]>
Commit | Line | Data |
---|---|---|
53e1b683 | 1 | /* SPDX-License-Identifier: LGPL-2.1+ */ |
b5efdb8a LP |
2 | #pragma once |
3 | ||
b5efdb8a | 4 | #include <alloca.h> |
11c3a366 | 5 | #include <stddef.h> |
b5efdb8a LP |
6 | #include <stdlib.h> |
7 | #include <string.h> | |
8 | ||
9 | #include "macro.h" | |
10 | ||
c322f379 ZJS |
11 | #if HAS_FEATURE_MEMORY_SANITIZER |
12 | # include <sanitizer/msan_interface.h> | |
13 | #endif | |
14 | ||
e30f9c97 YW |
15 | typedef void (*free_func_t)(void *p); |
16 | ||
4aee28c6 LP |
17 | /* If for some reason more than 4M are allocated on the stack, let's abort immediately. It's better than |
18 | * proceeding and smashing the stack limits. Note that by default RLIMIT_STACK is 8M on Linux. */ | |
19 | #define ALLOCA_MAX (4U*1024U*1024U) | |
20 | ||
b5efdb8a LP |
21 | #define new(t, n) ((t*) malloc_multiply(sizeof(t), (n))) |
22 | ||
830464c3 | 23 | #define new0(t, n) ((t*) calloc((n) ?: 1, sizeof(t))) |
b5efdb8a | 24 | |
4aee28c6 LP |
25 | #define newa(t, n) \ |
26 | ({ \ | |
27 | size_t _n_ = n; \ | |
28 | assert(!size_multiply_overflow(sizeof(t), _n_)); \ | |
29 | assert(sizeof(t)*_n_ <= ALLOCA_MAX); \ | |
30 | (t*) alloca(sizeof(t)*_n_); \ | |
1232c447 LP |
31 | }) |
32 | ||
4aee28c6 LP |
33 | #define newa0(t, n) \ |
34 | ({ \ | |
35 | size_t _n_ = n; \ | |
36 | assert(!size_multiply_overflow(sizeof(t), _n_)); \ | |
37 | assert(sizeof(t)*_n_ <= ALLOCA_MAX); \ | |
38 | (t*) alloca0(sizeof(t)*_n_); \ | |
1232c447 | 39 | }) |
b5efdb8a LP |
40 | |
41 | #define newdup(t, p, n) ((t*) memdup_multiply(p, sizeof(t), (n))) | |
42 | ||
c165d97d LP |
43 | #define newdup_suffix0(t, p, n) ((t*) memdup_suffix0_multiply(p, sizeof(t), (n))) |
44 | ||
b5efdb8a LP |
45 | #define malloc0(n) (calloc(1, (n))) |
46 | ||
47 | static inline void *mfree(void *memory) { | |
48 | free(memory); | |
49 | return NULL; | |
50 | } | |
51 | ||
3b319885 ZJS |
52 | #define free_and_replace(a, b) \ |
53 | ({ \ | |
54 | free(a); \ | |
55 | (a) = (b); \ | |
56 | (b) = NULL; \ | |
57 | 0; \ | |
58 | }) | |
59 | ||
b5efdb8a | 60 | void* memdup(const void *p, size_t l) _alloc_(2); |
d40c54fe | 61 | void* memdup_suffix0(const void *p, size_t l) _alloc_(2); |
b5efdb8a | 62 | |
242c41b8 LP |
63 | #define memdupa(p, l) \ |
64 | ({ \ | |
65 | void *_q_; \ | |
4aee28c6 LP |
66 | size_t _l_ = l; \ |
67 | assert(_l_ <= ALLOCA_MAX); \ | |
68 | _q_ = alloca(_l_); \ | |
69 | memcpy(_q_, p, _l_); \ | |
242c41b8 LP |
70 | }) |
71 | ||
72 | #define memdupa_suffix0(p, l) \ | |
73 | ({ \ | |
74 | void *_q_; \ | |
4aee28c6 LP |
75 | size_t _l_ = l; \ |
76 | assert(_l_ <= ALLOCA_MAX); \ | |
77 | _q_ = alloca(_l_ + 1); \ | |
78 | ((uint8_t*) _q_)[_l_] = 0; \ | |
79 | memcpy(_q_, p, _l_); \ | |
242c41b8 LP |
80 | }) |
81 | ||
b5efdb8a LP |
82 | static inline void freep(void *p) { |
83 | free(*(void**) p); | |
84 | } | |
85 | ||
86 | #define _cleanup_free_ _cleanup_(freep) | |
87 | ||
dbacacaa | 88 | static inline bool size_multiply_overflow(size_t size, size_t need) { |
fd887949 | 89 | return _unlikely_(need != 0 && size > (SIZE_MAX / need)); |
dbacacaa AK |
90 | } |
91 | ||
92 | _malloc_ _alloc_(1, 2) static inline void *malloc_multiply(size_t size, size_t need) { | |
