The code could not decide whether to apply the padding to the start
or the end of the region, resulting in strange behavior because part
of the returned range might not have the right properties. With this
patch, padding is now consistently applied at the end of the region,
since virtual mmap addresses are allocated from high to low.
Also fix a few small related bugs in error handling code.
Change-Id: I327814bb3921d7982ffc1296a5bf365d9c79c1d9
Due to the current linker command line ordering, parts of lib(min)c
that are used exclusively by libmagic end up not being instrumented,
which then causes problems transferring pointers such as _ctype_tab_
and _tolower_tab_. As a temporary workaround, we redefine the macros
that use those pointers. A better long-term solution should
eventually render this patch obsolete.
Change-Id: Ice1d125ff6fb2f65ac6dcc6cf6eec7cd6176bee1
When the malloc code is instrumented, the global _brksize variable
should not be transferred. However, when the malloc code is not
instrumented, failing to transfer _brksize would reset the heap
upon state transfer. In this patch, the magic pass stores the flag
indicating whether memory function instrumentation is disabled, in
the target process. This allows libmagic to check this flag during
state transfer, to see whether it should transfer _brksize or not.
Change-Id: Ia004651e21e08b0ed3f5305865c53c6659e18f38
The NetBSD libc malloc implementation uses a memory-mapped area for
its page directory. Since the process heap is reconstructed upon
state transfer for live update, this memory-mapped area must not be
transferred to the new process. However, as the new instance of the
process being updated inherits all memory-mapped areas of the old
instance, it also automatically inherits the malloc implementation's
page directory. Thus, we must explicitly free this area in order to
avoid a memory leak.
The magic pass already detects (de)allocation functions called from
within other (de)allocation functions, which is why the mmap(2) and
munmap(2) calls of the malloc code are not instrumented as it is.
This patch changes that particular case to allow a different hook
function to be called for such "nested" allocation calls, for a
particular set of nested calls. In particular, the malloc(3) code's
mmap(2) and munmap(2) calls are replaced with magic_nested_mmap and
magic_nested_munmap calls, respectively. The magic library then
tracks memory mapping allocations of the malloc code by providing an
implementation for these two wrappers, and frees the allocations upon
state transfer.
This approach was chosen over various alternatives:
- While it appears that nesting could be established by setting a
flag while the malloc(3) wrapper is active, and testing the flag in
the mmap(2)/munmap(2) wrappers, this approach would fail to detect
memory-mapped allocations made from uninstrumented malloc(3) calls,
and therefore not a viable option.
- It would be possible to obtain the value of the variables that
store the information about the memory-mapped area in the malloc
code. However, this is rather difficult in practice due to the way
the libc malloc implementation stores the size of the are, and it
would make the solution more dependent on the specific libc malloc
implementation.
- It would be possible to use the special "nested" instrumentation
for allocations made from certain marked sections. Since we mark
the data section of the malloc code already, this would not be hard
to do. Switching to this alternative would change very little, and
if for any reason this approach yields more advantages in the
future, we can still choose to do so.
Change-Id: Id977405da86a72458dd10f18e076d8460fd2fb75
This resolves an infinite loop during boot, in libblockdriver freeing
DMA memory at the end of a partition(3) call.
Change-Id: I0757aa48f769ea79eab7160f23ee4c97cf58e055
