Kezdőlap Felfedezés Súgó
Bejelentkezés
SoftwareDesign
/
csu3_am335x
8
0
Másolás 0
Fájlok Problémák 0 Beolvasztási kérések 0 Wiki
Fa: c7fff1ca50
Branch-ok Tag-ek
csu3_am335x
/
EVSE
/
GPL
/
glibc-2.29
/
malloc
/
tst-malloc-too-large.c

tst-malloc-too-large.c 8.3 KB
Előzmények Nyers

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253 
  1. /* Test and verify that too-large memory allocations fail with ENOMEM.
    2. 

  2.    Copyright (C) 2018-2019 Free Software Foundation, Inc.
    3. 

  3.    This file is part of the GNU C Library.
    4. 

  4. 

  5.    The GNU C Library is free software; you can redistribute it and/or
    6. 

  6.    modify it under the terms of the GNU Lesser General Public
    7. 

  7.    License as published by the Free Software Foundation; either
    8. 

  8.    version 2.1 of the License, or (at your option) any later version.
    9. 

  9. 

  10.    The GNU C Library is distributed in the hope that it will be useful,
    11. 

  11.    but WITHOUT ANY WARRANTY; without even the implied warranty of
    12. 

  12.    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
    13. 

  13.    Lesser General Public License for more details.
    14. 

  14. 

  15.    You should have received a copy of the GNU Lesser General Public
    16. 

  16.    License along with the GNU C Library; if not, see
    17. 

  17.    <http://www.gnu.org/licenses/>.  */
    18. 

  18. 

  19. /* Bug 22375 reported a regression in malloc where if after malloc'ing then
    20. 

  20.    free'ing a small block of memory, malloc is then called with a really
    21. 

  21.    large size argument (close to SIZE_MAX): instead of returning NULL and
    22. 

  22.    setting errno to ENOMEM, malloc incorrectly returns the previously
    23. 

  23.    allocated block instead.  Bug 22343 reported a similar case where
    24. 

  24.    posix_memalign incorrectly returns successfully when called with an with
    25. 

  25.    a really large size argument.
    26. 

  26. 

  27.    Both of these were caused by integer overflows in the allocator when it
    28. 

  28.    was trying to pad the requested size to allow for book-keeping or
    29. 

  29.    alignment.  This test guards against such bugs by repeatedly allocating
    30. 

  30.    and freeing small blocks of memory then trying to allocate various block
    31. 

  31.    sizes larger than the memory bus width of 64-bit targets, or almost
    32. 

  32.    as large as SIZE_MAX on 32-bit targets supported by glibc.  In each case,
    33. 

  33.    it verifies that such impossibly large allocations correctly fail.  */
    34. 

  34. 

  35. 

  36. #include <stdlib.h>
    37. 

  37. #include <malloc.h>
    38. 

  38. #include <errno.h>
    39. 

  39. #include <stdint.h>
    40. 

  40. #include <sys/resource.h>
    41. 

  41. #include <libc-diag.h>
    42. 

  42. #include <support/check.h>
    43. 

  43. #include <unistd.h>
    44. 

  44. #include <sys/param.h>
    45. 

  45. 

  46. 

  47. /* This function prepares for each 'too-large memory allocation' test by
    48. 

  48.    performing a small successful malloc/free and resetting errno prior to
    49. 

  49.    the actual test.  */
    50. 

  50. static void
    51. 

  51. test_setup (void)
    52. 

  52. {
    53. 

  53.   void *volatile ptr = malloc (16);
    54. 

  54.   TEST_VERIFY_EXIT (ptr != NULL);
    55. 

  55.   free (ptr);
    56. 

  56.   errno = 0;
    57. 

  57. }
    58. 

  58. 

  59. 

  60. /* This function tests each of:
    61. 

  61.    - malloc (SIZE)
    62. 

  62.    - realloc (PTR_FOR_REALLOC, SIZE)
    63. 

  63.    - for various values of NMEMB:
    64. 

  64.     - calloc (NMEMB, SIZE/NMEMB)
    65. 

  65.     - calloc (SIZE/NMEMB, NMEMB)
    66. 

  66.     - reallocarray (PTR_FOR_REALLOC, NMEMB, SIZE/NMEMB)
    67. 

  67.     - reallocarray (PTR_FOR_REALLOC, SIZE/NMEMB, NMEMB)
    68. 

  68.    and precedes each of these tests with a small malloc/free before it.  */
    69. 

  69. static void
    70. 

  70. test_large_allocations (size_t size)
    71. 

  71. {
    72. 

  72.   void * ptr_to_realloc;
    73. 

  73. 

  74.   test_setup ();
    75. 

  75.   TEST_VERIFY (malloc (size) == NULL);
    76. 

  76.   TEST_VERIFY (errno == ENOMEM);
    77. 

  77. 

