Go to most recent revision | Details | Last modification | View Log | RSS feed
Rev | Author | Line No. | Line |
---|---|---|---|
1029 | serge | 1 | /* |
2 | This is a version (aka dlmalloc) of malloc/free/realloc written by |
||
3 | Doug Lea and released to the public domain, as explained at |
||
4 | http://creativecommons.org/licenses/publicdomain. Send questions, |
||
5 | comments, complaints, performance data, etc to dl@cs.oswego.edu |
||
6 | |||
7 | * Version 2.8.3 Thu Sep 22 11:16:15 2005 Doug Lea (dl at gee) |
||
8 | |||
9 | Note: There may be an updated version of this malloc obtainable at |
||
10 | ftp://gee.cs.oswego.edu/pub/misc/malloc.c |
||
11 | Check before installing! |
||
12 | |||
13 | * Quickstart |
||
14 | |||
15 | This library is all in one file to simplify the most common usage: |
||
16 | ftp it, compile it (-O3), and link it into another program. All of |
||
17 | the compile-time options default to reasonable values for use on |
||
18 | most platforms. You might later want to step through various |
||
19 | compile-time and dynamic tuning options. |
||
20 | |||
21 | For convenience, an include file for code using this malloc is at: |
||
22 | ftp://gee.cs.oswego.edu/pub/misc/malloc-2.8.3.h |
||
23 | You don't really need this .h file unless you call functions not |
||
24 | defined in your system include files. The .h file contains only the |
||
25 | excerpts from this file needed for using this malloc on ANSI C/C++ |
||
26 | systems, so long as you haven't changed compile-time options about |
||
27 | naming and tuning parameters. If you do, then you can create your |
||
28 | own malloc.h that does include all settings by cutting at the point |
||
29 | indicated below. Note that you may already by default be using a C |
||
30 | library containing a malloc that is based on some version of this |
||
31 | malloc (for example in linux). You might still want to use the one |
||
32 | in this file to customize settings or to avoid overheads associated |
||
33 | with library versions. |
||
34 | |||
35 | * Vital statistics: |
||
36 | |||
37 | Supported pointer/size_t representation: 4 or 8 bytes |
||
38 | size_t MUST be an unsigned type of the same width as |
||
39 | pointers. (If you are using an ancient system that declares |
||
40 | size_t as a signed type, or need it to be a different width |
||
41 | than pointers, you can use a previous release of this malloc |
||
42 | (e.g. 2.7.2) supporting these.) |
||
43 | |||
44 | Alignment: 8 bytes (default) |
||
45 | This suffices for nearly all current machines and C compilers. |
||
46 | However, you can define MALLOC_ALIGNMENT to be wider than this |
||
47 | if necessary (up to 128bytes), at the expense of using more space. |
||
48 | |||
49 | Minimum overhead per allocated chunk: 4 or 8 bytes (if 4byte sizes) |
||
50 | 8 or 16 bytes (if 8byte sizes) |
||
51 | Each malloced chunk has a hidden word of overhead holding size |
||
52 | and status information, and additional cross-check word |
||
53 | if FOOTERS is defined. |
||
54 | |||
55 | Minimum allocated size: 4-byte ptrs: 16 bytes (including overhead) |
||
56 | 8-byte ptrs: 32 bytes (including overhead) |
||
57 | |||
58 | Even a request for zero bytes (i.e., malloc(0)) returns a |
||
59 | pointer to something of the minimum allocatable size. |
||
60 | The maximum overhead wastage (i.e., number of extra bytes |
||
61 | allocated than were requested in malloc) is less than or equal |
||
62 | to the minimum size, except for requests >= mmap_threshold that |
||
63 | are serviced via mmap(), where the worst case wastage is about |
||
64 | 32 bytes plus the remainder from a system page (the minimal |
||
65 | mmap unit); typically 4096 or 8192 bytes. |
||
66 | |||
67 | Security: static-safe; optionally more or less |
||
68 | The "security" of malloc refers to the ability of malicious |
||
69 | code to accentuate the effects of errors (for example, freeing |
||
70 | space that is not currently malloc'ed or overwriting past the |
||
71 | ends of chunks) in code that calls malloc. This malloc |
||
72 | guarantees not to modify any memory locations below the base of |
||
73 | heap, i.e., static variables, even in the presence of usage |
||
74 | errors. The routines additionally detect most improper frees |
||
75 | and reallocs. All this holds as long as the static bookkeeping |
||
76 | for malloc itself is not corrupted by some other means. This |
||
77 | is only one aspect of security -- these checks do not, and |
||
78 | cannot, detect all possible programming errors. |
||
79 | |||
80 | If FOOTERS is defined nonzero, then each allocated chunk |
||
81 | carries an additional check word to verify that it was malloced |
||
82 | from its space. These check words are the same within each |
||
83 | execution of a program using malloc, but differ across |
||
84 | executions, so externally crafted fake chunks cannot be |
||
85 | freed. This improves security by rejecting frees/reallocs that |
||
86 | could corrupt heap memory, in addition to the checks preventing |
||
87 | writes to statics that are always on. This may further improve |
||
88 | security at the expense of time and space overhead. (Note that |
||
89 | FOOTERS may also be worth using with MSPACES.) |
||
90 | |||
91 | By default detected errors cause the program to abort (calling |
||
92 | "abort()"). You can override this to instead proceed past |
||
93 | errors by defining PROCEED_ON_ERROR. In this case, a bad free |
||
94 | has no effect, and a malloc that encounters a bad address |
||
95 | caused by user overwrites will ignore the bad address by |
||
96 | dropping pointers and indices to all known memory. This may |
||
97 | be appropriate for programs that should continue if at all |
||
98 | possible in the face of programming errors, although they may |
||
99 | run out of memory because dropped memory is never reclaimed. |
||
100 | |||
101 | If you don't like either of these options, you can define |
||
102 | CORRUPTION_ERROR_ACTION and USAGE_ERROR_ACTION to do anything |
||
103 | else. And if if you are sure that your program using malloc has |
||
104 | no errors or vulnerabilities, you can define INSECURE to 1, |
||
105 | which might (or might not) provide a small performance improvement. |
||
106 | |||
107 | Thread-safety: NOT thread-safe unless USE_LOCKS defined |
||
108 | When USE_LOCKS is defined, each public call to malloc, free, |
||
109 | etc is surrounded with either a pthread mutex or a win32 |
||
110 | spinlock (depending on WIN32). This is not especially fast, and |
||
111 | can be a major bottleneck. It is designed only to provide |
||
112 | minimal protection in concurrent environments, and to provide a |
||
113 | basis for extensions. If you are using malloc in a concurrent |
||
114 | program, consider instead using ptmalloc, which is derived from |
||
115 | a version of this malloc. (See http://www.malloc.de). |
||
116 | |||
117 | System requirements: Any combination of MORECORE and/or MMAP/MUNMAP |
||
118 | This malloc can use unix sbrk or any emulation (invoked using |
||
119 | the CALL_MORECORE macro) and/or mmap/munmap or any emulation |
||
120 | (invoked using CALL_MMAP/CALL_MUNMAP) to get and release system |
||
121 | memory. On most unix systems, it tends to work best if both |
||
122 | MORECORE and MMAP are enabled. On Win32, it uses emulations |
||
123 | based on VirtualAlloc. It also uses common C library functions |
||
124 | like memset. |
||
125 | |||
126 | Compliance: I believe it is compliant with the Single Unix Specification |
||
127 | (See http://www.unix.org). Also SVID/XPG, ANSI C, and probably |
||
128 | others as well. |
||
129 | |||
130 | * Overview of algorithms |
||
131 | |||
132 | This is not the fastest, most space-conserving, most portable, or |
||
133 | most tunable malloc ever written. However it is among the fastest |
||
134 | while also being among the most space-conserving, portable and |
||
135 | tunable. Consistent balance across these factors results in a good |
||
136 | general-purpose allocator for malloc-intensive programs. |
||
137 | |||
138 | In most ways, this malloc is a best-fit allocator. Generally, it |
||
139 | chooses the best-fitting existing chunk for a request, with ties |
||
140 | broken in approximately least-recently-used order. (This strategy |
||
141 | normally maintains low fragmentation.) However, for requests less |
||
142 | than 256bytes, it deviates from best-fit when there is not an |
||
143 | exactly fitting available chunk by preferring to use space adjacent |
||
144 | to that used for the previous small request, as well as by breaking |
||
145 | ties in approximately most-recently-used order. (These enhance |
||
146 | locality of series of small allocations.) And for very large requests |
||
147 | (>= 256Kb by default), it relies on system memory mapping |
||
148 | facilities, if supported. (This helps avoid carrying around and |
||
149 | possibly fragmenting memory used only for large chunks.) |
||
150 | |||
151 | All operations (except malloc_stats and mallinfo) have execution |
||
152 | times that are bounded by a constant factor of the number of bits in |
||
153 | a size_t, not counting any clearing in calloc or copying in realloc, |
||
154 | or actions surrounding MORECORE and MMAP that have times |
||
155 | proportional to the number of non-contiguous regions returned by |
||
156 | system allocation routines, which is often just 1. |
||
157 | |||
158 | The implementation is not very modular and seriously overuses |
||
159 | macros. Perhaps someday all C compilers will do as good a job |
||
160 | inlining modular code as can now be done by brute-force expansion, |
||
161 | but now, enough of them seem not to. |
||
162 | |||
163 | Some compilers issue a lot of warnings about code that is |
||
164 | dead/unreachable only on some platforms, and also about intentional |
||
165 | uses of negation on unsigned types. All known cases of each can be |
||
166 | ignored. |
||
167 | |||
168 | For a longer but out of date high-level description, see |
||
169 | http://gee.cs.oswego.edu/dl/html/malloc.html |
||
170 | |||
171 | * MSPACES |
||
172 | If MSPACES is defined, then in addition to malloc, free, etc., |
||
173 | this file also defines mspace_malloc, mspace_free, etc. These |
||
174 | are versions of malloc routines that take an "mspace" argument |
||
175 | obtained using create_mspace, to control all internal bookkeeping. |
||
176 | If ONLY_MSPACES is defined, only these versions are compiled. |
||
177 | So if you would like to use this allocator for only some allocations, |
||
178 | and your system malloc for others, you can compile with |
||
179 | ONLY_MSPACES and then do something like... |
||
180 | static mspace mymspace = create_mspace(0,0); // for example |
||
181 | #define mymalloc(bytes) mspace_malloc(mymspace, bytes) |
||
182 | |||
183 | (Note: If you only need one instance of an mspace, you can instead |
||
184 | use "USE_DL_PREFIX" to relabel the global malloc.) |
||
185 | |||
186 | You can similarly create thread-local allocators by storing |
||
187 | mspaces as thread-locals. For example: |
||
188 | static __thread mspace tlms = 0; |
||
189 | void* tlmalloc(size_t bytes) { |
||
190 | if (tlms == 0) tlms = create_mspace(0, 0); |
||
191 | return mspace_malloc(tlms, bytes); |
||
192 | } |
||
193 | void tlfree(void* mem) { mspace_free(tlms, mem); } |
||
194 | |||
195 | Unless FOOTERS is defined, each mspace is completely independent. |
||
196 | You cannot allocate from one and free to another (although |
||
197 | conformance is only weakly checked, so usage errors are not always |
||
198 | caught). If FOOTERS is defined, then each chunk carries around a tag |
||
199 | indicating its originating mspace, and frees are directed to their |
||
200 | originating spaces. |
||
201 | |||
202 | ------------------------- Compile-time options --------------------------- |
||
203 | |||
204 | Be careful in setting #define values for numerical constants of type |
||
205 | size_t. On some systems, literal values are not automatically extended |
||
206 | to size_t precision unless they are explicitly casted. |
||
207 | |||
208 | WIN32 default: defined if _WIN32 defined |
||
209 | Defining WIN32 sets up defaults for MS environment and compilers. |
||
210 | Otherwise defaults are for unix. |
||
211 | |||
212 | MALLOC_ALIGNMENT default: (size_t)8 |
||
213 | Controls the minimum alignment for malloc'ed chunks. It must be a |
||
214 | power of two and at least 8, even on machines for which smaller |
||
215 | alignments would suffice. It may be defined as larger than this |
||
216 | though. Note however that code and data structures are optimized for |
||
217 | the case of 8-byte alignment. |
||
218 | |||
219 | MSPACES default: 0 (false) |
||
220 | If true, compile in support for independent allocation spaces. |
||
221 | This is only supported if HAVE_MMAP is true. |
||
222 | |||
223 | ONLY_MSPACES default: 0 (false) |
||
224 | If true, only compile in mspace versions, not regular versions. |
||
225 | |||
226 | USE_LOCKS default: 0 (false) |
||
227 | Causes each call to each public routine to be surrounded with |
||
228 | pthread or WIN32 mutex lock/unlock. (If set true, this can be |
||
229 | overridden on a per-mspace basis for mspace versions.) |
||
230 | |||
231 | FOOTERS default: 0 |
||
232 | If true, provide extra checking and dispatching by placing |
||
233 | information in the footers of allocated chunks. This adds |
||
234 | space and time overhead. |
||
235 | |||
236 | INSECURE default: 0 |
||
237 | If true, omit checks for usage errors and heap space overwrites. |
||
238 | |||
239 | USE_DL_PREFIX default: NOT defined |
||
240 | Causes compiler to prefix all public routines with the string 'dl'. |
||
241 | This can be useful when you only want to use this malloc in one part |
||
242 | of a program, using your regular system malloc elsewhere. |
||
243 | |||
244 | ABORT default: defined as abort() |
||
245 | Defines how to abort on failed checks. On most systems, a failed |
||
246 | check cannot die with an "assert" or even print an informative |
||
247 | message, because the underlying print routines in turn call malloc, |
||
248 | which will fail again. Generally, the best policy is to simply call |
||
249 | abort(). It's not very useful to do more than this because many |
||
250 | errors due to overwriting will show up as address faults (null, odd |
||
251 | addresses etc) rather than malloc-triggered checks, so will also |
||
252 | abort. Also, most compilers know that abort() does not return, so |
||
253 | can better optimize code conditionally calling it. |
||
254 | |||
255 | PROCEED_ON_ERROR default: defined as 0 (false) |
||
256 | Controls whether detected bad addresses cause them to bypassed |
||
257 | rather than aborting. If set, detected bad arguments to free and |
||
258 | realloc are ignored. And all bookkeeping information is zeroed out |
||
259 | upon a detected overwrite of freed heap space, thus losing the |
||
260 | ability to ever return it from malloc again, but enabling the |
||
261 | application to proceed. If PROCEED_ON_ERROR is defined, the |
||
262 | static variable malloc_corruption_error_count is compiled in |
||
263 | and can be examined to see if errors have occurred. This option |
||
264 | generates slower code than the default abort policy. |
||
265 | |||
266 | DEBUG default: NOT defined |
||
267 | The DEBUG setting is mainly intended for people trying to modify |
||
268 | this code or diagnose problems when porting to new platforms. |
||
269 | However, it may also be able to better isolate user errors than just |
||
270 | using runtime checks. The assertions in the check routines spell |
||
271 | out in more detail the assumptions and invariants underlying the |
||
272 | algorithms. The checking is fairly extensive, and will slow down |
||
273 | execution noticeably. Calling malloc_stats or mallinfo with DEBUG |
||
274 | set will attempt to check every non-mmapped allocated and free chunk |
||
275 | in the course of computing the summaries. |
||
276 | |||
277 | ABORT_ON_ASSERT_FAILURE default: defined as 1 (true) |
||
278 | Debugging assertion failures can be nearly impossible if your |
||
279 | version of the assert macro causes malloc to be called, which will |
||
280 | lead to a cascade of further failures, blowing the runtime stack. |
||
281 | ABORT_ON_ASSERT_FAILURE cause assertions failures to call abort(), |
||
282 | which will usually make debugging easier. |
||
283 | |||
284 | MALLOC_FAILURE_ACTION default: sets errno to ENOMEM, or no-op on win32 |
||
285 | The action to take before "return 0" when malloc fails to be able to |
||
286 | return memory because there is none available. |
||
287 | |||
288 | HAVE_MORECORE default: 1 (true) unless win32 or ONLY_MSPACES |
||
289 | True if this system supports sbrk or an emulation of it. |
||
290 | |||
291 | MORECORE default: sbrk |
||
292 | The name of the sbrk-style system routine to call to obtain more |
||
293 | memory. See below for guidance on writing custom MORECORE |
||
294 | functions. The type of the argument to sbrk/MORECORE varies across |
||
295 | systems. It cannot be size_t, because it supports negative |
||
296 | arguments, so it is normally the signed type of the same width as |
||
297 | size_t (sometimes declared as "intptr_t"). It doesn't much matter |
||
298 | though. Internally, we only call it with arguments less than half |
||
299 | the max value of a size_t, which should work across all reasonable |
||
300 | possibilities, although sometimes generating compiler warnings. See |
||
301 | near the end of this file for guidelines for creating a custom |
||
302 | version of MORECORE. |
||
303 | |||
304 | MORECORE_CONTIGUOUS default: 1 (true) |
||
305 | If true, take advantage of fact that consecutive calls to MORECORE |
||
306 | with positive arguments always return contiguous increasing |
||
307 | addresses. This is true of unix sbrk. It does not hurt too much to |
||
308 | set it true anyway, since malloc copes with non-contiguities. |
||
309 | Setting it false when definitely non-contiguous saves time |
||
310 | and possibly wasted space it would take to discover this though. |
||
311 | |||
312 | MORECORE_CANNOT_TRIM default: NOT defined |
||
313 | True if MORECORE cannot release space back to the system when given |
||
314 | negative arguments. This is generally necessary only if you are |
||
315 | using a hand-crafted MORECORE function that cannot handle negative |
||
316 | arguments. |
||
317 | |||
318 | HAVE_MMAP default: 1 (true) |
||
319 | True if this system supports mmap or an emulation of it. If so, and |
||
320 | HAVE_MORECORE is not true, MMAP is used for all system |
||
321 | allocation. If set and HAVE_MORECORE is true as well, MMAP is |
||
322 | primarily used to directly allocate very large blocks. It is also |
||
323 | used as a backup strategy in cases where MORECORE fails to provide |
||
324 | space from system. Note: A single call to MUNMAP is assumed to be |
||
325 | able to unmap memory that may have be allocated using multiple calls |
||
326 | to MMAP, so long as they are adjacent. |
||
327 | |||
328 | HAVE_MREMAP default: 1 on linux, else 0 |
||
329 | If true realloc() uses mremap() to re-allocate large blocks and |
||
330 | extend or shrink allocation spaces. |
||
331 | |||
332 | MMAP_CLEARS default: 1 on unix |
||
333 | True if mmap clears memory so calloc doesn't need to. This is true |
||
334 | for standard unix mmap using /dev/zero. |
||
335 | |||
336 | USE_BUILTIN_FFS default: 0 (i.e., not used) |
||
337 | Causes malloc to use the builtin ffs() function to compute indices. |
||
