On 05/27/2013 10:21 AM, Daniel Borkmann wrote:
On 05/26/2013 05:04 PM, Toralf Förster wrote:
On 05/26/2013 04:51 PM, Daniel Borkmann wrote:
If you add an #include <linux/types.h> into trinity.h before gc.h
is included?
This doesn't help:
Ok, I compiled this against a 3.6.9-2.fc17.x86_64. So let me check this
on the latest net.git kernel.
gc.h seems to be innocent here, might be an issue with sigcontext.h
itself, e.g.:
http://lists.openbios.org/pipermail/openbios/2012-June/006924.html
Let me check and come back to you.
Just found some time to have a look into this. The issue was that the
trinity.h header must be included before some asm headers, then it works
on newer kernels.
I've attached the updated patch. Let me know if you still encounter any
problems.
Thanks,
Daniel
>From 2ab906c967ace4626b74ee5f45af385401d3b44e Mon Sep 17 00:00:00 2001
Message-Id: <2ab906c967ace4626b74ee5f45af385401d3b44e.1369769633.git.dborkman@xxxxxxxxxx>
In-Reply-To: <cover.1369769633.git.dborkman@xxxxxxxxxx>
References: <cover.1369769633.git.dborkman@xxxxxxxxxx>
From: Daniel Borkmann <dborkman@xxxxxxxxxx>
Date: Sat, 25 May 2013 20:45:31 +0200
Subject: [PATCH] trinity: use Boehm-Demers-Weiser's garbage collecting memory allocator
trinity currently quite often does not care about freeing memory on
its own that was fetched through malloc(). Therefore it can happen if
trinity runs for quite a long time, that oom-killer gets invoked. So
for now use the Boehm-Demers-Weiser's garbage collecting memory
allocator as a malloc replacement to avoid such situations.
In this patch, we wrap all BDW functions into bdw_* equivalents, so that
we could later on still #ifdef something if we want to and replace all
calls based on the build. Calling bdw_free() is still legimite although
not needed, but the memory is reclaimed automatically in the background
or forced via bdw_gcollect(), which would solve trinity's memory
management.
Dependency that we need when building (in case people don't want
additional libs, follow-up patches could still #ifdef bdw_* wrappers
to the glibc functions):
Fedora: yum install gc-devel
Debian: apt-get install libgc-dev
More information on Boehm-Demers-Weiser allocator can be found here:
http://www.hpl.hp.com/personal/Hans_Boehm/gc/
Note that it is said that the performance is competitive with malloc(3),
free(3) calls.
Signed-off-by: Daniel Borkmann <dborkman@xxxxxxxxxx>
---
Makefile | 4 +++-
child.c | 3 +++
devices.c | 15 +++++++-------
files.c | 8 ++++----
include/trinity.h | 55 +++++++++++++++++++++++++++++++++++++++++++++++++++
log.c | 6 ++++--
main.c | 2 ++
maps.c | 20 +++++++++----------
net/alg.c | 4 +++-
net/appletalk.c | 4 +++-
net/atm.c | 6 ++++--
net/ax25.c | 4 +++-
net/bpf.c | 12 +++++------
net/caif.c | 4 +++-
net/can.c | 5 ++++-
net/decnet.c | 4 +++-
net/econet.c | 4 +++-
net/ipv4.c | 4 +++-
net/ipv6.c | 4 +++-
net/ipx.c | 4 +++-
net/irda.c | 4 +++-
net/llc.c | 4 +++-
net/netlink.c | 4 +++-
net/nfc.c | 4 +++-
net/packet.c | 4 +++-
net/phonet.c | 4 +++-
net/pppox.c | 12 ++++++-----
net/rose.c | 4 +++-
net/tipc.c | 5 ++++-
net/unix.c | 4 +++-
net/x25.c | 4 +++-
params.c | 2 +-
random-address.c | 6 +++---
random-syscalls.c | 7 ++++++-
syscalls/execve.c | 5 +++--
syscalls/modify_ldt.c | 6 +++---
syscalls/move_pages.c | 16 +++++++--------
syscalls/sendmsg.c | 4 +++-
syscalls/shmget.c | 8 ++++++--
syscalls/socketcall.c | 6 +++++-
tables.c | 6 +++---
trinity.c | 2 ++
unicode.c | 2 +-
43 files changed, 211 insertions(+), 84 deletions(-)