93 | if (size_multiply_overflow(size, need)) | |
b5efdb8a LP |
94 | return NULL; |
95 | ||
830464c3 | 96 | return malloc(size * need ?: 1); |
b5efdb8a LP |
97 | } |
98 | ||
aa484f35 ZJS |
99 | #if !HAVE_REALLOCARRAY |
100 | _alloc_(2, 3) static inline void *reallocarray(void *p, size_t need, size_t size) { | |
dbacacaa | 101 | if (size_multiply_overflow(size, need)) |
b5efdb8a LP |
102 | return NULL; |
103 | ||
830464c3 | 104 | return realloc(p, size * need ?: 1); |
b5efdb8a | 105 | } |
aa484f35 | 106 | #endif |
b5efdb8a | 107 | |
dbacacaa AK |
108 | _alloc_(2, 3) static inline void *memdup_multiply(const void *p, size_t size, size_t need) { |
109 | if (size_multiply_overflow(size, need)) | |
b5efdb8a LP |
110 | return NULL; |
111 | ||
dbacacaa | 112 | return memdup(p, size * need); |
b5efdb8a LP |
113 | } |
114 | ||
c165d97d LP |
115 | _alloc_(2, 3) static inline void *memdup_suffix0_multiply(const void *p, size_t size, size_t need) { |
116 | if (size_multiply_overflow(size, need)) | |
117 | return NULL; | |
118 | ||
119 | return memdup_suffix0(p, size * need); | |
120 | } | |
121 | ||
b5efdb8a LP |
122 | void* greedy_realloc(void **p, size_t *allocated, size_t need, size_t size); |
123 | void* greedy_realloc0(void **p, size_t *allocated, size_t need, size_t size); | |
124 | ||
125 | #define GREEDY_REALLOC(array, allocated, need) \ | |
126 | greedy_realloc((void**) &(array), &(allocated), (need), sizeof((array)[0])) | |
127 | ||
128 | #define GREEDY_REALLOC0(array, allocated, need) \ | |
129 | greedy_realloc0((void**) &(array), &(allocated), (need), sizeof((array)[0])) | |
130 | ||
131 | #define alloca0(n) \ | |
132 | ({ \ | |
133 | char *_new_; \ | |
134 | size_t _len_ = n; \ | |
4aee28c6 | 135 | assert(_len_ <= ALLOCA_MAX); \ |
b5efdb8a LP |
136 | _new_ = alloca(_len_); \ |
137 | (void *) memset(_new_, 0, _len_); \ | |
138 | }) | |
139 | ||
140 | /* It's not clear what alignment glibc/gcc alloca() guarantee, hence provide a guaranteed safe version */ | |
141 | #define alloca_align(size, align) \ | |
142 | ({ \ | |
143 | void *_ptr_; \ | |
144 | size_t _mask_ = (align) - 1; \ | |
4aee28c6 LP |
145 | size_t _size_ = size; \ |
146 | assert(_size_ <= ALLOCA_MAX); \ | |
147 | _ptr_ = alloca(_size_ + _mask_); \ | |
b5efdb8a LP |
148 | (void*)(((uintptr_t)_ptr_ + _mask_) & ~_mask_); \ |
149 | }) | |
150 | ||
151 | #define alloca0_align(size, align) \ | |
152 | ({ \ | |
153 | void *_new_; \ | |
4aee28c6 LP |
154 | size_t _xsize_ = (size); \ |
155 | _new_ = alloca_align(_xsize_, (align)); \ | |
156 | (void*)memset(_new_, 0, _xsize_); \ | |
b5efdb8a | 157 | }) |
ae2a15bc LP |
158 | |
159 | /* Takes inspiration from Rusts's Option::take() method: reads and returns a pointer, but at the same time resets it to | |
160 | * NULL. See: https://doc.rust-lang.org/std/option/enum.Option.html#method.take */ | |
161 | #define TAKE_PTR(ptr) \ | |
162 | ({ \ | |
163 | typeof(ptr) _ptr_ = (ptr); \ | |
164 | (ptr) = NULL; \ | |
165 | _ptr_; \ | |
166 | }) | |
c322f379 ZJS |
167 | |
168 | #if HAS_FEATURE_MEMORY_SANITIZER | |
169 | # define msan_unpoison(r, s) __msan_unpoison(r, s) | |
170 | #else | |
171 | # define msan_unpoison(r, s) | |
172 | #endif |