]>
git.ipfire.org Git - thirdparty/systemd.git/blob - src/basic/alloc-util.h
1 /* SPDX-License-Identifier: LGPL-2.1+ */
11 #if HAS_FEATURE_MEMORY_SANITIZER
12 # include <sanitizer/msan_interface.h>
15 typedef void (*free_func_t
)(void *p
);
17 /* If for some reason more than 4M are allocated on the stack, let's abort immediately. It's better than
18 * proceeding and smashing the stack limits. Note that by default RLIMIT_STACK is 8M on Linux. */
19 #define ALLOCA_MAX (4U*1024U*1024U)
21 #define new(t, n) ((t*) malloc_multiply(sizeof(t), (n)))
23 #define new0(t, n) ((t*) calloc((n) ?: 1, sizeof(t)))
28 assert(!size_multiply_overflow(sizeof(t), _n_)); \
29 assert(sizeof(t)*_n_ <= ALLOCA_MAX); \
30 (t*) alloca(sizeof(t)*_n_); \
36 assert(!size_multiply_overflow(sizeof(t), _n_)); \
37 assert(sizeof(t)*_n_ <= ALLOCA_MAX); \
38 (t*) alloca0(sizeof(t)*_n_); \
41 #define newdup(t, p, n) ((t*) memdup_multiply(p, sizeof(t), (n)))
43 #define newdup_suffix0(t, p, n) ((t*) memdup_suffix0_multiply(p, sizeof(t), (n)))
45 #define malloc0(n) (calloc(1, (n)))
47 static inline void *mfree(void *memory
) {
52 #define free_and_replace(a, b) \
60 void* memdup(const void *p
, size_t l
) _alloc_(2);
61 void* memdup_suffix0(const void *p
, size_t l
) _alloc_(2);
63 #define memdupa(p, l) \
67 assert(_l_ <= ALLOCA_MAX); \
69 memcpy(_q_, p, _l_); \
72 #define memdupa_suffix0(p, l) \
76 assert(_l_ <= ALLOCA_MAX); \
77 _q_ = alloca(_l_ + 1); \
78 ((uint8_t*) _q_)[_l_] = 0; \
79 memcpy(_q_, p, _l_); \
82 static inline void freep(void *p
) {
86 #define _cleanup_free_ _cleanup_(freep)
88 static inline bool size_multiply_overflow(size_t size
, size_t need
) {
89 return _unlikely_(need
!= 0 && size
> (SIZE_MAX
/ need
));
92 _malloc_
_alloc_(1, 2) static inline void *malloc_multiply(size_t size
, size_t need
) {
93 if (size_multiply_overflow(size
, need
))
96 return malloc(size
* need
?: 1);
99 #if !HAVE_REALLOCARRAY
100 _alloc_(2, 3) static inline void *reallocarray(void *p
, size_t need
, size_t size
) {
101 if (size_multiply_overflow(size
, need
))
104 return realloc(p
, size
* need
?: 1);
108 _alloc_(2, 3) static inline void *memdup_multiply(const void *p
, size_t size
, size_t need
) {
109 if (size_multiply_overflow(size
, need
))
112 return memdup(p
, size
* need
);
115 _alloc_(2, 3) static inline void *memdup_suffix0_multiply(const void *p
, size_t size
, size_t need
) {
116 if (size_multiply_overflow(size
, need
))
119 return memdup_suffix0(p
, size
* need
);
122 void* greedy_realloc(void **p
, size_t *allocated
, size_t need
, size_t size
);
123 void* greedy_realloc0(void **p
, size_t *allocated
, size_t need
, size_t size
);
125 #define GREEDY_REALLOC(array, allocated, need) \
126 greedy_realloc((void**) &(array), &(allocated), (need), sizeof((array)[0]))
128 #define GREEDY_REALLOC0(array, allocated, need) \
129 greedy_realloc0((void**) &(array), &(allocated), (need), sizeof((array)[0]))
135 assert(_len_ <= ALLOCA_MAX); \
136 _new_ = alloca(_len_); \
137 (void *) memset(_new_, 0, _len_); \
140 /* It's not clear what alignment glibc/gcc alloca() guarantee, hence provide a guaranteed safe version */
141 #define alloca_align(size, align) \
144 size_t _mask_ = (align) - 1; \
145 size_t _size_ = size; \
146 assert(_size_ <= ALLOCA_MAX); \
147 _ptr_ = alloca(_size_ + _mask_); \
148 (void*)(((uintptr_t)_ptr_ + _mask_) & ~_mask_); \
151 #define alloca0_align(size, align) \
154 size_t _xsize_ = (size); \
155 _new_ = alloca_align(_xsize_, (align)); \
156 (void*)memset(_new_, 0, _xsize_); \
159 /* Takes inspiration from Rusts's Option::take() method: reads and returns a pointer, but at the same time resets it to
160 * NULL. See: https://doc.rust-lang.org/std/option/enum.Option.html#method.take */
161 #define TAKE_PTR(ptr) \
163 typeof(ptr) _ptr_ = (ptr); \
168 #if HAS_FEATURE_MEMORY_SANITIZER
169 # define msan_unpoison(r, s) __msan_unpoison(r, s)
171 # define msan_unpoison(r, s)