diff --git a/Makefile b/Makefile
index 2dbaa65..eb362ec 100644
--- a/Makefile
+++ b/Makefile
@@ -21,6 +21,8 @@ CFLAGS += -Wwrite-strings
# Only enabled during development.
CFLAGS += -Werror
+LDFLAGS = -lgc
+
V = @
Q = $(V:1=)
QUIET_CC = $(Q:@=@echo ' CC '$@;)
@@ -57,7 +59,7 @@ DEPDIR= .deps
-include $(SRCS:%.c=$(DEPDIR)/%.d)
trinity: test $(OBJS) $(HEADERS)
- $(QUIET_CC)$(CC) $(CFLAGS) -o trinity $(OBJS)
+ $(QUIET_CC)$(CC) $(CFLAGS) -o trinity $(OBJS) $(LDFLAGS)
@mkdir -p tmp
df = $(DEPDIR)/$(*F)
diff --git a/child.c b/child.c
index 5de2c19..b3678a3 100644
--- a/child.c
+++ b/child.c
@@ -13,6 +13,7 @@
#include <sys/resource.h>
#include <sys/prctl.h>
+#include "trinity.h"
#include "child.h"
#include "syscall.h"
#include "log.h"
@@ -153,5 +154,7 @@ int child_process(int childno)
reenable_coredumps();
+ bdw_gcollect();
+
return ret;
}
diff --git a/devices.c b/devices.c
index 0493c39..2e115f8 100644
--- a/devices.c
+++ b/devices.c
@@ -8,6 +8,7 @@
#include <sys/types.h>
#include <linux/kdev_t.h>
+#include "trinity.h"
#include "log.h"
static struct {
@@ -37,9 +38,9 @@ static void parse_proc_devices(void)
block = 1;
else if (sscanf(line, "%d %as", &major, &name) == 2) {
if (block) {
- new = realloc(block_devs, (bldevs+1)*sizeof(*block_devs));
+ new = bdw_realloc(block_devs, (bldevs+1)*sizeof(*block_devs));
if (!new) {
- free(name);
+ bdw_free(name);
continue;
}
block_devs = new;
@@ -48,9 +49,9 @@ static void parse_proc_devices(void)
block_devs[bldevs].name = name;
bldevs++;
} else {
- new = realloc(char_devs, (chrdevs+1)*sizeof(*char_devs));
+ new = bdw_realloc(char_devs, (chrdevs+1)*sizeof(*char_devs));
if (!new) {
- free(name);
+ bdw_free(name);
continue;
}
char_devs = new;
@@ -63,7 +64,7 @@ static void parse_proc_devices(void)
}
fclose(fp);
- free(line);
+ bdw_free(line);
}
static void parse_proc_misc(void)
@@ -78,9 +79,9 @@ static void parse_proc_misc(void)
return;
while (fscanf(fp, "%d %as", &minor, &name) == 2) {
- new = realloc(misc_devs, (miscdevs+1)*sizeof(*misc_devs));
+ new = bdw_realloc(misc_devs, (miscdevs+1)*sizeof(*misc_devs));
if (!new) {
- free(name);
+ bdw_free(name);
continue;
}
misc_devs = new;
diff --git a/files.c b/files.c
index 1f817d0..424ad21 100644
--- a/files.c
+++ b/files.c
@@ -100,7 +100,7 @@ static struct namelist *list_alloc(void)
{
struct namelist *node;
- node = malloc(sizeof(struct namelist));
+ node = bdw_malloc(sizeof(struct namelist));
if (node == NULL)
exit(EXIT_FAILURE);
memset(node, 0, sizeof(struct namelist));
@@ -126,7 +126,7 @@ static void list_add(struct namelist *list, const char *name)
list->next = list;
list->prev = list;
}
- newnode->name = strdup(name);
+ newnode->name = bdw_strdup(name);
__list_add(newnode, list, list->next);
}
@@ -250,7 +250,7 @@ void generate_filelist(void)
/*
* Generate an index of pointers to the filenames
*/
- fileindex = malloc(sizeof(char *) * files_added);
+ fileindex = bdw_malloc(sizeof(char *) * files_added);
node = names;
do {
@@ -366,7 +366,7 @@ char * generate_pathname(void)
case 91 ... 99:
/* Create a bogus filename. */
- newpath = malloc(page_size); // FIXME: We leak this.
+ newpath = bdw_malloc(page_size);
if (newpath == NULL)
return get_filename(); // give up.
diff --git a/include/trinity.h b/include/trinity.h
index 158b566..b0dc2f8 100644
--- a/include/trinity.h
+++ b/include/trinity.h
@@ -1,6 +1,9 @@
#ifndef _TRINITY_H
#define _TRINITY_H 1
+#define GC_THREADS
+#include <gc.h>
+
#include "types.h"
#define UNLOCKED 0
@@ -25,6 +28,58 @@ void init_watchdog(void);
extern unsigned int user_specified_children;
+static inline void bdw_init(void)
+{
+ GC_init();
+ GC_set_dont_expand(0);
+ GC_enable_incremental();
+}
+
+static inline void *bdw_malloc(size_t size)
+{
+ return GC_malloc(size);
+}
+
+static inline void *bdw_realloc(void *area, size_t size)
+{
+ return GC_realloc(area, size);
+}
+
+static inline void *bdw_memalign(size_t boundary, size_t size)
+{
+ return GC_memalign(boundary, size);
+}
+
+static inline char *bdw_strdup(const char *str)
+{
+ return GC_strdup(str);
+}
+
+static inline void bdw_free(__unused__ void *area)
+{
+ /* Garbage collector will do this for us. For small sized
+ * frees it is said that it will hurt performance. From the
+ * man page: "GC_free can be used to deallocate objects,
+ * but its use is optional, and generally discouraged."
+ */
+#if 0
+ return GC_free(area);
+#endif
+}
+
+static inline void bdw_gcollect(void)
+{
+ /* Usually done automatically, but we can also force
+ * reclaiming memory here.