338 | Some compilers may recognize and intrinsify ffs to be faster than the |
||
339 | supplied C version. Also, the case of x86 using gcc is special-cased |
||
340 | to an asm instruction, so is already as fast as it can be, and so |
||
341 | this setting has no effect. (On most x86s, the asm version is only |
||
342 | slightly faster than the C version.) |
||
343 | |||
344 | malloc_getpagesize default: derive from system includes, or 4096. |
||
345 | The system page size. To the extent possible, this malloc manages |
||
346 | memory from the system in page-size units. This may be (and |
||
347 | usually is) a function rather than a constant. This is ignored |
||
348 | if WIN32, where page size is determined using getSystemInfo during |
||
349 | initialization. |
||
350 | |||
351 | USE_DEV_RANDOM default: 0 (i.e., not used) |
||
352 | Causes malloc to use /dev/random to initialize secure magic seed for |
||
353 | stamping footers. Otherwise, the current time is used. |
||
354 | |||
355 | NO_MALLINFO default: 0 |
||
356 | If defined, don't compile "mallinfo". This can be a simple way |
||
357 | of dealing with mismatches between system declarations and |
||
358 | those in this file. |
||
359 | |||
360 | MALLINFO_FIELD_TYPE default: size_t |
||
361 | The type of the fields in the mallinfo struct. This was originally |
||
362 | defined as "int" in SVID etc, but is more usefully defined as |
||
363 | size_t. The value is used only if HAVE_USR_INCLUDE_MALLOC_H is not set |
||
364 | |||
365 | REALLOC_ZERO_BYTES_FREES default: not defined |
||
366 | This should be set if a call to realloc with zero bytes should |
||
367 | be the same as a call to free. Some people think it should. Otherwise, |
||
368 | since this malloc returns a unique pointer for malloc(0), so does |
||
369 | realloc(p, 0). |
||
370 | |||
371 | LACKS_UNISTD_H, LACKS_FCNTL_H, LACKS_SYS_PARAM_H, LACKS_SYS_MMAN_H |
||
372 | LACKS_STRINGS_H, LACKS_STRING_H, LACKS_SYS_TYPES_H, LACKS_ERRNO_H |
||
373 | LACKS_STDLIB_H default: NOT defined unless on WIN32 |
||
374 | Define these if your system does not have these header files. |
||
375 | You might need to manually insert some of the declarations they provide. |
||
376 | |||
377 | DEFAULT_GRANULARITY default: page size if MORECORE_CONTIGUOUS, |
||
378 | system_info.dwAllocationGranularity in WIN32, |
||
379 | otherwise 64K. |
||
380 | Also settable using mallopt(M_GRANULARITY, x) |
||
381 | The unit for allocating and deallocating memory from the system. On |
||
382 | most systems with contiguous MORECORE, there is no reason to |
||
383 | make this more than a page. However, systems with MMAP tend to |
||
384 | either require or encourage larger granularities. You can increase |
||
385 | this value to prevent system allocation functions to be called so |
||
386 | often, especially if they are slow. The value must be at least one |
||
387 | page and must be a power of two. Setting to 0 causes initialization |
||
388 | to either page size or win32 region size. (Note: In previous |
||
389 | versions of malloc, the equivalent of this option was called |
||
390 | "TOP_PAD") |
||
391 | |||
392 | DEFAULT_TRIM_THRESHOLD default: 2MB |
||
393 | Also settable using mallopt(M_TRIM_THRESHOLD, x) |
||
394 | The maximum amount of unused top-most memory to keep before |
||
395 | releasing via malloc_trim in free(). Automatic trimming is mainly |
||
396 | useful in long-lived programs using contiguous MORECORE. Because |
||
397 | trimming via sbrk can be slow on some systems, and can sometimes be |
||
398 | wasteful (in cases where programs immediately afterward allocate |
||
399 | more large chunks) the value should be high enough so that your |
||
400 | overall system performance would improve by releasing this much |
||
401 | memory. As a rough guide, you might set to a value close to the |
||
402 | average size of a process (program) running on your system. |
||
403 | Releasing this much memory would allow such a process to run in |
||
404 | memory. Generally, it is worth tuning trim thresholds when a |
||
405 | program undergoes phases where several large chunks are allocated |
||
406 | and released in ways that can reuse each other's storage, perhaps |
||
407 | mixed with phases where there are no such chunks at all. The trim |
||
408 | value must be greater than page size to have any useful effect. To |
||
409 | disable trimming completely, you can set to MAX_SIZE_T. Note that the trick |
||
410 | some people use of mallocing a huge space and then freeing it at |
||
411 | program startup, in an attempt to reserve system memory, doesn't |
||
412 | have the intended effect under automatic trimming, since that memory |
||
413 | will immediately be returned to the system. |
||
414 | |||
415 | DEFAULT_MMAP_THRESHOLD default: 256K |
||
416 | Also settable using mallopt(M_MMAP_THRESHOLD, x) |
||
417 | The request size threshold for using MMAP to directly service a |
||
418 | request. Requests of at least this size that cannot be allocated |
||
419 | using already-existing space will be serviced via mmap. (If enough |
||
420 | normal freed space already exists it is used instead.) Using mmap |
||
421 | segregates relatively large chunks of memory so that they can be |
||
422 | individually obtained and released from the host system. A request |
||
423 | serviced through mmap is never reused by any other request (at least |
||
424 | not directly; the system may just so happen to remap successive |
||
425 | requests to the same locations). Segregating space in this way has |
||
426 | the benefits that: Mmapped space can always be individually released |
||
427 | back to the system, which helps keep the system level memory demands |
||
428 | of a long-lived program low. Also, mapped memory doesn't become |
||
429 | `locked' between other chunks, as can happen with normally allocated |
||
430 | chunks, which means that even trimming via malloc_trim would not |
||
431 | release them. However, it has the disadvantage that the space |
||
432 | cannot be reclaimed, consolidated, and then used to service later |
||
433 | requests, as happens with normal chunks. The advantages of mmap |
||
434 | nearly always outweigh disadvantages for "large" chunks, but the |
||
435 | value of "large" may vary across systems. The default is an |
||
436 | empirically derived value that works well in most systems. You can |
||
437 | disable mmap by setting to MAX_SIZE_T. |
||
438 | |||
439 | */ |
||
440 | |||
441 | #define STDCALL __attribute__ ((stdcall)) __attribute__ ((dllimport)) |
||
442 | void* STDCALL KernelAlloc(unsigned size)__asm__("KernelAlloc"); |
||
443 | int KernelFree(void*); |
||
444 | |||
445 | #define MALLOC_ALIGNMENT ((size_t)8U) |
||
446 | #define DEFAULT_MMAP_THRESHOLD ((size_t)32U * (size_t)1024U) |
||
447 | #define NO_MALLINFO 1 |
||
448 | #define HAVE_MMAP 1 |
||
449 | #define MORECORE_CANNOT_TRIM |
||
450 | #define FOOTERS 0 |
||
451 | #define ABORT |
||
452 | |||
453 | #ifndef WIN32 |
||
454 | #ifdef _WIN32 |
||
455 | #define WIN32 1 |
||
456 | #endif /* _WIN32 */ |
||
457 | #endif /* WIN32 */ |
||
458 | #ifdef WIN32 |
||
459 | #define WIN32_LEAN_AND_MEAN |
||
460 | #include |
||
461 | #define HAVE_MMAP 1 |
||
462 | #define HAVE_MORECORE 0 |
||
463 | #define LACKS_UNISTD_H |
||
464 | #define LACKS_SYS_PARAM_H |
||
465 | #define LACKS_SYS_MMAN_H |
||
466 | #define LACKS_STRING_H |
||
467 | #define LACKS_STRINGS_H |
||
468 | #define LACKS_SYS_TYPES_H |
||
469 | #define LACKS_ERRNO_H |
||
470 | #define MALLOC_FAILURE_ACTION |
||
471 | #define MMAP_CLEARS 0 /* WINCE and some others apparently don't clear */ |
||
472 | #endif /* WIN32 */ |
||
473 | |||
474 | #if defined(DARWIN) || defined(_DARWIN) |
||
475 | /* Mac OSX docs advise not to use sbrk; it seems better to use mmap */ |
||
476 | #ifndef HAVE_MORECORE |
||
477 | #define HAVE_MORECORE 0 |
||
478 | #define HAVE_MMAP 1 |
||
479 | #endif /* HAVE_MORECORE */ |
||
480 | #endif /* DARWIN */ |
||
481 | |||
482 | #ifndef LACKS_SYS_TYPES_H |
||
483 | #include |
||
484 | #endif /* LACKS_SYS_TYPES_H */ |
||
485 | |||
486 | /* The maximum possible size_t value has all bits set */ |
||
487 | #define MAX_SIZE_T (~(size_t)0) |
||
488 | |||
489 | #ifndef ONLY_MSPACES |
||
490 | #define ONLY_MSPACES 0 |
||
491 | #endif /* ONLY_MSPACES */ |
||
492 | #ifndef MSPACES |
||
493 | #if ONLY_MSPACES |
||
494 | #define MSPACES 1 |
||
495 | #else /* ONLY_MSPACES */ |
||
496 | #define MSPACES 0 |
||
497 | #endif /* ONLY_MSPACES */ |
||
498 | #endif /* MSPACES */ |
||
499 | #ifndef MALLOC_ALIGNMENT |
||
500 | #define MALLOC_ALIGNMENT ((size_t)8U) |
||
501 | #endif /* MALLOC_ALIGNMENT */ |
||
502 | #ifndef FOOTERS |
||
503 | #define FOOTERS 0 |
||
504 | #endif /* FOOTERS */ |
||
505 | #ifndef ABORT |
||
506 | #define ABORT abort() |
||
507 | #endif /* ABORT */ |
||
508 | #ifndef ABORT_ON_ASSERT_FAILURE |
||
509 | #define ABORT_ON_ASSERT_FAILURE 1 |
||
510 | #endif /* ABORT_ON_ASSERT_FAILURE */ |
||
511 | #ifndef PROCEED_ON_ERROR |
||
512 | #define PROCEED_ON_ERROR 0 |
||
513 | #endif /* PROCEED_ON_ERROR */ |
||
514 | #ifndef USE_LOCKS |
||
515 | #define USE_LOCKS 0 |
||
516 | #endif /* USE_LOCKS */ |
||
517 | #ifndef INSECURE |
||
518 | #define INSECURE 0 |
||
519 | #endif /* INSECURE */ |
||
520 | #ifndef HAVE_MMAP |
||
521 | #define HAVE_MMAP 1 |
||
522 | #endif /* HAVE_MMAP */ |
||
523 | #ifndef MMAP_CLEARS |
||
524 | #define MMAP_CLEARS 1 |
||
525 | #endif /* MMAP_CLEARS */ |
||
526 | #ifndef HAVE_MREMAP |
||
527 | #ifdef linux |
||
528 | #define HAVE_MREMAP 1 |
||
529 | #else /* linux */ |
||
530 | #define HAVE_MREMAP 0 |
||
531 | #endif /* linux */ |
||
532 | #endif /* HAVE_MREMAP */ |
||
533 | #ifndef MALLOC_FAILURE_ACTION |
||
534 | #define MALLOC_FAILURE_ACTION errno = ENOMEM; |
||
535 | #endif /* MALLOC_FAILURE_ACTION */ |
||
536 | #ifndef HAVE_MORECORE |
||
537 | #if ONLY_MSPACES |
||
538 | #define HAVE_MORECORE 0 |
||
539 | #else /* ONLY_MSPACES */ |
||
540 | #define HAVE_MORECORE 1 |
||
541 | #endif /* ONLY_MSPACES */ |
||
542 | #endif /* HAVE_MORECORE */ |
||
543 | #if !HAVE_MORECORE |
||
544 | #define MORECORE_CONTIGUOUS 0 |
||
545 | #else /* !HAVE_MORECORE */ |
||
546 | #ifndef MORECORE |
||
547 | #define MORECORE sbrk |
||
548 | #endif /* MORECORE */ |
||
549 | #ifndef MORECORE_CONTIGUOUS |
||
550 | #define MORECORE_CONTIGUOUS 1 |
||
551 | #endif /* MORECORE_CONTIGUOUS */ |
||
552 | #endif /* HAVE_MORECORE */ |
||
553 | #ifndef DEFAULT_GRANULARITY |
||
554 | #if MORECORE_CONTIGUOUS |
||
555 | #define DEFAULT_GRANULARITY (0) /* 0 means to compute in init_mparams */ |
||
556 | #else /* MORECORE_CONTIGUOUS */ |
||
557 | #define DEFAULT_GRANULARITY ((size_t)64U * (size_t)1024U) |
||
558 | #endif /* MORECORE_CONTIGUOUS */ |
||
559 | #endif /* DEFAULT_GRANULARITY */ |
||
560 | #ifndef DEFAULT_TRIM_THRESHOLD |
||
561 | #ifndef MORECORE_CANNOT_TRIM |
||
562 | #define DEFAULT_TRIM_THRESHOLD ((size_t)2U * (size_t)1024U * (size_t)1024U) |
||
563 | #else /* MORECORE_CANNOT_TRIM */ |
||
564 | #define DEFAULT_TRIM_THRESHOLD MAX_SIZE_T |
||
565 | #endif /* MORECORE_CANNOT_TRIM */ |
||
566 | #endif /* DEFAULT_TRIM_THRESHOLD */ |
||
567 | #ifndef DEFAULT_MMAP_THRESHOLD |
||
568 | #if HAVE_MMAP |
||
569 | #define DEFAULT_MMAP_THRESHOLD ((size_t)256U * (size_t)1024U) |
||
570 | #else /* HAVE_MMAP */ |
||
571 | #define DEFAULT_MMAP_THRESHOLD MAX_SIZE_T |
||
572 | #endif /* HAVE_MMAP */ |
||
573 | #endif /* DEFAULT_MMAP_THRESHOLD */ |
||
574 | #ifndef USE_BUILTIN_FFS |
||
575 | #define USE_BUILTIN_FFS 0 |
||
576 | #endif /* USE_BUILTIN_FFS */ |
||
577 | #ifndef USE_DEV_RANDOM |
||
578 | #define USE_DEV_RANDOM 0 |
||
579 | #endif /* USE_DEV_RANDOM */ |
||
580 | #ifndef NO_MALLINFO |
||
581 | #define NO_MALLINFO 0 |
||
582 | #endif /* NO_MALLINFO */ |
||
583 | #ifndef MALLINFO_FIELD_TYPE |
||
584 | #define MALLINFO_FIELD_TYPE size_t |
||
585 | #endif /* MALLINFO_FIELD_TYPE */ |
||
586 | |||
587 | |||
588 | /* |
||
589 | mallopt tuning options. SVID/XPG defines four standard parameter |
||
590 | numbers for mallopt, normally defined in malloc.h. None of these |
||
591 | are used in this malloc, so setting them has no effect. But this |
||
592 | malloc does support the following options. |
||
593 | */ |
||
594 | |||
595 | #define M_TRIM_THRESHOLD (-1) |
||
596 | #define M_GRANULARITY (-2) |
||
597 | #define M_MMAP_THRESHOLD (-3) |
||
598 | |||
599 | /* ------------------------ Mallinfo declarations ------------------------ */ |
||
600 | |||
601 | #if !NO_MALLINFO |
||
602 | #endif /* NO_MALLINFO */ |
||
603 | |||
604 | #ifdef __cplusplus |
||
605 | extern "C" { |
||
606 | #endif /* __cplusplus */ |
||
607 | |||
608 | #if !ONLY_MSPACES |
||
609 | |||
610 | /* ------------------- Declarations of public routines ------------------- */ |
||
611 | |||
612 | #ifndef USE_DL_PREFIX |
||
613 | #define dlcalloc calloc |
||
614 | #define dlfree free |
||
615 | #define dlmalloc malloc |
||
616 | #define dlmemalign memalign |
||
617 | #define dlrealloc realloc |
||
618 | #define dlvalloc valloc |
||
619 | #define dlpvalloc pvalloc |
||
620 | #define dlmallinfo mallinfo |
||
621 | #define dlmallopt mallopt |
||
622 | #define dlmalloc_trim malloc_trim |
||
623 | #define dlmalloc_stats malloc_stats |
||
624 | #define dlmalloc_usable_size malloc_usable_size |
||
625 | #define dlmalloc_footprint malloc_footprint |
||
626 | #define dlmalloc_max_footprint malloc_max_footprint |
||
627 | #define dlindependent_calloc independent_calloc |
||
628 | #define dlindependent_comalloc independent_comalloc |
||
629 | #endif /* USE_DL_PREFIX */ |
||
630 | |||
631 | |||
632 | /* |
||
633 | malloc(size_t n) |
||
634 | Returns a pointer to a newly allocated chunk of at least n bytes, or |
||
635 | null if no space is available, in which case errno is set to ENOMEM |
||
636 | on ANSI C systems. |
||
637 | |||
638 | If n is zero, malloc returns a minimum-sized chunk. (The minimum |
||
639 | size is 16 bytes on most 32bit systems, and 32 bytes on 64bit |
||
640 | systems.) Note that size_t is an unsigned type, so calls with |
||
641 | arguments that would be negative if signed are interpreted as |
||
642 | requests for huge amounts of space, which will often fail. The |
||
643 | maximum supported value of n differs across systems, but is in all |
||
644 | cases less than the maximum representable value of a size_t. |
||
645 | */ |
||
646 | void* dlmalloc(size_t); |
||
647 | |||
648 | /* |
||
649 | free(void* p) |
||
650 | Releases the chunk of memory pointed to by p, that had been previously |
||
651 | allocated using malloc or a related routine such as realloc. |
||
652 | It has no effect if p is null. If p was not malloced or already |
||
653 | freed, free(p) will by default cause the current program to abort. |
||
654 | */ |
||
655 | void dlfree(void*); |
||
656 | |||
657 | /* |
||
658 | calloc(size_t n_elements, size_t element_size); |
||
659 | Returns a pointer to n_elements * element_size bytes, with all locations |
||
660 | set to zero. |
||
661 | */ |
||
662 | void* dlcalloc(size_t, size_t); |
||
663 | |||
664 | /* |
||
665 | realloc(void* p, size_t n) |
||
666 | Returns a pointer to a chunk of size n that contains the same data |
||
667 | as does chunk p up to the minimum of (n, p's size) bytes, or null |
||
668 | if no space is available. |
||
669 | |||
670 | The returned pointer may or may not be the same as p. The algorithm |
||
671 | prefers extending p in most cases when possible, otherwise it |
||
672 | employs the equivalent of a malloc-copy-free sequence. |
||
673 | |||
674 | If p is null, realloc is equivalent to malloc. |
||
675 | |||
676 | If space is not available, realloc returns null, errno is set (if on |
||
677 | ANSI) and p is NOT freed. |
||
678 | |||
679 | if n is for fewer bytes than already held by p, the newly unused |
||
680 | space is lopped off and freed if possible. realloc with a size |
||
681 | argument of zero (re)allocates a minimum-sized chunk. |
||
682 | |||
683 | The old unix realloc convention of allowing the last-free'd chunk |
||
684 | to be used as an argument to realloc is not supported. |
||
685 | */ |
||
686 | |||
687 | void* dlrealloc(void*, size_t); |
||
688 | |||
689 | /* |
||
690 | memalign(size_t alignment, size_t n); |
||
691 | Returns a pointer to a newly allocated chunk of n bytes, aligned |
||
692 | in accord with the alignment argument. |
||
693 | |||
694 | The alignment argument should be a power of two. If the argument is |
||
695 | not a power of two, the nearest greater power is used. |
||
696 | 8-byte alignment is guaranteed by normal malloc calls, so don't |
||
697 | bother calling memalign with an argument of 8 or less. |
||
698 | |||
699 | Overreliance on memalign is a sure way to fragment space. |
||
700 | */ |
||
701 | void* dlmemalign(size_t, size_t); |
||
702 | |||
703 | /* |
||
704 | valloc(size_t n); |
||
705 | Equivalent to memalign(pagesize, n), where pagesize is the page |
||
706 | size of the system. If the pagesize is unknown, 4096 is used. |
||
707 | */ |
||
708 | void* dlvalloc(size_t); |
||
709 | |||
710 | /* |
||
711 | mallopt(int parameter_number, int parameter_value) |
||
712 | Sets tunable parameters The format is to provide a |
||
713 | (parameter-number, parameter-value) pair. mallopt then sets the |
||
714 | corresponding parameter to the argument value if it can (i.e., so |
||
715 | long as the value is meaningful), and returns 1 if successful else |
||
716 | 0. SVID/XPG/ANSI defines four standard param numbers for mallopt, |
||
717 | normally defined in malloc.h. None of these are use in this malloc, |
||
718 | so setting them has no effect. But this malloc also supports other |
||
719 | options in mallopt. See below for details. Briefly, supported |
||
720 | parameters are as follows (listed defaults are for "typical" |
||
721 | configurations). |
||
722 | |||
723 | Symbol param # default allowed param values |
||
724 | M_TRIM_THRESHOLD -1 2*1024*1024 any (MAX_SIZE_T disables) |
||
725 | M_GRANULARITY -2 page size any power of 2 >= page size |
||
726 | M_MMAP_THRESHOLD -3 256*1024 any (or 0 if no MMAP support) |
||
727 | */ |
||
728 | int dlmallopt(int, int); |
||
729 | |||
730 | /* |
||
731 | malloc_footprint(); |
||
732 | Returns the number of bytes obtained from the system. The total |
||
733 | number of bytes allocated by malloc, realloc etc., is less than this |
||
734 | value. Unlike mallinfo, this function returns only a precomputed |
||
735 | result, so can be called frequently to monitor memory consumption. |
||
736 | Even if locks are otherwise defined, this function does not use them, |
||
737 | so results might not be up to date. |
||
738 | */ |
||
739 | size_t dlmalloc_footprint(void); |
||
740 | |||
741 | /* |
||
742 | malloc_max_footprint(); |
||
743 | Returns the maximum number of bytes obtained from the system. This |
||
744 | value will be greater than current footprint if deallocated space |
||
745 | has been reclaimed by the system. The peak number of bytes allocated |
||
746 | by malloc, realloc etc., is less than this value. Unlike mallinfo, |
||
747 | this function returns only a precomputed result, so can be called |
||
748 | frequently to monitor memory consumption. Even if locks are |
||
749 | otherwise defined, this function does not use them, so results might |
||
750 | not be up to date. |
||
751 | */ |
||
752 | size_t dlmalloc_max_footprint(void); |
||
753 | |||
754 | #if !NO_MALLINFO |
||
755 | #endif /* NO_MALLINFO */ |
||
756 | |||
757 | /* |
||
758 | independent_calloc(size_t n_elements, size_t element_size, void* chunks[]); |
||
759 | |||
760 | independent_calloc is similar to calloc, but instead of returning a |
||
761 | single cleared space, it returns an array of pointers to n_elements |
||
