URL https://opencores.org/ocsvn/openrisc/openrisc/trunk

Subversion Repositories openrisc

[/] [openrisc/] [trunk/] [gnu-dev/] [or1k-gcc/] [libmudflap/] [mf-hooks1.c] - Blame information for rev 738

Details | Compare with Previous | View Log


/* Mudflap: narrow-pointer bounds-checking by tree rewriting.
   Copyright (C) 2002, 2003, 2004, 2009, 2011 Free Software Foundation, Inc.
   Contributed by Frank Ch. Eigler <fche@redhat.com>
   and Graydon Hoare <graydon@redhat.com>
 
This file is part of GCC.
 
GCC is free software; you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by the Free
Software Foundation; either version 3, or (at your option) any later
version.
 
GCC is distributed in the hope that it will be useful, but WITHOUT ANY
WARRANTY; without even the implied warranty of MERCHANTABILITY or
FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
for more details.
 
Under Section 7 of GPL version 3, you are granted additional
permissions described in the GCC Runtime Library Exception, version
3.1, as published by the Free Software Foundation.
 
You should have received a copy of the GNU General Public License and
a copy of the GCC Runtime Library Exception along with this program;
see the files COPYING3 and COPYING.RUNTIME respectively.  If not, see
<http://www.gnu.org/licenses/>.  */
 
#include "config.h"
 
#ifndef HAVE_SOCKLEN_T
#define socklen_t int
#endif
 
 
/* These attempt to coax various unix flavours to declare all our
   needed tidbits in the system headers.  */
#if !defined(__FreeBSD__)  && !defined(__APPLE__)
#define _POSIX_SOURCE
#endif /* Some BSDs break <sys/socket.h> if this is defined. */
#define _GNU_SOURCE
#define _XOPEN_SOURCE
#define _BSD_TYPES
#define __EXTENSIONS__
#define _ALL_SOURCE
#define _LARGE_FILE_API
#define _XOPEN_SOURCE_EXTENDED 1
 
#include <string.h>
#include <stdio.h>
#include <stdlib.h>
#include <sys/time.h>
#include <sys/types.h>
#include <unistd.h>
#include <assert.h>
#include <errno.h>
#include <limits.h>
#include <time.h>
 
#include "mf-runtime.h"
#include "mf-impl.h"
 
#ifdef _MUDFLAP
#error "Do not compile this file with -fmudflap!"
#endif
 
 
/* Memory allocation related hook functions.  Some of these are
   intercepted via linker wrapping or symbol interposition.  Others
   use plain macros in mf-runtime.h.  */
 
 
#if PIC
 
enum { BS = 4096, NB=10 };
static char __mf_0fn_bufs[NB][BS];
static unsigned __mf_0fn_bufs_used[NB];
 
 
/* A special bootstrap variant. */
void *
__mf_0fn_malloc (size_t c)
{
  unsigned i;
 
  for (i=0; i<NB; i++)
    {
      if (! __mf_0fn_bufs_used[i] && c < BS)
        {
          __mf_0fn_bufs_used[i] = 1;
          return & __mf_0fn_bufs[i][0];
        }
    }
  return NULL;
}
#endif
 
 
#undef malloc
WRAPPER(void *, malloc, size_t c)
{
  size_t size_with_crumple_zones;
  DECLARE(void *, malloc, size_t c);
  void *result;
  BEGIN_PROTECT (malloc, c);
 
  size_with_crumple_zones =
    CLAMPADD(c,CLAMPADD(__mf_opts.crumple_zone,
                        __mf_opts.crumple_zone));
  BEGIN_MALLOC_PROTECT ();
  result = (char *) CALL_REAL (malloc, size_with_crumple_zones);
  END_MALLOC_PROTECT ();
 
  if (LIKELY(result))
    {
      result += __mf_opts.crumple_zone;
      __mf_register (result, c, __MF_TYPE_HEAP, "malloc region");
      /* XXX: register __MF_TYPE_NOACCESS for crumple zones.  */
    }
 
  return result;
}
 
 
#ifdef PIC
/* A special bootstrap variant. */
void *
__mf_0fn_calloc (size_t c, size_t n)
{
  return __mf_0fn_malloc (c * n);
}
#endif
 
 
#undef calloc
WRAPPER(void *, calloc, size_t c, size_t n)
{
  size_t size_with_crumple_zones;
  DECLARE(void *, calloc, size_t, size_t);
  DECLARE(void *, malloc, size_t);
  DECLARE(void *, memset, void *, int, size_t);
  char *result;
  BEGIN_PROTECT (calloc, c, n);
 
  size_with_crumple_zones =
    CLAMPADD((c * n), /* XXX: CLAMPMUL */
             CLAMPADD(__mf_opts.crumple_zone,
                      __mf_opts.crumple_zone));
  BEGIN_MALLOC_PROTECT ();
  result = (char *) CALL_REAL (malloc, size_with_crumple_zones);
  END_MALLOC_PROTECT ();
 
  if (LIKELY(result))
    memset (result, 0, size_with_crumple_zones);
 
  if (LIKELY(result))
    {
      result += __mf_opts.crumple_zone;
      __mf_register (result, c*n /* XXX: clamp */, __MF_TYPE_HEAP_I, "calloc region");
      /* XXX: register __MF_TYPE_NOACCESS for crumple zones.  */
    }
 
  return result;
}
 
 
#if PIC
/* A special bootstrap variant. */
void *
__mf_0fn_realloc (void *buf, size_t c)
{
  return NULL;
}
#endif
 
