X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=crypto%2Fmem_dbg.c;h=ef19d8f8448992b1687872780ca6bd2b3f942053;hb=c68f0506474b70ba35dd17a4477fb2d15d639bcb;hp=4bddbe07b2a9a03a080bc5fa22f2a16c610ae0d1;hpb=d8df48a9bccb0f408b11af9a71abbf28a675839b;p=oweals%2Fopenssl.git diff --git a/crypto/mem_dbg.c b/crypto/mem_dbg.c index 4bddbe07b2..ef19d8f844 100644 --- a/crypto/mem_dbg.c +++ b/crypto/mem_dbg.c @@ -65,7 +65,12 @@ #include #include "cryptlib.h" -/* State CRYPTO_MEM_CHECK_ON exists only temporarily when the library +static int mh_mode=CRYPTO_MEM_CHECK_OFF; +/* The state changes to CRYPTO_MEM_CHECK_ON | CRYPTO_MEM_CHECK_ENABLE + * when the application asks for it (usually after library initialisation + * for which no book-keeping is desired). + * + * State CRYPTO_MEM_CHECK_ON exists only temporarily when the library * thinks that certain allocations should not be checked (e.g. the data * structures used for memory checking). It is not suitable as an initial * state: the library will unexpectedly enable memory checking when it @@ -74,29 +79,38 @@ * * State CRYPTO_MEM_CHECK_ENABLE without ..._ON makes no sense whatsoever. */ -static int mh_mode=CRYPTO_MEM_CHECK_OFF; -static unsigned long disabling_thread = 0; - -static unsigned long order=0; +static unsigned long order = 0; /* number of memory requests */ +static LHASH *mh=NULL; /* hash-table of memory requests (address as key); + * access requires MALLOC2 lock */ -static LHASH *amih=NULL; typedef struct app_mem_info_st +/* For application-defined information (static C-string `info') + * to be displayed in memory leak list. + * Each thread has its own stack. For applications, there is + * CRYPTO_push_info("...") to push an entry, + * CRYPTO_pop_info() to pop an entry, + * CRYPTO_remove_all_info() to pop all entries. + */ { unsigned long thread; const char *file; int line; const char *info; - struct app_mem_info_st *next; + struct app_mem_info_st *next; /* tail of thread's stack */ int references; } APP_INFO; -static LHASH *mh=NULL; +static LHASH *amih=NULL; /* hash-table with those app_mem_info_st's + * that are at the top of their thread's stack + * (with `thread' as key); + * access requires MALLOC2 lock */ typedef struct mem_st +/* memory-block description */ { - char *addr; + void *addr; int num; const char *file; int line; @@ -106,30 +120,25 @@ typedef struct mem_st APP_INFO *app_info; } MEM; - -#ifdef CRYPTO_MDEBUG_ALL -# ifndef CRYPTO_MDEBUG_TIME -# define CRYPTO_MDEBUG_TIME -# endif -# ifndef CRYPTO_MDEBUG_THREAD -# define CRYPTO_MDEBUG_THREAD -# endif +static long options = /* extra information to be recorded */ +#if defined(CRYPTO_MDEBUG_TIME) || defined(CRYPTO_MDEBUG_ALL) + V_CRYPTO_MDEBUG_TIME | #endif - -/* Get defaults that will depend on some macros defined elsewhere */ -#ifdef CRYPTO_MDEBUG_TIME -#define DEF_V_CRYPTO_MDEBUG_TIME V_CRYPTO_MDEBUG_TIME -#else -#define DEF_V_CRYPTO_MDEBUG_TIME 0 -#endif -#ifdef CRYPTO_MDEBUG_THREAD -#define DEF_V_CRYPTO_MDEBUG_THREAD V_CRYPTO_MDEBUG_THREAD -#else -#define DEF_V_CRYPTO_MDEBUG_THREAD 