762 | independent elements that can hold contents of size elem_size, each |
||
763 | of which starts out cleared, and can be independently freed, |
||
764 | realloc'ed etc. The elements are guaranteed to be adjacently |
||
765 | allocated (this is not guaranteed to occur with multiple callocs or |
||
766 | mallocs), which may also improve cache locality in some |
||
767 | applications. |
||
768 | |||
769 | The "chunks" argument is optional (i.e., may be null, which is |
||
770 | probably the most typical usage). If it is null, the returned array |
||
771 | is itself dynamically allocated and should also be freed when it is |
||
772 | no longer needed. Otherwise, the chunks array must be of at least |
||
773 | n_elements in length. It is filled in with the pointers to the |
||
774 | chunks. |
||
775 | |||
776 | In either case, independent_calloc returns this pointer array, or |
||
777 | null if the allocation failed. If n_elements is zero and "chunks" |
||
778 | is null, it returns a chunk representing an array with zero elements |
||
779 | (which should be freed if not wanted). |
||
780 | |||
781 | Each element must be individually freed when it is no longer |
||
782 | needed. If you'd like to instead be able to free all at once, you |
||
783 | should instead use regular calloc and assign pointers into this |
||
784 | space to represent elements. (In this case though, you cannot |
||
785 | independently free elements.) |
||
786 | |||
787 | independent_calloc simplifies and speeds up implementations of many |
||
788 | kinds of pools. It may also be useful when constructing large data |
||
789 | structures that initially have a fixed number of fixed-sized nodes, |
||
790 | but the number is not known at compile time, and some of the nodes |
||
791 | may later need to be freed. For example: |
||
792 | |||
793 | struct Node { int item; struct Node* next; }; |
||
794 | |||
795 | struct Node* build_list() { |
||
796 | struct Node** pool; |
||
797 | int n = read_number_of_nodes_needed(); |
||
798 | if (n <= 0) return 0; |
||
799 | pool = (struct Node**)(independent_calloc(n, sizeof(struct Node), 0); |
||
800 | if (pool == 0) die(); |
||
801 | // organize into a linked list... |
||
802 | struct Node* first = pool[0]; |
||
803 | for (i = 0; i < n-1; ++i) |
||
804 | pool[i]->next = pool[i+1]; |
||
805 | free(pool); // Can now free the array (or not, if it is needed later) |
||
806 | return first; |
||
807 | } |
||
808 | */ |
||
809 | void** dlindependent_calloc(size_t, size_t, void**); |
||
810 | |||
811 | /* |
||
812 | independent_comalloc(size_t n_elements, size_t sizes[], void* chunks[]); |
||
813 | |||
814 | independent_comalloc allocates, all at once, a set of n_elements |
||
815 | chunks with sizes indicated in the "sizes" array. It returns |
||
816 | an array of pointers to these elements, each of which can be |
||
817 | independently freed, realloc'ed etc. The elements are guaranteed to |
||
818 | be adjacently allocated (this is not guaranteed to occur with |
||
819 | multiple callocs or mallocs), which may also improve cache locality |
||
820 | in some applications. |
||
821 | |||
822 | The "chunks" argument is optional (i.e., may be null). If it is null |
||
823 | the returned array is itself dynamically allocated and should also |
||
824 | be freed when it is no longer needed. Otherwise, the chunks array |
||
825 | must be of at least n_elements in length. It is filled in with the |
||
826 | pointers to the chunks. |
||
827 | |||
828 | In either case, independent_comalloc returns this pointer array, or |
||
829 | null if the allocation failed. If n_elements is zero and chunks is |
||
830 | null, it returns a chunk representing an array with zero elements |
||
831 | (which should be freed if not wanted). |
||
832 | |||
833 | Each element must be individually freed when it is no longer |
||
834 | needed. If you'd like to instead be able to free all at once, you |
||
835 | should instead use a single regular malloc, and assign pointers at |
||
836 | particular offsets in the aggregate space. (In this case though, you |
||
837 | cannot independently free elements.) |
||
838 | |||
839 | independent_comallac differs from independent_calloc in that each |
||
840 | element may have a different size, and also that it does not |
||
841 | automatically clear elements. |
||
842 | |||
843 | independent_comalloc can be used to speed up allocation in cases |
||
844 | where several structs or objects must always be allocated at the |
||
845 | same time. For example: |
||
846 | |||
847 | struct Head { ... } |
||
848 | struct Foot { ... } |
||
849 | |||
850 | void send_message(char* msg) { |
||
851 | int msglen = strlen(msg); |
||
852 | size_t sizes[3] = { sizeof(struct Head), msglen, sizeof(struct Foot) }; |
||
853 | void* chunks[3]; |
||
854 | if (independent_comalloc(3, sizes, chunks) == 0) |
||
855 | die(); |
||
856 | struct Head* head = (struct Head*)(chunks[0]); |
||
857 | char* body = (char*)(chunks[1]); |
||
858 | struct Foot* foot = (struct Foot*)(chunks[2]); |
||
859 | // ... |
||
860 | } |
||
861 | |||
862 | In general though, independent_comalloc is worth using only for |
||
863 | larger values of n_elements. For small values, you probably won't |
||
864 | detect enough difference from series of malloc calls to bother. |
||
865 | |||
866 | Overuse of independent_comalloc can increase overall memory usage, |
||
867 | since it cannot reuse existing noncontiguous small chunks that |
||
868 | might be available for some of the elements. |
||
869 | */ |
||
870 | void** dlindependent_comalloc(size_t, size_t*, void**); |
||
871 | |||
872 | |||
873 | /* |
||
874 | pvalloc(size_t n); |
||
875 | Equivalent to valloc(minimum-page-that-holds(n)), that is, |
||
876 | round up n to nearest pagesize. |
||
877 | */ |
||
878 | void* dlpvalloc(size_t); |
||
879 | |||
880 | /* |
||
881 | malloc_trim(size_t pad); |
||
882 | |||
883 | If possible, gives memory back to the system (via negative arguments |
||
884 | to sbrk) if there is unused memory at the `high' end of the malloc |
||
885 | pool or in unused MMAP segments. You can call this after freeing |
||
886 | large blocks of memory to potentially reduce the system-level memory |
||
887 | requirements of a program. However, it cannot guarantee to reduce |
||
888 | memory. Under some allocation patterns, some large free blocks of |
||
889 | memory will be locked between two used chunks, so they cannot be |
||
890 | given back to the system. |
||
891 | |||
892 | The `pad' argument to malloc_trim represents the amount of free |
||
893 | trailing space to leave untrimmed. If this argument is zero, only |
||
894 | the minimum amount of memory to maintain internal data structures |
||
895 | will be left. Non-zero arguments can be supplied to maintain enough |
||
896 | trailing space to service future expected allocations without having |
||
897 | to re-obtain memory from the system. |
||
898 | |||
899 | Malloc_trim returns 1 if it actually released any memory, else 0. |
||
900 | */ |
||
901 | int dlmalloc_trim(size_t); |
||
902 | |||
903 | /* |
||
904 | malloc_usable_size(void* p); |
||
905 | |||
906 | Returns the number of bytes you can actually use in |
||
907 | an allocated chunk, which may be more than you requested (although |
||
908 | often not) due to alignment and minimum size constraints. |
||
909 | You can use this many bytes without worrying about |
||
910 | overwriting other allocated objects. This is not a particularly great |
||
911 | programming practice. malloc_usable_size can be more useful in |
||
912 | debugging and assertions, for example: |
||
913 | |||
914 | p = malloc(n); |
||
915 | assert(malloc_usable_size(p) >= 256); |
||
916 | */ |
||
917 | size_t dlmalloc_usable_size(void*); |
||
918 | |||
919 | /* |
||
920 | malloc_stats(); |
||
921 | Prints on stderr the amount of space obtained from the system (both |
||
922 | via sbrk and mmap), the maximum amount (which may be more than |
||
923 | current if malloc_trim and/or munmap got called), and the current |
||
924 | number of bytes allocated via malloc (or realloc, etc) but not yet |
||
925 | freed. Note that this is the number of bytes allocated, not the |
||
926 | number requested. It will be larger than the number requested |
||
927 | because of alignment and bookkeeping overhead. Because it includes |
||
928 | alignment wastage as being in use, this figure may be greater than |
||
929 | zero even when no user-level chunks are allocated. |
||
930 | |||
931 | The reported current and maximum system memory can be inaccurate if |
||
932 | a program makes other calls to system memory allocation functions |
||
933 | (normally sbrk) outside of malloc. |
||
934 | |||
935 | malloc_stats prints only the most commonly interesting statistics. |
||
936 | More information can be obtained by calling mallinfo. |
||
937 | */ |
||
938 | void dlmalloc_stats(void); |
||
939 | |||
940 | #endif /* ONLY_MSPACES */ |
||
941 | |||
942 | #if MSPACES |
||
943 | #endif /* MSPACES */ |
||
944 | |||
945 | #ifdef __cplusplus |
||
946 | }; /* end of extern "C" */ |
||
947 | #endif /* __cplusplus */ |
||
948 | |||
949 | /* |
||
950 | ======================================================================== |
||
951 | To make a fully customizable malloc.h header file, cut everything |
||
952 | above this line, put into file malloc.h, edit to suit, and #include it |
||
953 | on the next line, as well as in programs that use this malloc. |
||
954 | ======================================================================== |
||
955 | */ |
||
956 | |||
957 | /* #include "malloc.h" */ |
||
958 | |||
959 | /*------------------------------ internal #includes ---------------------- */ |
||
960 | |||
961 | #ifdef WIN32 |
||
962 | #pragma warning( disable : 4146 ) /* no "unsigned" warnings */ |
||
963 | #endif /* WIN32 */ |
||
964 | |||
965 | #include |
||
966 | |||
967 | #ifndef LACKS_ERRNO_H |
||
968 | #include |
||
969 | #endif /* LACKS_ERRNO_H */ |
||
970 | #if FOOTERS |
||
971 | #include |
||
972 | #endif /* FOOTERS */ |
||
973 | #ifndef LACKS_STDLIB_H |
||
974 | #include |
||
975 | #endif /* LACKS_STDLIB_H */ |
||
976 | #ifdef DEBUG |
||
977 | #if ABORT_ON_ASSERT_FAILURE |
||
978 | #define assert(x) if(!(x)) ABORT |
||
979 | #else /* ABORT_ON_ASSERT_FAILURE */ |
||
980 | #include |
||
981 | #endif /* ABORT_ON_ASSERT_FAILURE */ |
||
982 | #else /* DEBUG */ |
||
983 | #define assert(x) |
||
984 | #endif /* DEBUG */ |
||
985 | #ifndef LACKS_STRING_H |
||
986 | #include |
||
987 | #endif /* LACKS_STRING_H */ |
||
988 | #if USE_BUILTIN_FFS |
||
989 | #ifndef LACKS_STRINGS_H |
||
990 | #include |
||
991 | #endif /* LACKS_STRINGS_H */ |
||
992 | #endif /* USE_BUILTIN_FFS */ |
||
993 | #if HAVE_MMAP |
||
994 | #ifndef LACKS_SYS_MMAN_H |
||
995 | #include |
||
996 | #endif /* LACKS_SYS_MMAN_H */ |
||
997 | #ifndef LACKS_FCNTL_H |
||
998 | #include |
||
999 | #endif /* LACKS_FCNTL_H */ |
||
1000 | #endif /* HAVE_MMAP */ |
||
1001 | #if HAVE_MORECORE |
||
1002 | #endif /* HAVE_MMAP */ |
||
1003 | |||
1004 | #ifndef WIN32 |
||
1005 | #endif |
||
1006 | |||
1007 | /* ------------------- size_t and alignment properties -------------------- */ |
||
1008 | |||
1009 | /* The byte and bit size of a size_t */ |
||
1010 | #define SIZE_T_SIZE (sizeof(size_t)) |
||
1011 | #define SIZE_T_BITSIZE (sizeof(size_t) << 3) |
||
1012 | |||
1013 | /* Some constants coerced to size_t */ |
||
1014 | /* Annoying but necessary to avoid errors on some plaftorms */ |
||
1015 | #define SIZE_T_ZERO ((size_t)0) |
||
1016 | #define SIZE_T_ONE ((size_t)1) |
||
1017 | #define SIZE_T_TWO ((size_t)2) |
||
1018 | #define TWO_SIZE_T_SIZES (SIZE_T_SIZE<<1) |
||
1019 | #define FOUR_SIZE_T_SIZES (SIZE_T_SIZE<<2) |
||
1020 | #define SIX_SIZE_T_SIZES (FOUR_SIZE_T_SIZES+TWO_SIZE_T_SIZES) |
||
1021 | #define HALF_MAX_SIZE_T (MAX_SIZE_T / 2U) |
||
1022 | |||
1023 | /* The bit mask value corresponding to MALLOC_ALIGNMENT */ |
||
1024 | #define CHUNK_ALIGN_MASK (MALLOC_ALIGNMENT - SIZE_T_ONE) |
||
1025 | |||
1026 | /* True if address a has acceptable alignment */ |
||
1027 | #define is_aligned(A) (((size_t)((A)) & (CHUNK_ALIGN_MASK)) == 0) |
||
1028 | |||
1029 | /* the number of bytes to offset an address to align it */ |
||
1030 | #define align_offset(A)\ |
||
1031 | ((((size_t)(A) & CHUNK_ALIGN_MASK) == 0)? 0 :\ |
||
1032 | ((MALLOC_ALIGNMENT - ((size_t)(A) & CHUNK_ALIGN_MASK)) & CHUNK_ALIGN_MASK)) |
||
1033 | |||
1034 | /* -------------------------- MMAP preliminaries ------------------------- */ |
||
1035 | |||
1036 | /* |
||
1037 | If HAVE_MORECORE or HAVE_MMAP are false, we just define calls and |
||
1038 | checks to fail so compiler optimizer can delete code rather than |
||
1039 | using so many "#if"s. |
||
1040 | */ |
||
1041 | |||
1042 | |||
1043 | /* MORECORE and MMAP must return MFAIL on failure */ |
||
1044 | #define MFAIL ((void*)(MAX_SIZE_T)) |
||
1045 | #define CMFAIL ((char*)(MFAIL)) /* defined for convenience */ |
||
1046 | |||
1047 | #if !HAVE_MMAP |
||
1048 | #else /* HAVE_MMAP */ |
||
1049 | #define IS_MMAPPED_BIT (SIZE_T_ONE) |
||
1050 | #define USE_MMAP_BIT (SIZE_T_ONE) |
||
1051 | |||
1052 | #ifndef WIN32 |
||
1053 | |||
1054 | #else /* WIN32 */ |
||
1055 | |||
1056 | /* Win32 MMAP via VirtualAlloc */ |
||
1057 | static void* win32mmap(size_t size) { |
||
1058 | void* ptr = KernelAlloc(size); |
||
1059 | return (ptr != 0)? ptr: MFAIL; |
||
1060 | } |
||
1061 | |||
1062 | /* For direct MMAP, use MEM_TOP_DOWN to minimize interference */ |
||
1063 | static void* win32direct_mmap(size_t size) { |
||
1064 | void* ptr = KernelAlloc(size); |
||
1065 | return (ptr != 0)? ptr: MFAIL; |
||
1066 | } |
||
1067 | |||
1068 | /* This function supports releasing coalesed segments */ |
||
1069 | static int win32munmap(void* ptr, size_t size) { |
||
1070 | KernelFree(ptr); |
||
1071 | return 0; |
||
1072 | } |
||
1073 | |||
1074 | #define CALL_MMAP(s) win32mmap(s) |
||
1075 | #define CALL_MUNMAP(a, s) win32munmap((a), (s)) |
||
1076 | #define DIRECT_MMAP(s) win32direct_mmap(s) |
||
1077 | #endif /* WIN32 */ |
||
1078 | #endif /* HAVE_MMAP */ |
||
1079 | |||
1080 | #if HAVE_MMAP && HAVE_MREMAP |
||
1081 | #else /* HAVE_MMAP && HAVE_MREMAP */ |
||
1082 | #define CALL_MREMAP(addr, osz, nsz, mv) MFAIL |
||
1083 | #endif /* HAVE_MMAP && HAVE_MREMAP */ |
||
1084 | |||
1085 | #if HAVE_MORECORE |
||
1086 | #else /* HAVE_MORECORE */ |
||
1087 | #define CALL_MORECORE(S) MFAIL |
||
1088 | #endif /* HAVE_MORECORE */ |
||
1089 | |||
1090 | /* mstate bit set if continguous morecore disabled or failed */ |
||
1091 | #define USE_NONCONTIGUOUS_BIT (4U) |
||
1092 | |||
1093 | /* segment bit set in create_mspace_with_base */ |
||
1094 | #define EXTERN_BIT (8U) |
||
1095 | |||
1096 | |||
1097 | /* --------------------------- Lock preliminaries ------------------------ */ |
||
1098 | |||
1099 | #if USE_LOCKS |
||
1100 | #else /* USE_LOCKS */ |
||
1101 | #define USE_LOCK_BIT (0U) |
||
1102 | #define INITIAL_LOCK(l) |
||
1103 | #endif /* USE_LOCKS */ |
||
1104 | |||
1105 | #if USE_LOCKS && HAVE_MORECORE |
||
1106 | #define ACQUIRE_MORECORE_LOCK() ACQUIRE_LOCK(&morecore_mutex); |
||
1107 | #define RELEASE_MORECORE_LOCK() RELEASE_LOCK(&morecore_mutex); |
||
1108 | #else /* USE_LOCKS && HAVE_MORECORE */ |
||
1109 | #define ACQUIRE_MORECORE_LOCK() |
||
1110 | #define RELEASE_MORECORE_LOCK() |
||
1111 | #endif /* USE_LOCKS && HAVE_MORECORE */ |
||
1112 | |||
1113 | #if USE_LOCKS |
||
1114 | #define ACQUIRE_MAGIC_INIT_LOCK() ACQUIRE_LOCK(&magic_init_mutex); |
||
1115 | #define RELEASE_MAGIC_INIT_LOCK() RELEASE_LOCK(&magic_init_mutex); |
||
1116 | #else /* USE_LOCKS */ |
||
1117 | #define ACQUIRE_MAGIC_INIT_LOCK() |
||
1118 | #define RELEASE_MAGIC_INIT_LOCK() |
||
1119 | #endif /* USE_LOCKS */ |
||
1120 | |||
1121 | |||
1122 | /* ----------------------- Chunk representations ------------------------ */ |
||
1123 | |||
1124 | /* |
||
1125 | (The following includes lightly edited explanations by Colin Plumb.) |
||
1126 | |||
1127 | The malloc_chunk declaration below is misleading (but accurate and |
||
1128 | necessary). It declares a "view" into memory allowing access to |
||
1129 | necessary fields at known offsets from a given base. |
||
1130 | |||
1131 | Chunks of memory are maintained using a `boundary tag' method as |
||
1132 | originally described by Knuth. (See the paper by Paul Wilson |
||
1133 | ftp://ftp.cs.utexas.edu/pub/garbage/allocsrv.ps for a survey of such |
||
1134 | techniques.) Sizes of free chunks are stored both in the front of |
||
1135 | each chunk and at the end. This makes consolidating fragmented |
||
1136 | chunks into bigger chunks fast. The head fields also hold bits |
||
1137 | representing whether chunks are free or in use. |
||
1138 | |||
1139 | Here are some pictures to make it clearer. They are "exploded" to |
||
1140 | show that the state of a chunk can be thought of as extending from |
||
1141 | the high 31 bits of the head field of its header through the |
||
1142 | prev_foot and PINUSE_BIT bit of the following chunk header. |
||
1143 | |||
1144 | A chunk that's in use looks like: |
||
1145 | |||
1146 | chunk-> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
||
1147 | | Size of previous chunk (if P = 1) | |
||
1148 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
||
1149 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |P| |
||
1150 | | Size of this chunk 1| +-+ |
||
1151 | mem-> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
||
1152 | | | |
||
1153 | +- -+ |
||
1154 | | | |
||
1155 | +- -+ |
||
1156 | | : |
||
1157 | +- size - sizeof(size_t) available payload bytes -+ |
||
1158 | : | |
||
1159 | chunk-> +- -+ |
||
1160 | | | |
||
1161 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
||
1162 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |1| |
||
1163 | | Size of next chunk (may or may not be in use) | +-+ |
||
1164 | mem-> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
||
1165 | |||
1166 | And if it's free, it looks like this: |
||
1167 | |||
1168 | chunk-> +- -+ |
||
1169 | | User payload (must be in use, or we would have merged!) | |
||
1170 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
||
1171 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |P| |
||
1172 | | Size of this chunk 0| +-+ |
||
1173 | mem-> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
||
1174 | | Next pointer | |
||
1175 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
||
1176 | | Prev pointer | |
||
1177 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
||
1178 | | : |
||
1179 | +- size - sizeof(struct chunk) unused bytes -+ |
||
1180 | : | |
||
1181 | chunk-> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
||
1182 | | Size of this chunk | |
||
1183 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
||
1184 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |0| |
||
1185 | | Size of next chunk (must be in use, or we would have merged)| +-+ |
||
1186 | mem-> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
||
1187 | | : |
||
1188 | +- User payload -+ |
||
1189 | : | |
||
1190 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
||
1191 | |0| |
||
1192 | +-+ |
||
1193 | Note that since we always merge adjacent free chunks, the chunks |
||
1194 | adjacent to a free chunk must be in use. |
||
1195 | |||
1196 | Given a pointer to a chunk (which can be derived trivially from the |
||
1197 | payload pointer) we can, in O(1) time, find out whether the adjacent |
||
1198 | chunks are free, and if so, unlink them from the lists that they |
||
1199 | are on and merge them with the current chunk. |
||
1200 | |||
1201 | Chunks always begin on even word boundaries, so the mem portion |
||
1202 | (which is returned to the user) is also on an even word boundary, and |
