/* Malloc implementation for multiple threads without lock contention.
- Copyright (C) 2001-2016 Free Software Foundation, Inc.
+ Copyright (C) 2001-2019 Free Software Foundation, Inc.
This file is part of the GNU C Library.
Contributed by Wolfram Gloger <wg@malloc.de>, 2001.
You should have received a copy of the GNU Lesser General Public
License along with the GNU C Library; see the file COPYING.LIB. If
- not, see <http://www.gnu.org/licenses/>. */
+ not, see <https://www.gnu.org/licenses/>. */
/* What to do if the standard debugging hooks are in place and a
corrupt pointer is detected: do nothing (0), print an error message
/* Whether we are using malloc checking. */
static int using_malloc_checking;
-/* A flag that is set by malloc_set_state, to signal that malloc checking
- must not be enabled on the request from the user (via the MALLOC_CHECK_
- environment variable). It is reset by __malloc_check_init to tell
- malloc_set_state that the user has requested malloc checking.
-
- The purpose of this flag is to make sure that malloc checking is not
- enabled when the heap to be restored was constructed without malloc
- checking, and thus does not contain the required magic bytes.
- Otherwise the heap would be corrupted by calls to free and realloc. If
- it turns out that the heap was created with malloc checking and the
- user has requested it malloc_set_state just calls __malloc_check_init
- again to enable it. On the other hand, reusing such a heap without
- further malloc checking is safe. */
-static int disallow_malloc_check;
-
/* Activate a standard set of debugging hooks. */
void
__malloc_check_init (void)
{
- if (disallow_malloc_check)
- {
- disallow_malloc_check = 0;
- return;
- }
using_malloc_checking = 1;
__malloc_hook = malloc_check;
__free_hook = free_check;
size -= c)
{
if (c <= 0 || size < (c + 2 * SIZE_SZ))
- {
- malloc_printerr (check_action, "malloc_check_get_size: memory corruption",
- chunk2mem (p),
- chunk_is_mmapped (p) ? NULL : arena_for_chunk (p));
- return 0;
- }
+ malloc_printerr ("malloc_check_get_size: memory corruption");
}
/* chunk2mem size. */
into a user pointer with requested size req_sz. */
static void *
-internal_function
mem2mem_check (void *ptr, size_t req_sz)
{
mchunkptr p;
pointer. If the provided pointer is not valid, return NULL. */
static mchunkptr
-internal_function
mem2chunk_check (void *mem, unsigned char **magic_p)
{
mchunkptr p;
return p;
}
-/* Check for corruption of the top chunk, and try to recover if
- necessary. */
-
-static int
-internal_function
+/* Check for corruption of the top chunk. */
+static void
top_check (void)
{
mchunkptr t = top (&main_arena);
- char *brk, *new_brk;
- INTERNAL_SIZE_T front_misalign, sbrk_size;
- unsigned long pagesz = GLRO (dl_pagesize);
if (t == initial_top (&main_arena) ||
(!chunk_is_mmapped (t) &&
prev_inuse (t) &&
(!contiguous (&main_arena) ||
(char *) t + chunksize (t) == mp_.sbrk_base + main_arena.system_mem)))
- return 0;
-
- malloc_printerr (check_action, "malloc: top chunk is corrupt", t,
- &main_arena);
-
- /* Try to set up a new top chunk. */
- brk = MORECORE (0);
- front_misalign = (unsigned long) chunk2mem (brk) & MALLOC_ALIGN_MASK;
- if (front_misalign > 0)
- front_misalign = MALLOC_ALIGNMENT - front_misalign;
- sbrk_size = front_misalign + mp_.top_pad + MINSIZE;
- sbrk_size += pagesz - ((unsigned long) (brk + sbrk_size) & (pagesz - 1));
- new_brk = (char *) (MORECORE (sbrk_size));
- if (new_brk == (char *) (MORECORE_FAILURE))
- {
- __set_errno (ENOMEM);
- return -1;
- }
- /* Call the `morecore' hook if necessary. */
- void (*hook) (void) = atomic_forced_read (__after_morecore_hook);
- if (hook)
- (*hook)();
- main_arena.system_mem = (new_brk - mp_.sbrk_base) + sbrk_size;
-
- top (&main_arena) = (mchunkptr) (brk + front_misalign);
- set_head (top (&main_arena), (sbrk_size - front_misalign) | PREV_INUSE);
+ return;
- return 0;
+ malloc_printerr ("malloc: top chunk is corrupt");
}
static void *
malloc_check (size_t sz, const void *caller)
{
void *victim;
+ size_t nb;
- if (sz + 1 == 0)
+ if (__builtin_add_overflow (sz, 1, &nb))
{
__set_errno (ENOMEM);
return NULL;
}
__libc_lock_lock (main_arena.mutex);
- victim = (top_check () >= 0) ? _int_malloc (&main_arena, sz + 1) : NULL;