0 +#if defined(CRYPTO_MDEBUG_THREAD) || defined(CRYPTO_MDEBUG_ALL) + V_CRYPTO_MDEBUG_THREAD | #endif + 0; -static int options = DEF_V_CRYPTO_MDEBUG_TIME | DEF_V_CRYPTO_MDEBUG_THREAD; +static unsigned int num_disable = 0; /* num_disable > 0 + * iff + * mh_mode == CRYPTO_MEM_CHECK_ON (w/o ..._ENABLE) + */ +static unsigned long disabling_thread = 0; /* Valid iff num_disable > 0. + * CRYPTO_LOCK_MALLOC2 is locked + * exactly in this case (by the + * thread named in disabling_thread). + */ int CRYPTO_mem_ctrl(int mode) { @@ -138,27 +147,28 @@ int CRYPTO_mem_ctrl(int mode) CRYPTO_w_lock(CRYPTO_LOCK_MALLOC); switch (mode) { - /* for applications: */ + /* for applications (not to be called while multiple threads + * use the library): */ case CRYPTO_MEM_CHECK_ON: /* aka MemCheck_start() */ mh_mode = CRYPTO_MEM_CHECK_ON|CRYPTO_MEM_CHECK_ENABLE; - disabling_thread = 0; + num_disable = 0; break; case CRYPTO_MEM_CHECK_OFF: /* aka MemCheck_stop() */ mh_mode = 0; - disabling_thread = 0; + num_disable = 0; /* should be true *before* MemCheck_stop is used, + or there'll be a lot of confusion */ break; /* switch off temporarily (for library-internal use): */ case CRYPTO_MEM_CHECK_DISABLE: /* aka MemCheck_off() */ if (mh_mode & CRYPTO_MEM_CHECK_ON) { - mh_mode&= ~CRYPTO_MEM_CHECK_ENABLE; - if (disabling_thread != CRYPTO_thread_id()) /* otherwise we already have the MALLOC2 lock */ + if (!num_disable || (disabling_thread != CRYPTO_thread_id())) /* otherwise we already have the MALLOC2 lock */ { /* Long-time lock CRYPTO_LOCK_MALLOC2 must not be claimed while * we're holding CRYPTO_LOCK_MALLOC, or we'll deadlock if - * somebody else holds CRYPTO_LOCK_MALLOC2 (and cannot release it - * because we block entry to this function). + * somebody else holds CRYPTO_LOCK_MALLOC2 (and cannot release + * it because we block entry to this function). * Give them a chance, first, and then claim the locks in * appropriate order (long-time lock first). */ @@ -170,18 +180,23 @@ int CRYPTO_mem_ctrl(int mode) * OpenSSL threads. */ CRYPTO_w_lock(CRYPTO_LOCK_MALLOC2); CRYPTO_w_lock(CRYPTO_LOCK_MALLOC); + mh_mode &= ~CRYPTO_MEM_CHECK_ENABLE; disabling_thread=CRYPTO_thread_id(); } + num_disable++; } break; case CRYPTO_MEM_CHECK_ENABLE: /* aka MemCheck_on() */ if (mh_mode & CRYPTO_MEM_CHECK_ON) { - mh_mode|=CRYPTO_MEM_CHECK_ENABLE; - if (disabling_thread != 0) + if (num_disable) /* always true, or something is going wrong */ { - disabling_thread=0; - CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC2); + num_disable--; + if (num_disable == 0) + { + mh_mode|=CRYPTO_MEM_CHECK_ENABLE; + CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC2); + } } } break; @@ -193,36 +208,36 @@ int CRYPTO_mem_ctrl(int mode) return(ret); } -int CRYPTO_mem_check_on(void) +int CRYPTO_is_mem_check_on(void) { int ret = 0; if (mh_mode & CRYPTO_MEM_CHECK_ON) { - CRYPTO_w_lock(CRYPTO_LOCK_MALLOC); + CRYPTO_r_lock(CRYPTO_LOCK_MALLOC); ret = (mh_mode & CRYPTO_MEM_CHECK_ENABLE) - && disabling_thread != CRYPTO_thread_id(); + || (disabling_thread != CRYPTO_thread_id()); - CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC); + CRYPTO_r_unlock(CRYPTO_LOCK_MALLOC); } return(ret); } -void CRYPTO_dbg_set_options(int bits) +void CRYPTO_dbg_set_options(long bits) { options = bits; } -int CRYPTO_dbg_get_options() +long CRYPTO_dbg_get_options(void) { return options; } static int mem_cmp(MEM *a, MEM *b) { - return(a->addr - b->addr); + return((char *)a->addr - (char *)b->addr); } static unsigned long mem_hash(MEM *a) @@ -237,7 +252,7 @@ static unsigned long mem_hash(MEM *a) static int app_info_cmp(APP_INFO *a, APP_INFO *b) { - return(a->thread - b->thread); + return(a->thread != b->thread); } static unsigned long app_info_hash(APP_INFO *a) @@ -250,7 +265,7 @@ static unsigned long app_info_hash(APP_INFO *a) return(ret); } -static APP_INFO *remove_info() +static APP_INFO *pop_info() { APP_INFO tmp; APP_INFO *ret = NULL; @@ -258,7 +273,7 @@ static APP_INFO *remove_info() if (amih != NULL) { tmp.thread=CRYPTO_thread_id(); - if ((ret=(APP_INFO *)lh_delete(amih,(char *)&tmp)) != NULL) + if ((ret=(APP_INFO *)lh_delete(amih,&tmp)) != NULL) { APP_INFO *next=ret->next; @@ -270,7 +285,7 @@ static APP_INFO *remove_info() #ifdef LEVITTE_DEBUG if (ret->thread != tmp.thread) { - fprintf(stderr, "remove_info(): deleted info has other thread ID (%lu) than the current thread (%lu)!!!!\n", + fprintf(stderr, "pop_info(): deleted info has other thread ID (%lu) than the current thread (%lu)!!!!\n", ret->thread, tmp.thread); abort(); } @@ -280,23 +295,23 @@ static APP_INFO *remove_info() ret->next = NULL; if (next != NULL) next->references--; - Free(ret); + OPENSSL_free(ret); } } } return(ret); } -int CRYPTO_add_info(const char *file, int line, const char *info) +int CRYPTO_push_info_(const char *info, const char *file, int line) { APP_INFO *ami, *amim; int ret=0; if (is_MemCheck_on()) { - MemCheck_off(); + MemCheck_off(); /* obtain MALLOC2 lock */ - if ((ami = (APP_INFO *)Malloc(sizeof(APP_INFO))) == NULL) + if ((ami = (APP_INFO *)OPENSSL_malloc(sizeof(APP_INFO))) == NULL) { ret=0; goto err; @@ -305,7 +320,7 @@ int CRYPTO_add_info(const char *file, int line, const char *info) { if ((amih=lh_new(app_info_hash,app_info_cmp)) == NULL) { - Free(ami); + OPENSSL_free(ami); ret=0; goto err; } @@ -323,7 +338,7 @@ int CRYPTO_add_info(const char *file, int line, const char *info) #ifdef LEVITTE_DEBUG if (ami->thread != amim->thread) { - fprintf(stderr, "CRYPTO_add_info(): previous info has other thread ID (%lu) than the current thread (%lu)!!!!\n", + fprintf(stderr, "CRYPTO_push_info(): previous info has other thread ID (%lu) than the current thread (%lu)!!!!