+ */
+ GC_gcollect();
+}
+
+static inline int bdw_gcollect_little(void)
+{
+ return GC_collect_a_little();
+}
+
#define UNUSED(x) (void)(x)
#define ARRAY_SIZE(arr) (sizeof(arr) / sizeof((arr)[0]))
diff --git a/log.c b/log.c
index 736995d..c0fe924 100644
--- a/log.c
+++ b/log.c
@@ -5,6 +5,8 @@
#include <string.h>
#include <unistd.h>
#include <fcntl.h>
+
+#include "trinity.h"
#include "params.h" // logging, monochrome, quiet_level
#include "shm.h"
#include "pids.h"
@@ -16,7 +18,7 @@ void open_logfiles(void)
unsigned int i;
char *logfilename;
- logfilename = malloc(64);
+ logfilename = bdw_malloc(64);
sprintf(logfilename, "trinity.log");
unlink(logfilename);
parentlogfile = fopen(logfilename, "a");
@@ -34,7 +36,7 @@ void open_logfiles(void)
exit(EXIT_FAILURE);
}
}
- free(logfilename);
+ bdw_free(logfilename);
}
void close_logfiles(void)
diff --git a/main.c b/main.c
index fbe348a..e9bfd05 100644
--- a/main.c
+++ b/main.c
@@ -309,6 +309,8 @@ static void handle_children(void)
pid = waitpid(pid, &childstatus, WUNTRACED | WCONTINUED | WNOHANG);
if (pid != 0)
handle_child(pid, childstatus);
+
+ bdw_gcollect();
}
}
diff --git a/maps.c b/maps.c
index 62b2328..7ab0eca 100644
--- a/maps.c
+++ b/maps.c
@@ -7,6 +7,7 @@
#include <sys/mman.h>
#include <sys/types.h>
#include <sys/stat.h>
+
#include "trinity.h" // page_size
#include "arch.h"
#include "maps.h"
@@ -36,7 +37,7 @@ static struct map * alloc_map(void)
{
struct map *newmap;
- newmap = malloc(sizeof(struct map));
+ newmap = bdw_malloc(sizeof(struct map));
if (!newmap) {
printf("Couldn't allocate maps list!\n");
exit(EXIT_FAILURE);
@@ -94,7 +95,6 @@ static void * alloc_zero_map(struct map *map, int prot, const char *name)
size *= 2;
tmpmap->ptr = mmap(NULL, size, prot, MAP_ANONYMOUS|MAP_SHARED, -1, 0);
-
if (tmpmap->ptr == MAP_FAILED) {
printf("mmap /dev/zero failure\n");
exit(EXIT_FAILURE);
@@ -102,7 +102,7 @@ static void * alloc_zero_map(struct map *map, int prot, const char *name)
tmpmap->size = size;
- tmpmap->name = malloc(80);
+ tmpmap->name = bdw_malloc(80);
if (!tmpmap->name) {
fprintf(stderr, "malloc() failed in %s().", __func__);
exit(EXIT_FAILURE);
@@ -157,8 +157,8 @@ void destroy_maps(void)
for (i = 0; i < num_mappings; i++) {
next = thismap->next;
munmap(thismap->ptr, thismap->size);
- free(thismap->name);
- free(thismap);
+ bdw_free(thismap->name);
+ bdw_free(thismap);
thismap = next;
}
num_mappings = 0;
@@ -170,32 +170,32 @@ void init_buffers(void)
output(2, "shm is at %p\n", shm);
- page_zeros = memalign(page_size, page_size * 2);
+ page_zeros = bdw_memalign(page_size, page_size * 2);
if (!page_zeros)
exit(EXIT_FAILURE);
memset(page_zeros, 0, page_size);
output(2, "page_zeros @ %p\n", page_zeros);
- page_0xff = memalign(page_size, page_size * 2);
+ page_0xff = bdw_memalign(page_size, page_size * 2);
if (!page_0xff)
exit(EXIT_FAILURE);
memset(page_0xff, 0xff, page_size);
output(2, "page_0xff @ %p\n", page_0xff);
- page_rand = memalign(page_size, page_size * 2);
+ page_rand = bdw_memalign(page_size, page_size * 2);
if (!page_rand)
exit(EXIT_FAILURE);
memset(page_rand, 0x55, page_size); /* overwritten below */
output(2, "page_rand @ %p\n", page_rand);
- page_allocs = memalign(page_size, page_size * 2);
+ page_allocs = bdw_memalign(page_size, page_size * 2);
if (!page_allocs)
exit(EXIT_FAILURE);
memset(page_allocs, 0xff, page_size);
output(2, "page_allocs @ %p\n", page_allocs);
for (i = 0; i < (page_size / sizeof(unsigned long *)); i++)
- page_allocs[i] = (unsigned long) malloc(page_size);
+ page_allocs[i] = (unsigned long) bdw_malloc(page_size);
setup_maps();
diff --git a/net/alg.c b/net/alg.c
index 022d118..766369d 100644
--- a/net/alg.c
+++ b/net/alg.c
@@ -3,6 +3,8 @@
#include <sys/un.h>
#include <netinet/in.h>
#include <stdlib.h>
+
+#include "trinity.h"
#include "config.h"
#ifdef USE_IF_ALG
@@ -13,7 +15,7 @@ void gen_alg(unsigned long *addr, unsigned long *addrlen)
struct sockaddr_alg *alg;