||
1203 | thus at least double-word aligned. |
||
1204 | |||
1205 | The P (PINUSE_BIT) bit, stored in the unused low-order bit of the |
||
1206 | chunk size (which is always a multiple of two words), is an in-use |
||
1207 | bit for the *previous* chunk. If that bit is *clear*, then the |
||
1208 | word before the current chunk size contains the previous chunk |
||
1209 | size, and can be used to find the front of the previous chunk. |
||
1210 | The very first chunk allocated always has this bit set, preventing |
||
1211 | access to non-existent (or non-owned) memory. If pinuse is set for |
||
1212 | any given chunk, then you CANNOT determine the size of the |
||
1213 | previous chunk, and might even get a memory addressing fault when |
||
1214 | trying to do so. |
||
1215 | |||
1216 | The C (CINUSE_BIT) bit, stored in the unused second-lowest bit of |
||
1217 | the chunk size redundantly records whether the current chunk is |
||
1218 | inuse. This redundancy enables usage checks within free and realloc, |
||
1219 | and reduces indirection when freeing and consolidating chunks. |
||
1220 | |||
1221 | Each freshly allocated chunk must have both cinuse and pinuse set. |
||
1222 | That is, each allocated chunk borders either a previously allocated |
||
1223 | and still in-use chunk, or the base of its memory arena. This is |
||
1224 | ensured by making all allocations from the the `lowest' part of any |
||
1225 | found chunk. Further, no free chunk physically borders another one, |
||
1226 | so each free chunk is known to be preceded and followed by either |
||
1227 | inuse chunks or the ends of memory. |
||
1228 | |||
1229 | Note that the `foot' of the current chunk is actually represented |
||
1230 | as the prev_foot of the NEXT chunk. This makes it easier to |
||
1231 | deal with alignments etc but can be very confusing when trying |
||
1232 | to extend or adapt this code. |
||
1233 | |||
1234 | The exceptions to all this are |
||
1235 | |||
1236 | 1. The special chunk `top' is the top-most available chunk (i.e., |
||
1237 | the one bordering the end of available memory). It is treated |
||
1238 | specially. Top is never included in any bin, is used only if |
||
1239 | no other chunk is available, and is released back to the |
||
1240 | system if it is very large (see M_TRIM_THRESHOLD). In effect, |
||
1241 | the top chunk is treated as larger (and thus less well |
||
1242 | fitting) than any other available chunk. The top chunk |
||
1243 | doesn't update its trailing size field since there is no next |
||
1244 | contiguous chunk that would have to index off it. However, |
||
1245 | space is still allocated for it (TOP_FOOT_SIZE) to enable |
||
1246 | separation or merging when space is extended. |
||
1247 | |||
1248 | 3. Chunks allocated via mmap, which have the lowest-order bit |
||
1249 | (IS_MMAPPED_BIT) set in their prev_foot fields, and do not set |
||
1250 | PINUSE_BIT in their head fields. Because they are allocated |
||
1251 | one-by-one, each must carry its own prev_foot field, which is |
||
1252 | also used to hold the offset this chunk has within its mmapped |
||
1253 | region, which is needed to preserve alignment. Each mmapped |
||
1254 | chunk is trailed by the first two fields of a fake next-chunk |
||
1255 | for sake of usage checks. |
||
1256 | |||
1257 | */ |
||
1258 | |||
1259 | struct malloc_chunk { |
||
1260 | size_t prev_foot; /* Size of previous chunk (if free). */ |
||
1261 | size_t head; /* Size and inuse bits. */ |
||
1262 | struct malloc_chunk* fd; /* double links -- used only if free. */ |
||
1263 | struct malloc_chunk* bk; |
||
1264 | }; |
||
1265 | |||
1266 | typedef struct malloc_chunk mchunk; |
||
1267 | typedef struct malloc_chunk* mchunkptr; |
||
1268 | typedef struct malloc_chunk* sbinptr; /* The type of bins of chunks */ |
||
1269 | typedef unsigned int bindex_t; /* Described below */ |
||
1270 | typedef unsigned int binmap_t; /* Described below */ |
||
1271 | typedef unsigned int flag_t; /* The type of various bit flag sets */ |
||
1272 | |||
1273 | /* ------------------- Chunks sizes and alignments ----------------------- */ |
||
1274 | |||
1275 | #define MCHUNK_SIZE (sizeof(mchunk)) |
||
1276 | |||
1277 | #if FOOTERS |
||
1278 | #define CHUNK_OVERHEAD (TWO_SIZE_T_SIZES) |
||
1279 | #else /* FOOTERS */ |
||
1280 | #define CHUNK_OVERHEAD (SIZE_T_SIZE) |
||
1281 | #endif /* FOOTERS */ |
||
1282 | |||
1283 | /* MMapped chunks need a second word of overhead ... */ |
||
1284 | #define MMAP_CHUNK_OVERHEAD (TWO_SIZE_T_SIZES) |
||
1285 | /* ... and additional padding for fake next-chunk at foot */ |
||
1286 | #define MMAP_FOOT_PAD (FOUR_SIZE_T_SIZES) |
||
1287 | |||
1288 | /* The smallest size we can malloc is an aligned minimal chunk */ |
||
1289 | #define MIN_CHUNK_SIZE\ |
||
1290 | ((MCHUNK_SIZE + CHUNK_ALIGN_MASK) & ~CHUNK_ALIGN_MASK) |
||
1291 | |||
1292 | /* conversion from malloc headers to user pointers, and back */ |
||
1293 | #define chunk2mem(p) ((void*)((char*)(p) + TWO_SIZE_T_SIZES)) |
||
1294 | #define mem2chunk(mem) ((mchunkptr)((char*)(mem) - TWO_SIZE_T_SIZES)) |
||
1295 | /* chunk associated with aligned address A */ |
||
1296 | #define align_as_chunk(A) (mchunkptr)((A) + align_offset(chunk2mem(A))) |
||
1297 | |||
1298 | /* Bounds on request (not chunk) sizes. */ |
||
1299 | #define MAX_REQUEST ((-MIN_CHUNK_SIZE) << 2) |
||
1300 | #define MIN_REQUEST (MIN_CHUNK_SIZE - CHUNK_OVERHEAD - SIZE_T_ONE) |
||
1301 | |||
1302 | /* pad request bytes into a usable size */ |
||
1303 | #define pad_request(req) \ |
||
1304 | (((req) + CHUNK_OVERHEAD + CHUNK_ALIGN_MASK) & ~CHUNK_ALIGN_MASK) |
||
1305 | |||
1306 | /* pad request, checking for minimum (but not maximum) */ |
||
1307 | #define request2size(req) \ |
||
1308 | (((req) < MIN_REQUEST)? MIN_CHUNK_SIZE : pad_request(req)) |
||
1309 | |||
1310 | |||
1311 | /* ------------------ Operations on head and foot fields ----------------- */ |
||
1312 | |||
1313 | /* |
||
1314 | The head field of a chunk is or'ed with PINUSE_BIT when previous |
||
1315 | adjacent chunk in use, and or'ed with CINUSE_BIT if this chunk is in |
||
1316 | use. If the chunk was obtained with mmap, the prev_foot field has |
||
1317 | IS_MMAPPED_BIT set, otherwise holding the offset of the base of the |
||
1318 | mmapped region to the base of the chunk. |
||
1319 | */ |
||
1320 | |||
1321 | #define PINUSE_BIT (SIZE_T_ONE) |
||
1322 | #define CINUSE_BIT (SIZE_T_TWO) |
||
1323 | #define INUSE_BITS (PINUSE_BIT|CINUSE_BIT) |
||
1324 | |||
1325 | /* Head value for fenceposts */ |
||
1326 | #define FENCEPOST_HEAD (INUSE_BITS|SIZE_T_SIZE) |
||
1327 | |||
1328 | /* extraction of fields from head words */ |
||
1329 | #define cinuse(p) ((p)->head & CINUSE_BIT) |
||
1330 | #define pinuse(p) ((p)->head & PINUSE_BIT) |
||
1331 | #define chunksize(p) ((p)->head & ~(INUSE_BITS)) |
||
1332 | |||
1333 | #define clear_pinuse(p) ((p)->head &= ~PINUSE_BIT) |
||
1334 | #define clear_cinuse(p) ((p)->head &= ~CINUSE_BIT) |
||
1335 | |||
1336 | /* Treat space at ptr +/- offset as a chunk */ |
||
1337 | #define chunk_plus_offset(p, s) ((mchunkptr)(((char*)(p)) + (s))) |
||
1338 | #define chunk_minus_offset(p, s) ((mchunkptr)(((char*)(p)) - (s))) |
||
1339 | |||
1340 | /* Ptr to next or previous physical malloc_chunk. */ |
||
1341 | #define next_chunk(p) ((mchunkptr)( ((char*)(p)) + ((p)->head & ~INUSE_BITS))) |
||
1342 | #define prev_chunk(p) ((mchunkptr)( ((char*)(p)) - ((p)->prev_foot) )) |
||
1343 | |||
1344 | /* extract next chunk's pinuse bit */ |
||
1345 | #define next_pinuse(p) ((next_chunk(p)->head) & PINUSE_BIT) |
||
1346 | |||
1347 | /* Get/set size at footer */ |
||
1348 | #define get_foot(p, s) (((mchunkptr)((char*)(p) + (s)))->prev_foot) |
||
1349 | #define set_foot(p, s) (((mchunkptr)((char*)(p) + (s)))->prev_foot = (s)) |
||
1350 | |||
1351 | /* Set size, pinuse bit, and foot */ |
||
1352 | #define set_size_and_pinuse_of_free_chunk(p, s)\ |
||
1353 | ((p)->head = (s|PINUSE_BIT), set_foot(p, s)) |
||
1354 | |||
1355 | /* Set size, pinuse bit, foot, and clear next pinuse */ |
||
1356 | #define set_free_with_pinuse(p, s, n)\ |
||
1357 | (clear_pinuse(n), set_size_and_pinuse_of_free_chunk(p, s)) |
||
1358 | |||
1359 | #define is_mmapped(p)\ |
||
1360 | (!((p)->head & PINUSE_BIT) && ((p)->prev_foot & IS_MMAPPED_BIT)) |
||
1361 | |||
1362 | /* Get the internal overhead associated with chunk p */ |
||
1363 | #define overhead_for(p)\ |
||
1364 | (is_mmapped(p)? MMAP_CHUNK_OVERHEAD : CHUNK_OVERHEAD) |
||
1365 | |||
1366 | /* Return true if malloced space is not necessarily cleared */ |
||
1367 | #if MMAP_CLEARS |
||
1368 | #define calloc_must_clear(p) (!is_mmapped(p)) |
||
1369 | #else /* MMAP_CLEARS */ |
||
1370 | #define calloc_must_clear(p) (1) |
||
1371 | #endif /* MMAP_CLEARS */ |
||
1372 | |||
1373 | /* ---------------------- Overlaid data structures ----------------------- */ |
||
1374 | |||
1375 | /* |
||
1376 | When chunks are not in use, they are treated as nodes of either |
||
1377 | lists or trees. |
||
1378 | |||
1379 | "Small" chunks are stored in circular doubly-linked lists, and look |
||
1380 | like this: |
||
1381 | |||
1382 | chunk-> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
||
1383 | | Size of previous chunk | |
||
1384 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
||
1385 | `head:' | Size of chunk, in bytes |P| |
||
1386 | mem-> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
||
1387 | | Forward pointer to next chunk in list | |
||
1388 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
||
1389 | | Back pointer to previous chunk in list | |
||
1390 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
||
1391 | | Unused space (may be 0 bytes long) . |
||
1392 | . . |
||
1393 | . | |
||
1394 | nextchunk-> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
||
1395 | `foot:' | Size of chunk, in bytes | |
||
1396 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
||
1397 | |||
1398 | Larger chunks are kept in a form of bitwise digital trees (aka |
||
1399 | tries) keyed on chunksizes. Because malloc_tree_chunks are only for |
||
1400 | free chunks greater than 256 bytes, their size doesn't impose any |
||
1401 | constraints on user chunk sizes. Each node looks like: |
||
1402 | |||
1403 | chunk-> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
||
1404 | | Size of previous chunk | |
||
1405 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
||
1406 | `head:' | Size of chunk, in bytes |P| |
||
1407 | mem-> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
||
1408 | | Forward pointer to next chunk of same size | |
||
1409 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
||
1410 | | Back pointer to previous chunk of same size | |
||
1411 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
||
1412 | | Pointer to left child (child[0]) | |
||
1413 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
||
1414 | | Pointer to right child (child[1]) | |
||
1415 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
||
1416 | | Pointer to parent | |
||
1417 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
||
1418 | | bin index of this chunk | |
||
1419 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
||
1420 | | Unused space . |
||
1421 | . | |
||
1422 | nextchunk-> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
||
1423 | `foot:' | Size of chunk, in bytes | |
||
1424 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
||
1425 | |||
1426 | Each tree holding treenodes is a tree of unique chunk sizes. Chunks |
||
1427 | of the same size are arranged in a circularly-linked list, with only |
||
1428 | the oldest chunk (the next to be used, in our FIFO ordering) |
||
1429 | actually in the tree. (Tree members are distinguished by a non-null |
||
1430 | parent pointer.) If a chunk with the same size an an existing node |
||
1431 | is inserted, it is linked off the existing node using pointers that |
||
1432 | work in the same way as fd/bk pointers of small chunks. |
||
1433 | |||
1434 | Each tree contains a power of 2 sized range of chunk sizes (the |
||
1435 | smallest is 0x100 <= x < 0x180), which is is divided in half at each |
||
1436 | tree level, with the chunks in the smaller half of the range (0x100 |
||
1437 | <= x < 0x140 for the top nose) in the left subtree and the larger |
||
1438 | half (0x140 <= x < 0x180) in the right subtree. This is, of course, |
||
1439 | done by inspecting individual bits. |
||
1440 | |||
1441 | Using these rules, each node's left subtree contains all smaller |
||
1442 | sizes than its right subtree. However, the node at the root of each |
||
1443 | subtree has no particular ordering relationship to either. (The |
||
1444 | dividing line between the subtree sizes is based on trie relation.) |
||
1445 | If we remove the last chunk of a given size from the interior of the |
||
1446 | tree, we need to replace it with a leaf node. The tree ordering |
||
1447 | rules permit a node to be replaced by any leaf below it. |
||
1448 | |||
1449 | The smallest chunk in a tree (a common operation in a best-fit |
||
1450 | allocator) can be found by walking a path to the leftmost leaf in |
||
1451 | the tree. Unlike a usual binary tree, where we follow left child |
||
1452 | pointers until we reach a null, here we follow the right child |
||
1453 | pointer any time the left one is null, until we reach a leaf with |
||
1454 | both child pointers null. The smallest chunk in the tree will be |
||
1455 | somewhere along that path. |
||
1456 | |||
1457 | The worst case number of steps to add, find, or remove a node is |
||
1458 | bounded by the number of bits differentiating chunks within |
||
1459 | bins. Under current bin calculations, this ranges from 6 up to 21 |
||
1460 | (for 32 bit sizes) or up to 53 (for 64 bit sizes). The typical case |
||
1461 | is of course much better. |
||
1462 | */ |
||
1463 | |||
1464 | struct malloc_tree_chunk { |
||
1465 | /* The first four fields must be compatible with malloc_chunk */ |
||
1466 | size_t prev_foot; |
||
1467 | size_t head; |
||
1468 | struct malloc_tree_chunk* fd; |
||
1469 | struct malloc_tree_chunk* bk; |
||
1470 | |||
1471 | struct malloc_tree_chunk* child[2]; |
||
1472 | struct malloc_tree_chunk* parent; |
||
1473 | bindex_t index; |
||
1474 | }; |
||
1475 | |||
1476 | typedef struct malloc_tree_chunk tchunk; |
||
1477 | typedef struct malloc_tree_chunk* tchunkptr; |
||
1478 | typedef struct malloc_tree_chunk* tbinptr; /* The type of bins of trees */ |
||
1479 | |||
1480 | /* A little helper macro for trees */ |
||
1481 | #define leftmost_child(t) ((t)->child[0] != 0? (t)->child[0] : (t)->child[1]) |
||
1482 | |||
1483 | /* ----------------------------- Segments -------------------------------- */ |
||
1484 | |||
1485 | /* |
||
1486 | Each malloc space may include non-contiguous segments, held in a |
||
1487 | list headed by an embedded malloc_segment record representing the |
||
1488 | top-most space. Segments also include flags holding properties of |
||
1489 | the space. Large chunks that are directly allocated by mmap are not |
||
1490 | included in this list. They are instead independently created and |
||
1491 | destroyed without otherwise keeping track of them. |
||
1492 | |||
1493 | Segment management mainly comes into play for spaces allocated by |
||
1494 | MMAP. Any call to MMAP might or might not return memory that is |
||
1495 | adjacent to an existing segment. MORECORE normally contiguously |
||
1496 | extends the current space, so this space is almost always adjacent, |
||
1497 | which is simpler and faster to deal with. (This is why MORECORE is |
||
1498 | used preferentially to MMAP when both are available -- see |
||
1499 | sys_alloc.) When allocating using MMAP, we don't use any of the |
||
1500 | hinting mechanisms (inconsistently) supported in various |
||
1501 | implementations of unix mmap, or distinguish reserving from |
||
1502 | committing memory. Instead, we just ask for space, and exploit |
||
1503 | contiguity when we get it. It is probably possible to do |
||
1504 | better than this on some systems, but no general scheme seems |
||
1505 | to be significantly better. |
||
1506 | |||
1507 | Management entails a simpler variant of the consolidation scheme |
||
1508 | used for chunks to reduce fragmentation -- new adjacent memory is |
||
1509 | normally prepended or appended to an existing segment. However, |
||
1510 | there are limitations compared to chunk consolidation that mostly |
||
1511 | reflect the fact that segment processing is relatively infrequent |
||
1512 | (occurring only when getting memory from system) and that we |
||
1513 | don't expect to have huge numbers of segments: |
||
1514 | |||
1515 | * Segments are not indexed, so traversal requires linear scans. (It |
||
1516 | would be possible to index these, but is not worth the extra |
||
1517 | overhead and complexity for most programs on most platforms.) |
||
1518 | * New segments are only appended to old ones when holding top-most |
||
1519 | memory; if they cannot be prepended to others, they are held in |
||
1520 | different segments. |
||
1521 | |||
1522 | Except for the top-most segment of an mstate, each segment record |
||
1523 | is kept at the tail of its segment. Segments are added by pushing |
||
1524 | segment records onto the list headed by &mstate.seg for the |
||
1525 | containing mstate. |
||
1526 | |||
1527 | Segment flags control allocation/merge/deallocation policies: |
||
1528 | * If EXTERN_BIT set, then we did not allocate this segment, |
||
1529 | and so should not try to deallocate or merge with others. |
||
1530 | (This currently holds only for the initial segment passed |
||
1531 | into create_mspace_with_base.) |
||
1532 | * If IS_MMAPPED_BIT set, the segment may be merged with |
||
1533 | other surrounding mmapped segments and trimmed/de-allocated |
||
1534 | using munmap. |
||
1535 | * If neither bit is set, then the segment was obtained using |
||
1536 | MORECORE so can be merged with surrounding MORECORE'd segments |
||
1537 | and deallocated/trimmed using MORECORE with negative arguments. |
||
1538 | */ |
||
1539 | |||
1540 | struct malloc_segment { |
||
1541 | char* base; /* base address */ |
||
1542 | size_t size; /* allocated size */ |
||
1543 | struct malloc_segment* next; /* ptr to next segment */ |
||
1544 | flag_t sflags; /* mmap and extern flag */ |
||
1545 | }; |
||
1546 | |||
1547 | #define is_mmapped_segment(S) ((S)->sflags & IS_MMAPPED_BIT) |
||
1548 | #define is_extern_segment(S) ((S)->sflags & EXTERN_BIT) |
||
1549 | |||
1550 | typedef struct malloc_segment msegment; |
||
1551 | typedef struct malloc_segment* msegmentptr; |
||
1552 | |||
1553 | /* ---------------------------- malloc_state ----------------------------- */ |
||
1554 | |||
1555 | /* |
||
1556 | A malloc_state holds all of the bookkeeping for a space. |
||
1557 | The main fields are: |
||
1558 | |||
1559 | Top |
||
1560 | The topmost chunk of the currently active segment. Its size is |
||
1561 | cached in topsize. The actual size of topmost space is |
||
1562 | topsize+TOP_FOOT_SIZE, which includes space reserved for adding |
||
1563 | fenceposts and segment records if necessary when getting more |
||
1564 | space from the system. The size at which to autotrim top is |
||
1565 | cached from mparams in trim_check, except that it is disabled if |
||
1566 | an autotrim fails. |
||
1567 | |||
1568 | Designated victim (dv) |
||
1569 | This is the preferred chunk for servicing small requests that |
||
1570 | don't have exact fits. It is normally the chunk split off most |
||
1571 | recently to service another small request. Its size is cached in |
||
