2 /*--------------------------------------------------------------------*/
3 /*--- A header file for all parts of the MemCheck tool. ---*/
4 /*--- mc_include.h ---*/
5 /*--------------------------------------------------------------------*/
8 This file is part of MemCheck, a heavyweight Valgrind tool for
9 detecting memory errors.
11 Copyright (C) 2000-2010 Julian Seward
14 This program is free software; you can redistribute it and/or
15 modify it under the terms of the GNU General Public License as
16 published by the Free Software Foundation; either version 2 of the
17 License, or (at your option) any later version.
19 This program is distributed in the hope that it will be useful, but
20 WITHOUT ANY WARRANTY; without even the implied warranty of
21 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
22 General Public License for more details.
24 You should have received a copy of the GNU General Public License
25 along with this program; if not, write to the Free Software
26 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
29 The GNU General Public License is contained in the file COPYING.
32 #ifndef __MC_INCLUDE_H
33 #define __MC_INCLUDE_H
35 #define MC_(str) VGAPPEND(vgMemCheck_,str)
38 /* This is a private header file for use only within the
39 memcheck/ directory. */
41 /*------------------------------------------------------------*/
42 /*--- Tracking the heap ---*/
43 /*------------------------------------------------------------*/
45 /* We want at least a 16B redzone on client heap blocks for Memcheck */
46 #define MC_MALLOC_REDZONE_SZB 16
48 /* For malloc()/new/new[] vs. free()/delete/delete[] mismatch checking. */
58 /* This describes a heap block. Nb: first two fields must match core's
62 struct _MC_Chunk* next;
63 Addr data; // Address of the actual block.
64 SizeT szB : (sizeof(SizeT)*8)-2; // Size requested; 30 or 62 bits.
65 MC_AllocKind allockind : 2; // Which operation did the allocation.
66 ExeContext* where; // Where it was allocated.
70 /* Memory pool. Nb: first two fields must match core's VgHashNode. */
73 struct _MC_Mempool* next;
74 Addr pool; // pool identifier
75 SizeT rzB; // pool red-zone size
76 Bool is_zeroed; // allocations from this pool are zeroed
77 VgHashTable chunks; // chunks associated with this pool
82 void* MC_(new_block) ( ThreadId tid,
83 Addr p, SizeT size, SizeT align,
84 Bool is_zeroed, MC_AllocKind kind,
86 void MC_(handle_free) ( ThreadId tid,
87 Addr p, UInt rzB, MC_AllocKind kind );
89 void MC_(create_mempool) ( Addr pool, UInt rzB, Bool is_zeroed );
90 void MC_(destroy_mempool) ( Addr pool );
91 void MC_(mempool_alloc) ( ThreadId tid, Addr pool,
92 Addr addr, SizeT size );
93 void MC_(mempool_free) ( Addr pool, Addr addr );
94 void MC_(mempool_trim) ( Addr pool, Addr addr, SizeT size );
95 void MC_(move_mempool) ( Addr poolA, Addr poolB );
96 void MC_(mempool_change) ( Addr pool, Addr addrA, Addr addrB, SizeT size );
