1 2/*--------------------------------------------------------------------*/ 3/*--- A header file for all parts of the MemCheck tool. ---*/ 4/*--- mc_include.h ---*/ 5/*--------------------------------------------------------------------*/ 6 7/* 8 This file is part of MemCheck, a heavyweight Valgrind tool for 9 detecting memory errors. 10 11 Copyright (C) 2000-2011 Julian Seward 12 jseward@acm.org 13 14 This program is free software; you can redistribute it and/or 15 modify it under the terms of the GNU General Public License as 16 published by the Free Software Foundation; either version 2 of the 17 License, or (at your option) any later version. 18 19 This program is distributed in the hope that it will be useful, but 20 WITHOUT ANY WARRANTY; without even the implied warranty of 21 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 22 General Public License for more details. 23 24 You should have received a copy of the GNU General Public License 25 along with this program; if not, write to the Free Software 26 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 27 02111-1307, USA. 28 29 The GNU General Public License is contained in the file COPYING. 30*/ 31 32#ifndef __MC_INCLUDE_H 33#define __MC_INCLUDE_H 34 35#define MC_(str) VGAPPEND(vgMemCheck_,str) 36 37 38/* This is a private header file for use only within the 39 memcheck/ directory. */ 40 41/*------------------------------------------------------------*/ 42/*--- Tracking the heap ---*/ 43/*------------------------------------------------------------*/ 44 45/* We want at least a 64B redzone on client heap blocks for Memcheck */ 46#define MC_MALLOC_REDZONE_SZB 64 47 48/* For malloc()/new/new[] vs. free()/delete/delete[] mismatch checking. */ 49typedef 50 enum { 51 MC_AllocMalloc = 0, 52 MC_AllocNew = 1, 53 MC_AllocNewVec = 2, 54 MC_AllocCustom = 3 55 } 56 MC_AllocKind; 57 58/* This describes a heap block. Nb: first two fields must match core's 59 * VgHashNode. */ 60typedef 61 struct _MC_Chunk { 62 struct _MC_Chunk* next; 63 Addr data; // Address of the actual block. 64 SizeT szB : (sizeof(SizeT)*8)-2; // Size requested; 30 or 62 bits. 65 MC_AllocKind allockind : 2; // Which operation did the allocation. 66 ExeContext* where; // Where it was allocated. 67 } 68 MC_Chunk; 69 70/* Memory pool. Nb: first two fields must match core's VgHashNode. */ 71typedef 72 struct _MC_Mempool { 73 struct _MC_Mempool* next; 74 Addr pool; // pool identifier 75 SizeT rzB; // pool red-zone size 76 Bool is_zeroed; // allocations from this pool are zeroed 77 VgHashTable chunks; // chunks associated with this pool 78 } 79 MC_Mempool; 80 81 82void* MC_(new_block) ( ThreadId tid, 83 Addr p, SizeT size, SizeT align, 84 Bool is_zeroed, MC_AllocKind kind, 85 VgHashTable table); 86void MC_(handle_free) ( ThreadId tid, 87 Addr p, UInt rzB, MC_AllocKind kind ); 88 89void MC_(create_mempool) ( Addr pool, UInt rzB, Bool is_zeroed ); 90void MC_(destroy_mempool) ( Addr pool ); 91void MC_(mempool_alloc) ( ThreadId tid, Addr pool, 92 Addr addr, SizeT size ); 93void MC_(mempool_free) ( Addr pool, Addr addr ); 94void MC_(mempool_trim) ( Addr pool, Addr addr, SizeT size ); 95void MC_(move_mempool) ( Addr poolA, Addr poolB ); 96void MC_(mempool_change) ( Addr pool, Addr addrA, Addr addrB, SizeT size ); 97Bool MC_(mempool_exists) ( Addr pool ); 98 99/* Searches for a recently freed block which might bracket Addr a. 100 Return the MC_Chunk* for this block or NULL if no bracketting block 101 is found. */ 102MC_Chunk* MC_(get_freed_block_bracketting)( Addr a ); 103 104/* For tracking malloc'd blocks. Nb: it's quite important that it's a 105 VgHashTable, because VgHashTable allows duplicate keys without complaint. 