 
#undef realloc
WRAPPER(void *, realloc, void *buf, size_t c)
{
  DECLARE(void * , realloc, void *, size_t);
  size_t size_with_crumple_zones;
  char *base = buf;
  unsigned saved_wipe_heap;
  char *result;
  BEGIN_PROTECT (realloc, buf, c);
 
  if (LIKELY(buf))
    base -= __mf_opts.crumple_zone;
 
  size_with_crumple_zones =
    CLAMPADD(c, CLAMPADD(__mf_opts.crumple_zone,
                         __mf_opts.crumple_zone));
  BEGIN_MALLOC_PROTECT ();
  result = (char *) CALL_REAL (realloc, base, size_with_crumple_zones);
  END_MALLOC_PROTECT ();
 
  /* Ensure heap wiping doesn't occur during this peculiar
     unregister/reregister pair.  */
  LOCKTH ();
  __mf_set_state (reentrant);
  saved_wipe_heap = __mf_opts.wipe_heap;
  __mf_opts.wipe_heap = 0;
 
  if (LIKELY(buf))
    __mfu_unregister (buf, 0, __MF_TYPE_HEAP_I);
  /* NB: underlying region may have been __MF_TYPE_HEAP. */
 
  if (LIKELY(result))
    {
      result += __mf_opts.crumple_zone;
      __mfu_register (result, c, __MF_TYPE_HEAP_I, "realloc region");
      /* XXX: register __MF_TYPE_NOACCESS for crumple zones.  */
    }
 
  /* Restore previous setting.  */
  __mf_opts.wipe_heap = saved_wipe_heap;
 
  __mf_set_state (active);
  UNLOCKTH ();
 
  return result;
}
 
 
#if PIC
/* A special bootstrap variant. */
void
__mf_0fn_free (void *buf)
{
  return;
}
#endif
 
#undef free
WRAPPER(void, free, void *buf)
{
  /* Use a circular queue to delay some number (__mf_opts.free_queue_length) of free()s.  */
  static void *free_queue [__MF_FREEQ_MAX];
  static unsigned free_ptr = 0;
  static int freeq_initialized = 0;
  DECLARE(void, free, void *);
 
  BEGIN_PROTECT (free, buf);
 
  if (UNLIKELY(buf == NULL))
    return;
 
#if PIC
  /* Check whether the given buffer might have come from a
     __mf_0fn_malloc/calloc call that for whatever reason was not
     redirected back to __mf_0fn_free.  If so, we just ignore the
     call. */
  if (UNLIKELY((uintptr_t) buf >= (uintptr_t) __mf_0fn_bufs &&
               (uintptr_t) buf < ((uintptr_t) __mf_0fn_bufs + sizeof(__mf_0fn_bufs))))
  {
    VERBOSE_TRACE ("skipping free of boot (0fn) alloc buffer %p\n", buf);
    return;
  }
#endif
 
  LOCKTH ();
  if (UNLIKELY(!freeq_initialized))
    {
      memset (free_queue, 0,
                     __MF_FREEQ_MAX * sizeof (void *));
      freeq_initialized = 1;
    }
  UNLOCKTH ();
 
  __mf_unregister (buf, 0, __MF_TYPE_HEAP_I);
  /* NB: underlying region may have been __MF_TYPE_HEAP. */
 
  if (UNLIKELY(__mf_opts.free_queue_length > 0))
    {
      char *freeme = NULL;
      LOCKTH ();
      if (free_queue [free_ptr] != NULL)
        {
          freeme = free_queue [free_ptr];
          freeme -= __mf_opts.crumple_zone;
        }
      free_queue [free_ptr] = buf;
      free_ptr = (free_ptr == (__mf_opts.free_queue_length-1) ? 0 : free_ptr + 1);
      UNLOCKTH ();
      if (freeme)
        {
          if (__mf_opts.trace_mf_calls)
            {
              VERBOSE_TRACE ("freeing deferred pointer %p (crumple %u)\n",
                             (void *) freeme,
                             __mf_opts.crumple_zone);
            }
          BEGIN_MALLOC_PROTECT ();
          CALL_REAL (free, freeme);
          END_MALLOC_PROTECT ();
        }
    }
  else
    {
      /* back pointer up a bit to the beginning of crumple zone */
      char *base = (char *)buf;
      base -= __mf_opts.crumple_zone;
      if (__mf_opts.trace_mf_calls)
        {
          VERBOSE_TRACE ("freeing pointer %p = %p - %u\n",
                         (void *) base,
                         (void *) buf,
                         __mf_opts.crumple_zone);
        }
      BEGIN_MALLOC_PROTECT ();
      CALL_REAL (free, base);
      END_MALLOC_PROTECT ();
    }
}
 