97 Bool MC_(mempool_exists) ( Addr pool );
99 MC_Chunk* MC_(get_freed_list_head)( void );
101 /* For tracking malloc'd blocks. Nb: it's quite important that it's a
102 VgHashTable, because VgHashTable allows duplicate keys without complaint.
103 This can occur if a user marks a malloc() block as also a custom block with
105 extern VgHashTable MC_(malloc_list);
107 /* For tracking memory pools. */
108 extern VgHashTable MC_(mempool_list);
110 /* Shadow memory functions */
111 Bool MC_(check_mem_is_noaccess)( Addr a, SizeT len, Addr* bad_addr );
112 void MC_(make_mem_noaccess) ( Addr a, SizeT len );
113 void MC_(make_mem_undefined_w_otag)( Addr a, SizeT len, UInt otag );
114 void MC_(make_mem_defined) ( Addr a, SizeT len );
115 void MC_(copy_address_range_state) ( Addr src, Addr dst, SizeT len );
117 void MC_(print_malloc_stats) ( void );
119 void* MC_(malloc) ( ThreadId tid, SizeT n );
120 void* MC_(__builtin_new) ( ThreadId tid, SizeT n );
121 void* MC_(__builtin_vec_new) ( ThreadId tid, SizeT n );
122 void* MC_(memalign) ( ThreadId tid, SizeT align, SizeT n );
123 void* MC_(calloc) ( ThreadId tid, SizeT nmemb, SizeT size1 );
124 void MC_(free) ( ThreadId tid, void* p );
125 void MC_(__builtin_delete) ( ThreadId tid, void* p );
126 void MC_(__builtin_vec_delete) ( ThreadId tid, void* p );
127 void* MC_(realloc) ( ThreadId tid, void* p, SizeT new_size );
128 SizeT MC_(malloc_usable_size) ( ThreadId tid, void* p );
130 void MC_(handle_resizeInPlace)(ThreadId tid, Addr p,
131 SizeT oldSizeB, SizeT newSizeB, SizeT rzB);
134 /*------------------------------------------------------------*/
135 /*--- Origin tracking translate-time support ---*/
136 /*------------------------------------------------------------*/
138 /* See detailed comments in mc_machine.c. */
139 Int MC_(get_otrack_shadow_offset) ( Int offset, Int szB );
140 IRType MC_(get_otrack_reg_array_equiv_int_type) ( IRRegArray* arr );
142 /* Constants which are used as the lowest 2 bits in origin tags.
144 An origin tag comprises an upper 30-bit ECU field and a lower 2-bit
145 'kind' field. The ECU field is a number given out by m_execontext
146 and has a 1-1 mapping with ExeContext*s. An ECU can be used
147 directly as an origin tag (otag), but in fact we want to put
148 additional information 'kind' field to indicate roughly where the
149 tag came from. This helps print more understandable error messages
150 for the user -- it has no other purpose.
152 Hence the following 2-bit constants are needed for 'kind' field.
156 * Both ECUs and origin tags are represented as 32-bit words
158 * m_execontext and the core-tool interface deal purely in ECUs.
159 They have no knowledge of origin tags - that is a purely
160 Memcheck-internal matter.
162 * all valid ECUs have the lowest 2 bits zero and at least
163 one of the upper 30 bits nonzero (see VG_(is_plausible_ECU))