unsigned int i;
- alg = malloc(sizeof(struct sockaddr_alg));
+ alg = bdw_malloc(sizeof(struct sockaddr_alg));
if (alg == NULL)
return;
diff --git a/net/appletalk.c b/net/appletalk.c
index 336a8b9..6d5cc65 100644
--- a/net/appletalk.c
+++ b/net/appletalk.c
@@ -5,11 +5,13 @@
#include <netinet/in.h>
#include <linux/atalk.h>
+#include "trinity.h"
+
void gen_appletalk(unsigned long *addr, unsigned long *addrlen)
{
struct sockaddr_at *atalk;
- atalk = malloc(sizeof(struct sockaddr_at));
+ atalk = bdw_malloc(sizeof(struct sockaddr_at));
if (atalk == NULL)
return;
diff --git a/net/atm.c b/net/atm.c
index 732696c..7710bb8 100644
--- a/net/atm.c
+++ b/net/atm.c
@@ -5,11 +5,13 @@
#include <linux/atm.h>
#include <stdlib.h>
+#include "trinity.h"
+
void gen_atmpvc(unsigned long *addr, unsigned long *addrlen)
{
struct sockaddr_atmpvc *atmpvc;
- atmpvc = malloc(sizeof(struct sockaddr_atmpvc));
+ atmpvc = bdw_malloc(sizeof(struct sockaddr_atmpvc));
if (atmpvc == NULL)
return;
@@ -26,7 +28,7 @@ void gen_atmsvc(unsigned long *addr, unsigned long *addrlen)
struct sockaddr_atmsvc *atmsvc;
unsigned int i;
- atmsvc = malloc(sizeof(struct sockaddr_atmsvc));
+ atmsvc = bdw_malloc(sizeof(struct sockaddr_atmsvc));
if (atmsvc == NULL)
return;
diff --git a/net/ax25.c b/net/ax25.c
index 907ffc9..da39489 100644
--- a/net/ax25.c
+++ b/net/ax25.c
@@ -4,13 +4,15 @@
#include <netinet/in.h>
#include <linux/ax25.h>
#include <stdlib.h>
+
+#include "trinity.h"
#include "maps.h" // page_rand
void gen_ax25(unsigned long *addr, unsigned long *addrlen)
{
struct sockaddr_ax25 *ax25;
- ax25 = malloc(sizeof(struct sockaddr_ax25));
+ ax25 = bdw_malloc(sizeof(struct sockaddr_ax25));
if (ax25 == NULL)
return;
diff --git a/net/bpf.c b/net/bpf.c
index 2c0ed32..806a05e 100644
--- a/net/bpf.c
+++ b/net/bpf.c
@@ -320,17 +320,17 @@ void gen_seccomp_bpf(unsigned long *addr, unsigned long *addrlen)
struct sock_fprog *bpf = (void *) addr;
if (addrlen != NULL) {
- bpf = malloc(sizeof(struct sock_fprog));
+ bpf = bdw_malloc(sizeof(struct sock_fprog));
if (bpf == NULL)
return;
}
bpf->len = avail = rand() % BPF_MAXINSNS;
- bpf->filter = malloc(bpf->len * sizeof(struct sock_filter));
+ bpf->filter = bdw_malloc(bpf->len * sizeof(struct sock_filter));
if (bpf->filter == NULL) {
if (addrlen != NULL)
- free(bpf);
+ bdw_free(bpf);
return;
}
@@ -358,17 +358,17 @@ void gen_bpf(unsigned long *addr, unsigned long *addrlen)
struct sock_fprog *bpf = (void *) addr;
if (addrlen != NULL) {
- bpf = malloc(sizeof(struct sock_fprog));
+ bpf = bdw_malloc(sizeof(struct sock_fprog));
if (bpf == NULL)
return;
}
bpf->len = rand() % BPF_MAXINSNS;
- bpf->filter = malloc(bpf->len * sizeof(struct sock_filter));
+ bpf->filter = bdw_malloc(bpf->len * sizeof(struct sock_filter));
if (bpf->filter == NULL) {
if (addrlen != NULL)
- free(bpf);
+ bdw_free(bpf);
return;
}
diff --git a/net/caif.c b/net/caif.c
index 18454f8..e39399f 100644
--- a/net/caif.c
+++ b/net/caif.c
@@ -3,6 +3,8 @@
#include <sys/un.h>
#include <netinet/in.h>
#include <stdlib.h>
+
+#include "trinity.h"
#include "config.h"
#ifdef USE_CAIF
@@ -13,7 +15,7 @@ void gen_caif(unsigned long *addr, unsigned long *addrlen)
struct sockaddr_caif *caif;
unsigned int i;
- caif = malloc(sizeof(struct sockaddr_caif));
+ caif = bdw_malloc(sizeof(struct sockaddr_caif));
if (caif == NULL)
return;
diff --git a/net/can.c b/net/can.c
index 520d12e..30ead34 100644
--- a/net/can.c
+++ b/net/can.c
@@ -5,13 +5,16 @@
#include <linux/can.h>
#include <stdlib.h>
+#include "trinity.h"
+
void gen_can(unsigned long *addr, unsigned long *addrlen)
{
struct sockaddr_can *can;
- can = malloc(sizeof(struct sockaddr_can));
+ can = bdw_malloc(sizeof(struct sockaddr_can));
if (can == NULL)
return;
+
can->can_family = AF_CAN;
can->can_ifindex = rand();
can->can_addr.tp.rx_id = rand();
diff --git a/net/decnet.c b/net/decnet.c
index b8f2fe7..70a0478 100644
--- a/net/decnet.c
+++ b/net/decnet.c
@@ -5,12 +5,14 @@