 
/* We can only wrap mmap if the target supports it.  Likewise for munmap.
   We assume we have both if we have mmap.  */
#ifdef HAVE_MMAP
 
#if PIC
/* A special bootstrap variant. */
void *
__mf_0fn_mmap (void *start, size_t l, int prot, int f, int fd, off_t off)
{
#if defined(__FreeBSD__)
  if (f == 0x1000 && fd == -1 && prot == 0 && off == 0)
    return 0;
#endif /* Ignore red zone allocation request for initial thread's stack. */
 
  return (void *) -1;
}
#endif
 
 
#undef mmap
WRAPPER(void *, mmap,
        void  *start,  size_t length, int prot,
        int flags, int fd, off_t offset)
{
  DECLARE(void *, mmap, void *, size_t, int,
                            int, int, off_t);
  void *result;
  BEGIN_PROTECT (mmap, start, length, prot, flags, fd, offset);
 
  result = CALL_REAL (mmap, start, length, prot,
                        flags, fd, offset);
 
  /*
  VERBOSE_TRACE ("mmap (%08lx, %08lx, ...) => %08lx\n",
                 (uintptr_t) start, (uintptr_t) length,
                 (uintptr_t) result);
  */
 
  if (result != (void *)-1)
    {
      /* Register each page as a heap object.  Why not register it all
         as a single segment?  That's so that a later munmap() call
         can unmap individual pages.  XXX: would __MF_TYPE_GUESS make
         this more automatic?  */
      size_t ps = getpagesize ();
      uintptr_t base = (uintptr_t) result;
      uintptr_t offset;
 
      for (offset=0; offset<length; offset+=ps)
        {
          /* XXX: We could map PROT_NONE to __MF_TYPE_NOACCESS. */
          /* XXX: Unaccessed HEAP pages are reported as leaks.  Is this
             appropriate for unaccessed mmap pages? */
          __mf_register ((void *) CLAMPADD (base, offset), ps,
                         __MF_TYPE_HEAP_I, "mmap page");
        }
    }
 
  return result;
}
 
 
#if PIC
/* A special bootstrap variant. */
int
__mf_0fn_munmap (void *start, size_t length)
{
  return -1;
}
#endif
 
 
#undef munmap
WRAPPER(int , munmap, void *start, size_t length)
{
  DECLARE(int, munmap, void *, size_t);
  int result;
  BEGIN_PROTECT (munmap, start, length);
 
  result = CALL_REAL (munmap, start, length);
 
  /*
  VERBOSE_TRACE ("munmap (%08lx, %08lx, ...) => %08lx\n",
                 (uintptr_t) start, (uintptr_t) length,
                 (uintptr_t) result);
  */
 
  if (result == 0)
    {
      /* Unregister each page as a heap object.  */
      size_t ps = getpagesize ();
      uintptr_t base = (uintptr_t) start & (~ (ps - 1)); /* page align */
      uintptr_t offset;
 
      for (offset=0; offset<length; offset+=ps)
        __mf_unregister ((void *) CLAMPADD (base, offset), ps, __MF_TYPE_HEAP_I);
    }
  return result;
}
#endif /* HAVE_MMAP */
 
 
#ifdef HAVE_MMAP64
#if PIC
/* A special bootstrap variant. */
void *
__mf_0fn_mmap64 (void *start, size_t l, int prot, int f, int fd, off64_t off)
{
  return (void *) -1;
}
#endif
 
 
#undef mmap
WRAPPER(void *, mmap64,
        void  *start,  size_t length, int prot,
        int flags, int fd, off64_t offset)
{
  DECLARE(void *, mmap64, void *, size_t, int,
                            int, int, off64_t);
  void *result;
  BEGIN_PROTECT (mmap64, start, length, prot, flags, fd, offset);
 
  result = CALL_REAL (mmap64, start, length, prot,
                        flags, fd, offset);
 
  /*
  VERBOSE_TRACE ("mmap64 (%08lx, %08lx, ...) => %08lx\n",
                 (uintptr_t) start, (uintptr_t) length,
                 (uintptr_t) result);
  */
 
  if (result != (void *)-1)
    {
      /* Register each page as a heap object.  Why not register it all
         as a single segment?  That's so that a later munmap() call
         can unmap individual pages.  XXX: would __MF_TYPE_GUESS make
         this more automatic?  */
      size_t ps = getpagesize ();
      uintptr_t base = (uintptr_t) result;
      uintptr_t offset;
 
      for (offset=0; offset<length; offset+=ps)
        {
          /* XXX: We could map PROT_NONE to __MF_TYPE_NOACCESS. */
          /* XXX: Unaccessed HEAP pages are reported as leaks.  Is this
             appropriate for unaccessed mmap pages? */
          __mf_register ((void *) CLAMPADD (base, offset), ps,
                         __MF_TYPE_HEAP_I, "mmap64 page");
        }
    }
 
  return result;
}
#endif /* HAVE_MMAP64 */
 
 
/* This wrapper is a little different, as it's called indirectly from
   __mf_fini also to clean up pending allocations.  */
void *
__mf_wrap_alloca_indirect (size_t c)
{
  DECLARE (void *, malloc, size_t);
  DECLARE (void, free, void *);
 