1572 | dvsize. The link fields of this chunk are not maintained since it |
||
1573 | is not kept in a bin. |
||
1574 | |||
1575 | SmallBins |
||
1576 | An array of bin headers for free chunks. These bins hold chunks |
||
1577 | with sizes less than MIN_LARGE_SIZE bytes. Each bin contains |
||
1578 | chunks of all the same size, spaced 8 bytes apart. To simplify |
||
1579 | use in double-linked lists, each bin header acts as a malloc_chunk |
||
1580 | pointing to the real first node, if it exists (else pointing to |
||
1581 | itself). This avoids special-casing for headers. But to avoid |
||
1582 | waste, we allocate only the fd/bk pointers of bins, and then use |
||
1583 | repositioning tricks to treat these as the fields of a chunk. |
||
1584 | |||
1585 | TreeBins |
||
1586 | Treebins are pointers to the roots of trees holding a range of |
||
1587 | sizes. There are 2 equally spaced treebins for each power of two |
||
1588 | from TREE_SHIFT to TREE_SHIFT+16. The last bin holds anything |
||
1589 | larger. |
||
1590 | |||
1591 | Bin maps |
||
1592 | There is one bit map for small bins ("smallmap") and one for |
||
1593 | treebins ("treemap). Each bin sets its bit when non-empty, and |
||
1594 | clears the bit when empty. Bit operations are then used to avoid |
||
1595 | bin-by-bin searching -- nearly all "search" is done without ever |
||
1596 | looking at bins that won't be selected. The bit maps |
||
1597 | conservatively use 32 bits per map word, even if on 64bit system. |
||
1598 | For a good description of some of the bit-based techniques used |
||
1599 | here, see Henry S. Warren Jr's book "Hacker's Delight" (and |
||
1600 | supplement at http://hackersdelight.org/). Many of these are |
||
1601 | intended to reduce the branchiness of paths through malloc etc, as |
||
1602 | well as to reduce the number of memory locations read or written. |
||
1603 | |||
1604 | Segments |
||
1605 | A list of segments headed by an embedded malloc_segment record |
||
1606 | representing the initial space. |
||
1607 | |||
1608 | Address check support |
||
1609 | The least_addr field is the least address ever obtained from |
||
1610 | MORECORE or MMAP. Attempted frees and reallocs of any address less |
||
1611 | than this are trapped (unless INSECURE is defined). |
||
1612 | |||
1613 | Magic tag |
||
1614 | A cross-check field that should always hold same value as mparams.magic. |
||
1615 | |||
1616 | Flags |
||
1617 | Bits recording whether to use MMAP, locks, or contiguous MORECORE |
||
1618 | |||
1619 | Statistics |
||
1620 | Each space keeps track of current and maximum system memory |
||
1621 | obtained via MORECORE or MMAP. |
||
1622 | |||
1623 | Locking |
||
1624 | If USE_LOCKS is defined, the "mutex" lock is acquired and released |
||
1625 | around every public call using this mspace. |
||
1626 | */ |
||
1627 | |||
1628 | /* Bin types, widths and sizes */ |
||
1629 | #define NSMALLBINS (32U) |
||
1630 | #define NTREEBINS (32U) |
||
1631 | #define SMALLBIN_SHIFT (3U) |
||
1632 | #define SMALLBIN_WIDTH (SIZE_T_ONE << SMALLBIN_SHIFT) |
||
1633 | #define TREEBIN_SHIFT (8U) |
||
1634 | #define MIN_LARGE_SIZE (SIZE_T_ONE << TREEBIN_SHIFT) |
||
1635 | #define MAX_SMALL_SIZE (MIN_LARGE_SIZE - SIZE_T_ONE) |
||
1636 | #define MAX_SMALL_REQUEST (MAX_SMALL_SIZE - CHUNK_ALIGN_MASK - CHUNK_OVERHEAD) |
||
1637 | |||
1638 | struct malloc_state { |
||
1639 | binmap_t smallmap; |
||
1640 | binmap_t treemap; |
||
1641 | size_t dvsize; |
||
1642 | size_t topsize; |
||
1643 | char* least_addr; |
||
1644 | mchunkptr dv; |
||
1645 | mchunkptr top; |
||
1646 | size_t trim_check; |
||
1647 | size_t magic; |
||
1648 | mchunkptr smallbins[(NSMALLBINS+1)*2]; |
||
1649 | tbinptr treebins[NTREEBINS]; |
||
1650 | size_t footprint; |
||
1651 | size_t max_footprint; |
||
1652 | flag_t mflags; |
||
1653 | #if USE_LOCKS |
||
1654 | MLOCK_T mutex; /* locate lock among fields that rarely change */ |
||
1655 | #endif /* USE_LOCKS */ |
||
1656 | msegment seg; |
||
1657 | }; |
||
1658 | |||
1659 | typedef struct malloc_state* mstate; |
||
1660 | |||
1661 | /* ------------- Global malloc_state and malloc_params ------------------- */ |
||
1662 | |||
1663 | /* |
||
1664 | malloc_params holds global properties, including those that can be |
||
1665 | dynamically set using mallopt. There is a single instance, mparams, |
||
1666 | initialized in init_mparams. |
||
1667 | */ |
||
1668 | |||
1669 | struct malloc_params { |
||
1670 | size_t magic; |
||
1671 | size_t page_size; |
||
1672 | size_t granularity; |
||
1673 | size_t mmap_threshold; |
||
1674 | size_t trim_threshold; |
||
1675 | flag_t default_mflags; |
||
1676 | }; |
||
1677 | |||
1678 | static struct malloc_params mparams; |
||
1679 | |||
1680 | /* The global malloc_state used for all non-"mspace" calls */ |
||
1681 | static struct malloc_state _gm_; |
||
1682 | #define gm (&_gm_) |
||
1683 | #define is_global(M) ((M) == &_gm_) |
||
1684 | #define is_initialized(M) ((M)->top != 0) |
||
1685 | |||
1686 | /* -------------------------- system alloc setup ------------------------- */ |
||
1687 | |||
1688 | /* Operations on mflags */ |
||
1689 | |||
1690 | #define use_lock(M) ((M)->mflags & USE_LOCK_BIT) |
||
1691 | #define enable_lock(M) ((M)->mflags |= USE_LOCK_BIT) |
||
1692 | #define disable_lock(M) ((M)->mflags &= ~USE_LOCK_BIT) |
||
1693 | |||
1694 | #define use_mmap(M) ((M)->mflags & USE_MMAP_BIT) |
||
1695 | #define enable_mmap(M) ((M)->mflags |= USE_MMAP_BIT) |
||
1696 | #define disable_mmap(M) ((M)->mflags &= ~USE_MMAP_BIT) |
||
1697 | |||
1698 | #define use_noncontiguous(M) ((M)->mflags & USE_NONCONTIGUOUS_BIT) |
||
1699 | #define disable_contiguous(M) ((M)->mflags |= USE_NONCONTIGUOUS_BIT) |
||
1700 | |||
1701 | #define set_lock(M,L)\ |
||
1702 | ((M)->mflags = (L)?\ |
||
1703 | ((M)->mflags | USE_LOCK_BIT) :\ |
||
1704 | ((M)->mflags & ~USE_LOCK_BIT)) |
||
1705 | |||
1706 | /* page-align a size */ |
||
1707 | #define page_align(S)\ |
||
1708 | (((S) + (mparams.page_size)) & ~(mparams.page_size - SIZE_T_ONE)) |
||
1709 | |||
1710 | /* granularity-align a size */ |
||
1711 | #define granularity_align(S)\ |
||
1712 | (((S) + (mparams.granularity)) & ~(mparams.granularity - SIZE_T_ONE)) |
||
1713 | |||
1714 | #define is_page_aligned(S)\ |
||
1715 | (((size_t)(S) & (mparams.page_size - SIZE_T_ONE)) == 0) |
||
1716 | #define is_granularity_aligned(S)\ |
||
1717 | (((size_t)(S) & (mparams.granularity - SIZE_T_ONE)) == 0) |
||
1718 | |||
1719 | /* True if segment S holds address A */ |
||
1720 | #define segment_holds(S, A)\ |
||
1721 | ((char*)(A) >= S->base && (char*)(A) < S->base + S->size) |
||
1722 | |||
1723 | /* Return segment holding given address */ |
||
1724 | static msegmentptr segment_holding(mstate m, char* addr) { |
||
1725 | msegmentptr sp = &m->seg; |
||
1726 | for (;;) { |
||
1727 | if (addr >= sp->base && addr < sp->base + sp->size) |
||
1728 | return sp; |
||
1729 | if ((sp = sp->next) == 0) |
||
1730 | return 0; |
||
1731 | } |
||
1732 | } |
||
1733 | |||
1734 | /* Return true if segment contains a segment link */ |
||
1735 | static int has_segment_link(mstate m, msegmentptr ss) { |
||
1736 | msegmentptr sp = &m->seg; |
||
1737 | for (;;) { |
||
1738 | if ((char*)sp >= ss->base && (char*)sp < ss->base + ss->size) |
||
1739 | return 1; |
||
1740 | if ((sp = sp->next) == 0) |
||
1741 | return 0; |
||
1742 | } |
||
1743 | } |
||
1744 | |||
1745 | #ifndef MORECORE_CANNOT_TRIM |
||
1746 | #define should_trim(M,s) ((s) > (M)->trim_check) |
||
1747 | #else /* MORECORE_CANNOT_TRIM */ |
||
1748 | #define should_trim(M,s) (0) |
||
1749 | #endif /* MORECORE_CANNOT_TRIM */ |
||
1750 | |||
1751 | /* |
||
1752 | TOP_FOOT_SIZE is padding at the end of a segment, including space |
||
1753 | that may be needed to place segment records and fenceposts when new |
||
1754 | noncontiguous segments are added. |
||
1755 | */ |
||
1756 | #define TOP_FOOT_SIZE\ |
||
1757 | (align_offset(chunk2mem(0))+pad_request(sizeof(struct malloc_segment))+MIN_CHUNK_SIZE) |
||
1758 | |||
1759 | |||
1760 | /* ------------------------------- Hooks -------------------------------- */ |
||
1761 | |||
1762 | /* |
||
1763 | PREACTION should be defined to return 0 on success, and nonzero on |
||
1764 | failure. If you are not using locking, you can redefine these to do |
||
1765 | anything you like. |
||
1766 | */ |
||
1767 | |||
1768 | #if USE_LOCKS |
||
1769 | |||
1770 | /* Ensure locks are initialized */ |
||
1771 | #define GLOBALLY_INITIALIZE() (mparams.page_size == 0 && init_mparams()) |
||
1772 | |||
1773 | #define PREACTION(M) ((GLOBALLY_INITIALIZE() || use_lock(M))? ACQUIRE_LOCK(&(M)->mutex) : 0) |
||
1774 | #define POSTACTION(M) { if (use_lock(M)) RELEASE_LOCK(&(M)->mutex); } |
||
1775 | #else /* USE_LOCKS */ |
||
1776 | |||
1777 | #ifndef PREACTION |
||
1778 | #define PREACTION(M) (0) |
||
1779 | #endif /* PREACTION */ |
||
1780 | |||
1781 | #ifndef POSTACTION |
||
1782 | #define POSTACTION(M) |
||
1783 | #endif /* POSTACTION */ |
||
1784 | |||
1785 | #endif /* USE_LOCKS */ |
||
1786 | |||
1787 | /* |
||
1788 | CORRUPTION_ERROR_ACTION is triggered upon detected bad addresses. |
||
1789 | USAGE_ERROR_ACTION is triggered on detected bad frees and |
||
1790 | reallocs. The argument p is an address that might have triggered the |
||
1791 | fault. It is ignored by the two predefined actions, but might be |
||
1792 | useful in custom actions that try to help diagnose errors. |
||
1793 | */ |
||
1794 | |||
1795 | #if PROCEED_ON_ERROR |
||
1796 | |||
1797 | /* A count of the number of corruption errors causing resets */ |
||
1798 | int malloc_corruption_error_count; |
||
1799 | |||
1800 | /* default corruption action */ |
||
1801 | static void reset_on_error(mstate m); |
||
1802 | |||
1803 | #define CORRUPTION_ERROR_ACTION(m) reset_on_error(m) |
||
1804 | #define USAGE_ERROR_ACTION(m, p) |
||
1805 | |||
1806 | #else /* PROCEED_ON_ERROR */ |
||
1807 | |||
1808 | #ifndef CORRUPTION_ERROR_ACTION |
||
1809 | #define CORRUPTION_ERROR_ACTION(m) ABORT |
||
1810 | #endif /* CORRUPTION_ERROR_ACTION */ |
||
1811 | |||
1812 | #ifndef USAGE_ERROR_ACTION |
||
1813 | #define USAGE_ERROR_ACTION(m,p) ABORT |
||
1814 | #endif /* USAGE_ERROR_ACTION */ |
||
1815 | |||
1816 | #endif /* PROCEED_ON_ERROR */ |
||
1817 | |||
1818 | /* -------------------------- Debugging setup ---------------------------- */ |
||
1819 | |||
1820 | #if ! DEBUG |
||
1821 | |||
1822 | #define check_free_chunk(M,P) |
||
1823 | #define check_inuse_chunk(M,P) |
||
1824 | #define check_malloced_chunk(M,P,N) |
||
1825 | #define check_mmapped_chunk(M,P) |
||
1826 | #define check_malloc_state(M) |
||
1827 | #define check_top_chunk(M,P) |
||
1828 | |||
1829 | #else /* DEBUG */ |
||
1830 | #define check_free_chunk(M,P) do_check_free_chunk(M,P) |
||
1831 | #define check_inuse_chunk(M,P) do_check_inuse_chunk(M,P) |
||
1832 | #define check_top_chunk(M,P) do_check_top_chunk(M,P) |
||
1833 | #define check_malloced_chunk(M,P,N) do_check_malloced_chunk(M,P,N) |
||
1834 | #define check_mmapped_chunk(M,P) do_check_mmapped_chunk(M,P) |
||
1835 | #define check_malloc_state(M) do_check_malloc_state(M) |
||
1836 | |||
1837 | static void do_check_any_chunk(mstate m, mchunkptr p); |
||
1838 | static void do_check_top_chunk(mstate m, mchunkptr p); |
||
1839 | static void do_check_mmapped_chunk(mstate m, mchunkptr p); |
||
1840 | static void do_check_inuse_chunk(mstate m, mchunkptr p); |
||
1841 | static void do_check_free_chunk(mstate m, mchunkptr p); |
||
1842 | static void do_check_malloced_chunk(mstate m, void* mem, size_t s); |
||
1843 | static void do_check_tree(mstate m, tchunkptr t); |
||
1844 | static void do_check_treebin(mstate m, bindex_t i); |
||
1845 | static void do_check_smallbin(mstate m, bindex_t i); |
||
1846 | static void do_check_malloc_state(mstate m); |
||
1847 | static int bin_find(mstate m, mchunkptr x); |
||
1848 | static size_t traverse_and_check(mstate m); |
||
1849 | #endif /* DEBUG */ |
||
1850 | |||
1851 | /* ---------------------------- Indexing Bins ---------------------------- */ |
||
1852 | |||
1853 | #define is_small(s) (((s) >> SMALLBIN_SHIFT) < NSMALLBINS) |
||
1854 | #define small_index(s) ((s) >> SMALLBIN_SHIFT) |
||
1855 | #define small_index2size(i) ((i) << SMALLBIN_SHIFT) |
||
1856 | #define MIN_SMALL_INDEX (small_index(MIN_CHUNK_SIZE)) |
||
1857 | |||
1858 | /* addressing by index. See above about smallbin repositioning */ |
||
1859 | #define smallbin_at(M, i) ((sbinptr)((char*)&((M)->smallbins[(i)<<1]))) |
||
1860 | #define treebin_at(M,i) (&((M)->treebins[i])) |
||
1861 | |||
1862 | /* assign tree index for size S to variable I */ |
||
1863 | #if defined(__GNUC__) && defined(i386) |
||
1864 | #define compute_tree_index(S, I)\ |
||
1865 | {\ |
||
1866 | size_t X = S >> TREEBIN_SHIFT;\ |
||
1867 | if (X == 0)\ |
||
1868 | I = 0;\ |
||
1869 | else if (X > 0xFFFF)\ |
||
1870 | I = NTREEBINS-1;\ |
||
1871 | else {\ |
||
1872 | unsigned int K;\ |
||
1873 | __asm__("bsrl %1,%0\n\t" : "=r" (K) : "rm" (X));\ |
||
1874 | I = (bindex_t)((K << 1) + ((S >> (K + (TREEBIN_SHIFT-1)) & 1)));\ |
||
1875 | }\ |
||
1876 | } |
||
1877 | #else /* GNUC */ |
||
1878 | #define compute_tree_index(S, I)\ |
||
1879 | {\ |
||
1880 | size_t X = S >> TREEBIN_SHIFT;\ |
||
1881 | if (X == 0)\ |
||
1882 | I = 0;\ |
||
1883 | else if (X > 0xFFFF)\ |
||
1884 | I = NTREEBINS-1;\ |
||
1885 | else {\ |
||
1886 | unsigned int Y = (unsigned int)X;\ |
||
1887 | unsigned int N = ((Y - 0x100) >> 16) & 8;\ |
||
1888 | unsigned int K = (((Y <<= N) - 0x1000) >> 16) & 4;\ |
||
1889 | N += K;\ |
||
1890 | N += K = (((Y <<= K) - 0x4000) >> 16) & 2;\ |
||
1891 | K = 14 - N + ((Y <<= K) >> 15);\ |
||
1892 | I = (K << 1) + ((S >> (K + (TREEBIN_SHIFT-1)) & 1));\ |
||
1893 | }\ |
||
1894 | } |
||
1895 | #endif /* GNUC */ |
||
1896 | |||
1897 | /* Bit representing maximum resolved size in a treebin at i */ |
||
1898 | #define bit_for_tree_index(i) \ |
||
1899 | (i == NTREEBINS-1)? (SIZE_T_BITSIZE-1) : (((i) >> 1) + TREEBIN_SHIFT - 2) |
||
1900 | |||
1901 | /* Shift placing maximum resolved bit in a treebin at i as sign bit */ |
||
1902 | #define leftshift_for_tree_index(i) \ |
||
1903 | ((i == NTREEBINS-1)? 0 : \ |
||
1904 | ((SIZE_T_BITSIZE-SIZE_T_ONE) - (((i) >> 1) + TREEBIN_SHIFT - 2))) |
||
1905 | |||
1906 | /* The size of the smallest chunk held in bin with index i */ |
||
1907 | #define minsize_for_tree_index(i) \ |
||
1908 | ((SIZE_T_ONE << (((i) >> 1) + TREEBIN_SHIFT)) | \ |
||
1909 | (((size_t)((i) & SIZE_T_ONE)) << (((i) >> 1) + TREEBIN_SHIFT - 1))) |
||
1910 | |||
1911 | |||
1912 | /* ------------------------ Operations on bin maps ----------------------- */ |
||
1913 | |||
1914 | /* bit corresponding to given index */ |
||
1915 | #define idx2bit(i) ((binmap_t)(1) << (i)) |
||
1916 | |||
1917 | /* Mark/Clear bits with given index */ |
||
1918 | #define mark_smallmap(M,i) ((M)->smallmap |= idx2bit(i)) |
||
1919 | #define clear_smallmap(M,i) ((M)->smallmap &= ~idx2bit(i)) |
||
1920 | #define smallmap_is_marked(M,i) ((M)->smallmap & idx2bit(i)) |
||
1921 | |||
1922 | #define mark_treemap(M,i) ((M)->treemap |= idx2bit(i)) |
||
1923 | #define clear_treemap(M,i) ((M)->treemap &= ~idx2bit(i)) |
||
1924 | #define treemap_is_marked(M,i) ((M)->treemap & idx2bit(i)) |
||
1925 | |||
1926 | /* index corresponding to given bit */ |
||
1927 | |||
1928 | #if defined(__GNUC__) && defined(i386) |
||
1929 | #define compute_bit2idx(X, I)\ |
||
1930 | {\ |
||
1931 | unsigned int J;\ |
||
1932 | __asm__("bsfl %1,%0\n\t" : "=r" (J) : "rm" (X));\ |
||
1933 | I = (bindex_t)J;\ |
||
1934 | } |
||
1935 | |||
1936 | #else /* GNUC */ |
||
1937 | #if USE_BUILTIN_FFS |
||
1938 | #define compute_bit2idx(X, I) I = ffs(X)-1 |
||
1939 | |||
1940 | #else /* USE_BUILTIN_FFS */ |
||
1941 | #define compute_bit2idx(X, I)\ |
||
1942 | {\ |
||
1943 | unsigned int Y = X - 1;\ |
||
1944 | unsigned int K = Y >> (16-4) & 16;\ |
||
1945 | unsigned int N = K; Y >>= K;\ |
||
1946 | N += K = Y >> (8-3) & 8; Y >>= K;\ |
||
1947 | N += K = Y >> (4-2) & 4; Y >>= K;\ |
||
1948 | N += K = Y >> (2-1) & 2; Y >>= K;\ |
||
1949 | N += K = Y >> (1-0) & 1; Y >>= K;\ |
||
1950 | I = (bindex_t)(N + Y);\ |
||
1951 | } |
||
1952 | #endif /* USE_BUILTIN_FFS */ |
||
1953 | #endif /* GNUC */ |
||
1954 | |||
1955 | /* isolate the least set bit of a bitmap */ |
||
1956 | #define least_bit(x) ((x) & -(x)) |
||
1957 | |||
1958 | /* mask with all bits to left of least bit of x on */ |
||
1959 | #define left_bits(x) ((x<<1) | -(x<<1)) |
||
1960 | |||
1961 | /* mask with all bits to left of or equal to least bit of x on */ |
||
1962 | #define same_or_left_bits(x) ((x) | -(x)) |
||
1963 | |||
1964 | |||
1965 | /* ----------------------- Runtime Check Support ------------------------- */ |
||
1966 | |||
1967 | /* |
||
1968 | For security, the main invariant is that malloc/free/etc never |
||
1969 | writes to a static address other than malloc_state, unless static |
||
1970 | malloc_state itself has been corrupted, which cannot occur via |
||
1971 | malloc (because of these checks). In essence this means that we |
||
1972 | believe all pointers, sizes, maps etc held in malloc_state, but |
||
1973 | check all of those linked or offsetted from other embedded data |
||
1974 | structures. These checks are interspersed with main code in a way |
||
1975 | that tends to minimize their run-time cost. |
||
1976 | |||
1977 | When FOOTERS is defined, in addition to range checking, we also |
||
1978 | verify footer fields of inuse chunks, which can be used guarantee |
||
1979 | that the mstate controlling malloc/free is intact. This is a |
||
1980 | streamlined version of the approach described by William Robertson |
||
1981 | et al in "Run-time Detection of Heap-based Overflows" LISA'03 |
||
1982 | http://www.usenix.org/events/lisa03/tech/robertson.html The footer |
||
1983 | of an inuse chunk holds the xor of its mstate and a random seed, |
||
1984 | that is checked upon calls to free() and realloc(). This is |
||
1985 | (probablistically) unguessable from outside the program, but can be |
||
1986 | computed by any code successfully malloc'ing any chunk, so does not |
||
1987 | itself provide protection against code that has already broken |
||
1988 | security through some other means. Unlike Robertson et al, we |
||
1989 | always dynamically check addresses of all offset chunks (previous, |
||
1990 | next, etc). This turns out to be cheaper than relying on hashes. |
||
1991 | */ |
||
1992 | |||
1993 | #if !INSECURE |
||
1994 | /* Check if address a is at least as high as any from MORECORE or MMAP */ |
||
1995 | #define ok_address(M, a) ((char*)(a) >= (M)->least_addr) |
||
1996 | /* Check if address of next chunk n is higher than base chunk p */ |
||
1997 | #define ok_next(p, n) ((char*)(p) < (char*)(n)) |
||
1998 | /* Check if p has its cinuse bit on */ |
||
1999 | #define ok_cinuse(p) cinuse(p) |
||
2000 | /* Check if p has its pinuse bit on */ |
||
2001 | #define ok_pinuse(p) pinuse(p) |
||
2002 | |||
2003 | #else /* !INSECURE */ |
||
2004 | #define ok_address(M, a) (1) |
||
2005 | #define ok_next(b, n) (1) |
||
2006 | #define ok_cinuse(p) (1) |
||
2007 | #define ok_pinuse(p) (1) |
||
2008 | #endif /* !INSECURE */ |
||
2009 | |||
2010 | #if (FOOTERS && !INSECURE) |
||
2011 | /* Check if (alleged) mstate m has expected magic field */ |
||
2012 | #define ok_magic(M) ((M)->magic == mparams.magic) |
||
2013 | #else /* (FOOTERS && !INSECURE) */ |
||
2014 | #define ok_magic(M) (1) |
||
2015 | #endif /* (FOOTERS && !INSECURE) */ |
||
2016 | |||
2017 | |||
2018 | /* In gcc, use __builtin_expect to minimize impact of checks */ |
||
2019 | #if !INSECURE |
||
2020 | #if defined(__GNUC__) && __GNUC__ >= 3 |
||
2021 | #define RTCHECK(e) __builtin_expect(e, 1) |
||