165 * to convert from an ECU to an otag, OR in one of the MC_OKIND_
168 * to convert an otag back to an ECU, AND it with ~3
171 #define MC_OKIND_UNKNOWN 0 /* unknown origin */
172 #define MC_OKIND_HEAP 1 /* this is a heap origin */
173 #define MC_OKIND_STACK 2 /* this is a stack origin */
174 #define MC_OKIND_USER 3 /* arises from user-supplied client req */
177 /*------------------------------------------------------------*/
178 /*--- Profiling of memory events ---*/
179 /*------------------------------------------------------------*/
181 /* Define to collect detailed performance info. */
182 /* #define MC_PROFILE_MEMORY */
184 #ifdef MC_PROFILE_MEMORY
185 # define N_PROF_EVENTS 500
187 UInt MC_(event_ctr)[N_PROF_EVENTS];
188 HChar* MC_(event_ctr_name)[N_PROF_EVENTS];
190 # define PROF_EVENT(ev, name) \
191 do { tl_assert((ev) >= 0 && (ev) < N_PROF_EVENTS); \
192 /* crude and inaccurate check to ensure the same */ \
193 /* event isn't being used with > 1 name */ \
194 if (MC_(event_ctr_name)[ev]) \
195 tl_assert(name == MC_(event_ctr_name)[ev]); \
196 MC_(event_ctr)[ev]++; \
197 MC_(event_ctr_name)[ev] = (name); \
202 # define PROF_EVENT(ev, name) /* */
204 #endif /* MC_PROFILE_MEMORY */
207 /*------------------------------------------------------------*/
208 /*--- V and A bits (Victoria & Albert ?) ---*/
209 /*------------------------------------------------------------*/
211 /* The number of entries in the primary map can be altered. However
212 we hardwire the assumption that each secondary map covers precisely
213 64k of address space. */
214 #define SM_SIZE 65536 /* DO NOT CHANGE */
215 #define SM_MASK (SM_SIZE-1) /* DO NOT CHANGE */
217 #define V_BIT_DEFINED 0
218 #define V_BIT_UNDEFINED 1
220 #define V_BITS8_DEFINED 0
221 #define V_BITS8_UNDEFINED 0xFF
223 #define V_BITS16_DEFINED 0
224 #define V_BITS16_UNDEFINED 0xFFFF
226 #define V_BITS32_DEFINED 0
227 #define V_BITS32_UNDEFINED 0xFFFFFFFF
229 #define V_BITS64_DEFINED 0ULL
230 #define V_BITS64_UNDEFINED 0xFFFFFFFFFFFFFFFFULL
233 /*------------------------------------------------------------*/
234 /*--- Leak checking ---*/
235 /*------------------------------------------------------------*/
239 // Nb: the order is important -- it dictates the order of loss records
241 Reachable =0, // Definitely reachable from root-set.
242 Possible =1, // Possibly reachable from root-set; involves at
243 // least one interior-pointer along the way.
244 IndirectLeak =2, // Leaked, but reachable from another leaked block
245 // (be it Unreached or IndirectLeak).
246 Unreached =3, // Not reached, ie. leaked.
247 // (At best, only reachable from itself via a cycle.)
251 /* For VALGRIND_COUNT_LEAKS client request */
252 extern SizeT MC_(bytes_leaked);
253 extern SizeT MC_(bytes_indirect);
254 extern SizeT MC_(bytes_dubious);
255 extern SizeT MC_(bytes_reachable);
256 extern SizeT MC_(bytes_suppressed);
258 /* For VALGRIND_COUNT_LEAK_BLOCKS client request */
259 extern SizeT MC_(blocks_leaked);
260 extern SizeT MC_(blocks_indirect);
261 extern SizeT MC_(blocks_dubious);
262 extern SizeT MC_(blocks_reachable);
263 extern SizeT MC_(blocks_suppressed);
273 /* When a LossRecord is put into an OSet, these elements represent the key. */
275 struct _LossRecordKey {
276 Reachedness state; // LC_Extra.state value shared by all blocks.
277 ExeContext* allocated_at; // Where they were allocated.
281 /* A loss record, used for generating err msgs. Multiple leaked blocks can be
282 * merged into a single loss record if they have the same state and similar
283 * enough allocation points (controlled by --leak-resolution). */
286 LossRecordKey key; // Key, when used in an OSet.
287 SizeT szB; // Sum of all MC_Chunk.szB values.
288 SizeT indirect_szB; // Sum of all LC_Extra.indirect_szB values.
289 UInt num_blocks; // Number of blocks represented by the record.
293 void MC_(detect_memory_leaks) ( ThreadId tid, LeakCheckMode mode );
295 Bool MC_(is_valid_aligned_word) ( Addr a );
296 Bool MC_(is_within_valid_secondary) ( Addr a );
298 void MC_(pp_LeakError)(UInt n_this_record, UInt n_total_records,
302 /*------------------------------------------------------------*/
303 /*--- Errors and suppressions ---*/
304 /*------------------------------------------------------------*/
306 /* Did we show to the user, any errors for which an uninitialised
307 value origin could have been collected (but wasn't) ? If yes,
308 then, at the end of the run, print a 1 line message advising that a
309 rerun with --track-origins=yes might help. */
310 extern Bool MC_(any_value_errors);
312 /* Standard functions for error and suppressions as required by the