  /* This struct, a linked list, tracks alloca'd objects.  The newest
     object is at the head of the list.  If we detect that we've
     popped a few levels of stack, then the listed objects are freed
     as needed.  NB: The tracking struct is allocated with
     real_malloc; the user data with wrap_malloc.
  */
  struct alloca_tracking { void *ptr; void *stack; struct alloca_tracking* next; };
  static struct alloca_tracking *alloca_history = NULL;
 
  void *stack = __builtin_frame_address (0);
  void *result;
  struct alloca_tracking *track;
 
  TRACE ("%s\n", __PRETTY_FUNCTION__);
  VERBOSE_TRACE ("alloca stack level %p\n", (void *) stack);
 
  /* XXX: thread locking! */
 
  /* Free any previously alloca'd blocks that belong to deeper-nested functions,
     which must therefore have exited by now.  */
 
#define DEEPER_THAN < /* XXX: for x86; steal find_stack_direction() from libiberty/alloca.c */
 
  while (alloca_history &&
         ((uintptr_t) alloca_history->stack DEEPER_THAN (uintptr_t) stack))
    {
      struct alloca_tracking *next = alloca_history->next;
      __mf_unregister (alloca_history->ptr, 0, __MF_TYPE_HEAP);
      BEGIN_MALLOC_PROTECT ();
      CALL_REAL (free, alloca_history->ptr);
      CALL_REAL (free, alloca_history);
      END_MALLOC_PROTECT ();
      alloca_history = next;
    }
 
  /* Allocate new block.  */
  result = NULL;
  if (LIKELY (c > 0)) /* alloca(0) causes no allocation.  */
    {
      BEGIN_MALLOC_PROTECT ();
      track = (struct alloca_tracking *) CALL_REAL (malloc,
                                                    sizeof (struct alloca_tracking));
      END_MALLOC_PROTECT ();
      if (LIKELY (track != NULL))
        {
          BEGIN_MALLOC_PROTECT ();
          result = CALL_REAL (malloc, c);
          END_MALLOC_PROTECT ();
          if (UNLIKELY (result == NULL))
            {
              BEGIN_MALLOC_PROTECT ();
              CALL_REAL (free, track);
              END_MALLOC_PROTECT ();
              /* Too bad.  XXX: What about errno?  */
            }
          else
            {
              __mf_register (result, c, __MF_TYPE_HEAP, "alloca region");
              track->ptr = result;
              track->stack = stack;
              track->next = alloca_history;
              alloca_history = track;
            }
        }
    }
 
  return result;
}
 
 
#undef alloca
WRAPPER(void *, alloca, size_t c)
{
  return __mf_wrap_alloca_indirect (c);
}
 

Browse

Tools

Subversion Repositories openrisc

[/] [openrisc/] [trunk/] [gnu-dev/] [or1k-gcc/] [libmudflap/] [mf-hooks1.c] - Blame information for rev 738