  78.   ptr_to_realloc = malloc (16);
    79. 

  79.   TEST_VERIFY_EXIT (ptr_to_realloc != NULL);
    80. 

  80.   test_setup ();
    81. 

  81.   TEST_VERIFY (realloc (ptr_to_realloc, size) == NULL);
    82. 

  82.   TEST_VERIFY (errno == ENOMEM);
    83. 

  83.   free (ptr_to_realloc);
    84. 

  84. 

  85.   for (size_t nmemb = 1; nmemb <= 8; nmemb *= 2)
    86. 

  86.     if ((size % nmemb) == 0)
    87. 

  87.       {
    88. 

  88.         test_setup ();
    89. 

  89.         TEST_VERIFY (calloc (nmemb, size / nmemb) == NULL);
    90. 

  90.         TEST_VERIFY (errno == ENOMEM);
    91. 

  91. 

  92.         test_setup ();
    93. 

  93.         TEST_VERIFY (calloc (size / nmemb, nmemb) == NULL);
    94. 

  94.         TEST_VERIFY (errno == ENOMEM);
    95. 

  95. 

  96.         ptr_to_realloc = malloc (16);
    97. 

  97.         TEST_VERIFY_EXIT (ptr_to_realloc != NULL);
    98. 

  98.         test_setup ();
    99. 

  99.         TEST_VERIFY (reallocarray (ptr_to_realloc, nmemb, size / nmemb) == NULL);
    100. 

  100.         TEST_VERIFY (errno == ENOMEM);
    101. 

  101.         free (ptr_to_realloc);
    102. 

  102. 

  103.         ptr_to_realloc = malloc (16);
    104. 

  104.         TEST_VERIFY_EXIT (ptr_to_realloc != NULL);
    105. 

  105.         test_setup ();
    106. 

  106.         TEST_VERIFY (reallocarray (ptr_to_realloc, size / nmemb, nmemb) == NULL);
    107. 

  107.         TEST_VERIFY (errno == ENOMEM);
    108. 

  108.         free (ptr_to_realloc);
    109. 

  109.       }
    110. 

  110.     else
    111. 

  111.       break;
    112. 

  112. }
    113. 

  113. 

  114. 

  115. static long pagesize;
    116. 

  116. 

  117. /* This function tests the following aligned memory allocation functions
    118. 

  118.    using several valid alignments and precedes each allocation test with a
    119. 

  119.    small malloc/free before it:
    120. 

  120.    memalign, posix_memalign, aligned_alloc, valloc, pvalloc.  */
    121. 

  121. static void
    122. 

  122. test_large_aligned_allocations (size_t size)
    123. 

  123. {
    124. 

  124.   /* ptr stores the result of posix_memalign but since all those calls
    125. 

  125.      should fail, posix_memalign should never change ptr.  We set it to
    126. 

  126.      NULL here and later on we check that it remains NULL after each
    127. 

  127.      posix_memalign call.  */
    128. 

  128.   void * ptr = NULL;
    129. 

  129. 

  130.   size_t align;
    131. 

  131. 

  132.   /* All aligned memory allocation functions expect an alignment that is a
    133. 

  133.      power of 2.  Given this, we test each of them with every valid
    134. 

  134.      alignment from 1 thru PAGESIZE.  */
    135. 

  135.   for (align = 1; align <= pagesize; align *= 2)
    136. 

  136.     {
    137. 

  137.       test_setup ();
    138. 

  138.       TEST_VERIFY (memalign (align, size) == NULL);
    139. 

  139.       TEST_VERIFY (errno == ENOMEM);
    140. 

  140. 

  141.       /* posix_memalign expects an alignment that is a power of 2 *and* a
    142. 

  142.          multiple of sizeof (void *).  */
    143. 

  143.       if ((align % sizeof (void *)) == 0)
    144. 

  144.         {
    145. 

  145.           test_setup ();
    146. 

  146.           TEST_VERIFY (posix_memalign (&ptr, align, size) == ENOMEM);
    147. 

  147.           TEST_VERIFY (ptr == NULL);
    148. 

  148.         }
    149. 

  149. 

  150.       /* aligned_alloc expects a size that is a multiple of alignment.  */
    151. 

  151.       if ((size % align) == 0)
    152. 

  152.         {
    153. 

  153.           test_setup ();
    154. 

  154.           TEST_VERIFY (aligned_alloc (align, size) == NULL);
    155. 

  155.           TEST_VERIFY (errno == ENOMEM);
    156. 

  156.         }
    157. 

  157.     }
    158. 

  158. 

  159.   /* Both valloc and pvalloc return page-aligned memory.  */
    160. 

  160. 

  161.   test_setup ();
    162. 

  162.   TEST_VERIFY (valloc (size) == NULL);
    163. 

  163.   TEST_VERIFY (errno == ENOMEM);
    164. 

  164. 