2022 | #else /* GNUC */ |
||
2023 | #define RTCHECK(e) (e) |
||
2024 | #endif /* GNUC */ |
||
2025 | #else /* !INSECURE */ |
||
2026 | #define RTCHECK(e) (1) |
||
2027 | #endif /* !INSECURE */ |
||
2028 | |||
2029 | /* macros to set up inuse chunks with or without footers */ |
||
2030 | |||
2031 | #if !FOOTERS |
||
2032 | |||
2033 | #define mark_inuse_foot(M,p,s) |
||
2034 | |||
2035 | /* Set cinuse bit and pinuse bit of next chunk */ |
||
2036 | #define set_inuse(M,p,s)\ |
||
2037 | ((p)->head = (((p)->head & PINUSE_BIT)|s|CINUSE_BIT),\ |
||
2038 | ((mchunkptr)(((char*)(p)) + (s)))->head |= PINUSE_BIT) |
||
2039 | |||
2040 | /* Set cinuse and pinuse of this chunk and pinuse of next chunk */ |
||
2041 | #define set_inuse_and_pinuse(M,p,s)\ |
||
2042 | ((p)->head = (s|PINUSE_BIT|CINUSE_BIT),\ |
||
2043 | ((mchunkptr)(((char*)(p)) + (s)))->head |= PINUSE_BIT) |
||
2044 | |||
2045 | /* Set size, cinuse and pinuse bit of this chunk */ |
||
2046 | #define set_size_and_pinuse_of_inuse_chunk(M, p, s)\ |
||
2047 | ((p)->head = (s|PINUSE_BIT|CINUSE_BIT)) |
||
2048 | |||
2049 | #else /* FOOTERS */ |
||
2050 | |||
2051 | /* Set foot of inuse chunk to be xor of mstate and seed */ |
||
2052 | #define mark_inuse_foot(M,p,s)\ |
||
2053 | (((mchunkptr)((char*)(p) + (s)))->prev_foot = ((size_t)(M) ^ mparams.magic)) |
||
2054 | |||
2055 | #define get_mstate_for(p)\ |
||
2056 | ((mstate)(((mchunkptr)((char*)(p) +\ |
||
2057 | (chunksize(p))))->prev_foot ^ mparams.magic)) |
||
2058 | |||
2059 | #define set_inuse(M,p,s)\ |
||
2060 | ((p)->head = (((p)->head & PINUSE_BIT)|s|CINUSE_BIT),\ |
||
2061 | (((mchunkptr)(((char*)(p)) + (s)))->head |= PINUSE_BIT), \ |
||
2062 | mark_inuse_foot(M,p,s)) |
||
2063 | |||
2064 | #define set_inuse_and_pinuse(M,p,s)\ |
||
2065 | ((p)->head = (s|PINUSE_BIT|CINUSE_BIT),\ |
||
2066 | (((mchunkptr)(((char*)(p)) + (s)))->head |= PINUSE_BIT),\ |
||
2067 | mark_inuse_foot(M,p,s)) |
||
2068 | |||
2069 | #define set_size_and_pinuse_of_inuse_chunk(M, p, s)\ |
||
2070 | ((p)->head = (s|PINUSE_BIT|CINUSE_BIT),\ |
||
2071 | mark_inuse_foot(M, p, s)) |
||
2072 | |||
2073 | #endif /* !FOOTERS */ |
||
2074 | |||
2075 | /* ---------------------------- setting mparams -------------------------- */ |
||
2076 | |||
2077 | /* Initialize mparams */ |
||
2078 | static int init_mparams(void) { |
||
2079 | if (mparams.page_size == 0) { |
||
2080 | size_t s; |
||
2081 | |||
2082 | mparams.mmap_threshold = DEFAULT_MMAP_THRESHOLD; |
||
2083 | mparams.trim_threshold = DEFAULT_TRIM_THRESHOLD; |
||
2084 | #if MORECORE_CONTIGUOUS |
||
2085 | mparams.default_mflags = USE_LOCK_BIT|USE_MMAP_BIT; |
||
2086 | #else /* MORECORE_CONTIGUOUS */ |
||
2087 | mparams.default_mflags = USE_LOCK_BIT|USE_MMAP_BIT|USE_NONCONTIGUOUS_BIT; |
||
2088 | #endif /* MORECORE_CONTIGUOUS */ |
||
2089 | |||
2090 | #if (FOOTERS && !INSECURE) |
||
2091 | { |
||
2092 | #if USE_DEV_RANDOM |
||
2093 | int fd; |
||
2094 | unsigned char buf[sizeof(size_t)]; |
||
2095 | /* Try to use /dev/urandom, else fall back on using time */ |
||
2096 | if ((fd = open("/dev/urandom", O_RDONLY)) >= 0 && |
||
2097 | read(fd, buf, sizeof(buf)) == sizeof(buf)) { |
||
2098 | s = *((size_t *) buf); |
||
2099 | close(fd); |
||
2100 | } |
||
2101 | else |
||
2102 | #endif /* USE_DEV_RANDOM */ |
||
2103 | s = (size_t)(time(0) ^ (size_t)0x55555555U); |
||
2104 | |||
2105 | s |= (size_t)8U; /* ensure nonzero */ |
||
2106 | s &= ~(size_t)7U; /* improve chances of fault for bad values */ |
||
2107 | |||
2108 | } |
||
2109 | #else /* (FOOTERS && !INSECURE) */ |
||
2110 | s = (size_t)0x58585858U; |
||
2111 | #endif /* (FOOTERS && !INSECURE) */ |
||
2112 | ACQUIRE_MAGIC_INIT_LOCK(); |
||
2113 | if (mparams.magic == 0) { |
||
2114 | mparams.magic = s; |
||
2115 | /* Set up lock for main malloc area */ |
||
2116 | INITIAL_LOCK(&gm->mutex); |
||
2117 | gm->mflags = mparams.default_mflags; |
||
2118 | } |
||
2119 | RELEASE_MAGIC_INIT_LOCK(); |
||
2120 | |||
2121 | #ifndef WIN32 |
||
2122 | mparams.page_size = malloc_getpagesize; |
||
2123 | mparams.granularity = ((DEFAULT_GRANULARITY != 0)? |
||
2124 | DEFAULT_GRANULARITY : mparams.page_size); |
||
2125 | #else /* WIN32 */ |
||
2126 | { |
||
2127 | mparams.page_size = 4096; |
||
2128 | mparams.granularity = 16384; |
||
2129 | } |
||
2130 | #endif /* WIN32 */ |
||
2131 | |||
2132 | /* Sanity-check configuration: |
||
2133 | size_t must be unsigned and as wide as pointer type. |
||
2134 | ints must be at least 4 bytes. |
||
2135 | alignment must be at least 8. |
||
2136 | Alignment, min chunk size, and page size must all be powers of 2. |
||
2137 | */ |
||
2138 | if ((sizeof(size_t) != sizeof(char*)) || |
||
2139 | (MAX_SIZE_T < MIN_CHUNK_SIZE) || |
||
2140 | (sizeof(int) < 4) || |
||
2141 | (MALLOC_ALIGNMENT < (size_t)8U) || |
||
2142 | ((MALLOC_ALIGNMENT & (MALLOC_ALIGNMENT-SIZE_T_ONE)) != 0) || |
||
2143 | ((MCHUNK_SIZE & (MCHUNK_SIZE-SIZE_T_ONE)) != 0) || |
||
2144 | ((mparams.granularity & (mparams.granularity-SIZE_T_ONE)) != 0) || |
||
2145 | ((mparams.page_size & (mparams.page_size-SIZE_T_ONE)) != 0)) |
||
2146 | ABORT; |
||
2147 | } |
||
2148 | return 0; |
||
2149 | } |
||
2150 | |||
2151 | /* support for mallopt */ |
||
2152 | static int change_mparam(int param_number, int value) { |
||
2153 | size_t val = (size_t)value; |
||
2154 | init_mparams(); |
||
2155 | switch(param_number) { |
||
2156 | case M_TRIM_THRESHOLD: |
||
2157 | mparams.trim_threshold = val; |
||
2158 | return 1; |
||
2159 | case M_GRANULARITY: |
||
2160 | if (val >= mparams.page_size && ((val & (val-1)) == 0)) { |
||
2161 | mparams.granularity = val; |
||
2162 | return 1; |
||
2163 | } |
||
2164 | else |
||
2165 | return 0; |
||
2166 | case M_MMAP_THRESHOLD: |
||
2167 | mparams.mmap_threshold = val; |
||
2168 | return 1; |
||
2169 | default: |
||
2170 | return 0; |
||
2171 | } |
||
2172 | } |
||
2173 | |||
2174 | #if DEBUG |
||
2175 | #endif /* DEBUG */ |
||
2176 | |||
2177 | /* ----------------------------- statistics ------------------------------ */ |
||
2178 | |||
2179 | #if !NO_MALLINFO |
||
2180 | #endif /* !NO_MALLINFO */ |
||
2181 | |||
2182 | /* ----------------------- Operations on smallbins ----------------------- */ |
||
2183 | |||
2184 | /* |
||
2185 | Various forms of linking and unlinking are defined as macros. Even |
||
2186 | the ones for trees, which are very long but have very short typical |
||
2187 | paths. This is ugly but reduces reliance on inlining support of |
||
2188 | compilers. |
||
2189 | */ |
||
2190 | |||
2191 | /* Link a free chunk into a smallbin */ |
||
2192 | #define insert_small_chunk(M, P, S) {\ |
||
2193 | bindex_t I = small_index(S);\ |
||
2194 | mchunkptr B = smallbin_at(M, I);\ |
||
2195 | mchunkptr F = B;\ |
||
2196 | assert(S >= MIN_CHUNK_SIZE);\ |
||
2197 | if (!smallmap_is_marked(M, I))\ |
||
2198 | mark_smallmap(M, I);\ |
||
2199 | else if (RTCHECK(ok_address(M, B->fd)))\ |
||
2200 | F = B->fd;\ |
||
2201 | else {\ |
||
2202 | CORRUPTION_ERROR_ACTION(M);\ |
||
2203 | }\ |
||
2204 | B->fd = P;\ |
||
2205 | F->bk = P;\ |
||
2206 | P->fd = F;\ |
||
2207 | P->bk = B;\ |
||
2208 | } |
||
2209 | |||
2210 | /* Unlink a chunk from a smallbin */ |
||
2211 | #define unlink_small_chunk(M, P, S) {\ |
||
2212 | mchunkptr F = P->fd;\ |
||
2213 | mchunkptr B = P->bk;\ |
||
2214 | bindex_t I = small_index(S);\ |
||
2215 | assert(P != B);\ |
||
2216 | assert(P != F);\ |
||
2217 | assert(chunksize(P) == small_index2size(I));\ |
||
2218 | if (F == B)\ |
||
2219 | clear_smallmap(M, I);\ |
||
2220 | else if (RTCHECK((F == smallbin_at(M,I) || ok_address(M, F)) &&\ |
||
2221 | (B == smallbin_at(M,I) || ok_address(M, B)))) {\ |
||
2222 | F->bk = B;\ |
||
2223 | B->fd = F;\ |
||
2224 | }\ |
||
2225 | else {\ |
||
2226 | CORRUPTION_ERROR_ACTION(M);\ |
||
2227 | }\ |
||
2228 | } |
||
2229 | |||
2230 | /* Unlink the first chunk from a smallbin */ |
||
2231 | #define unlink_first_small_chunk(M, B, P, I) {\ |
||
2232 | mchunkptr F = P->fd;\ |
||
2233 | assert(P != B);\ |
||
2234 | assert(P != F);\ |
||
2235 | assert(chunksize(P) == small_index2size(I));\ |
||
2236 | if (B == F)\ |
||
2237 | clear_smallmap(M, I);\ |
||
2238 | else if (RTCHECK(ok_address(M, F))) {\ |
||
2239 | B->fd = F;\ |
||
2240 | F->bk = B;\ |
||
2241 | }\ |
||
2242 | else {\ |
||
2243 | CORRUPTION_ERROR_ACTION(M);\ |
||
2244 | }\ |
||
2245 | } |
||
2246 | |||
2247 | /* Replace dv node, binning the old one */ |
||
2248 | /* Used only when dvsize known to be small */ |
||
2249 | #define replace_dv(M, P, S) {\ |
||
2250 | size_t DVS = M->dvsize;\ |
||
2251 | if (DVS != 0) {\ |
||
2252 | mchunkptr DV = M->dv;\ |
||
2253 | assert(is_small(DVS));\ |
||
2254 | insert_small_chunk(M, DV, DVS);\ |
||
2255 | }\ |
||
2256 | M->dvsize = S;\ |
||
2257 | M->dv = P;\ |
||
2258 | } |
||
2259 | |||
2260 | /* ------------------------- Operations on trees ------------------------- */ |
||
2261 | |||
2262 | /* Insert chunk into tree */ |
||
2263 | #define insert_large_chunk(M, X, S) {\ |
||
2264 | tbinptr* H;\ |
||
2265 | bindex_t I;\ |
||
2266 | compute_tree_index(S, I);\ |
||
2267 | H = treebin_at(M, I);\ |
||
2268 | X->index = I;\ |
||
2269 | X->child[0] = X->child[1] = 0;\ |
||
2270 | if (!treemap_is_marked(M, I)) {\ |
||
2271 | mark_treemap(M, I);\ |
||
2272 | *H = X;\ |
||
2273 | X->parent = (tchunkptr)H;\ |
||
2274 | X->fd = X->bk = X;\ |
||
2275 | }\ |
||
2276 | else {\ |
||
2277 | tchunkptr T = *H;\ |
||
2278 | size_t K = S << leftshift_for_tree_index(I);\ |
||
2279 | for (;;) {\ |
||
2280 | if (chunksize(T) != S) {\ |
||
2281 | tchunkptr* C = &(T->child[(K >> (SIZE_T_BITSIZE-SIZE_T_ONE)) & 1]);\ |
||
2282 | K <<= 1;\ |
||
2283 | if (*C != 0)\ |
||
2284 | T = *C;\ |
||
2285 | else if (RTCHECK(ok_address(M, C))) {\ |
||
2286 | *C = X;\ |
||
2287 | X->parent = T;\ |
||
2288 | X->fd = X->bk = X;\ |
||
2289 | break;\ |
||
2290 | }\ |
||
2291 | else {\ |
||
2292 | CORRUPTION_ERROR_ACTION(M);\ |
||
2293 | break;\ |
||
2294 | }\ |
||
2295 | }\ |
||
2296 | else {\ |
||
2297 | tchunkptr F = T->fd;\ |
||
2298 | if (RTCHECK(ok_address(M, T) && ok_address(M, F))) {\ |
||
2299 | T->fd = F->bk = X;\ |
||
2300 | X->fd = F;\ |
||
2301 | X->bk = T;\ |
||
2302 | X->parent = 0;\ |
||
2303 | break;\ |
||
2304 | }\ |
||
2305 | else {\ |
||
2306 | CORRUPTION_ERROR_ACTION(M);\ |
||
2307 | break;\ |
||
2308 | }\ |
||
2309 | }\ |
||
2310 | }\ |
||
2311 | }\ |
||
2312 | } |
||
2313 | |||
2314 | /* |
||
2315 | Unlink steps: |
||
2316 | |||
2317 | 1. If x is a chained node, unlink it from its same-sized fd/bk links |
||
2318 | and choose its bk node as its replacement. |
||
2319 | 2. If x was the last node of its size, but not a leaf node, it must |
||
2320 | be replaced with a leaf node (not merely one with an open left or |
||
2321 | right), to make sure that lefts and rights of descendents |
||
2322 | correspond properly to bit masks. We use the rightmost descendent |
||
2323 | of x. We could use any other leaf, but this is easy to locate and |
||
2324 | tends to counteract removal of leftmosts elsewhere, and so keeps |
||
2325 | paths shorter than minimally guaranteed. This doesn't loop much |
||
2326 | because on average a node in a tree is near the bottom. |
||
2327 | 3. If x is the base of a chain (i.e., has parent links) relink |
||
2328 | x's parent and children to x's replacement (or null if none). |
||
2329 | */ |
||
2330 | |||
2331 | #define unlink_large_chunk(M, X) {\ |
||
2332 | tchunkptr XP = X->parent;\ |
||
2333 | tchunkptr R;\ |
||
2334 | if (X->bk != X) {\ |
||
2335 | tchunkptr F = X->fd;\ |
||
2336 | R = X->bk;\ |
||
2337 | if (RTCHECK(ok_address(M, F))) {\ |
||
2338 | F->bk = R;\ |
||
2339 | R->fd = F;\ |
||
2340 | }\ |
||
2341 | else {\ |
||
2342 | CORRUPTION_ERROR_ACTION(M);\ |
||
2343 | }\ |
||
2344 | }\ |
||
2345 | else {\ |
||
2346 | tchunkptr* RP;\ |
||
2347 | if (((R = *(RP = &(X->child[1]))) != 0) ||\ |
||
2348 | ((R = *(RP = &(X->child[0]))) != 0)) {\ |
||
2349 | tchunkptr* CP;\ |
||
2350 | while ((*(CP = &(R->child[1])) != 0) ||\ |
||
2351 | (*(CP = &(R->child[0])) != 0)) {\ |
||
2352 | R = *(RP = CP);\ |
||
2353 | }\ |
||
2354 | if (RTCHECK(ok_address(M, RP)))\ |
||
2355 | *RP = 0;\ |
||
2356 | else {\ |
||
2357 | CORRUPTION_ERROR_ACTION(M);\ |
||
2358 | }\ |
||
2359 | }\ |
||
2360 | }\ |
||
2361 | if (XP != 0) {\ |
||
2362 | tbinptr* H = treebin_at(M, X->index);\ |
||
2363 | if (X == *H) {\ |
||
2364 | if ((*H = R) == 0) \ |
||
2365 | clear_treemap(M, X->index);\ |
||
2366 | }\ |
||
2367 | else if (RTCHECK(ok_address(M, XP))) {\ |
||
2368 | if (XP->child[0] == X) \ |
||
2369 | XP->child[0] = R;\ |
||
2370 | else \ |
||
2371 | XP->child[1] = R;\ |
||
2372 | }\ |
||
2373 | else\ |
||
2374 | CORRUPTION_ERROR_ACTION(M);\ |
||
2375 | if (R != 0) {\ |
||
2376 | if (RTCHECK(ok_address(M, R))) {\ |
||
2377 | tchunkptr C0, C1;\ |
||
2378 | R->parent = XP;\ |
||
2379 | if ((C0 = X->child[0]) != 0) {\ |
||
2380 | if (RTCHECK(ok_address(M, C0))) {\ |
||
2381 | R->child[0] = C0;\ |
||
2382 | C0->parent = R;\ |
||
2383 | }\ |
||
2384 | else\ |
||
2385 | CORRUPTION_ERROR_ACTION(M);\ |
||
2386 | }\ |
||
2387 | if ((C1 = X->child[1]) != 0) {\ |
||
2388 | if (RTCHECK(ok_address(M, C1))) {\ |
||
2389 | R->child[1] = C1;\ |
||
2390 | C1->parent = R;\ |
||
2391 | }\ |
||
2392 | else\ |
||
2393 | CORRUPTION_ERROR_ACTION(M);\ |
||
2394 | }\ |
||
2395 | }\ |
||
2396 | else\ |
||
2397 | CORRUPTION_ERROR_ACTION(M);\ |
||
2398 | }\ |
||
2399 | }\ |
||
2400 | } |
||
2401 | |||
2402 | /* Relays to large vs small bin operations */ |
||
2403 | |||
2404 | #define insert_chunk(M, P, S)\ |
||
2405 | if (is_small(S)) insert_small_chunk(M, P, S)\ |
||
2406 | else { tchunkptr TP = (tchunkptr)(P); insert_large_chunk(M, TP, S); } |
||
2407 | |||
2408 | #define unlink_chunk(M, P, S)\ |
||
2409 | if (is_small(S)) unlink_small_chunk(M, P, S)\ |
||
2410 | else { tchunkptr TP = (tchunkptr)(P); unlink_large_chunk(M, TP); } |
||
2411 | |||
2412 | |||
2413 | /* Relays to internal calls to malloc/free from realloc, memalign etc */ |
||
2414 | |||
2415 | #if ONLY_MSPACES |
||
2416 | #define internal_malloc(m, b) mspace_malloc(m, b) |
||
2417 | #define internal_free(m, mem) mspace_free(m,mem); |
||
2418 | #else /* ONLY_MSPACES */ |
||
2419 | #if MSPACES |
||
2420 | #define internal_malloc(m, b)\ |
||
2421 | (m == gm)? dlmalloc(b) : mspace_malloc(m, b) |
||
2422 | #define internal_free(m, mem)\ |
||
2423 | if (m == gm) dlfree(mem); else mspace_free(m,mem); |
||
2424 | #else /* MSPACES */ |
||
2425 | #define internal_malloc(m, b) dlmalloc(b) |
||
2426 | #define internal_free(m, mem) dlfree(mem) |
||
2427 | #endif /* MSPACES */ |
||
2428 | #endif /* ONLY_MSPACES */ |
||
2429 | |||
2430 | /* ----------------------- Direct-mmapping chunks ----------------------- */ |
||
2431 | |||
2432 | /* |
||
2433 | Directly mmapped chunks are set up with an offset to the start of |
||
2434 | the mmapped region stored in the prev_foot field of the chunk. This |
||
2435 | allows reconstruction of the required argument to MUNMAP when freed, |
||
2436 | and also allows adjustment of the returned chunk to meet alignment |
||
2437 | requirements (especially in memalign). There is also enough space |
||
2438 | allocated to hold a fake next chunk of size SIZE_T_SIZE to maintain |
||
2439 | the PINUSE bit so frees can be checked. |
||
2440 | */ |
||
2441 | |||
2442 | /* Malloc using mmap */ |
||
2443 | static void* mmap_alloc(mstate m, size_t nb) { |
||
2444 | size_t mmsize = granularity_align(nb + SIX_SIZE_T_SIZES + CHUNK_ALIGN_MASK); |
||
2445 | if (mmsize > nb) { /* Check for wrap around 0 */ |
||
2446 | char* mm = (char*)(DIRECT_MMAP(mmsize)); |
||
2447 | if (mm != CMFAIL) { |
||
2448 | size_t offset = align_offset(chunk2mem(mm)); |
||
2449 | size_t psize = mmsize - offset - MMAP_FOOT_PAD; |
||
2450 | mchunkptr p = (mchunkptr)(mm + offset); |
||
2451 | p->prev_foot = offset | IS_MMAPPED_BIT; |
||
2452 | (p)->head = (psize|CINUSE_BIT); |
||
2453 | mark_inuse_foot(m, p, psize); |
||
2454 | chunk_plus_offset(p, psize)->head = FENCEPOST_HEAD; |
||
2455 | chunk_plus_offset(p, psize+SIZE_T_SIZE)->head = 0; |
||
2456 | |||
2457 | if (mm < m->least_addr) |
||
2458 | m->least_addr = mm; |
||
2459 | if ((m->footprint += mmsize) > m->max_footprint) |
||
2460 | m->max_footprint = m->footprint; |
||
2461 | assert(is_aligned(chunk2mem(p))); |
||
2462 | check_mmapped_chunk(m, p); |
||
2463 | return chunk2mem(p); |
||
2464 | } |
||
2465 | } |
||
2466 | return 0; |
||
2467 | } |
||
2468 | |||
2469 | /* Realloc using mmap */ |
||
2470 | static mchunkptr mmap_resize(mstate m, mchunkptr oldp, size_t nb) { |
||
2471 | size_t oldsize = chunksize(oldp); |
||
2472 | if (is_small(nb)) /* Can't shrink mmap regions below small size */ |
||
2473 | return 0; |
||
2474 | /* Keep old chunk if big enough but not too big */ |
||
2475 | if (oldsize >= nb + SIZE_T_SIZE && |
||
2476 | (oldsize - nb) <= (mparams.granularity << 1)) |
||
2477 | return oldp; |
||
2478 | else { |
||
2479 | size_t offset = oldp->prev_foot & ~IS_MMAPPED_BIT; |
||
2480 | size_t oldmmsize = oldsize + offset + MMAP_FOOT_PAD; |
||
2481 | size_t newmmsize = granularity_align(nb + SIX_SIZE_T_SIZES + |
||
2482 | CHUNK_ALIGN_MASK); |
||
2483 | char* cp = (char*)CALL_MREMAP((char*)oldp - offset, |
||
2484 | oldmmsize, newmmsize, 1); |
||
2485 | if (cp != CMFAIL) { |
||
2486 | mchunkptr newp = (mchunkptr)(cp + offset); |
||
2487 | size_t psize = newmmsize - offset - MMAP_FOOT_PAD; |
||
2488 | newp->head = (psize|CINUSE_BIT); |
||
2489 | mark_inuse_foot(m, newp, psize); |
||
2490 | chunk_plus_offset(newp, psize)->head = FENCEPOST_HEAD; |
||
2491 | chunk_plus_offset(newp, psize+SIZE_T_SIZE)->head = 0; |
||
2492 | |||
2493 | if (cp < m->least_addr) |
||
2494 | m->least_addr = cp; |
||
2495 | if ((m->footprint += newmmsize - oldmmsize) > m->max_footprint) |
||
2496 | m->max_footprint = m->footprint; |
||
2497 | check_mmapped_chunk(m, newp); |
||
2498 | return newp; |
||
2499 | } |
||
2500 | } |
||
2501 | return 0; |
||
2502 | } |
||
2503 | |||
2504 | /* -------------------------- mspace management -------------------------- */ |
||
2505 | |||
2506 | /* Initialize top chunk and its size */ |
||
2507 | static void init_top(mstate m, mchunkptr p, size_t psize) { |
||
2508 | /* Ensure alignment */ |
||
2509 | size_t offset = align_offset(chunk2mem(p)); |
||
2510 | p = (mchunkptr)((char*)p + offset); |
||
2511 | psize -= offset; |
||
2512 | |||
2513 | m->top = p; |
||
2514 | m->topsize = psize; |
||
2515 | p->head = psize | PINUSE_BIT; |
||
2516 | /* set size of fake trailing chunk holding overhead space only once */ |
||
2517 | chunk_plus_offset(p, psize)->head = TOP_FOOT_SIZE; |
||
2518 | m->trim_check = mparams.trim_threshold; /* reset on each update */ |
||
2519 | } |
||
2520 | |||
2521 | /* Initialize bins for a new mstate that is otherwise zeroed out */ |
||
2522 | static void init_bins(mstate m) { |
||
2523 | /* Establish circular links for smallbins */ |
||
2524 | bindex_t i; |
||
2525 | for (i = 0; i < NSMALLBINS; ++i) { |
||
2526 | sbinptr bin = smallbin_at(m,i); |
||
2527 | bin->fd = bin->bk = bin; |
||
2528 | } |
||
2529 | } |
||
2530 | |||
2531 | #if PROCEED_ON_ERROR |
||
2532 | |||
2533 | /* default corruption action */ |
||
2534 | static void reset_on_error(mstate m) { |
||
2535 | int i; |
||
2536 | ++malloc_corruption_error_count; |
||
2537 | /* Reinitialize fields to forget about all memory */ |
||
2538 | m->smallbins = m->treebins = 0; |
||
2539 | m->dvsize = m->topsize = 0; |
||
2540 | m->seg.base = 0; |
||
2541 | m->seg.size = 0; |
||
2542 | m->seg.next = 0; |
||
2543 | m->top = m->dv = 0; |
||
2544 | for (i = 0; i < NTREEBINS; ++i) |
||
2545 | *treebin_at(m, i) = 0; |
||
2546 | init_bins(m); |
||
2547 | } |
||
2548 | #endif /* PROCEED_ON_ERROR */ |
||
2549 | |||