#include <linux/dn.h>
#include <stdlib.h>
+#include "trinity.h"
+
void gen_decnet(unsigned long *addr, unsigned long *addrlen)
{
struct sockaddr_dn *dn;
unsigned int i;
- dn = malloc(sizeof(struct sockaddr_dn));
+ dn = bdw_malloc(sizeof(struct sockaddr_dn));
if (dn == NULL)
return;
diff --git a/net/econet.c b/net/econet.c
index ea42ce6..a990c6b 100644
--- a/net/econet.c
+++ b/net/econet.c
@@ -5,11 +5,13 @@
#include <neteconet/ec.h>
#include <stdlib.h>
+#include "trinity.h"
+
void gen_econet(unsigned long *addr, unsigned long *addrlen)
{
struct sockaddr_ec *ec;
- ec = malloc(sizeof(struct sockaddr_ec));
+ ec = bdw_malloc(sizeof(struct sockaddr_ec));
if (ec == NULL)
return;
diff --git a/net/ipv4.c b/net/ipv4.c
index 2090cb5..4cde2f1 100644
--- a/net/ipv4.c
+++ b/net/ipv4.c
@@ -4,6 +4,8 @@
#include <netinet/in.h>
#include <stdlib.h>
+#include "trinity.h"
+
in_addr_t random_ipv4_address(void)
{
int addr = 0;
@@ -61,7 +63,7 @@ void gen_ipv4(unsigned long *addr, unsigned long *addrlen)
{
struct sockaddr_in *ipv4;
- ipv4 = malloc(sizeof(struct sockaddr_in));
+ ipv4 = bdw_malloc(sizeof(struct sockaddr_in));
if (ipv4 == NULL)
return;
diff --git a/net/ipv6.c b/net/ipv6.c
index d8ade29..840e0cb 100644
--- a/net/ipv6.c
+++ b/net/ipv6.c
@@ -7,11 +7,13 @@
#include <linux/if_packet.h>
#include <stdlib.h>
+#include "trinity.h"
+
void gen_ipv6(unsigned long *addr, unsigned long *addrlen)
{
struct sockaddr_in6 *ipv6;
- ipv6 = malloc(sizeof(struct sockaddr_in6));
+ ipv6 = bdw_malloc(sizeof(struct sockaddr_in6));
if (ipv6 == NULL)
return;
diff --git a/net/ipx.c b/net/ipx.c
index cea6647..8bff0bf 100644
--- a/net/ipx.c
+++ b/net/ipx.c
@@ -5,12 +5,14 @@
#include <linux/ipx.h>
#include <stdlib.h>
+#include "trinity.h"
+
void gen_ipx(unsigned long *addr, unsigned long *addrlen)
{
struct sockaddr_ipx *ipx;
unsigned int i;
- ipx = malloc(sizeof(struct sockaddr_ipx));
+ ipx = bdw_malloc(sizeof(struct sockaddr_ipx));
if (ipx == NULL)
return;
diff --git a/net/irda.c b/net/irda.c
index 57752ed..31bfe07 100644
--- a/net/irda.c
+++ b/net/irda.c
@@ -5,12 +5,14 @@
#include <linux/irda.h>
#include <stdlib.h>
+#include "trinity.h"
+
void gen_irda(unsigned long *addr, unsigned long *addrlen)
{
struct sockaddr_irda *irda;
unsigned int i;
- irda = malloc(sizeof(struct sockaddr_irda));
+ irda = bdw_malloc(sizeof(struct sockaddr_irda));
if (irda == NULL)
return;
diff --git a/net/llc.c b/net/llc.c
index c3ebf43..af18802 100644
--- a/net/llc.c
+++ b/net/llc.c
@@ -7,12 +7,14 @@
#include <linux/llc.h>
#include <stdlib.h>
+#include "trinity.h"
+
void gen_llc(unsigned long *addr, unsigned long *addrlen)
{
struct sockaddr_llc *llc;
unsigned int i;
- llc = malloc(sizeof(struct sockaddr_llc));
+ llc = bdw_malloc(sizeof(struct sockaddr_llc));
if (llc == NULL)
return;
llc->sllc_family = AF_LLC;
diff --git a/net/netlink.c b/net/netlink.c
index 408782b..265d331 100644
--- a/net/netlink.c
+++ b/net/netlink.c
@@ -5,11 +5,13 @@
#include <linux/netlink.h>
#include <stdlib.h>
+#include "trinity.h"
+
void gen_netlink(unsigned long *addr, unsigned long *addrlen)
{
struct sockaddr_nl *nl;
- nl = malloc(sizeof(struct sockaddr_nl));
+ nl = bdw_malloc(sizeof(struct sockaddr_nl));
if (nl == NULL)
return;
diff --git a/net/nfc.c b/net/nfc.c
index c182774..e1d33fa 100644
--- a/net/nfc.c
+++ b/net/nfc.c
@@ -3,6 +3,8 @@
#include <sys/un.h>
#include <netinet/in.h>
#include <stdlib.h>
+
+#include "trinity.h"
#include "config.h"
#include "compat.h"
@@ -11,7 +13,7 @@ void gen_nfc(unsigned long *addr, unsigned long *addrlen)
struct sockaddr_nfc *nfc;
// TODO: See also sockaddr_nfc_llcp
- nfc = malloc(sizeof(struct sockaddr_nfc));
+ nfc = bdw_malloc(sizeof(struct sockaddr_nfc));
if (nfc == NULL)
return;
diff --git a/net/packet.c b/net/packet.c
index c060a1a..41fc908 100644
--- a/net/packet.c
+++ b/net/packet.c
@@ -5,13 +5,15 @@
#include <linux/if_packet.h>
#include <stdlib.h>
+#include "trinity.h"
+