106 This can occur if a user marks a malloc() block as also a custom block with 107 MALLOCLIKE_BLOCK. */ 108extern VgHashTable MC_(malloc_list); 109 110/* For tracking memory pools. */ 111extern VgHashTable MC_(mempool_list); 112 113/* Shadow memory functions */ 114Bool MC_(check_mem_is_noaccess)( Addr a, SizeT len, Addr* bad_addr ); 115void MC_(make_mem_noaccess) ( Addr a, SizeT len ); 116void MC_(make_mem_undefined_w_otag)( Addr a, SizeT len, UInt otag ); 117void MC_(make_mem_defined) ( Addr a, SizeT len ); 118void MC_(copy_address_range_state) ( Addr src, Addr dst, SizeT len ); 119 120void MC_(print_malloc_stats) ( void ); 121 122void* MC_(malloc) ( ThreadId tid, SizeT n ); 123void* MC_(__builtin_new) ( ThreadId tid, SizeT n ); 124void* MC_(__builtin_vec_new) ( ThreadId tid, SizeT n ); 125void* MC_(memalign) ( ThreadId tid, SizeT align, SizeT n ); 126void* MC_(calloc) ( ThreadId tid, SizeT nmemb, SizeT size1 ); 127void MC_(free) ( ThreadId tid, void* p ); 128void MC_(__builtin_delete) ( ThreadId tid, void* p ); 129void MC_(__builtin_vec_delete) ( ThreadId tid, void* p ); 130void* MC_(realloc) ( ThreadId tid, void* p, SizeT new_size ); 131SizeT MC_(malloc_usable_size) ( ThreadId tid, void* p ); 132 133void MC_(handle_resizeInPlace)(ThreadId tid, Addr p, 134 SizeT oldSizeB, SizeT newSizeB, SizeT rzB); 135 136 137/*------------------------------------------------------------*/ 138/*--- Origin tracking translate-time support ---*/ 139/*------------------------------------------------------------*/ 140 141/* See detailed comments in mc_machine.c. */ 142Int MC_(get_otrack_shadow_offset) ( Int offset, Int szB ); 143IRType MC_(get_otrack_reg_array_equiv_int_type) ( IRRegArray* arr ); 144 145/* Constants which are used as the lowest 2 bits in origin tags. 146 147 An origin tag comprises an upper 30-bit ECU field and a lower 2-bit 148 'kind' field. The ECU field is a number given out by m_execontext 149 and has a 1-1 mapping with ExeContext*s. An ECU can be used 150 directly as an origin tag (otag), but in fact we want to put 151 additional information 'kind' field to indicate roughly where the 152 tag came from. This helps print more understandable error messages 153 for the user -- it has no other purpose. 154 155 Hence the following 2-bit constants are needed for 'kind' field. 156 157 To summarise: 158 159 * Both ECUs and origin tags are represented as 32-bit words 160 161 * m_execontext and the core-tool interface deal purely in ECUs. 162 They have no knowledge of origin tags - that is a purely 163 Memcheck-internal matter. 164 165 * all valid ECUs have the lowest 2 bits zero and at least 166 one of the upper 30 bits nonzero (see VG_(is_plausible_ECU)) 167 168 * to convert from an ECU to an otag, OR in one of the MC_OKIND_ 169 constants below 170 171 * to convert an otag back to an ECU, AND it with ~3 172*/ 173 174#define MC_OKIND_UNKNOWN 0 /* unknown origin */ 175#define MC_OKIND_HEAP 1 /* this is a heap origin */ 176#define MC_OKIND_STACK 2 /* this is a stack origin */ 177#define MC_OKIND_USER 3 /* arises from user-supplied client req */ 178 179 180/*------------------------------------------------------------*/ 181/*--- Profiling of memory events ---*/ 182/*------------------------------------------------------------*/ 183 184/* Define to collect detailed performance info. */ 185/* #define MC_PROFILE_MEMORY */ 186 187#ifdef MC_PROFILE_MEMORY 188# define