  165.   test_setup ();
    166. 

  166.   TEST_VERIFY (pvalloc (size) == NULL);
    167. 

  167.   TEST_VERIFY (errno == ENOMEM);
    168. 

  168. }
    169. 

  169. 

  170. 

  171. #define FOURTEEN_ON_BITS ((1UL << 14) - 1)
    172. 

  172. #define FIFTY_ON_BITS ((1UL << 50) - 1)
    173. 

  173. 

  174. 

  175. static int
    176. 

  176. do_test (void)
    177. 

  177. {
    178. 

  178. 

  179. #if __WORDSIZE >= 64
    180. 

  180. 

  181.   /* This test assumes that none of the supported targets have an address
    182. 

  182.      bus wider than 50 bits, and that therefore allocations for sizes wider
    183. 

  183.      than 50 bits will fail.  Here, we ensure that the assumption continues
    184. 

  184.      to be true in the future when we might have address buses wider than 50
    185. 

  185.      bits.  */
    186. 

  186. 

  187.   struct rlimit alloc_size_limit
    188. 

  188.     = {
    189. 

  189.         .rlim_cur = FIFTY_ON_BITS,
    190. 

  190.         .rlim_max = FIFTY_ON_BITS
    191. 

  191.       };
    192. 

  192. 

  193.   setrlimit (RLIMIT_AS, &alloc_size_limit);
    194. 

  194. 

  195. #endif /* __WORDSIZE >= 64 */
    196. 

  196. 

  197.   DIAG_PUSH_NEEDS_COMMENT;
    198. 

  198. #if __GNUC_PREREQ (7, 0)
    199. 

  199.   /* GCC 7 warns about too-large allocations; here we want to test
    200. 

  200.      that they fail.  */
    201. 

  201.   DIAG_IGNORE_NEEDS_COMMENT (7, "-Walloc-size-larger-than=");
    202. 

  202. #endif
    203. 

  203. 

  204.   /* Aligned memory allocation functions need to be tested up to alignment
    205. 

  205.      size equivalent to page size, which should be a power of 2.  */
    206. 

  206.   pagesize = sysconf (_SC_PAGESIZE);
    207. 

  207.   TEST_VERIFY_EXIT (powerof2 (pagesize));
    208. 

  208. 

  209.   /* Loop 1: Ensure that all allocations with SIZE close to SIZE_MAX, i.e.
    210. 

  210.      in the range (SIZE_MAX - 2^14, SIZE_MAX], fail.
    211. 

  211. 

  212.      We can expect that this range of allocation sizes will always lead to
    213. 

  213.      an allocation failure on both 64 and 32 bit targets, because:
    214. 

  214. 

  215.      1. no currently supported 64-bit target has an address bus wider than
    216. 

  216.      50 bits -- and (2^64 - 2^14) is much wider than that;
    217. 

  217. 

  218.      2. on 32-bit targets, even though 2^32 is only 4 GB and potentially
    219. 

  219.      addressable, glibc itself is more than 2^14 bytes in size, and
    220. 

  220.      therefore once glibc is loaded, less than (2^32 - 2^14) bytes remain
    221. 

  221.      available.  */
    222. 

  222. 

  223.   for (size_t i = 0; i <= FOURTEEN_ON_BITS; i++)
    224. 

  224.     {
    225. 

  225.       test_large_allocations (SIZE_MAX - i);
    226. 

  226.       test_large_aligned_allocations (SIZE_MAX - i);
    227. 

  227.     }
    228. 

  228. 

  229. #if __WORDSIZE >= 64
    230. 

  230.   /* On 64-bit targets, we need to test a much wider range of too-large
    231. 

  231.      sizes, so we test at intervals of (1 << 50) that allocation sizes
    232. 

  232.      ranging from SIZE_MAX down to (1 << 50) fail:
    233. 

  233.      The 14 MSBs are decremented starting from "all ON" going down to 1,
    234. 

  234.      the 50 LSBs are "all ON" and then "all OFF" during every iteration.  */
    235. 

  235.   for (size_t msbs = FOURTEEN_ON_BITS; msbs >= 1; msbs--)
    236. 

  236.     {
    237. 

  237.       size_t size = (msbs << 50) | FIFTY_ON_BITS;
    238. 

  238.       test_large_allocations (size);
    239. 

  239.       test_large_aligned_allocations (size);
    240. 

  240. 

  241.       size = msbs << 50;
    242. 

  242.       test_large_allocations (size);
    243. 

  243.       test_large_aligned_allocations (size);
    244. 

  244.     }
    245. 

  245. #endif /* __WORDSIZE >= 64 */
    246. 

  246. 

  247.   DIAG_POP_NEEDS_COMMENT;
    248. 

  248. 

  249.   return 0;
    250. 

  250. }
    251. 

  251. 

  252. 

  253. #include <support/test-driver.c>
    254.