314 Bool MC_(eq_Error) ( VgRes res, Error* e1, Error* e2 );
315 void MC_(before_pp_Error) ( Error* err );
316 void MC_(pp_Error) ( Error* err );
317 UInt MC_(update_Error_extra) ( Error* err );
319 Bool MC_(is_recognised_suppression) ( Char* name, Supp* su );
321 Bool MC_(read_extra_suppression_info) ( Int fd, Char** buf,
322 SizeT* nBuf, Supp *su );
324 Bool MC_(error_matches_suppression) ( Error* err, Supp* su );
326 Bool MC_(get_extra_suppression_info) ( Error* err,
327 /*OUT*/Char* buf, Int nBuf );
329 Char* MC_(get_error_name) ( Error* err );
331 /* Recording of errors */
332 void MC_(record_address_error) ( ThreadId tid, Addr a, Int szB,
334 void MC_(record_cond_error) ( ThreadId tid, UInt otag );
335 void MC_(record_value_error) ( ThreadId tid, Int szB, UInt otag );
336 void MC_(record_jump_error) ( ThreadId tid, Addr a );
338 void MC_(record_free_error) ( ThreadId tid, Addr a );
339 void MC_(record_illegal_mempool_error) ( ThreadId tid, Addr a );
340 void MC_(record_freemismatch_error) ( ThreadId tid, MC_Chunk* mc );
342 void MC_(record_overlap_error) ( ThreadId tid, Char* function,
343 Addr src, Addr dst, SizeT szB );
344 void MC_(record_core_mem_error) ( ThreadId tid, Char* msg );
345 void MC_(record_regparam_error) ( ThreadId tid, Char* msg, UInt otag );
346 void MC_(record_memparam_error) ( ThreadId tid, Addr a,
347 Bool isAddrErr, Char* msg, UInt otag );
348 void MC_(record_user_error) ( ThreadId tid, Addr a,
349 Bool isAddrErr, UInt otag );
351 Bool MC_(record_leak_error) ( ThreadId tid,
353 UInt n_total_records,
354 LossRecord* lossRecord,
358 /* prints a description of address a */
359 void MC_(pp_describe_addr) (Addr a);
361 /* Is this address in a user-specified "ignored range" ? */
362 Bool MC_(in_ignored_range) ( Addr a );
365 /*------------------------------------------------------------*/
366 /*--- Client blocks ---*/
367 /*------------------------------------------------------------*/
369 /* Describes a client block. See mc_main.c. An unused block has
370 start == size == 0. */
380 /* Get access to the client block array. */
381 void MC_(get_ClientBlock_array)( /*OUT*/CGenBlock** blocks,
382 /*OUT*/UWord* nBlocks );
385 /*------------------------------------------------------------*/
386 /*--- Command line options + defaults ---*/
387 /*------------------------------------------------------------*/
389 /* Allow loads from partially-valid addresses? default: YES */
390 extern Bool MC_(clo_partial_loads_ok);
392 /* Max volume of the freed blocks queue. */
393 extern Long MC_(clo_freelist_vol);
395 /* Do leak check at exit? default: NO */
396 extern LeakCheckMode MC_(clo_leak_check);
398 /* How closely should we compare ExeContexts in leak records? default: 2 */
399 extern VgRes MC_(clo_leak_resolution);
401 /* In leak check, show reachable-but-not-freed blocks? default: NO */
402 extern Bool MC_(clo_show_reachable);
404 /* In leak check, show possibly-lost blocks? default: YES */
405 extern Bool MC_(clo_show_possibly_lost);
407 /* Assume accesses immediately below %esp are due to gcc-2.96 bugs.
409 extern Bool MC_(clo_workaround_gcc296_bugs);
411 /* Fill malloc-d/free-d client blocks with a specific value? -1 if
412 not, else 0x00 .. 0xFF indicating the fill value to use. Can be
413 useful for causing programs with bad heap corruption to fail in
414 more repeatable ways. Note that malloc-filled and free-filled
415 areas are still undefined and noaccess respectively. This merely
416 causes them to contain the specified values. */
417 extern Int MC_(clo_malloc_fill);
418 extern Int MC_(clo_free_fill);
420 /* Indicates the level of instrumentation/checking done by Memcheck.
422 1 = No undefined value checking, Addrcheck-style behaviour only:
423 only address checking is done. This is faster but finds fewer
424 errors. Note that although Addrcheck had 1 bit per byte
425 overhead vs the old Memcheck's 9 bits per byte, with this mode
426 and compressed V bits, no memory is saved with this mode --
427 it's still 2 bits per byte overhead. This is a little wasteful
428 -- it could be done with 1 bit per byte -- but lets us reuse
429 the many shadow memory access functions. Note that in this
430 mode neither the secondary V bit table nor the origin-tag cache
433 2 = Address checking and Undefined value checking are performed,
434 but origins are not tracked. So the origin-tag cache is not
435 used in this mode. This setting is the default and corresponds
436 to the "normal" Memcheck behaviour that has shipped for years.
438 3 = Address checking, undefined value checking, and origins for
439 undefined values are tracked.