void gen_packet(unsigned long *addr, unsigned long *addrlen)
{
struct sockaddr_pkt *pkt;
unsigned int i;
//TODO: See also sockaddr_ll
- pkt = malloc(sizeof(struct sockaddr_pkt));
+ pkt = bdw_malloc(sizeof(struct sockaddr_pkt));
if (pkt == NULL)
return;
diff --git a/net/phonet.c b/net/phonet.c
index 2a8bbc3..c25c68a 100644
--- a/net/phonet.c
+++ b/net/phonet.c
@@ -5,11 +5,13 @@
#include <linux/phonet.h>
#include <stdlib.h>
+#include "trinity.h"
+
void gen_phonet(unsigned long *addr, unsigned long *addrlen)
{
struct sockaddr_pn *pn;
- pn = malloc(sizeof(struct sockaddr_pn));
+ pn = bdw_malloc(sizeof(struct sockaddr_pn));
if (pn == NULL)
return;
diff --git a/net/pppox.c b/net/pppox.c
index b5ba19b..387c04a 100644
--- a/net/pppox.c
+++ b/net/pppox.c
@@ -6,6 +6,8 @@
#include <linux/if_ether.h> /* for ETH_ALEN in if_pppox.h */
#include <linux/if_pppox.h>
#include <stdlib.h>
+
+#include "trinity.h"
#include "net.h"
#include "sanitise.h"
@@ -23,7 +25,7 @@ void gen_pppox(unsigned long *addr, unsigned long *addrlen)
switch (proto) {
case PX_PROTO_OE:
- pppox = malloc(sizeof(struct sockaddr_pppox));
+ pppox = bdw_malloc(sizeof(struct sockaddr_pppox));
if (pppox == NULL)
return;
@@ -49,7 +51,7 @@ void gen_pppox(unsigned long *addr, unsigned long *addrlen)
switch (rand() % 4) {
case 0: /* PPPoL2TP */
- pppol2tp = malloc(sizeof(struct sockaddr_pppol2tp));
+ pppol2tp = bdw_malloc(sizeof(struct sockaddr_pppol2tp));
if (pppol2tp == NULL)
return;
@@ -71,7 +73,7 @@ void gen_pppox(unsigned long *addr, unsigned long *addrlen)
{
struct sockaddr_pppol2tpin6 *pppol2tpin6;
- pppol2tpin6 = malloc(sizeof(struct sockaddr_pppol2tpin6));
+ pppol2tpin6 = bdw_malloc(sizeof(struct sockaddr_pppol2tpin6));
if (pppol2tpin6 == NULL)
return;
@@ -102,7 +104,7 @@ void gen_pppox(unsigned long *addr, unsigned long *addrlen)
{
struct sockaddr_pppol2tpv3 *pppol2tpv3;
- pppol2tpv3 = malloc(sizeof(struct sockaddr_pppol2tpv3));
+ pppol2tpv3 = bdw_malloc(sizeof(struct sockaddr_pppol2tpv3));
if (pppol2tpv3 == NULL)
return;
@@ -126,7 +128,7 @@ void gen_pppox(unsigned long *addr, unsigned long *addrlen)
{
struct sockaddr_pppol2tpv3in6 *pppol2tpv3in6;
- pppol2tpv3in6 = malloc(sizeof(struct sockaddr_pppol2tpv3in6));
+ pppol2tpv3in6 = bdw_malloc(sizeof(struct sockaddr_pppol2tpv3in6));
if (pppol2tpv3in6 == NULL)
return;
diff --git a/net/rose.c b/net/rose.c
index 046d535..cfd9d8a 100644
--- a/net/rose.c
+++ b/net/rose.c
@@ -5,13 +5,15 @@
#include <linux/ax25.h> /* for ax25_address in rose.h */
#include <linux/rose.h>
#include <stdlib.h>
+
+#include "trinity.h"
#include "maps.h" // page_rand
void gen_rose(unsigned long *addr, unsigned long *addrlen)
{
struct sockaddr_rose *rose;
- rose = malloc(sizeof(struct sockaddr_rose));
+ rose = bdw_malloc(sizeof(struct sockaddr_rose));
if (rose == NULL)
return;
diff --git a/net/tipc.c b/net/tipc.c
index c72c340..92b1546 100644
--- a/net/tipc.c
+++ b/net/tipc.c
@@ -5,13 +5,16 @@
#include <linux/tipc.h>
#include <stdlib.h>
+#include "trinity.h"
+
void gen_tipc(unsigned long *addr, unsigned long *addrlen)
{
struct sockaddr_tipc *tipc;
- tipc = malloc(sizeof(struct sockaddr_tipc));
+ tipc = bdw_malloc(sizeof(struct sockaddr_tipc));
if (tipc == NULL)
return;
+
tipc->family = AF_TIPC;
tipc->addrtype = rand();
tipc->scope = rand();
diff --git a/net/unix.c b/net/unix.c
index 5d2a188..7e802f3 100644
--- a/net/unix.c
+++ b/net/unix.c
@@ -4,6 +4,8 @@
#include <netinet/in.h>
#include <linux/dn.h>
#include <stdlib.h>
+
+#include "trinity.h"
#include "maps.h"
void gen_unixsock(unsigned long *addr, unsigned long *addrlen)
@@ -11,7 +13,7 @@ void gen_unixsock(unsigned long *addr, unsigned long *addrlen)
struct sockaddr_un *unixsock;
unsigned int len;
- unixsock = malloc(sizeof(struct sockaddr_un));
+ unixsock = bdw_malloc(sizeof(struct sockaddr_un));
if (unixsock == NULL)
return;
diff --git a/net/x25.c b/net/x25.c
index 0ba40dd..662829e 100644
--- a/net/x25.c
+++ b/net/x25.c
@@ -4,6 +4,8 @@
#include <netinet/in.h>