\n", amim->thread, ami->thread); abort(); } @@ -331,23 +346,23 @@ int CRYPTO_add_info(const char *file, int line, const char *info) ami->next=amim; } err: - MemCheck_on(); + MemCheck_on(); /* release MALLOC2 lock */ } return(ret); } -int CRYPTO_remove_info(void) +int CRYPTO_pop_info(void) { int ret=0; - if (is_MemCheck_on()) + if (is_MemCheck_on()) /* _must_ be true, or something went severely wrong */ { - MemCheck_off(); + MemCheck_off(); /* obtain MALLOC2 lock */ - ret=(remove_info() != NULL); + ret=(pop_info() != NULL); - MemCheck_on(); + MemCheck_on(); /* release MALLOC2 lock */ } return(ret); } @@ -356,14 +371,14 @@ int CRYPTO_remove_all_info(void) { int ret=0; - if (is_MemCheck_on()) + if (is_MemCheck_on()) /* _must_ be true */ { - MemCheck_off(); + MemCheck_off(); /* obtain MALLOC2 lock */ - while(remove_info() != NULL) + while(pop_info() != NULL) ret++; - MemCheck_on(); + MemCheck_on(); /* release MALLOC2 lock */ } return(ret); } @@ -386,19 +401,20 @@ void CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line, if (is_MemCheck_on()) { - MemCheck_off(); - if ((m=(MEM *)Malloc(sizeof(MEM))) == NULL) + MemCheck_off(); /* make sure we hold MALLOC2 lock */ + if ((m=(MEM *)OPENSSL_malloc(sizeof(MEM))) == NULL) { - Free(addr); - MemCheck_on(); + OPENSSL_free(addr); + MemCheck_on(); /* release MALLOC2 lock + * if num_disabled drops to 0 */ return; } if (mh == NULL) { if ((mh=lh_new(mem_hash,mem_cmp)) == NULL) { - Free(addr); - Free(m); + OPENSSL_free(addr); + OPENSSL_free(m); addr=NULL; goto err; } @@ -446,10 +462,11 @@ void CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line, { mm->app_info->references--; } - Free(mm); + OPENSSL_free(mm); } err: - MemCheck_on(); + MemCheck_on(); /* release MALLOC2 lock + * if num_disabled drops to 0 */ } break; } @@ -468,7 +485,7 @@ void CRYPTO_dbg_free(void *addr, int before_p) if (is_MemCheck_on() && (mh != NULL)) { - MemCheck_off(); + MemCheck_off(); /* make sure we hold MALLOC2 lock */ m.addr=addr; mp=(MEM *)lh_delete(mh,(char *)&m); @@ -482,10 +499,11 @@ void CRYPTO_dbg_free(void *addr, int before_p) { mp->app_info->references--; } - Free(mp); + OPENSSL_free(mp); } - MemCheck_on(); + MemCheck_on(); /* release MALLOC2 lock + * if num_disabled drops to 0 */ } break; case 1: @@ -519,7 +537,7 @@ void CRYPTO_dbg_realloc(void *addr1, void *addr2, int num, if (is_MemCheck_on()) { - MemCheck_off(); + MemCheck_off(); /* make sure we hold MALLOC2 lock */ m.addr=addr1; mp=(MEM *)lh_delete(mh,(char *)&m); @@ -536,7 +554,8 @@ void CRYPTO_dbg_realloc(void *addr1, void *addr2, int num, lh_insert(mh,(char *)mp); } - MemCheck_on(); + MemCheck_on(); /* release MALLOC2 lock + * if num_disabled drops to 0 */ } break; } @@ -593,9 +612,11 @@ static void print_leak(MEM *m, MEM_LEAK *l) amip=m->app_info; ami_cnt=0; - if (amip) - ti=amip->thread; - while(amip && amip->thread == ti) + if (!amip) + return; + ti=amip->thread; + + do { int buf_len; int info_len; @@ -603,7 +624,7 @@ static void print_leak(MEM *m, MEM_LEAK *l) ami_cnt++; memset(buf,'>',ami_cnt); sprintf(buf + ami_cnt, - "thread=%lu, file=%s, line=%d, info=\"", + " thread=%lu, file=%s, line=%d, info=\"", amip->thread, amip->file, amip->line); buf_len=strlen(buf); info_len=strlen(amip->info); @@ -623,10 +644,12 @@ static void print_leak(MEM *m, MEM_LEAK *l) amip = amip->next; } + while(amip && amip->thread == ti); + #ifdef LEVITTE_DEBUG if (amip) { - fprintf(stderr, "Thread switch detected i backtrace!!!!