N_PROF_EVENTS 500 189 190UInt MC_(event_ctr)[N_PROF_EVENTS]; 191HChar* MC_(event_ctr_name)[N_PROF_EVENTS]; 192 193# define PROF_EVENT(ev, name) \ 194 do { tl_assert((ev) >= 0 && (ev) < N_PROF_EVENTS); \ 195 /* crude and inaccurate check to ensure the same */ \ 196 /* event isn't being used with > 1 name */ \ 197 if (MC_(event_ctr_name)[ev]) \ 198 tl_assert(name == MC_(event_ctr_name)[ev]); \ 199 MC_(event_ctr)[ev]++; \ 200 MC_(event_ctr_name)[ev] = (name); \ 201 } while (False); 202 203#else 204 205# define PROF_EVENT(ev, name) /* */ 206 207#endif /* MC_PROFILE_MEMORY */ 208 209 210/*------------------------------------------------------------*/ 211/*--- V and A bits (Victoria & Albert ?) ---*/ 212/*------------------------------------------------------------*/ 213 214/* The number of entries in the primary map can be altered. However 215 we hardwire the assumption that each secondary map covers precisely 216 64k of address space. */ 217#define SM_SIZE 65536 /* DO NOT CHANGE */ 218#define SM_MASK (SM_SIZE-1) /* DO NOT CHANGE */ 219 220#define V_BIT_DEFINED 0 221#define V_BIT_UNDEFINED 1 222 223#define V_BITS8_DEFINED 0 224#define V_BITS8_UNDEFINED 0xFF 225 226#define V_BITS16_DEFINED 0 227#define V_BITS16_UNDEFINED 0xFFFF 228 229#define V_BITS32_DEFINED 0 230#define V_BITS32_UNDEFINED 0xFFFFFFFF 231 232#define V_BITS64_DEFINED 0ULL 233#define V_BITS64_UNDEFINED 0xFFFFFFFFFFFFFFFFULL 234 235 236/*------------------------------------------------------------*/ 237/*--- Leak checking ---*/ 238/*------------------------------------------------------------*/ 239 240typedef 241 enum { 242 // Nb: the order is important -- it dictates the order of loss records 243 // of equal sizes. 244 Reachable =0, // Definitely reachable from root-set. 245 Possible =1, // Possibly reachable from root-set; involves at 246 // least one interior-pointer along the way. 247 IndirectLeak =2, // Leaked, but reachable from another leaked block 248 // (be it Unreached or IndirectLeak). 249 Unreached =3, // Not reached, ie. leaked. 250 // (At best, only reachable from itself via a cycle.) 251 } 252 Reachedness; 253 254/* For VALGRIND_COUNT_LEAKS client request */ 255extern SizeT MC_(bytes_leaked); 256extern SizeT MC_(bytes_indirect); 257extern SizeT MC_(bytes_dubious); 258extern SizeT MC_(bytes_reachable); 259extern SizeT MC_(bytes_suppressed); 260 261/* For VALGRIND_COUNT_LEAK_BLOCKS client request */ 262extern SizeT MC_(blocks_leaked); 263extern SizeT MC_(blocks_indirect); 264extern SizeT MC_(blocks_dubious); 265extern SizeT MC_(blocks_reachable); 266extern SizeT MC_(blocks_suppressed); 267 268typedef 269 enum { 270 LC_Off, 271 LC_Summary, 272 LC_Full, 273 } 274 LeakCheckMode; 275 276typedef 277 enum { 278 LCD_Any, // output all loss records, whatever the delta 279 LCD_Increased, // output loss records with an increase in size or blocks 280 LCD_Changed, // output loss records with an increase or 281 //decrease in size or blocks 282 } 283 LeakCheckDeltaMode; 284 285/* When a LossRecord is put into an OSet, these elements represent the key. */ 286typedef 287 struct _LossRecordKey { 288 Reachedness state; // LC_Extra.state value shared by all blocks. 289 ExeContext* allocated_at; // Where they were allocated. 290 } 291 LossRecordKey; 292 293/* A loss record, used for generating err msgs. Multiple leaked blocks can be 294 * merged into a single loss record if they have the same state and similar 295 * enough allocation points (controlled by --leak-resolution). */ 296typedef 297 struct _LossRecord { 298 LossRecordKey key; // Key, when used in an OSet. 299 SizeT szB; // Sum of all MC_Chunk.szB values. 