2550 | /* Allocate chunk and prepend remainder with chunk in successor base. */ |
||
2551 | static void* prepend_alloc(mstate m, char* newbase, char* oldbase, |
||
2552 | size_t nb) { |
||
2553 | mchunkptr p = align_as_chunk(newbase); |
||
2554 | mchunkptr oldfirst = align_as_chunk(oldbase); |
||
2555 | size_t psize = (char*)oldfirst - (char*)p; |
||
2556 | mchunkptr q = chunk_plus_offset(p, nb); |
||
2557 | size_t qsize = psize - nb; |
||
2558 | set_size_and_pinuse_of_inuse_chunk(m, p, nb); |
||
2559 | |||
2560 | assert((char*)oldfirst > (char*)q); |
||
2561 | assert(pinuse(oldfirst)); |
||
2562 | assert(qsize >= MIN_CHUNK_SIZE); |
||
2563 | |||
2564 | /* consolidate remainder with first chunk of old base */ |
||
2565 | if (oldfirst == m->top) { |
||
2566 | size_t tsize = m->topsize += qsize; |
||
2567 | m->top = q; |
||
2568 | q->head = tsize | PINUSE_BIT; |
||
2569 | check_top_chunk(m, q); |
||
2570 | } |
||
2571 | else if (oldfirst == m->dv) { |
||
2572 | size_t dsize = m->dvsize += qsize; |
||
2573 | m->dv = q; |
||
2574 | set_size_and_pinuse_of_free_chunk(q, dsize); |
||
2575 | } |
||
2576 | else { |
||
2577 | if (!cinuse(oldfirst)) { |
||
2578 | size_t nsize = chunksize(oldfirst); |
||
2579 | unlink_chunk(m, oldfirst, nsize); |
||
2580 | oldfirst = chunk_plus_offset(oldfirst, nsize); |
||
2581 | qsize += nsize; |
||
2582 | } |
||
2583 | set_free_with_pinuse(q, qsize, oldfirst); |
||
2584 | insert_chunk(m, q, qsize); |
||
2585 | check_free_chunk(m, q); |
||
2586 | } |
||
2587 | |||
2588 | check_malloced_chunk(m, chunk2mem(p), nb); |
||
2589 | return chunk2mem(p); |
||
2590 | } |
||
2591 | |||
2592 | |||
2593 | /* Add a segment to hold a new noncontiguous region */ |
||
2594 | static void add_segment(mstate m, char* tbase, size_t tsize, flag_t mmapped) { |
||
2595 | /* Determine locations and sizes of segment, fenceposts, old top */ |
||
2596 | char* old_top = (char*)m->top; |
||
2597 | msegmentptr oldsp = segment_holding(m, old_top); |
||
2598 | char* old_end = oldsp->base + oldsp->size; |
||
2599 | size_t ssize = pad_request(sizeof(struct malloc_segment)); |
||
2600 | char* rawsp = old_end - (ssize + FOUR_SIZE_T_SIZES + CHUNK_ALIGN_MASK); |
||
2601 | size_t offset = align_offset(chunk2mem(rawsp)); |
||
2602 | char* asp = rawsp + offset; |
||
2603 | char* csp = (asp < (old_top + MIN_CHUNK_SIZE))? old_top : asp; |
||
2604 | mchunkptr sp = (mchunkptr)csp; |
||
2605 | msegmentptr ss = (msegmentptr)(chunk2mem(sp)); |
||
2606 | mchunkptr tnext = chunk_plus_offset(sp, ssize); |
||
2607 | mchunkptr p = tnext; |
||
2608 | int nfences = 0; |
||
2609 | |||
2610 | /* reset top to new space */ |
||
2611 | init_top(m, (mchunkptr)tbase, tsize - TOP_FOOT_SIZE); |
||
2612 | |||
2613 | /* Set up segment record */ |
||
2614 | assert(is_aligned(ss)); |
||
2615 | set_size_and_pinuse_of_inuse_chunk(m, sp, ssize); |
||
2616 | *ss = m->seg; /* Push current record */ |
||
2617 | m->seg.base = tbase; |
||
2618 | m->seg.size = tsize; |
||
2619 | m->seg.sflags = mmapped; |
||
2620 | m->seg.next = ss; |
||
2621 | |||
2622 | /* Insert trailing fenceposts */ |
||
2623 | for (;;) { |
||
2624 | mchunkptr nextp = chunk_plus_offset(p, SIZE_T_SIZE); |
||
2625 | p->head = FENCEPOST_HEAD; |
||
2626 | ++nfences; |
||
2627 | if ((char*)(&(nextp->head)) < old_end) |
||
2628 | p = nextp; |
||
2629 | else |
||
2630 | break; |
||
2631 | } |
||
2632 | assert(nfences >= 2); |
||
2633 | |||
2634 | /* Insert the rest of old top into a bin as an ordinary free chunk */ |
||
2635 | if (csp != old_top) { |
||
2636 | mchunkptr q = (mchunkptr)old_top; |
||
2637 | size_t psize = csp - old_top; |
||
2638 | mchunkptr tn = chunk_plus_offset(q, psize); |
||
2639 | set_free_with_pinuse(q, psize, tn); |
||
2640 | insert_chunk(m, q, psize); |
||
2641 | } |
||
2642 | |||
2643 | check_top_chunk(m, m->top); |
||
2644 | } |
||
2645 | |||
2646 | /* -------------------------- System allocation -------------------------- */ |
||
2647 | |||
2648 | /* Get memory from system using MORECORE or MMAP */ |
||
2649 | static void* sys_alloc(mstate m, size_t nb) { |
||
2650 | char* tbase = CMFAIL; |
||
2651 | size_t tsize = 0; |
||
2652 | flag_t mmap_flag = 0; |
||
2653 | |||
2654 | init_mparams(); |
||
2655 | |||
2656 | /* Directly map large chunks */ |
||
2657 | if (use_mmap(m) && nb >= mparams.mmap_threshold) { |
||
2658 | void* mem = mmap_alloc(m, nb); |
||
2659 | if (mem != 0) |
||
2660 | return mem; |
||
2661 | } |
||
2662 | |||
2663 | /* |
||
2664 | Try getting memory in any of three ways (in most-preferred to |
||
2665 | least-preferred order): |
||
2666 | 1. A call to MORECORE that can normally contiguously extend memory. |
||
2667 | (disabled if not MORECORE_CONTIGUOUS or not HAVE_MORECORE or |
||
2668 | or main space is mmapped or a previous contiguous call failed) |
||
2669 | 2. A call to MMAP new space (disabled if not HAVE_MMAP). |
||
2670 | Note that under the default settings, if MORECORE is unable to |
||
2671 | fulfill a request, and HAVE_MMAP is true, then mmap is |
||
2672 | used as a noncontiguous system allocator. This is a useful backup |
||
2673 | strategy for systems with holes in address spaces -- in this case |
||
2674 | sbrk cannot contiguously expand the heap, but mmap may be able to |
||
2675 | find space. |
||
2676 | 3. A call to MORECORE that cannot usually contiguously extend memory. |
||
2677 | (disabled if not HAVE_MORECORE) |
||
2678 | */ |
||
2679 | |||
2680 | if (MORECORE_CONTIGUOUS && !use_noncontiguous(m)) { |
||
2681 | char* br = CMFAIL; |
||
2682 | msegmentptr ss = (m->top == 0)? 0 : segment_holding(m, (char*)m->top); |
||
2683 | size_t asize = 0; |
||
2684 | ACQUIRE_MORECORE_LOCK(); |
||
2685 | |||
2686 | if (ss == 0) { /* First time through or recovery */ |
||
2687 | char* base = (char*)CALL_MORECORE(0); |
||
2688 | if (base != CMFAIL) { |
||
2689 | asize = granularity_align(nb + TOP_FOOT_SIZE + SIZE_T_ONE); |
||
2690 | /* Adjust to end on a page boundary */ |
||
2691 | if (!is_page_aligned(base)) |
||
2692 | asize += (page_align((size_t)base) - (size_t)base); |
||
2693 | /* Can't call MORECORE if size is negative when treated as signed */ |
||
2694 | if (asize < HALF_MAX_SIZE_T && |
||
2695 | (br = (char*)(CALL_MORECORE(asize))) == base) { |
||
2696 | tbase = base; |
||
2697 | tsize = asize; |
||
2698 | } |
||
2699 | } |
||
2700 | } |
||
2701 | else { |
||
2702 | /* Subtract out existing available top space from MORECORE request. */ |
||
2703 | asize = granularity_align(nb - m->topsize + TOP_FOOT_SIZE + SIZE_T_ONE); |
||
2704 | /* Use mem here only if it did continuously extend old space */ |
||
2705 | if (asize < HALF_MAX_SIZE_T && |
||
2706 | (br = (char*)(CALL_MORECORE(asize))) == ss->base+ss->size) { |
||
2707 | tbase = br; |
||
2708 | tsize = asize; |
||
2709 | } |
||
2710 | } |
||
2711 | |||
2712 | if (tbase == CMFAIL) { /* Cope with partial failure */ |
||
2713 | if (br != CMFAIL) { /* Try to use/extend the space we did get */ |
||
2714 | if (asize < HALF_MAX_SIZE_T && |
||
2715 | asize < nb + TOP_FOOT_SIZE + SIZE_T_ONE) { |
||
2716 | size_t esize = granularity_align(nb + TOP_FOOT_SIZE + SIZE_T_ONE - asize); |
||
2717 | if (esize < HALF_MAX_SIZE_T) { |
||
2718 | char* end = (char*)CALL_MORECORE(esize); |
||
2719 | if (end != CMFAIL) |
||
2720 | asize += esize; |
||
2721 | else { /* Can't use; try to release */ |
||
2722 | CALL_MORECORE(-asize); |
||
2723 | br = CMFAIL; |
||
2724 | } |
||
2725 | } |
||
2726 | } |
||
2727 | } |
||
2728 | if (br != CMFAIL) { /* Use the space we did get */ |
||
2729 | tbase = br; |
||
2730 | tsize = asize; |
||
2731 | } |
||
2732 | else |
||
2733 | disable_contiguous(m); /* Don't try contiguous path in the future */ |
||
2734 | } |
||
2735 | |||
2736 | RELEASE_MORECORE_LOCK(); |
||
2737 | } |
||
2738 | |||
2739 | if (HAVE_MMAP && tbase == CMFAIL) { /* Try MMAP */ |
||
2740 | size_t req = nb + TOP_FOOT_SIZE + SIZE_T_ONE; |
||
2741 | size_t rsize = granularity_align(req); |
||
2742 | if (rsize > nb) { /* Fail if wraps around zero */ |
||
2743 | char* mp = (char*)(CALL_MMAP(rsize)); |
||
2744 | if (mp != CMFAIL) { |
||
2745 | tbase = mp; |
||
2746 | tsize = rsize; |
||
2747 | mmap_flag = IS_MMAPPED_BIT; |
||
2748 | } |
||
2749 | } |
||
2750 | } |
||
2751 | |||
2752 | if (HAVE_MORECORE && tbase == CMFAIL) { /* Try noncontiguous MORECORE */ |
||
2753 | size_t asize = granularity_align(nb + TOP_FOOT_SIZE + SIZE_T_ONE); |
||
2754 | if (asize < HALF_MAX_SIZE_T) { |
||
2755 | char* br = CMFAIL; |
||
2756 | char* end = CMFAIL; |
||
2757 | ACQUIRE_MORECORE_LOCK(); |
||
2758 | br = (char*)(CALL_MORECORE(asize)); |
||
2759 | end = (char*)(CALL_MORECORE(0)); |
||
2760 | RELEASE_MORECORE_LOCK(); |
||
2761 | if (br != CMFAIL && end != CMFAIL && br < end) { |
||
2762 | size_t ssize = end - br; |
||
2763 | if (ssize > nb + TOP_FOOT_SIZE) { |
||
2764 | tbase = br; |
||
2765 | tsize = ssize; |
||
2766 | } |
||
2767 | } |
||
2768 | } |
||
2769 | } |
||
2770 | |||
2771 | if (tbase != CMFAIL) { |
||
2772 | |||
2773 | if ((m->footprint += tsize) > m->max_footprint) |
||
2774 | m->max_footprint = m->footprint; |
||
2775 | |||
2776 | if (!is_initialized(m)) { /* first-time initialization */ |
||
2777 | m->seg.base = m->least_addr = tbase; |
||
2778 | m->seg.size = tsize; |
||
2779 | m->seg.sflags = mmap_flag; |
||
2780 | m->magic = mparams.magic; |
||
2781 | init_bins(m); |
||
2782 | if (is_global(m)) |
||
2783 | init_top(m, (mchunkptr)tbase, tsize - TOP_FOOT_SIZE); |
||
2784 | else { |
||
2785 | /* Offset top by embedded malloc_state */ |
||
2786 | mchunkptr mn = next_chunk(mem2chunk(m)); |
||
2787 | init_top(m, mn, (size_t)((tbase + tsize) - (char*)mn) -TOP_FOOT_SIZE); |
||
2788 | } |
||
2789 | } |
||
2790 | |||
2791 | else { |
||
2792 | /* Try to merge with an existing segment */ |
||
2793 | msegmentptr sp = &m->seg; |
||
2794 | while (sp != 0 && tbase != sp->base + sp->size) |
||
2795 | sp = sp->next; |
||
2796 | if (sp != 0 && |
||
2797 | !is_extern_segment(sp) && |
||
2798 | (sp->sflags & IS_MMAPPED_BIT) == mmap_flag && |
||
2799 | segment_holds(sp, m->top)) { /* append */ |
||
2800 | sp->size += tsize; |
||
2801 | init_top(m, m->top, m->topsize + tsize); |
||
2802 | } |
||
2803 | else { |
||
2804 | if (tbase < m->least_addr) |
||
2805 | m->least_addr = tbase; |
||
2806 | sp = &m->seg; |
||
2807 | while (sp != 0 && sp->base != tbase + tsize) |
||
2808 | sp = sp->next; |
||
2809 | if (sp != 0 && |
||
2810 | !is_extern_segment(sp) && |
||
2811 | (sp->sflags & IS_MMAPPED_BIT) == mmap_flag) { |
||
2812 | char* oldbase = sp->base; |
||
2813 | sp->base = tbase; |
||
2814 | sp->size += tsize; |
||
2815 | return prepend_alloc(m, tbase, oldbase, nb); |
||
2816 | } |
||
2817 | else |
||
2818 | add_segment(m, tbase, tsize, mmap_flag); |
||
2819 | } |
||
2820 | } |
||
2821 | |||
2822 | if (nb < m->topsize) { /* Allocate from new or extended top space */ |
||
2823 | size_t rsize = m->topsize -= nb; |
||
2824 | mchunkptr p = m->top; |
||
2825 | mchunkptr r = m->top = chunk_plus_offset(p, nb); |
||
2826 | r->head = rsize | PINUSE_BIT; |
||
2827 | set_size_and_pinuse_of_inuse_chunk(m, p, nb); |
||
2828 | check_top_chunk(m, m->top); |
||
2829 | check_malloced_chunk(m, chunk2mem(p), nb); |
||
2830 | return chunk2mem(p); |
||
2831 | } |
||
2832 | } |
||
2833 | |||
2834 | MALLOC_FAILURE_ACTION; |
||
2835 | return 0; |
||
2836 | } |
||
2837 | |||
2838 | /* ----------------------- system deallocation -------------------------- */ |
||
2839 | |||
2840 | /* Unmap and unlink any mmapped segments that don't contain used chunks */ |
||
2841 | static size_t release_unused_segments(mstate m) { |
||
2842 | size_t released = 0; |
||
2843 | msegmentptr pred = &m->seg; |
||
2844 | msegmentptr sp = pred->next; |
||
2845 | while (sp != 0) { |
||
2846 | char* base = sp->base; |
||
2847 | size_t size = sp->size; |
||
2848 | msegmentptr next = sp->next; |
||
2849 | if (is_mmapped_segment(sp) && !is_extern_segment(sp)) { |
||
2850 | mchunkptr p = align_as_chunk(base); |
||
2851 | size_t psize = chunksize(p); |
||
2852 | /* Can unmap if first chunk holds entire segment and not pinned */ |
||
2853 | if (!cinuse(p) && (char*)p + psize >= base + size - TOP_FOOT_SIZE) { |
||
2854 | tchunkptr tp = (tchunkptr)p; |
||
2855 | assert(segment_holds(sp, (char*)sp)); |
||
2856 | if (p == m->dv) { |
||
2857 | m->dv = 0; |
||
2858 | m->dvsize = 0; |
||
2859 | } |
||
2860 | else { |
||
2861 | unlink_large_chunk(m, tp); |
||
2862 | } |
||
2863 | if (CALL_MUNMAP(base, size) == 0) { |
||
2864 | released += size; |
||
2865 | m->footprint -= size; |
||
2866 | /* unlink obsoleted record */ |
||
2867 | sp = pred; |
||
2868 | sp->next = next; |
||
2869 | } |
||
2870 | else { /* back out if cannot unmap */ |
||
2871 | insert_large_chunk(m, tp, psize); |
||
2872 | } |
||
2873 | } |
||
2874 | } |
||
2875 | pred = sp; |
||
2876 | sp = next; |
||
2877 | } |
||
2878 | return released; |
||
2879 | } |
||
2880 | |||
2881 | static int sys_trim(mstate m, size_t pad) { |
||
2882 | size_t released = 0; |
||
2883 | if (pad < MAX_REQUEST && is_initialized(m)) { |
||
2884 | pad += TOP_FOOT_SIZE; /* ensure enough room for segment overhead */ |
||
2885 | |||
2886 | if (m->topsize > pad) { |
||
2887 | /* Shrink top space in granularity-size units, keeping at least one */ |
||
2888 | size_t unit = mparams.granularity; |
||
2889 | size_t extra = ((m->topsize - pad + (unit - SIZE_T_ONE)) / unit - |
||
2890 | SIZE_T_ONE) * unit; |
||
2891 | msegmentptr sp = segment_holding(m, (char*)m->top); |
||
2892 | |||
2893 | if (!is_extern_segment(sp)) { |
||
2894 | if (is_mmapped_segment(sp)) { |
||
2895 | if (HAVE_MMAP && |
||
2896 | sp->size >= extra && |
||
2897 | !has_segment_link(m, sp)) { /* can't shrink if pinned */ |
||
2898 | size_t newsize = sp->size - extra; |
||
2899 | /* Prefer mremap, fall back to munmap */ |
||
2900 | if ((CALL_MREMAP(sp->base, sp->size, newsize, 0) != MFAIL) || |
||
2901 | (CALL_MUNMAP(sp->base + newsize, extra) == 0)) { |
||
2902 | released = extra; |
||
2903 | } |
||
2904 | } |
||
2905 | } |
||
2906 | else if (HAVE_MORECORE) { |
||
2907 | if (extra >= HALF_MAX_SIZE_T) /* Avoid wrapping negative */ |
||
2908 | extra = (HALF_MAX_SIZE_T) + SIZE_T_ONE - unit; |
||
2909 | ACQUIRE_MORECORE_LOCK(); |
||
2910 | { |
||
2911 | /* Make sure end of memory is where we last set it. */ |
||
2912 | char* old_br = (char*)(CALL_MORECORE(0)); |
||
2913 | if (old_br == sp->base + sp->size) { |
||
2914 | char* rel_br = (char*)(CALL_MORECORE(-extra)); |
||
2915 | char* new_br = (char*)(CALL_MORECORE(0)); |
||
2916 | if (rel_br != CMFAIL && new_br < old_br) |
||
2917 | released = old_br - new_br; |
||
2918 | } |
||
2919 | } |
||
2920 | RELEASE_MORECORE_LOCK(); |
||
2921 | } |
||
2922 | } |
||
2923 | |||
2924 | if (released != 0) { |
||
2925 | sp->size -= released; |
||
2926 | m->footprint -= released; |
||
2927 | init_top(m, m->top, m->topsize - released); |
||
2928 | check_top_chunk(m, m->top); |
||
2929 | } |
||
2930 | } |
||
2931 | |||
2932 | /* Unmap any unused mmapped segments */ |
||
2933 | if (HAVE_MMAP) |
||
2934 | released += release_unused_segments(m); |
||
2935 | |||
2936 | /* On failure, disable autotrim to avoid repeated failed future calls */ |
||
2937 | if (released == 0) |
||
2938 | m->trim_check = MAX_SIZE_T; |
||
2939 | } |
||
2940 | |||
2941 | return (released != 0)? 1 : 0; |
||
2942 | } |
||
2943 | |||
2944 | /* ---------------------------- malloc support --------------------------- */ |
||
2945 | |||
2946 | /* allocate a large request from the best fitting chunk in a treebin */ |
||
2947 | static void* tmalloc_large(mstate m, size_t nb) { |
||
2948 | tchunkptr v = 0; |
||
2949 | size_t rsize = -nb; /* Unsigned negation */ |
||
2950 | tchunkptr t; |
||
2951 | bindex_t idx; |
||
2952 | compute_tree_index(nb, idx); |
||
2953 | |||
2954 | if ((t = *treebin_at(m, idx)) != 0) { |
||
2955 | /* Traverse tree for this bin looking for node with size == nb */ |
||
2956 | size_t sizebits = nb << leftshift_for_tree_index(idx); |
||
2957 | tchunkptr rst = 0; /* The deepest untaken right subtree */ |
||
2958 | for (;;) { |
||
2959 | tchunkptr rt; |
||
2960 | size_t trem = chunksize(t) - nb; |
||
2961 | if (trem < rsize) { |
||
2962 | v = t; |
||
2963 | if ((rsize = trem) == 0) |
||
2964 | break; |
||
2965 | } |
||
2966 | rt = t->child[1]; |
||
2967 | t = t->child[(sizebits >> (SIZE_T_BITSIZE-SIZE_T_ONE)) & 1]; |
||
2968 | if (rt != 0 && rt != t) |
||
2969 | rst = rt; |
||
2970 | if (t == 0) { |
||
2971 | t = rst; /* set t to least subtree holding sizes > nb */ |
||
2972 | break; |
||
2973 | } |
||
2974 | sizebits <<= 1; |
||
2975 | } |
||
2976 | } |
||
2977 | |||
2978 | if (t == 0 && v == 0) { /* set t to root of next non-empty treebin */ |
||
2979 | binmap_t leftbits = left_bits(idx2bit(idx)) & m->treemap; |
||
2980 | if (leftbits != 0) { |
||
2981 | bindex_t i; |
||
2982 | binmap_t leastbit = least_bit(leftbits); |
||
2983 | compute_bit2idx(leastbit, i); |
||
2984 | t = *treebin_at(m, i); |
||
2985 | } |
||
2986 | } |
||
2987 | |||
2988 | while (t != 0) { /* find smallest of tree or subtree */ |
||
2989 | size_t trem = chunksize(t) - nb; |
||
2990 | if (trem < rsize) { |
||
2991 | rsize = trem; |
||
2992 | v = t; |
||
2993 | } |
||
2994 | t = leftmost_child(t); |
||
2995 | } |
||
2996 | |||
2997 | /* If dv is a better fit, return 0 so malloc will use it */ |
||
2998 | if (v != 0 && rsize < (size_t)(m->dvsize - nb)) { |
||
2999 | if (RTCHECK(ok_address(m, v))) { /* split */ |
||
3000 | mchunkptr r = chunk_plus_offset(v, nb); |
||
3001 | assert(chunksize(v) == rsize + nb); |
||
3002 | if (RTCHECK(ok_next(v, r))) { |
||
3003 | unlink_large_chunk(m, v); |
||
3004 | if (rsize < MIN_CHUNK_SIZE) |
||
3005 | set_inuse_and_pinuse(m, v, (rsize + nb)); |
||
3006 | else { |
||
3007 | set_size_and_pinuse_of_inuse_chunk(m, v, nb); |
||
3008 | set_size_and_pinuse_of_free_chunk(r, rsize); |
||
3009 | insert_chunk(m, r, rsize); |
||
3010 | } |
||
3011 | return chunk2mem(v); |
||
3012 | } |
||
3013 | } |
||
3014 | CORRUPTION_ERROR_ACTION(m); |
||
3015 | } |
||
3016 | return 0; |
||
3017 | } |
||
3018 | |||
3019 | /* allocate a small request from the best fitting chunk in a treebin */ |
||
3020 | static void* tmalloc_small(mstate m, size_t nb) { |
||
3021 | tchunkptr t, v; |
||
3022 | size_t rsize; |
||
3023 | bindex_t i; |
||
3024 | binmap_t leastbit = least_bit(m->treemap); |
||
3025 | compute_bit2idx(leastbit, i); |
||
3026 | |||
3027 | v = t = *treebin_at(m, i); |
||
3028 | rsize = chunksize(t) - nb; |
||
3029 | |||
3030 | while ((t = leftmost_child(t)) != 0) { |
||
3031 | size_t trem = chunksize(t) - nb; |
||
3032 | if (trem < rsize) { |
||
3033 | rsize = trem; |
||
3034 | v = t; |
||
3035 | } |
||
3036 | } |
||
3037 | |||
3038 | if (RTCHECK(ok_address(m, v))) { |
||
3039 | mchunkptr r = chunk_plus_offset(v, nb); |
||
3040 | assert(chunksize(v) == rsize + nb); |
||
3041 | if (RTCHECK(ok_next(v, r))) { |
||
3042 | unlink_large_chunk(m, v); |
||
3043 | if (rsize < MIN_CHUNK_SIZE) |
||
3044 | set_inuse_and_pinuse(m, v, (rsize + nb)); |
||
3045 | else { |
||
3046 | set_size_and_pinuse_of_inuse_chunk(m, v, nb); |
||
3047 | set_size_and_pinuse_of_free_chunk(r, rsize); |
||
3048 | replace_dv(m, r, rsize); |
||
3049 | } |
||
3050 | return chunk2mem(v); |
||
3051 | } |
||
3052 | } |
||
3053 | |||
3054 | CORRUPTION_ERROR_ACTION(m); |
||
3055 | return 0; |
||
3056 | } |
||
3057 | |||
3058 | /* --------------------------- realloc support --------------------------- */ |
||
3059 | |||
3060 | static void* internal_realloc(mstate m, void* oldmem, size_t bytes) { |
||
3061 | if (bytes >= MAX_REQUEST) { |
||
3062 | MALLOC_FAILURE_ACTION; |
||
3063 | return 0; |
||
3064 | } |
||
3065 | if (!PREACTION(m)) { |
||
3066 | mchunkptr oldp = mem2chunk(oldmem); |
||
3067 | size_t oldsize = chunksize(oldp); |