443 extern Int MC_(clo_mc_level);
446 /*------------------------------------------------------------*/
447 /*--- Instrumentation ---*/
448 /*------------------------------------------------------------*/
450 /* Functions defined in mc_main.c */
452 /* For the fail_w_o functions, the UWord arg is actually the 32-bit
453 origin tag and should really be UInt, but to be simple and safe
454 considering it's called from generated code, just claim it to be a
456 VG_REGPARM(2) void MC_(helperc_value_checkN_fail_w_o) ( HWord, UWord );
457 VG_REGPARM(1) void MC_(helperc_value_check8_fail_w_o) ( UWord );
458 VG_REGPARM(1) void MC_(helperc_value_check4_fail_w_o) ( UWord );
459 VG_REGPARM(1) void MC_(helperc_value_check1_fail_w_o) ( UWord );
460 VG_REGPARM(1) void MC_(helperc_value_check0_fail_w_o) ( UWord );
462 /* And call these ones instead to report an uninitialised value error
463 but with no origin available. */
464 VG_REGPARM(1) void MC_(helperc_value_checkN_fail_no_o) ( HWord );
465 VG_REGPARM(0) void MC_(helperc_value_check8_fail_no_o) ( void );
466 VG_REGPARM(0) void MC_(helperc_value_check4_fail_no_o) ( void );
467 VG_REGPARM(0) void MC_(helperc_value_check1_fail_no_o) ( void );
468 VG_REGPARM(0) void MC_(helperc_value_check0_fail_no_o) ( void );
470 /* V-bits load/store helpers */
471 VG_REGPARM(1) void MC_(helperc_STOREV64be) ( Addr, ULong );
472 VG_REGPARM(1) void MC_(helperc_STOREV64le) ( Addr, ULong );
473 VG_REGPARM(2) void MC_(helperc_STOREV32be) ( Addr, UWord );
474 VG_REGPARM(2) void MC_(helperc_STOREV32le) ( Addr, UWord );
475 VG_REGPARM(2) void MC_(helperc_STOREV16be) ( Addr, UWord );
476 VG_REGPARM(2) void MC_(helperc_STOREV16le) ( Addr, UWord );
477 VG_REGPARM(2) void MC_(helperc_STOREV8) ( Addr, UWord );
479 VG_REGPARM(1) ULong MC_(helperc_LOADV64be) ( Addr );
480 VG_REGPARM(1) ULong MC_(helperc_LOADV64le) ( Addr );
481 VG_REGPARM(1) UWord MC_(helperc_LOADV32be) ( Addr );
482 VG_REGPARM(1) UWord MC_(helperc_LOADV32le) ( Addr );
483 VG_REGPARM(1) UWord MC_(helperc_LOADV16be) ( Addr );
484 VG_REGPARM(1) UWord MC_(helperc_LOADV16le) ( Addr );
485 VG_REGPARM(1) UWord MC_(helperc_LOADV8) ( Addr );
487 void MC_(helperc_MAKE_STACK_UNINIT) ( Addr base, UWord len,
490 /* Origin tag load/store helpers */
491 VG_REGPARM(2) void MC_(helperc_b_store1) ( Addr a, UWord d32 );
492 VG_REGPARM(2) void MC_(helperc_b_store2) ( Addr a, UWord d32 );
493 VG_REGPARM(2) void MC_(helperc_b_store4) ( Addr a, UWord d32 );
494 VG_REGPARM(2) void MC_(helperc_b_store8) ( Addr a, UWord d32 );
495 VG_REGPARM(2) void MC_(helperc_b_store16)( Addr a, UWord d32 );
496 VG_REGPARM(1) UWord MC_(helperc_b_load1) ( Addr a );
497 VG_REGPARM(1) UWord MC_(helperc_b_load2) ( Addr a );
498 VG_REGPARM(1) UWord MC_(helperc_b_load4) ( Addr a );
499 VG_REGPARM(1) UWord MC_(helperc_b_load8) ( Addr a );
500 VG_REGPARM(1) UWord MC_(helperc_b_load16)( Addr a );
502 /* Functions defined in mc_translate.c */
503 IRSB* MC_(instrument) ( VgCallbackClosure* closure,
505 VexGuestLayout* layout,
506 VexGuestExtents* vge,
507 IRType gWordTy, IRType hWordTy );
509 IRSB* MC_(final_tidy) ( IRSB* );
511 #endif /* ndef __MC_INCLUDE_H */
513 /*--------------------------------------------------------------------*/
515 /*--------------------------------------------------------------------*/
projects / l4.git / blob