#include <linux/x25.h>
#include <stdlib.h>
+
+#include "trinity.h"
#include "maps.h" // page_rand
void gen_x25(unsigned long *addr, unsigned long *addrlen)
@@ -11,7 +13,7 @@ void gen_x25(unsigned long *addr, unsigned long *addrlen)
struct sockaddr_x25 *x25;
unsigned int len;
- x25 = malloc(sizeof(struct sockaddr_x25));
+ x25 = bdw_malloc(sizeof(struct sockaddr_x25));
if (x25 == NULL)
return;
diff --git a/params.c b/params.c
index c2c3f70..7691426 100644
--- a/params.c
+++ b/params.c
@@ -200,7 +200,7 @@ void parse_args(int argc, char *argv[])
break;
case 'V':
- victim_path = strdup(optarg);
+ victim_path = bdw_strdup(optarg);
//FIXME: Later, allow for multiple victim files
break;
diff --git a/random-address.c b/random-address.c
index 5460d05..fa853cb 100644
--- a/random-address.c
+++ b/random-address.c
@@ -64,7 +64,7 @@ static void * _get_address(unsigned char null_allowed)
break;
case 7: addr = get_map();
break;
- case 8: addr = malloc(page_size * 2);
+ case 8: addr = bdw_malloc(page_size * 2);
break;
default:
BUG("unreachable!\n");
@@ -145,10 +145,10 @@ struct iovec * alloc_iovec(unsigned int num)
struct iovec *iov;
unsigned int i;
- iov = malloc(num * sizeof(struct iovec));
+ iov = bdw_malloc(num * sizeof(struct iovec));
if (iov != NULL) {
for (i = 0; i < num; i++) {
- iov[i].iov_base = malloc(page_size);
+ iov[i].iov_base = bdw_malloc(page_size);
iov[i].iov_len = page_size;
}
}
diff --git a/random-syscalls.c b/random-syscalls.c
index ea1265f..46083cb 100644
--- a/random-syscalls.c
+++ b/random-syscalls.c
@@ -76,8 +76,11 @@ int do_random_syscalls(int childno)
check_parent_pid();
- while (shm->regenerating == TRUE)
+ while (shm->regenerating == TRUE) {
+ /* We need to wait here, so do as well a forced reclaim */
+ bdw_gcollect();
sleep(1);
+ }
/* If the parent reseeded, we should reflect the latest seed too. */
if (shm->seed != shm->seeds[childno])
@@ -118,6 +121,8 @@ retry:
}
ret = mkcall(childno);
+
+ bdw_gcollect_little();
}
out:
return ret;
diff --git a/syscalls/execve.c b/syscalls/execve.c
index b9f66bd..bc9fb72 100644
--- a/syscalls/execve.c
+++ b/syscalls/execve.c
@@ -11,6 +11,7 @@
*/
#include <stdio.h>
#include <stdlib.h>
+
#include "trinity.h" // page_size
#include "sanitise.h"
#include "shm.h"
@@ -23,12 +24,12 @@ static unsigned long ** gen_ptrs_to_crap(void)
unsigned int count = rand() % 32;
/* Fabricate argv */
- ptr = malloc(count * sizeof(void *)); // FIXME: LEAK
+ ptr = bdw_malloc(count * sizeof(void *));
if (ptr == NULL)
return NULL;
for (i = 0; i < count; i++) {
- ptr[i] = malloc(page_size); // FIXME: LEAK
+ ptr[i] = bdw_malloc(page_size);
if (ptr[i] != NULL)
generate_random_page((char *) ptr[i]);
}
diff --git a/syscalls/modify_ldt.c b/syscalls/modify_ldt.c
index 0331a3e..93271b5 100644
--- a/syscalls/modify_ldt.c
+++ b/syscalls/modify_ldt.c
@@ -1,3 +1,4 @@
+#include "trinity.h"
#include "arch.h"
#ifdef X86
@@ -8,6 +9,7 @@
#include <sys/types.h>
#define __ASSEMBLY__ 1
#include <asm/ldt.h>
+
#include "sanitise.h"
#include "shm.h"
@@ -22,7 +24,7 @@ static void sanitise_modify_ldt(int childno)
case 0:
/* read the ldt into the memory pointed to by ptr.
The number of bytes read is the smaller of bytecount and the actual size of the ldt. */
- ldt = malloc(ALLOCSIZE);
+ ldt = bdw_malloc(ALLOCSIZE);
if (ldt == NULL)
return;
shm->a3[childno] = ALLOCSIZE;
@@ -48,8 +50,6 @@ static void sanitise_modify_ldt(int childno)
default:
break;
}
-
- //FIXME: We leak 'ldt' here. Need to deallocate post-syscall.
}
struct syscall syscall_modify_ldt = {
diff --git a/syscalls/move_pages.c b/syscalls/move_pages.c
index 705c6c7..8322b40 100644
--- a/syscalls/move_pages.c
+++ b/syscalls/move_pages.c
@@ -11,14 +11,12 @@
#include <stdlib.h>
#include <unistd.h>
#include <sys/types.h>
+
#include "trinity.h" // page_size
#include "sanitise.h"
#include "arch.h"
#include "shm.h"
-//FIXME: This leaks memory.
-// A ->post function should free up the allocations.