Line No.	Rev	Author	Line
1	738	jeremybenn	`/* Mudflap: narrow-pointer bounds-checking by tree rewriting.`
2			`Copyright (C) 2002, 2003, 2004, 2009, 2011 Free Software Foundation, Inc.`
3			`Contributed by Frank Ch. Eigler <fche@redhat.com>`
4			`and Graydon Hoare <graydon@redhat.com>`
5
6			`This file is part of GCC.`
7
8			`GCC is free software; you can redistribute it and/or modify it under`
9			`the terms of the GNU General Public License as published by the Free`
10			`Software Foundation; either version 3, or (at your option) any later`
11			`version.`
12
13			`GCC is distributed in the hope that it will be useful, but WITHOUT ANY`
14			`WARRANTY; without even the implied warranty of MERCHANTABILITY or`
15			`FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License`
16			`for more details.`
17
18			`Under Section 7 of GPL version 3, you are granted additional`
19			`permissions described in the GCC Runtime Library Exception, version`
20			`3.1, as published by the Free Software Foundation.`
21
22			`You should have received a copy of the GNU General Public License and`
23			`a copy of the GCC Runtime Library Exception along with this program;`
24			`see the files COPYING3 and COPYING.RUNTIME respectively. If not, see`
25			`<http://www.gnu.org/licenses/>. */`
26
27			`#include "config.h"`
28
29			`#ifndef HAVE_SOCKLEN_T`
30			`#define socklen_t int`
31			`#endif`
32
33
34			`/* These attempt to coax various unix flavours to declare all our`
35			`needed tidbits in the system headers. */`
36			`#if !defined(__FreeBSD__) && !defined(__APPLE__)`
37			`#define _POSIX_SOURCE`
38			`#endif /* Some BSDs break <sys/socket.h> if this is defined. */`
39			`#define _GNU_SOURCE`
40			`#define _XOPEN_SOURCE`
41			`#define _BSD_TYPES`
42			`#define __EXTENSIONS__`
43			`#define _ALL_SOURCE`
44			`#define _LARGE_FILE_API`
45			`#define _XOPEN_SOURCE_EXTENDED 1`
46
47			`#include <string.h>`
48			`#include <stdio.h>`
49			`#include <stdlib.h>`
50			`#include <sys/time.h>`
51			`#include <sys/types.h>`
52			`#include <unistd.h>`
53			`#include <assert.h>`
54			`#include <errno.h>`
55			`#include <limits.h>`
56			`#include <time.h>`
57
58			`#include "mf-runtime.h"`
59			`#include "mf-impl.h"`
60
61			`#ifdef _MUDFLAP`
62			`#error "Do not compile this file with -fmudflap!"`
63			`#endif`
64
65
66			`/* Memory allocation related hook functions. Some of these are`
67			`intercepted via linker wrapping or symbol interposition. Others`
68			`use plain macros in mf-runtime.h. */`
69
70
71			`#if PIC`
72
73			`enum { BS = 4096, NB=10 };`
74			`static char __mf_0fn_bufs[NB][BS];`
75			`static unsigned __mf_0fn_bufs_used[NB];`
76
77
78			`/* A special bootstrap variant. */`
79			`void *`
80			`__mf_0fn_malloc (size_t c)`
81			`{`
82			`unsigned i;`
83
84			`for (i=0; i<NB; i++)`
85			`{`
86			`if (! __mf_0fn_bufs_used[i] && c < BS)`
87			`{`
88			`__mf_0fn_bufs_used[i] = 1;`
89			`return & __mf_0fn_bufs[i][0];`
90			`}`
91			`}`
92			`return NULL;`
93			`}`
94			`#endif`
95
96
97			`#undef malloc`
98			`WRAPPER(void *, malloc, size_t c)`
99			`{`
100			`size_t size_with_crumple_zones;`
101			`DECLARE(void *, malloc, size_t c);`
102			`void *result;`
103			`BEGIN_PROTECT (malloc, c);`
104
105			`size_with_crumple_zones =`
106			`CLAMPADD(c,CLAMPADD(__mf_opts.crumple_zone,`
107			`__mf_opts.crumple_zone));`
108			`BEGIN_MALLOC_PROTECT ();`
109			`result = (char *) CALL_REAL (malloc, size_with_crumple_zones);`
110			`END_MALLOC_PROTECT ();`
111
112			`if (LIKELY(result))`
113			`{`
114			`result += __mf_opts.crumple_zone;`
115			`__mf_register (result, c, __MF_TYPE_HEAP, "malloc region");`
116			`/* XXX: register __MF_TYPE_NOACCESS for crumple zones. */`
117			`}`
118
119			`return result;`
120			`}`
121
122
123			`#ifdef PIC`
124			`/* A special bootstrap variant. */`
125			`void *`
126			`__mf_0fn_calloc (size_t c, size_t n)`
127			`{`
128			`return __mf_0fn_malloc (c * n);`
129			`}`
130			`#endif`
131
132
133			`#undef calloc`
134			`WRAPPER(void *, calloc, size_t c, size_t n)`
135			`{`
136			`size_t size_with_crumple_zones;`
137			`DECLARE(void *, calloc, size_t, size_t);`
138			`DECLARE(void *, malloc, size_t);`