+ top_check ();
+ victim = _int_malloc (&main_arena, nb);
__libc_lock_unlock (main_arena.mutex);
return mem2mem_check (victim, sz);
}
__libc_lock_lock (main_arena.mutex);
p = mem2chunk_check (mem, NULL);
if (!p)
- {
- __libc_lock_unlock (main_arena.mutex);
-
- malloc_printerr (check_action, "free(): invalid pointer", mem,
- &main_arena);
- return;
- }
+ malloc_printerr ("free(): invalid pointer");
if (chunk_is_mmapped (p))
{
__libc_lock_unlock (main_arena.mutex);
INTERNAL_SIZE_T nb;
void *newmem = 0;
unsigned char *magic_p;
+ size_t rb;
- if (bytes + 1 == 0)
+ if (__builtin_add_overflow (bytes, 1, &rb))
{
__set_errno (ENOMEM);
return NULL;
const mchunkptr oldp = mem2chunk_check (oldmem, &magic_p);
__libc_lock_unlock (main_arena.mutex);
if (!oldp)
- {
- malloc_printerr (check_action, "realloc(): invalid pointer", oldmem,
- &main_arena);
- return malloc_check (bytes, NULL);
- }
+ malloc_printerr ("realloc(): invalid pointer");
const INTERNAL_SIZE_T oldsize = chunksize (oldp);
- checked_request2size (bytes + 1, nb);
+ if (!checked_request2size (rb, &nb))
+ goto invert;
+
__libc_lock_lock (main_arena.mutex);
if (chunk_is_mmapped (oldp))
else
{
/* Must alloc, copy, free. */
- if (top_check () >= 0)
- newmem = _int_malloc (&main_arena, bytes + 1);
+ top_check ();
+ newmem = _int_malloc (&main_arena, rb);
if (newmem)
{
memcpy (newmem, oldmem, oldsize - 2 * SIZE_SZ);
}
else
{
- if (top_check () >= 0)
- {
- INTERNAL_SIZE_T nb;
- checked_request2size (bytes + 1, nb);
- newmem = _int_realloc (&main_arena, oldp, oldsize, nb);
- }
+ top_check ();
+ newmem = _int_realloc (&main_arena, oldp, oldsize, nb);
}
+ DIAG_PUSH_NEEDS_COMMENT;
+#if __GNUC_PREREQ (7, 0)
+ /* GCC 7 warns about magic_p may be used uninitialized. But we never
+ reach here if magic_p is uninitialized. */
+ DIAG_IGNORE_NEEDS_COMMENT (7, "-Wmaybe-uninitialized");
+#endif
/* mem2chunk_check changed the magic byte in the old chunk.
If newmem is NULL, then the old chunk will still be used though,
so we need to invert that change here. */
+invert:
if (newmem == NULL)
*magic_p ^= 0xFF;
+ DIAG_POP_NEEDS_COMMENT;
__libc_lock_unlock (main_arena.mutex);
}
__libc_lock_lock (main_arena.mutex);
- mem = (top_check () >= 0) ? _int_memalign (&main_arena, alignment, bytes + 1) :
- NULL;
+ top_check ();
+ mem = _int_memalign (&main_arena, alignment, bytes + 1);
__libc_lock_unlock (main_arena.mutex);
return mem2mem_check (mem, bytes);
}
#if SHLIB_COMPAT (libc, GLIBC_2_0, GLIBC_2_25)
-/* Get/set state: malloc_get_state() records the current state of all
- malloc variables (_except_ for the actual heap contents and `hook'
- function pointers) in a system dependent, opaque data structure.
- This data structure is dynamically allocated and can be free()d
- after use. malloc_set_state() restores the state of all malloc
- variables to the previously obtained state. This is especially
- useful when using this malloc as part of a shared library, and when
- the heap contents are saved/restored via some other method. The
- primary example for this is GNU Emacs with its `dumping' procedure.
- `Hook' function pointers are never saved or restored by these
- functions, with two exceptions: If malloc checking was in use when
- malloc_get_state() was called, then malloc_set_state() calls
- __malloc_check_init() if possible; if malloc checking was not in
- use in the recorded state but the user requested malloc checking,
- then the hooks are reset to 0. */
+/* Support for restoring dumped heaps contained in historic Emacs
+ executables. The heap saving feature (malloc_get_state) is no
+ longer implemented in this version of glibc, but we have a heap
+ rewriter in malloc_set_state which transforms the heap into a
+ version compatible with current malloc. */
#define MALLOC_STATE_MAGIC 0x444c4541l
#define MALLOC_STATE_VERSION (0 * 0x100l + 5l) /* major*0x100 + minor */
if ((ms->version & ~0xffl) > (MALLOC_STATE_VERSION & ~0xffl))
return -2;
- /* We do not need to perform locking here because __malloc_set_state
+ /* We do not need to perform locking here because malloc_set_state
must be called before the first call into the malloc subsytem
(usually via __malloc_initialize_hook). pthread_create always
calls calloc and thus must be called only afterwards, so there