-
static void sanitise_move_pages(int childno)
{
int *nodes;
@@ -32,7 +30,7 @@ static void sanitise_move_pages(int childno)
shm->a6[childno] &= ~MPOL_MF_MOVE_ALL;
}
- page_alloc = (unsigned long *) malloc(page_size);
+ page_alloc = bdw_malloc(page_size);
if (page_alloc == NULL)
return;
@@ -42,20 +40,20 @@ static void sanitise_move_pages(int childno)
shm->a2[childno] = count;
for (i = 0; i < count; i++) {
- page_alloc[i] = (unsigned long) malloc(page_size);
+ page_alloc[i] = (unsigned long) bdw_malloc(page_size);
if (!page_alloc[i])
- return; // FIXME: MEMORY LEAK
+ return;
page_alloc[i] &= PAGE_MASK;
}
shm->a3[childno] = (unsigned long) page_alloc;
- nodes = malloc(count * sizeof(int));
+ nodes = bdw_malloc(count * sizeof(int));
for (i = 0; i < count; i++)
nodes[i] = (int) rand() % 2;
- shm->a4[childno] = (unsigned long) nodes;
- shm->a5[childno] = (unsigned long) malloc(count * sizeof(int));
+ shm->a4[childno] = (unsigned long) nodes;
+ shm->a5[childno] = (unsigned long) bdw_malloc(count * sizeof(int));
}
struct syscall syscall_move_pages = {
diff --git a/syscalls/sendmsg.c b/syscalls/sendmsg.c
index 71ac549..9d47dd5 100644
--- a/syscalls/sendmsg.c
+++ b/syscalls/sendmsg.c
@@ -5,6 +5,8 @@
#include <stdlib.h>
#include <sys/types.h>
#include <sys/socket.h>
+
+#include "trinity.h"
#include "compat.h"
#include "random.h"
#include "sanitise.h"
@@ -15,7 +17,7 @@ static void sanitise_sendmsg(int childno)
struct msghdr *msg;
// FIXME: Convert to use generic ARG_IOVEC
- msg = malloc(sizeof(struct msghdr));
+ msg = bdw_malloc(sizeof(struct msghdr));
if (msg == NULL) {
shm->a2[childno] = (unsigned long) get_address();
return;
diff --git a/syscalls/shmget.c b/syscalls/shmget.c
index 09d543c..1cf26fa 100644
--- a/syscalls/shmget.c
+++ b/syscalls/shmget.c
@@ -5,6 +5,8 @@
#include <stdlib.h>
#include <sys/ipc.h>
#include <sys/shm.h>
+
+#include "trinity.h"
#include "sanitise.h"
static void post_shmget(int syscallret)
@@ -14,11 +16,13 @@ static void post_shmget(int syscallret)
if (syscallret == -1)
return;
- shmid_ds = malloc(sizeof(struct shmid_ds));
+ shmid_ds = bdw_malloc(sizeof(struct shmid_ds));
+ if (!shmid_ds)
+ return;
shmctl(syscallret, IPC_RMID, shmid_ds);
- free(shmid_ds);
+ bdw_free(shmid_ds);
}
struct syscall syscall_shmget = {
diff --git a/syscalls/socketcall.c b/syscalls/socketcall.c
index 640900d..5a4819c 100644
--- a/syscalls/socketcall.c
+++ b/syscalls/socketcall.c
@@ -3,6 +3,8 @@
*/
#include <stdlib.h>
#include <linux/net.h>
+
+#include "trinity.h"
#include "compat.h"
#include "sanitise.h"
#include "shm.h"
@@ -11,7 +13,9 @@ static void sanitise_socketcall(int childno)
{
unsigned long *args;
- args = malloc(6 * sizeof(unsigned long));
+ args = bdw_malloc(6 * sizeof(unsigned long));
+ if (!args)
+ return;
shm->a1[childno] = rand() % 20;
diff --git a/tables.c b/tables.c
index 2bccd83..b162aa0 100644
--- a/tables.c
+++ b/tables.c
@@ -505,7 +505,7 @@ int setup_syscall_group(unsigned int group)
goto try_64bit;
}
- newsyscalls32 = malloc(count * sizeof(struct syscalltable));
+ newsyscalls32 = bdw_malloc(count * sizeof(struct syscalltable));
if (newsyscalls32 == NULL)
return FALSE;
@@ -533,7 +533,7 @@ try_64bit:
return FALSE;
}
- newsyscalls64 = malloc(count * sizeof(struct syscalltable));
+ newsyscalls64 = bdw_malloc(count * sizeof(struct syscalltable));
if (newsyscalls64 == NULL)
return FALSE;
@@ -559,7 +559,7 @@ try_64bit:
return FALSE;
}
- newsyscalls = malloc(count * sizeof(struct syscalltable));
+ newsyscalls = bdw_malloc(count * sizeof(struct syscalltable));
if (newsyscalls == NULL)
exit(EXIT_FAILURE);
diff --git a/trinity.c b/trinity.c
index b95d287..0ec9c2b 100644
--- a/trinity.c
+++ b/trinity.c
@@ -154,6 +154,8 @@ int main(int argc, char* argv[])
int childstatus;
unsigned int i;
+ bdw_init();
+
printf("Trinity v" __stringify(VERSION) " Dave Jones <davej@xxxxxxxxxx>\n");
progname = argv[0];
diff --git a/unicode.c b/unicode.c
index f94c82c..ef20997 100644
--- a/unicode.c
+++ b/unicode.c
@@ -126,7 +126,7 @@ void main(int argc, char* argv[])
gettimeofday(&t, 0);
srand((t.tv_sec * getpid()) ^ t.tv_usec);
- page = malloc(4096);
+ page = bdw_malloc(4096);
memset(page, 0, 4096);
gen_unicode_page(page);
--
1.7.11.7