139			`DECLARE(void , memset, void , int, size_t);`
140			`char *result;`
141			`BEGIN_PROTECT (calloc, c, n);`
142
143			`size_with_crumple_zones =`
144			`CLAMPADD((c * n), /* XXX: CLAMPMUL */`
145			`CLAMPADD(__mf_opts.crumple_zone,`
146			`__mf_opts.crumple_zone));`
147			`BEGIN_MALLOC_PROTECT ();`
148			`result = (char *) CALL_REAL (malloc, size_with_crumple_zones);`
149			`END_MALLOC_PROTECT ();`
150
151			`if (LIKELY(result))`
152			`memset (result, 0, size_with_crumple_zones);`
153
154			`if (LIKELY(result))`
155			`{`
156			`result += __mf_opts.crumple_zone;`
157			`__mf_register (result, cn / XXX: clamp */, __MF_TYPE_HEAP_I, "calloc region");`
158			`/* XXX: register __MF_TYPE_NOACCESS for crumple zones. */`
159			`}`
160
161			`return result;`
162			`}`
163
164
165			`#if PIC`
166			`/* A special bootstrap variant. */`
167			`void *`
168			`__mf_0fn_realloc (void *buf, size_t c)`
169			`{`
170			`return NULL;`
171			`}`
172			`#endif`
173
174
175			`#undef realloc`
176			`WRAPPER(void , realloc, void buf, size_t c)`
177			`{`
178			`DECLARE(void * , realloc, void *, size_t);`
179			`size_t size_with_crumple_zones;`
180			`char *base = buf;`
181			`unsigned saved_wipe_heap;`
182			`char *result;`
183			`BEGIN_PROTECT (realloc, buf, c);`
184
185			`if (LIKELY(buf))`
186			`base -= __mf_opts.crumple_zone;`
187
188			`size_with_crumple_zones =`
189			`CLAMPADD(c, CLAMPADD(__mf_opts.crumple_zone,`
190			`__mf_opts.crumple_zone));`
191			`BEGIN_MALLOC_PROTECT ();`
192			`result = (char *) CALL_REAL (realloc, base, size_with_crumple_zones);`
193			`END_MALLOC_PROTECT ();`
194
195			`/* Ensure heap wiping doesn't occur during this peculiar`
196			`unregister/reregister pair. */`
197			`LOCKTH ();`
198			`__mf_set_state (reentrant);`
199			`saved_wipe_heap = __mf_opts.wipe_heap;`
200			`__mf_opts.wipe_heap = 0;`
201
202			`if (LIKELY(buf))`
203			`__mfu_unregister (buf, 0, __MF_TYPE_HEAP_I);`
204			`/* NB: underlying region may have been __MF_TYPE_HEAP. */`
205
206			`if (LIKELY(result))`
207			`{`
208			`result += __mf_opts.crumple_zone;`
209			`__mfu_register (result, c, __MF_TYPE_HEAP_I, "realloc region");`
210			`/* XXX: register __MF_TYPE_NOACCESS for crumple zones. */`
211			`}`
212
213			`/* Restore previous setting. */`
214			`__mf_opts.wipe_heap = saved_wipe_heap;`
215
216			`__mf_set_state (active);`
217			`UNLOCKTH ();`
218
219			`return result;`
220			`}`
221
222
223			`#if PIC`
224			`/* A special bootstrap variant. */`
225			`void`
226			`__mf_0fn_free (void *buf)`
227			`{`
228			`return;`
229			`}`
230			`#endif`
231
232			`#undef free`
233			`WRAPPER(void, free, void *buf)`
234			`{`
235			`/* Use a circular queue to delay some number (__mf_opts.free_queue_length) of free()s. */`
236			`static void *free_queue [__MF_FREEQ_MAX];`
237			`static unsigned free_ptr = 0;`
238			`static int freeq_initialized = 0;`
239			`DECLARE(void, free, void *);`
240
241			`BEGIN_PROTECT (free, buf);`
242
243			`if (UNLIKELY(buf == NULL))`
244			`return;`
245
246			`#if PIC`
247			`/* Check whether the given buffer might have come from a`
248			`__mf_0fn_malloc/calloc call that for whatever reason was not`
249			`redirected back to __mf_0fn_free. If so, we just ignore the`
250			`call. */`
251			`if (UNLIKELY((uintptr_t) buf >= (uintptr_t) __mf_0fn_bufs &&`
252			`(uintptr_t) buf < ((uintptr_t) __mf_0fn_bufs + sizeof(__mf_0fn_bufs))))`
253			`{`
254			`VERBOSE_TRACE ("skipping free of boot (0fn) alloc buffer %p\n", buf);`
255			`return;`
256			`}`
257			`#endif`
258
259			`LOCKTH ();`
260			`if (UNLIKELY(!freeq_initialized))`
261			`{`
262			`memset (free_queue, 0,`
263			`__MF_FREEQ_MAX * sizeof (void *));`
264			`freeq_initialized = 1;`
265			`}`
266			`UNLOCKTH ();`
267
268			`__mf_unregister (buf, 0, __MF_TYPE_HEAP_I);`
269			`/* NB: underlying region may have been __MF_TYPE_HEAP. */`
270
271			`if (UNLIKELY(__mf_opts.free_queue_length > 0))`
272			`{`
273			`char *freeme = NULL;`
274			`LOCKTH ();`
275			`if (free_queue [free_ptr] != NULL)`
276			`{`
277			`freeme = free_queue [free_ptr];`
278			`freeme -= __mf_opts.crumple_zone;`
279			`}`
280			`free_queue [free_ptr] = buf;`
281			`free_ptr = (free_ptr == (__mf_opts.free_queue_length-1) ? 0 : free_ptr + 1);`