300 SizeT indirect_szB; // Sum of all LC_Extra.indirect_szB values. 301 UInt num_blocks; // Number of blocks represented by the record. 302 SizeT old_szB; // old_* values are the values found during the 303 SizeT old_indirect_szB; // previous leak search. old_* values are used to 304 UInt old_num_blocks; // output only the changed/new loss records 305 } 306 LossRecord; 307 308typedef 309 struct _LeakCheckParams { 310 LeakCheckMode mode; 311 Bool show_reachable; 312 Bool show_possibly_lost; 313 LeakCheckDeltaMode deltamode; 314 Bool requested_by_monitor_command; // True when requested by gdb/vgdb. 315 } 316 LeakCheckParams; 317 318void MC_(detect_memory_leaks) ( ThreadId tid, LeakCheckParams lcp); 319 320// maintains the lcp.deltamode given in the last call to detect_memory_leaks 321extern LeakCheckDeltaMode MC_(detect_memory_leaks_last_delta_mode); 322 323// if delta_mode == LCD_Any, prints in buf an empty string 324// otherwise prints a delta in the layout " (+%'lu)" or " (-%'lu)" 325extern char * MC_(snprintf_delta) (char * buf, Int size, 326 SizeT current_val, SizeT old_val, 327 LeakCheckDeltaMode delta_mode); 328 329 330Bool MC_(is_valid_aligned_word) ( Addr a ); 331Bool MC_(is_within_valid_secondary) ( Addr a ); 332 333void MC_(pp_LeakError)(UInt n_this_record, UInt n_total_records, 334 LossRecord* l); 335 336 337/*------------------------------------------------------------*/ 338/*--- Errors and suppressions ---*/ 339/*------------------------------------------------------------*/ 340 341/* Did we show to the user, any errors for which an uninitialised 342 value origin could have been collected (but wasn't) ? If yes, 343 then, at the end of the run, print a 1 line message advising that a 344 rerun with --track-origins=yes might help. */ 345extern Bool MC_(any_value_errors); 346 347/* Standard functions for error and suppressions as required by the 348 core/tool iface */ 349Bool MC_(eq_Error) ( VgRes res, Error* e1, Error* e2 ); 350void MC_(before_pp_Error) ( Error* err ); 351void MC_(pp_Error) ( Error* err ); 352UInt MC_(update_Error_extra) ( Error* err ); 353 354Bool MC_(is_recognised_suppression) ( Char* name, Supp* su ); 355 356Bool MC_(read_extra_suppression_info) ( Int fd, Char** buf, 357 SizeT* nBuf, Supp *su ); 358 359Bool MC_(error_matches_suppression) ( Error* err, Supp* su ); 360 361Bool MC_(get_extra_suppression_info) ( Error* err, 362 /*OUT*/Char* buf, Int nBuf ); 363 364Char* MC_(get_error_name) ( Error* err ); 365 366/* Recording of errors */ 367void MC_(record_address_error) ( ThreadId tid, Addr a, Int szB, 368 Bool isWrite ); 369void MC_(record_cond_error) ( ThreadId tid, UInt otag ); 370void MC_(record_value_error) ( ThreadId tid, Int szB, UInt otag ); 371void MC_(record_jump_error) ( ThreadId tid, Addr a ); 372 373void MC_(record_free_error) ( ThreadId tid, Addr a ); 374void MC_(record_illegal_mempool_error) ( ThreadId tid, Addr a ); 375void MC_(record_freemismatch_error) ( ThreadId tid, MC_Chunk* mc ); 376 377void MC_(record_overlap_error) ( ThreadId tid, Char* function, 378 Addr src, Addr dst, SizeT szB ); 379void MC_(record_core_mem_error) ( ThreadId tid, Char* msg ); 380void MC_(record_regparam_error) ( ThreadId tid, Char* msg, UInt otag ); 381void MC_(record_memparam_error) ( ThreadId tid, Addr a, 382 Bool isAddrErr, Char* msg, UInt otag ); 383void MC_(record_user_error) ( ThreadId tid, Addr a, 384 Bool isAddrErr, UInt otag ); 385 386Bool MC_(record_leak_error) ( ThreadId tid, 387 UInt