memory access functions.  Note that in this
408       mode neither the secondary V bit table nor the origin-tag cache
409       are used.
410
411   2 = Address checking and Undefined value checking are performed,
412       but origins are not tracked.  So the origin-tag cache is not
413       used in this mode.  This setting is the default and corresponds
414       to the "normal" Memcheck behaviour that has shipped for years.
415
416   3 = Address checking, undefined value checking, and origins for
417       undefined values are tracked.
418
419   The default is 2.
420*/
421extern Int MC_(clo_mc_level);
422
423
424/*------------------------------------------------------------*/
425/*--- Instrumentation                                      ---*/
426/*------------------------------------------------------------*/
427
428/* Functions defined in mc_main.c */
429
430/* For the fail_w_o functions, the UWord arg is actually the 32-bit
431   origin tag and should really be UInt, but to be simple and safe
432   considering it's called from generated code, just claim it to be a
433   UWord. */
434VG_REGPARM(2) void MC_(helperc_value_checkN_fail_w_o) ( HWord, UWord );
435VG_REGPARM(1) void MC_(helperc_value_check8_fail_w_o) ( UWord );
436VG_REGPARM(1) void MC_(helperc_value_check4_fail_w_o) ( UWord );
437VG_REGPARM(1) void MC_(helperc_value_check1_fail_w_o) ( UWord );
438VG_REGPARM(1) void MC_(helperc_value_check0_fail_w_o) ( UWord );
439
440/* And call these ones instead to report an uninitialised value error
441   but with no origin available. */
442VG_REGPARM(1) void MC_(helperc_value_checkN_fail_no_o) ( HWord );
443VG_REGPARM(0) void MC_(helperc_value_check8_fail_no_o) ( void );
444VG_REGPARM(0) void MC_(helperc_value_check4_fail_no_o) ( void );
445VG_REGPARM(0) void MC_(helperc_value_check1_fail_no_o) ( void );
446VG_REGPARM(0) void MC_(helperc_value_check0_fail_no_o) ( void );
447
448/* V-bits load/store helpers */
449VG_REGPARM(1) void MC_(helperc_STOREV64be) ( Addr, ULong );
450VG_REGPARM(1) void MC_(helperc_STOREV64le) ( Addr, ULong );
451VG_REGPARM(2) void MC_(helperc_STOREV32be) ( Addr, UWord );
452VG_REGPARM(2) void MC_(helperc_STOREV32le) ( Addr, UWord );
453VG_REGPARM(2) void MC_(helperc_STOREV16be) ( Addr, UWord );
454VG_REGPARM(2) void MC_(helperc_STOREV16le) ( Addr, UWord );
455VG_REGPARM(2) void MC_(helperc_STOREV8)   ( Addr, UWord );
456
457VG_REGPARM(1) ULong MC_(helperc_LOADV64be) ( Addr );
458VG_REGPARM(1) ULong MC_(helperc_LOADV64le) ( Addr );
459VG_REGPARM(1) UWord MC_(helperc_LOADV32be) ( Addr );
460VG_REGPARM(1) UWord MC_(helperc_LOADV32le) ( Addr );
461VG_REGPARM(1) UWord MC_(helperc_LOADV16be) ( Addr );
462VG_REGPARM(1) UWord MC_(helperc_LOADV16le) ( Addr );
463VG_REGPARM(1) UWord MC_(helperc_LOADV8)    ( Addr );
464
465void MC_(helperc_MAKE_STACK_UNINIT) ( Addr base, UWord len,
466                                                 Addr nia );
467
468/* Origin tag load/store helpers */
469VG_REGPARM(2) void  MC_(helperc_b_store1) ( Addr a, UWord d32 );
470VG_REGPARM(2) void  MC_(helperc_b_store2) ( Addr a, UWord d32 );
471VG_REGPARM(2) void  MC_(helperc_b_store4) ( Addr a, UWord d32 );
472VG_REGPARM(2) void  MC_(helperc_b_store8) ( Addr a, UWord d32 );
473VG_REGPARM(2) void  MC_(helperc_b_store16)( Addr a, UWord d32 );
474VG_REGPARM(1) UWord MC_(helperc_b_load1) ( Addr a );
475VG_REGPARM(1) UWord MC_(helperc_b_load2) ( Addr a );
476VG_REGPARM(1) UWord MC_(helperc_b_load4) ( Addr a );
477VG_REGPARM(1) UWord MC_(helperc_b_load8) ( Addr a );
478VG_REGPARM(1) UWord MC_(helperc_b_load16)( Addr a );
479
480/* Functions defined in mc_translate.c */
481IRSB* MC_(instrument) ( VgCallbackClosure* closure,
482                        IRSB* bb_in,
483                        VexGuestLayout* layout,
484                        VexGuestExtents* vge,
485                        IRType gWordTy, IRType hWordTy );
486
487IRSB* MC_(final_tidy) ( IRSB* );
488
489#endif /* ndef __MC_INCLUDE_H */
490
491/*--------------------------------------------------------------------*/
492/*--- end                                                          ---*/
493/*--------------------------------------------------------------------*/
494