282			`UNLOCKTH ();`
283			`if (freeme)`
284			`{`
285			`if (__mf_opts.trace_mf_calls)`
286			`{`
287			`VERBOSE_TRACE ("freeing deferred pointer %p (crumple %u)\n",`
288			`(void *) freeme,`
289			`__mf_opts.crumple_zone);`
290			`}`
291			`BEGIN_MALLOC_PROTECT ();`
292			`CALL_REAL (free, freeme);`
293			`END_MALLOC_PROTECT ();`
294			`}`
295			`}`
296			`else`
297			`{`
298			`/* back pointer up a bit to the beginning of crumple zone */`
299			`char base = (char )buf;`
300			`base -= __mf_opts.crumple_zone;`
301			`if (__mf_opts.trace_mf_calls)`
302			`{`
303			`VERBOSE_TRACE ("freeing pointer %p = %p - %u\n",`
304			`(void *) base,`
305			`(void *) buf,`
306			`__mf_opts.crumple_zone);`
307			`}`
308			`BEGIN_MALLOC_PROTECT ();`
309			`CALL_REAL (free, base);`
310			`END_MALLOC_PROTECT ();`
311			`}`
312			`}`
313
314
315			`/* We can only wrap mmap if the target supports it. Likewise for munmap.`
316			`We assume we have both if we have mmap. */`
317			`#ifdef HAVE_MMAP`
318
319			`#if PIC`
320			`/* A special bootstrap variant. */`
321			`void *`
322			`__mf_0fn_mmap (void *start, size_t l, int prot, int f, int fd, off_t off)`
323			`{`
324			`#if defined(__FreeBSD__)`
325			`if (f == 0x1000 && fd == -1 && prot == 0 && off == 0)`
326			`return 0;`
327			`#endif /* Ignore red zone allocation request for initial thread's stack. */`
328
329			`return (void *) -1;`
330			`}`
331			`#endif`
332
333
334			`#undef mmap`
335			`WRAPPER(void *, mmap,`
336			`void *start, size_t length, int prot,`
337			`int flags, int fd, off_t offset)`
338			`{`
339			`DECLARE(void , mmap, void , size_t, int,`
340			`int, int, off_t);`
341			`void *result;`
342			`BEGIN_PROTECT (mmap, start, length, prot, flags, fd, offset);`
343
344			`result = CALL_REAL (mmap, start, length, prot,`
345			`flags, fd, offset);`
346
347			`/*`
348			`VERBOSE_TRACE ("mmap (%08lx, %08lx, ...) => %08lx\n",`
349			`(uintptr_t) start, (uintptr_t) length,`
350			`(uintptr_t) result);`
351			`*/`
352
353			`if (result != (void *)-1)`
354			`{`
355			`/* Register each page as a heap object. Why not register it all`
356			`as a single segment? That's so that a later munmap() call`
357			`can unmap individual pages. XXX: would __MF_TYPE_GUESS make`
358			`this more automatic? */`
359			`size_t ps = getpagesize ();`
360			`uintptr_t base = (uintptr_t) result;`
361			`uintptr_t offset;`
362
363			`for (offset=0; offset<length; offset+=ps)`
364			`{`
365			`/* XXX: We could map PROT_NONE to __MF_TYPE_NOACCESS. */`
366			`/* XXX: Unaccessed HEAP pages are reported as leaks. Is this`
367			`appropriate for unaccessed mmap pages? */`
368			`__mf_register ((void *) CLAMPADD (base, offset), ps,`
369			`__MF_TYPE_HEAP_I, "mmap page");`
370			`}`
371			`}`
372
373			`return result;`
374			`}`
375
376
377			`#if PIC`
378			`/* A special bootstrap variant. */`
379			`int`
380			`__mf_0fn_munmap (void *start, size_t length)`
381			`{`
382			`return -1;`
383			`}`
384			`#endif`
385
386
387			`#undef munmap`
388			`WRAPPER(int , munmap, void *start, size_t length)`
389			`{`
390			`DECLARE(int, munmap, void *, size_t);`
391			`int result;`
392			`BEGIN_PROTECT (munmap, start, length);`
393
394			`result = CALL_REAL (munmap, start, length);`
395
396			`/*`
397			`VERBOSE_TRACE ("munmap (%08lx, %08lx, ...) => %08lx\n",`
398			`(uintptr_t) start, (uintptr_t) length,`
399			`(uintptr_t) result);`
400			`*/`
401
402			`if (result == 0)`
403			`{`
404			`/* Unregister each page as a heap object. */`
405			`size_t ps = getpagesize ();`
406			`uintptr_t base = (uintptr_t) start & (~ (ps - 1)); /* page align */`
407			`uintptr_t offset;`
408
409			`for (offset=0; offset<length; offset+=ps)`
410			`__mf_unregister ((void *) CLAMPADD (base, offset), ps, __MF_TYPE_HEAP_I);`
411			`}`
412			`return result;`
413			`}`
414			`#endif /* HAVE_MMAP */`
415
416
417			`#ifdef HAVE_MMAP64`
418			`#if PIC`
419			`/* A special bootstrap variant. */`
420			`void *`
421			`__mf_0fn_mmap64 (void *start, size_t l, int prot, int f, int fd, off64_t off)`
422			`{`
423			`return (void *) -1;`
424			`}`
425			`#endif`
426
427
428			`#undef mmap`
429			`WRAPPER(void *, mmap64,`