\n"); + fprintf(stderr, "Thread switch detected in backtrace!!!!\n"); abort(); } #endif @@ -637,43 +660,66 @@ void CRYPTO_mem_leaks(BIO *b) MEM_LEAK ml; char buf[80]; - if (mh == NULL) return; + if (mh == NULL && amih == NULL) + return; + + MemCheck_off(); /* obtain MALLOC2 lock */ + ml.bio=b; ml.bytes=0; ml.chunks=0; - CRYPTO_w_lock(CRYPTO_LOCK_MALLOC2); - lh_doall_arg(mh,(void (*)())print_leak,(char *)&ml); - CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC2); + if (mh != NULL) + lh_doall_arg(mh,(void (*)())print_leak,(char *)&ml); if (ml.chunks != 0) { sprintf(buf,"%ld bytes leaked in %d chunks\n", ml.bytes,ml.chunks); BIO_puts(b,buf); } + else + { + /* Make sure that, if we found no leaks, memory-leak debugging itself + * does not introduce memory leaks (which might irritate + * external debugging tools). + * (When someone enables leak checking, but does not call + * this function, we declare it to be their fault.) + * + * XXX This should be in CRYPTO_mem_leaks_cb, + * and CRYPTO_mem_leaks should be implemented by + * using CRYPTO_mem_leaks_cb. + * (Also their should be a variant of lh_doall_arg + * that takes a function pointer instead of a void *; + * this would obviate the ugly and illegal + * void_fn_to_char kludge in CRYPTO_mem_leaks_cb. + * Otherwise the code police will come and get us.) + */ + int old_mh_mode; -#if 0 - lh_stats_bio(mh,b); - lh_node_stats_bio(mh,b); - lh_node_usage_stats_bio(mh,b); -#endif - } + CRYPTO_w_lock(CRYPTO_LOCK_MALLOC); -static void (*mem_cb)()=NULL; + /* avoid deadlock when lh_free() uses CRYPTO_dbg_free(), + * which uses CRYPTO_is_mem_check_on */ + old_mh_mode = mh_mode; + mh_mode = CRYPTO_MEM_CHECK_OFF; -static void cb_leak(MEM *m, char *cb) - { - void (*mem_callback)()=(void (*)())cb; - mem_callback(m->order,m->file,m->line,m->num,m->addr); - } + if (mh != NULL) + { + lh_free(mh); + mh = NULL; + } + if (amih != NULL) + { + if (lh_num_items(amih) == 0) + { + lh_free(amih); + amih = NULL; + } + } -void CRYPTO_mem_leaks_cb(void (*cb)()) - { - if (mh == NULL) return; - CRYPTO_w_lock(CRYPTO_LOCK_MALLOC2); - mem_cb=cb; - lh_doall_arg(mh,(void (*)())cb_leak,(char *)mem_cb); - mem_cb=NULL; - CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC2); + mh_mode = old_mh_mode; + CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC); + } + MemCheck_on(); /* release MALLOC2 lock */ } #ifndef NO_FP_API @@ -690,3 +736,21 @@ void CRYPTO_mem_leaks_fp(FILE *fp) } #endif + + +/* FIXME: We really don't allow much to the callback. For example, it has + no chance of reaching the info stack for the item it processes. Should + it really be this way? -- Richard Levitte */ +static void cb_leak(MEM *m, + void (**cb)(unsigned long, const char *, int, int, void *)) + { + (**cb)(m->order,m->file,m->line,m->num,m->addr); + } + +void CRYPTO_mem_leaks_cb(void (*cb)(unsigned long, const char *, int, int, void *)) + { + if (mh == NULL) return; + CRYPTO_w_lock(CRYPTO_LOCK_MALLOC2); + lh_doall_arg(mh,(void (*)())cb_leak,(void *)&cb); + CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC2); + }