n_this_record, 388 UInt n_total_records, 389 LossRecord* lossRecord, 390 Bool print_record, 391 Bool count_error ); 392 393/* prints a description of address a */ 394void MC_(pp_describe_addr) (Addr a); 395 396/* Is this address in a user-specified "ignored range" ? */ 397Bool MC_(in_ignored_range) ( Addr a ); 398 399 400/*------------------------------------------------------------*/ 401/*--- Client blocks ---*/ 402/*------------------------------------------------------------*/ 403 404/* Describes a client block. See mc_main.c. An unused block has 405 start == size == 0. */ 406typedef 407 struct { 408 Addr start; 409 SizeT size; 410 ExeContext* where; 411 Char* desc; 412 } 413 CGenBlock; 414 415/* Get access to the client block array. */ 416void MC_(get_ClientBlock_array)( /*OUT*/CGenBlock** blocks, 417 /*OUT*/UWord* nBlocks ); 418 419 420/*------------------------------------------------------------*/ 421/*--- Command line options + defaults ---*/ 422/*------------------------------------------------------------*/ 423 424/* Allow loads from partially-valid addresses? default: YES */ 425extern Bool MC_(clo_partial_loads_ok); 426 427/* Max volume of the freed blocks queue. */ 428extern Long MC_(clo_freelist_vol); 429 430/* Blocks with a size >= MC_(clo_freelist_big_blocks) will be put 431 in the "big block" freed blocks queue. */ 432extern Long MC_(clo_freelist_big_blocks); 433 434/* Do leak check at exit? default: NO */ 435extern LeakCheckMode MC_(clo_leak_check); 436 437/* How closely should we compare ExeContexts in leak records? default: 2 */ 438extern VgRes MC_(clo_leak_resolution); 439 440/* In leak check, show reachable-but-not-freed blocks? default: NO */ 441extern Bool MC_(clo_show_reachable); 442 443/* In leak check, show possibly-lost blocks? default: YES */ 444extern Bool MC_(clo_show_possible); 445 446/* In leak check, show possibly-lost blocks? default: YES */ 447extern Bool MC_(clo_show_possibly_lost); 448 449/* Assume accesses immediately below %esp are due to gcc-2.96 bugs. 450 * default: NO */ 451extern Bool MC_(clo_workaround_gcc296_bugs); 452 453/* Fill malloc-d/free-d client blocks with a specific value? -1 if 454 not, else 0x00 .. 0xFF indicating the fill value to use. Can be 455 useful for causing programs with bad heap corruption to fail in 456 more repeatable ways. Note that malloc-filled and free-filled 457 areas are still undefined and noaccess respectively. This merely 458 causes them to contain the specified values. */ 459extern Int MC_(clo_malloc_fill); 460extern Int MC_(clo_free_fill); 461 462/* Indicates the level of instrumentation/checking done by Memcheck. 463 464 1 = No undefined value checking, Addrcheck-style behaviour only: 465 only address checking is done. This is faster but finds fewer 466 errors. Note that although Addrcheck had 1 bit per byte 467 overhead vs the old Memcheck's 9 bits per byte, with this mode 468 and compressed V bits, no memory is saved with this mode -- 469 it's still 2 bits per byte overhead. This is a little wasteful 470 -- it could be done with 1 bit per byte -- but lets us reuse 471 the many shadow memory access functions. Note that in this 472 mode neither the secondary V bit table nor the origin-tag cache 473 are used. 474 475 2 = Address checking and Undefined value checking are performed, 476 but origins are not tracked. So the origin-tag cache is not 477 used in this mode. This setting is the default and corresponds 478 to the "normal" Memcheck behaviour that has shipped for years. 