430			`void *start, size_t length, int prot,`
431			`int flags, int fd, off64_t offset)`
432			`{`
433			`DECLARE(void , mmap64, void , size_t, int,`
434			`int, int, off64_t);`
435			`void *result;`
436			`BEGIN_PROTECT (mmap64, start, length, prot, flags, fd, offset);`
437
438			`result = CALL_REAL (mmap64, start, length, prot,`
439			`flags, fd, offset);`
440
441			`/*`
442			`VERBOSE_TRACE ("mmap64 (%08lx, %08lx, ...) => %08lx\n",`
443			`(uintptr_t) start, (uintptr_t) length,`
444			`(uintptr_t) result);`
445			`*/`
446
447			`if (result != (void *)-1)`
448			`{`
449			`/* Register each page as a heap object. Why not register it all`
450			`as a single segment? That's so that a later munmap() call`
451			`can unmap individual pages. XXX: would __MF_TYPE_GUESS make`
452			`this more automatic? */`
453			`size_t ps = getpagesize ();`
454			`uintptr_t base = (uintptr_t) result;`
455			`uintptr_t offset;`
456
457			`for (offset=0; offset<length; offset+=ps)`
458			`{`
459			`/* XXX: We could map PROT_NONE to __MF_TYPE_NOACCESS. */`
460			`/* XXX: Unaccessed HEAP pages are reported as leaks. Is this`
461			`appropriate for unaccessed mmap pages? */`
462			`__mf_register ((void *) CLAMPADD (base, offset), ps,`
463			`__MF_TYPE_HEAP_I, "mmap64 page");`
464			`}`
465			`}`
466
467			`return result;`
468			`}`
469			`#endif /* HAVE_MMAP64 */`
470
471
472			`/* This wrapper is a little different, as it's called indirectly from`
473			`__mf_fini also to clean up pending allocations. */`
474			`void *`
475			`__mf_wrap_alloca_indirect (size_t c)`
476			`{`
477			`DECLARE (void *, malloc, size_t);`
478			`DECLARE (void, free, void *);`
479
480			`/* This struct, a linked list, tracks alloca'd objects. The newest`
481			`object is at the head of the list. If we detect that we've`
482			`popped a few levels of stack, then the listed objects are freed`
483			`as needed. NB: The tracking struct is allocated with`
484			`real_malloc; the user data with wrap_malloc.`
485			`*/`
486			`struct alloca_tracking { void ptr; void stack; struct alloca_tracking* next; };`
487			`static struct alloca_tracking *alloca_history = NULL;`
488
489			`void *stack = __builtin_frame_address (0);`
490			`void *result;`
491			`struct alloca_tracking *track;`
492
493			`TRACE ("%s\n", __PRETTY_FUNCTION__);`
494			`VERBOSE_TRACE ("alloca stack level %p\n", (void *) stack);`
495
496			`/* XXX: thread locking! */`
497
498			`/* Free any previously alloca'd blocks that belong to deeper-nested functions,`
499			`which must therefore have exited by now. */`
500
501			`#define DEEPER_THAN < /* XXX: for x86; steal find_stack_direction() from libiberty/alloca.c */`
502
503			`while (alloca_history &&`
504			`((uintptr_t) alloca_history->stack DEEPER_THAN (uintptr_t) stack))`
505			`{`
506			`struct alloca_tracking *next = alloca_history->next;`
507			`__mf_unregister (alloca_history->ptr, 0, __MF_TYPE_HEAP);`
508			`BEGIN_MALLOC_PROTECT ();`
509			`CALL_REAL (free, alloca_history->ptr);`
510			`CALL_REAL (free, alloca_history);`
511			`END_MALLOC_PROTECT ();`
512			`alloca_history = next;`
513			`}`
514
515			`/* Allocate new block. */`
516			`result = NULL;`
517			`if (LIKELY (c > 0)) /* alloca(0) causes no allocation. */`
518			`{`
519			`BEGIN_MALLOC_PROTECT ();`
520			`track = (struct alloca_tracking *) CALL_REAL (malloc,`
521			`sizeof (struct alloca_tracking));`
522			`END_MALLOC_PROTECT ();`
523			`if (LIKELY (track != NULL))`
524			`{`
525			`BEGIN_MALLOC_PROTECT ();`
526			`result = CALL_REAL (malloc, c);`
527			`END_MALLOC_PROTECT ();`
528			`if (UNLIKELY (result == NULL))`
529			`{`
530			`BEGIN_MALLOC_PROTECT ();`
531			`CALL_REAL (free, track);`
532			`END_MALLOC_PROTECT ();`
533			`/* Too bad. XXX: What about errno? */`
534			`}`
535			`else`
536			`{`
537			`__mf_register (result, c, __MF_TYPE_HEAP, "alloca region");`
538			`track->ptr = result;`
539			`track->stack = stack;`
540			`track->next = alloca_history;`
541			`alloca_history = track;`
542			`}`
543			`}`
544			`}`
545
546			`return result;`
547			`}`
548
549
550			`#undef alloca`
551			`WRAPPER(void *, alloca, size_t c)`
552			`{`
553			`return __mf_wrap_alloca_indirect (c);`
554			`}`
555