479 480 3 = Address checking, undefined value checking, and origins for 481 undefined values are tracked. 482 483 The default is 2. 484*/ 485extern Int MC_(clo_mc_level); 486 487// Print a short summary to a separate file. 488extern const char* MC_(clo_summary_file); 489 490 491/*------------------------------------------------------------*/ 492/*--- Instrumentation ---*/ 493/*------------------------------------------------------------*/ 494 495/* Functions defined in mc_main.c */ 496 497/* For the fail_w_o functions, the UWord arg is actually the 32-bit 498 origin tag and should really be UInt, but to be simple and safe 499 considering it's called from generated code, just claim it to be a 500 UWord. */ 501VG_REGPARM(2) void MC_(helperc_value_checkN_fail_w_o) ( HWord, UWord ); 502VG_REGPARM(1) void MC_(helperc_value_check8_fail_w_o) ( UWord ); 503VG_REGPARM(1) void MC_(helperc_value_check4_fail_w_o) ( UWord ); 504VG_REGPARM(1) void MC_(helperc_value_check1_fail_w_o) ( UWord ); 505VG_REGPARM(1) void MC_(helperc_value_check0_fail_w_o) ( UWord ); 506 507/* And call these ones instead to report an uninitialised value error 508 but with no origin available. */ 509VG_REGPARM(1) void MC_(helperc_value_checkN_fail_no_o) ( HWord ); 510VG_REGPARM(0) void MC_(helperc_value_check8_fail_no_o) ( void ); 511VG_REGPARM(0) void MC_(helperc_value_check4_fail_no_o) ( void ); 512VG_REGPARM(0) void MC_(helperc_value_check1_fail_no_o) ( void ); 513VG_REGPARM(0) void MC_(helperc_value_check0_fail_no_o) ( void ); 514 515/* V-bits load/store helpers */ 516VG_REGPARM(1) void MC_(helperc_STOREV64be) ( Addr, ULong ); 517VG_REGPARM(1) void MC_(helperc_STOREV64le) ( Addr, ULong ); 518VG_REGPARM(2) void MC_(helperc_STOREV32be) ( Addr, UWord ); 519VG_REGPARM(2) void MC_(helperc_STOREV32le) ( Addr, UWord ); 520VG_REGPARM(2) void MC_(helperc_STOREV16be) ( Addr, UWord ); 521VG_REGPARM(2) void MC_(helperc_STOREV16le) ( Addr, UWord ); 522VG_REGPARM(2) void MC_(helperc_STOREV8) ( Addr, UWord ); 523 524VG_REGPARM(1) ULong MC_(helperc_LOADV64be) ( Addr ); 525VG_REGPARM(1) ULong MC_(helperc_LOADV64le) ( Addr ); 526VG_REGPARM(1) UWord MC_(helperc_LOADV32be) ( Addr ); 527VG_REGPARM(1) UWord MC_(helperc_LOADV32le) ( Addr ); 528VG_REGPARM(1) UWord MC_(helperc_LOADV16be) ( Addr ); 529VG_REGPARM(1) UWord MC_(helperc_LOADV16le) ( Addr ); 530VG_REGPARM(1) UWord MC_(helperc_LOADV8) ( Addr ); 531 532void MC_(helperc_MAKE_STACK_UNINIT) ( Addr base, UWord len, 533 Addr nia ); 534 535/* Origin tag load/store helpers */ 536VG_REGPARM(2) void MC_(helperc_b_store1) ( Addr a, UWord d32 ); 537VG_REGPARM(2) void MC_(helperc_b_store2) ( Addr a, UWord d32 ); 538VG_REGPARM(2) void MC_(helperc_b_store4) ( Addr a, UWord d32 ); 539VG_REGPARM(2) void MC_(helperc_b_store8) ( Addr a, UWord d32 ); 540VG_REGPARM(2) void MC_(helperc_b_store16)( Addr a, UWord d32 ); 541VG_REGPARM(1) UWord MC_(helperc_b_load1) ( Addr a ); 542VG_REGPARM(1) UWord MC_(helperc_b_load2) ( Addr a ); 543VG_REGPARM(1) UWord MC_(helperc_b_load4) ( Addr a ); 544VG_REGPARM(1) UWord MC_(helperc_b_load8) ( Addr a ); 545VG_REGPARM(1) UWord MC_(helperc_b_load16)( Addr a ); 546 547/* Functions defined in mc_translate.c */ 548IRSB* MC_(instrument) ( VgCallbackClosure* closure, 549 IRSB* bb_in, 550 VexGuestLayout* layout, 551 VexGuestExtents* vge, 552 IRType gWordTy, IRType hWordTy ); 553 554IRSB* MC_(final_tidy) ( IRSB* ); 555 556#endif /* ndef __MC_INCLUDE_H */ 557 558/*--------------------------------------------------------------------*/ 559/*--- end ---*/ 560/*--------------------------------------------------------------------*/ 561