||
3068 | mchunkptr next = chunk_plus_offset(oldp, oldsize); |
||
3069 | mchunkptr newp = 0; |
||
3070 | void* extra = 0; |
||
3071 | |||
3072 | /* Try to either shrink or extend into top. Else malloc-copy-free */ |
||
3073 | |||
3074 | if (RTCHECK(ok_address(m, oldp) && ok_cinuse(oldp) && |
||
3075 | ok_next(oldp, next) && ok_pinuse(next))) { |
||
3076 | size_t nb = request2size(bytes); |
||
3077 | if (is_mmapped(oldp)) |
||
3078 | newp = mmap_resize(m, oldp, nb); |
||
3079 | else if (oldsize >= nb) { /* already big enough */ |
||
3080 | size_t rsize = oldsize - nb; |
||
3081 | newp = oldp; |
||
3082 | if (rsize >= MIN_CHUNK_SIZE) { |
||
3083 | mchunkptr remainder = chunk_plus_offset(newp, nb); |
||
3084 | set_inuse(m, newp, nb); |
||
3085 | set_inuse(m, remainder, rsize); |
||
3086 | extra = chunk2mem(remainder); |
||
3087 | } |
||
3088 | } |
||
3089 | else if (next == m->top && oldsize + m->topsize > nb) { |
||
3090 | /* Expand into top */ |
||
3091 | size_t newsize = oldsize + m->topsize; |
||
3092 | size_t newtopsize = newsize - nb; |
||
3093 | mchunkptr newtop = chunk_plus_offset(oldp, nb); |
||
3094 | set_inuse(m, oldp, nb); |
||
3095 | newtop->head = newtopsize |PINUSE_BIT; |
||
3096 | m->top = newtop; |
||
3097 | m->topsize = newtopsize; |
||
3098 | newp = oldp; |
||
3099 | } |
||
3100 | } |
||
3101 | else { |
||
3102 | USAGE_ERROR_ACTION(m, oldmem); |
||
3103 | POSTACTION(m); |
||
3104 | return 0; |
||
3105 | } |
||
3106 | |||
3107 | POSTACTION(m); |
||
3108 | |||
3109 | if (newp != 0) { |
||
3110 | if (extra != 0) { |
||
3111 | internal_free(m, extra); |
||
3112 | } |
||
3113 | check_inuse_chunk(m, newp); |
||
3114 | return chunk2mem(newp); |
||
3115 | } |
||
3116 | else { |
||
3117 | void* newmem = internal_malloc(m, bytes); |
||
3118 | if (newmem != 0) { |
||
3119 | size_t oc = oldsize - overhead_for(oldp); |
||
3120 | memcpy(newmem, oldmem, (oc < bytes)? oc : bytes); |
||
3121 | internal_free(m, oldmem); |
||
3122 | } |
||
3123 | return newmem; |
||
3124 | } |
||
3125 | } |
||
3126 | return 0; |
||
3127 | } |
||
3128 | |||
3129 | /* --------------------------- memalign support -------------------------- */ |
||
3130 | |||
3131 | static void* internal_memalign(mstate m, size_t alignment, size_t bytes) { |
||
3132 | if (alignment <= MALLOC_ALIGNMENT) /* Can just use malloc */ |
||
3133 | return internal_malloc(m, bytes); |
||
3134 | if (alignment < MIN_CHUNK_SIZE) /* must be at least a minimum chunk size */ |
||
3135 | alignment = MIN_CHUNK_SIZE; |
||
3136 | if ((alignment & (alignment-SIZE_T_ONE)) != 0) {/* Ensure a power of 2 */ |
||
3137 | size_t a = MALLOC_ALIGNMENT << 1; |
||
3138 | while (a < alignment) a <<= 1; |
||
3139 | alignment = a; |
||
3140 | } |
||
3141 | |||
3142 | if (bytes >= MAX_REQUEST - alignment) { |
||
3143 | if (m != 0) { /* Test isn't needed but avoids compiler warning */ |
||
3144 | MALLOC_FAILURE_ACTION; |
||
3145 | } |
||
3146 | } |
||
3147 | else { |
||
3148 | size_t nb = request2size(bytes); |
||
3149 | size_t req = nb + alignment + MIN_CHUNK_SIZE - CHUNK_OVERHEAD; |
||
3150 | char* mem = (char*)internal_malloc(m, req); |
||
3151 | if (mem != 0) { |
||
3152 | void* leader = 0; |
||
3153 | void* trailer = 0; |
||
3154 | mchunkptr p = mem2chunk(mem); |
||
3155 | |||
3156 | if (PREACTION(m)) return 0; |
||
3157 | if ((((size_t)(mem)) % alignment) != 0) { /* misaligned */ |
||
3158 | /* |
||
3159 | Find an aligned spot inside chunk. Since we need to give |
||
3160 | back leading space in a chunk of at least MIN_CHUNK_SIZE, if |
||
3161 | the first calculation places us at a spot with less than |
||
3162 | MIN_CHUNK_SIZE leader, we can move to the next aligned spot. |
||
3163 | We've allocated enough total room so that this is always |
||
3164 | possible. |
||
3165 | */ |
||
3166 | char* br = (char*)mem2chunk((size_t)(((size_t)(mem + |
||
3167 | alignment - |
||
3168 | SIZE_T_ONE)) & |
||
3169 | -alignment)); |
||
3170 | char* pos = ((size_t)(br - (char*)(p)) >= MIN_CHUNK_SIZE)? |
||
3171 | br : br+alignment; |
||
3172 | mchunkptr newp = (mchunkptr)pos; |
||
3173 | size_t leadsize = pos - (char*)(p); |
||
3174 | size_t newsize = chunksize(p) - leadsize; |
||
3175 | |||
3176 | if (is_mmapped(p)) { /* For mmapped chunks, just adjust offset */ |
||
3177 | newp->prev_foot = p->prev_foot + leadsize; |
||
3178 | newp->head = (newsize|CINUSE_BIT); |
||
3179 | } |
||
3180 | else { /* Otherwise, give back leader, use the rest */ |
||
3181 | set_inuse(m, newp, newsize); |
||
3182 | set_inuse(m, p, leadsize); |
||
3183 | leader = chunk2mem(p); |
||
3184 | } |
||
3185 | p = newp; |
||
3186 | } |
||
3187 | |||
3188 | /* Give back spare room at the end */ |
||
3189 | if (!is_mmapped(p)) { |
||
3190 | size_t size = chunksize(p); |
||
3191 | if (size > nb + MIN_CHUNK_SIZE) { |
||
3192 | size_t remainder_size = size - nb; |
||
3193 | mchunkptr remainder = chunk_plus_offset(p, nb); |
||
3194 | set_inuse(m, p, nb); |
||
3195 | set_inuse(m, remainder, remainder_size); |
||
3196 | trailer = chunk2mem(remainder); |
||
3197 | } |
||
3198 | } |
||
3199 | |||
3200 | assert (chunksize(p) >= nb); |
||
3201 | assert((((size_t)(chunk2mem(p))) % alignment) == 0); |
||
3202 | check_inuse_chunk(m, p); |
||
3203 | POSTACTION(m); |
||
3204 | if (leader != 0) { |
||
3205 | internal_free(m, leader); |
||
3206 | } |
||
3207 | if (trailer != 0) { |
||
3208 | internal_free(m, trailer); |
||
3209 | } |
||
3210 | return chunk2mem(p); |
||
3211 | } |
||
3212 | } |
||
3213 | return 0; |
||
3214 | } |
||
3215 | |||
3216 | /* ------------------------ comalloc/coalloc support --------------------- */ |
||
3217 | |||
3218 | static void** ialloc(mstate m, |
||
3219 | size_t n_elements, |
||
3220 | size_t* sizes, |
||
3221 | int opts, |
||
3222 | void* chunks[]) { |
||
3223 | /* |
||
3224 | This provides common support for independent_X routines, handling |
||
3225 | all of the combinations that can result. |
||
3226 | |||
3227 | The opts arg has: |
||
3228 | bit 0 set if all elements are same size (using sizes[0]) |
||
3229 | bit 1 set if elements should be zeroed |
||
3230 | */ |
||
3231 | |||
3232 | size_t element_size; /* chunksize of each element, if all same */ |
||
3233 | size_t contents_size; /* total size of elements */ |
||
3234 | size_t array_size; /* request size of pointer array */ |
||
3235 | void* mem; /* malloced aggregate space */ |
||
3236 | mchunkptr p; /* corresponding chunk */ |
||
3237 | size_t remainder_size; /* remaining bytes while splitting */ |
||
3238 | void** marray; /* either "chunks" or malloced ptr array */ |
||
3239 | mchunkptr array_chunk; /* chunk for malloced ptr array */ |
||
3240 | flag_t was_enabled; /* to disable mmap */ |
||
3241 | size_t size; |
||
3242 | size_t i; |
||
3243 | |||
3244 | /* compute array length, if needed */ |
||
3245 | if (chunks != 0) { |
||
3246 | if (n_elements == 0) |
||
3247 | return chunks; /* nothing to do */ |
||
3248 | marray = chunks; |
||
3249 | array_size = 0; |
||
3250 | } |
||
3251 | else { |
||
3252 | /* if empty req, must still return chunk representing empty array */ |
||
3253 | if (n_elements == 0) |
||
3254 | return (void**)internal_malloc(m, 0); |
||
3255 | marray = 0; |
||
3256 | array_size = request2size(n_elements * (sizeof(void*))); |
||
3257 | } |
||
3258 | |||
3259 | /* compute total element size */ |
||
3260 | if (opts & 0x1) { /* all-same-size */ |
||
3261 | element_size = request2size(*sizes); |
||
3262 | contents_size = n_elements * element_size; |
||
3263 | } |
||
3264 | else { /* add up all the sizes */ |
||
3265 | element_size = 0; |
||
3266 | contents_size = 0; |
||
3267 | for (i = 0; i != n_elements; ++i) |
||
3268 | contents_size += request2size(sizes[i]); |
||
3269 | } |
||
3270 | |||
3271 | size = contents_size + array_size; |
||
3272 | |||
3273 | /* |
||
3274 | Allocate the aggregate chunk. First disable direct-mmapping so |
||
3275 | malloc won't use it, since we would not be able to later |
||
3276 | free/realloc space internal to a segregated mmap region. |
||
3277 | */ |
||
3278 | was_enabled = use_mmap(m); |
||
3279 | disable_mmap(m); |
||
3280 | mem = internal_malloc(m, size - CHUNK_OVERHEAD); |
||
3281 | if (was_enabled) |
||
3282 | enable_mmap(m); |
||
3283 | if (mem == 0) |
||
3284 | return 0; |
||
3285 | |||
3286 | if (PREACTION(m)) return 0; |
||
3287 | p = mem2chunk(mem); |
||
3288 | remainder_size = chunksize(p); |
||
3289 | |||
3290 | assert(!is_mmapped(p)); |
||
3291 | |||
3292 | if (opts & 0x2) { /* optionally clear the elements */ |
||
3293 | memset((size_t*)mem, 0, remainder_size - SIZE_T_SIZE - array_size); |
||
3294 | } |
||
3295 | |||
3296 | /* If not provided, allocate the pointer array as final part of chunk */ |
||
3297 | if (marray == 0) { |
||
3298 | size_t array_chunk_size; |
||
3299 | array_chunk = chunk_plus_offset(p, contents_size); |
||
3300 | array_chunk_size = remainder_size - contents_size; |
||
3301 | marray = (void**) (chunk2mem(array_chunk)); |
||
3302 | set_size_and_pinuse_of_inuse_chunk(m, array_chunk, array_chunk_size); |
||
3303 | remainder_size = contents_size; |
||
3304 | } |
||
3305 | |||
3306 | /* split out elements */ |
||
3307 | for (i = 0; ; ++i) { |
||
3308 | marray[i] = chunk2mem(p); |
||
3309 | if (i != n_elements-1) { |
||
3310 | if (element_size != 0) |
||
3311 | size = element_size; |
||
3312 | else |
||
3313 | size = request2size(sizes[i]); |
||
3314 | remainder_size -= size; |
||
3315 | set_size_and_pinuse_of_inuse_chunk(m, p, size); |
||
3316 | p = chunk_plus_offset(p, size); |
||
3317 | } |
||
3318 | else { /* the final element absorbs any overallocation slop */ |
||
3319 | set_size_and_pinuse_of_inuse_chunk(m, p, remainder_size); |
||
3320 | break; |
||
3321 | } |
||
3322 | } |
||
3323 | |||
3324 | #if DEBUG |
||
3325 | if (marray != chunks) { |
||
3326 | /* final element must have exactly exhausted chunk */ |
||
3327 | if (element_size != 0) { |
||
3328 | assert(remainder_size == element_size); |
||
3329 | } |
||
3330 | else { |
||
3331 | assert(remainder_size == request2size(sizes[i])); |
||
3332 | } |
||
3333 | check_inuse_chunk(m, mem2chunk(marray)); |
||
3334 | } |
||
3335 | for (i = 0; i != n_elements; ++i) |
||
3336 | check_inuse_chunk(m, mem2chunk(marray[i])); |
||
3337 | |||
3338 | #endif /* DEBUG */ |
||
3339 | |||
3340 | POSTACTION(m); |
||
3341 | return marray; |
||
3342 | } |
||
3343 | |||
3344 | |||
3345 | /* -------------------------- public routines ---------------------------- */ |
||
3346 | |||
3347 | #if !ONLY_MSPACES |
||
3348 | |||
3349 | void* dlmalloc(size_t bytes) { |
||
3350 | /* |
||
3351 | Basic algorithm: |
||
3352 | If a small request (< 256 bytes minus per-chunk overhead): |
||
3353 | 1. If one exists, use a remainderless chunk in associated smallbin. |
||
3354 | (Remainderless means that there are too few excess bytes to |
||
3355 | represent as a chunk.) |
||
3356 | 2. If it is big enough, use the dv chunk, which is normally the |
||
3357 | chunk adjacent to the one used for the most recent small request. |
||
3358 | 3. If one exists, split the smallest available chunk in a bin, |
||
3359 | saving remainder in dv. |
||
3360 | 4. If it is big enough, use the top chunk. |
||
3361 | 5. If available, get memory from system and use it |
||
3362 | Otherwise, for a large request: |
||
3363 | 1. Find the smallest available binned chunk that fits, and use it |
||
3364 | if it is better fitting than dv chunk, splitting if necessary. |
||
3365 | 2. If better fitting than any binned chunk, use the dv chunk. |
||
3366 | 3. If it is big enough, use the top chunk. |
||
3367 | 4. If request size >= mmap threshold, try to directly mmap this chunk. |
||
3368 | 5. If available, get memory from system and use it |
||
3369 | |||
3370 | The ugly goto's here ensure that postaction occurs along all paths. |
||
3371 | */ |
||
3372 | |||
3373 | if (!PREACTION(gm)) { |
||
3374 | void* mem; |
||
3375 | size_t nb; |
||
3376 | if (bytes <= MAX_SMALL_REQUEST) { |
||
3377 | bindex_t idx; |
||
3378 | binmap_t smallbits; |
||
3379 | nb = (bytes < MIN_REQUEST)? MIN_CHUNK_SIZE : pad_request(bytes); |
||
3380 | idx = small_index(nb); |
||
3381 | smallbits = gm->smallmap >> idx; |
||
3382 | |||
3383 | if ((smallbits & 0x3U) != 0) { /* Remainderless fit to a smallbin. */ |
||
3384 | mchunkptr b, p; |
||
3385 | idx += ~smallbits & 1; /* Uses next bin if idx empty */ |
||
3386 | b = smallbin_at(gm, idx); |
||
3387 | p = b->fd; |
||
3388 | assert(chunksize(p) == small_index2size(idx)); |
||
3389 | unlink_first_small_chunk(gm, b, p, idx); |
||
3390 | set_inuse_and_pinuse(gm, p, small_index2size(idx)); |
||
3391 | mem = chunk2mem(p); |
||
3392 | check_malloced_chunk(gm, mem, nb); |
||
3393 | goto postaction; |
||
3394 | } |
||
3395 | |||
3396 | else if (nb > gm->dvsize) { |
||
3397 | if (smallbits != 0) { /* Use chunk in next nonempty smallbin */ |
||
3398 | mchunkptr b, p, r; |
||
3399 | size_t rsize; |
||
3400 | bindex_t i; |
||
3401 | binmap_t leftbits = (smallbits << idx) & left_bits(idx2bit(idx)); |
||
3402 | binmap_t leastbit = least_bit(leftbits); |
||
3403 | compute_bit2idx(leastbit, i); |
||
3404 | b = smallbin_at(gm, i); |
||
3405 | p = b->fd; |
||
3406 | assert(chunksize(p) == small_index2size(i)); |
||
3407 | unlink_first_small_chunk(gm, b, p, i); |
||
3408 | rsize = small_index2size(i) - nb; |
||
3409 | /* Fit here cannot be remainderless if 4byte sizes */ |
||
3410 | if (SIZE_T_SIZE != 4 && rsize < MIN_CHUNK_SIZE) |
||
3411 | set_inuse_and_pinuse(gm, p, small_index2size(i)); |
||
3412 | else { |
||
3413 | set_size_and_pinuse_of_inuse_chunk(gm, p, nb); |
||
3414 | r = chunk_plus_offset(p, nb); |
||
3415 | set_size_and_pinuse_of_free_chunk(r, rsize); |
||
3416 | replace_dv(gm, r, rsize); |
||
3417 | } |
||
3418 | mem = chunk2mem(p); |
||
3419 | check_malloced_chunk(gm, mem, nb); |
||
3420 | goto postaction; |
||
3421 | } |
||
3422 | |||
3423 | else if (gm->treemap != 0 && (mem = tmalloc_small(gm, nb)) != 0) { |
||
3424 | check_malloced_chunk(gm, mem, nb); |
||
3425 | goto postaction; |
||
3426 | } |
||
3427 | } |
||
3428 | } |
||
3429 | else if (bytes >= MAX_REQUEST) |
||
3430 | nb = MAX_SIZE_T; /* Too big to allocate. Force failure (in sys alloc) */ |
||
3431 | else { |
||
3432 | nb = pad_request(bytes); |
||
3433 | if (gm->treemap != 0 && (mem = tmalloc_large(gm, nb)) != 0) { |
||
3434 | check_malloced_chunk(gm, mem, nb); |
||
3435 | goto postaction; |
||
3436 | } |
||
3437 | } |
||
3438 | |||
3439 | if (nb <= gm->dvsize) { |
||
3440 | size_t rsize = gm->dvsize - nb; |
||
3441 | mchunkptr p = gm->dv; |
||
3442 | if (rsize >= MIN_CHUNK_SIZE) { /* split dv */ |
||
3443 | mchunkptr r = gm->dv = chunk_plus_offset(p, nb); |
||
3444 | gm->dvsize = rsize; |
||
3445 | set_size_and_pinuse_of_free_chunk(r, rsize); |
||
3446 | set_size_and_pinuse_of_inuse_chunk(gm, p, nb); |
||
3447 | } |
||
3448 | else { /* exhaust dv */ |
||
3449 | size_t dvs = gm->dvsize; |
||
3450 | gm->dvsize = 0; |
||
3451 | gm->dv = 0; |
||
3452 | set_inuse_and_pinuse(gm, p, dvs); |
||
3453 | } |
||
3454 | mem = chunk2mem(p); |
||
3455 | check_malloced_chunk(gm, mem, nb); |
||
3456 | goto postaction; |
||
3457 | } |
||
3458 | |||
3459 | else if (nb < gm->topsize) { /* Split top */ |
||
3460 | size_t rsize = gm->topsize -= nb; |
||
3461 | mchunkptr p = gm->top; |
||
3462 | mchunkptr r = gm->top = chunk_plus_offset(p, nb); |
||
3463 | r->head = rsize | PINUSE_BIT; |
||
3464 | set_size_and_pinuse_of_inuse_chunk(gm, p, nb); |
||
3465 | mem = chunk2mem(p); |
||
3466 | check_top_chunk(gm, gm->top); |
||
3467 | check_malloced_chunk(gm, mem, nb); |
||
3468 | goto postaction; |
||
3469 | } |
||
3470 | |||
3471 | mem = sys_alloc(gm, nb); |
||
3472 | |||
3473 | postaction: |
||
3474 | POSTACTION(gm); |
||
3475 | return mem; |
||
3476 | } |
||
3477 | |||
3478 | return 0; |
||
3479 | } |
||
3480 | |||
3481 | void dlfree(void* mem) { |
||
3482 | /* |
||
3483 | Consolidate freed chunks with preceeding or succeeding bordering |
||
3484 | free chunks, if they exist, and then place in a bin. Intermixed |
||
3485 | with special cases for top, dv, mmapped chunks, and usage errors. |
||
3486 | */ |
||
3487 | |||
3488 | if (mem != 0) { |
||
3489 | mchunkptr p = mem2chunk(mem); |
||
3490 | #if FOOTERS |
||
3491 | mstate fm = get_mstate_for(p); |
||
3492 | if (!ok_magic(fm)) { |
||
3493 | USAGE_ERROR_ACTION(fm, p); |
||
3494 | return; |
||
3495 | } |
||
3496 | #else /* FOOTERS */ |
||
3497 | #define fm gm |
||
3498 | #endif /* FOOTERS */ |
||
3499 | if (!PREACTION(fm)) { |
||
3500 | check_inuse_chunk(fm, p); |
||
3501 | if (RTCHECK(ok_address(fm, p) && ok_cinuse(p))) { |
||
3502 | size_t psize = chunksize(p); |
||
3503 | mchunkptr next = chunk_plus_offset(p, psize); |
||
3504 | if (!pinuse(p)) { |
||
3505 | size_t prevsize = p->prev_foot; |
||
3506 | if ((prevsize & IS_MMAPPED_BIT) != 0) { |
||
3507 | prevsize &= ~IS_MMAPPED_BIT; |
||
3508 | psize += prevsize + MMAP_FOOT_PAD; |
||
3509 | if (CALL_MUNMAP((char*)p - prevsize, psize) == 0) |
||
3510 | fm->footprint -= psize; |
||
3511 | goto postaction; |
||
3512 | } |
||
3513 | else { |
||
3514 | mchunkptr prev = chunk_minus_offset(p, prevsize); |
||
3515 | psize += prevsize; |
||
3516 | p = prev; |
||
3517 | if (RTCHECK(ok_address(fm, prev))) { /* consolidate backward */ |
||
3518 | if (p != fm->dv) { |
||
3519 | unlink_chunk(fm, p, prevsize); |
||
3520 | } |
||
3521 | else if ((next->head & INUSE_BITS) == INUSE_BITS) { |
||
3522 | fm->dvsize = psize; |
||
3523 | set_free_with_pinuse(p, psize, next); |
||
3524 | goto postaction; |
||
3525 | } |
||
3526 | } |
||
3527 | else |
||
3528 | goto erroraction; |
||
3529 | } |
||
3530 | } |
||
3531 | |||
3532 | if (RTCHECK(ok_next(p, next) && ok_pinuse(next))) { |
||
3533 | if (!cinuse(next)) { /* consolidate forward */ |
||
3534 | if (next == fm->top) { |
||
3535 | size_t tsize = fm->topsize += psize; |
||
3536 | fm->top = p; |
||
3537 | p->head = tsize | PINUSE_BIT; |
||
3538 | if (p == fm->dv) { |
||
3539 | fm->dv = 0; |
||
3540 | fm->dvsize = 0; |
||
3541 | } |
||
3542 | if (should_trim(fm, tsize)) |
||
3543 | sys_trim(fm, 0); |
||
3544 | goto postaction; |
||
3545 | } |
||
3546 | else if (next == fm->dv) { |
||
3547 | size_t dsize = fm->dvsize += psize; |
||
3548 | fm->dv = p; |
||
3549 | set_size_and_pinuse_of_free_chunk(p, dsize); |
||
3550 | goto postaction; |
||
3551 | } |
||
3552 | else { |
||
3553 | size_t nsize = chunksize(next); |
||
3554 | psize += nsize; |
||
3555 | unlink_chunk(fm, next, nsize); |
||
3556 | set_size_and_pinuse_of_free_chunk(p, psize); |
||
3557 | if (p == fm->dv) { |
||
3558 | fm->dvsize = psize; |
||
3559 | goto postaction; |
||
3560 | } |
||
3561 | } |
||
3562 | } |
||
3563 | else |
||
3564 | set_free_with_pinuse(p, psize, next); |
||
3565 | insert_chunk(fm, p, psize); |
||
3566 | check_free_chunk(fm, p); |
||
3567 | goto postaction; |
||
3568 | } |
||
3569 | } |
||
3570 | erroraction: |
||
3571 | USAGE_ERROR_ACTION(fm, p); |
||
3572 | postaction: |
||
3573 | POSTACTION(fm); |
||
3574 | } |
||
3575 | } |
||
3576 | #if !FOOTERS |
||
3577 | #undef fm |
||
3578 | #endif /* FOOTERS */ |
||
3579 | } |
||
3580 | |||
3581 | void* dlcalloc(size_t n_elements, size_t elem_size) { |
||
3582 | void* mem; |
||
3583 | size_t req = 0; |
||
3584 | if (n_elements != 0) { |
||
3585 | req = n_elements * elem_size; |
||
3586 | if (((n_elements | elem_size) & ~(size_t)0xffff) && |
||
3587 | (req / n_elements != elem_size)) |
||
3588 | req = MAX_SIZE_T; /* force downstream failure on overflow */ |
||
3589 | } |
||
3590 | mem = dlmalloc(req); |
||
3591 | if (mem != 0) |
||
3592 | memset(mem, 0, req); |
||
3593 | return mem; |
||
3594 | } |
||
3595 | |||
3596 | void* dlrealloc(void* oldmem, size_t bytes) { |
||
3597 | if (oldmem == 0) |
||
3598 | return dlmalloc(bytes); |
||
3599 | #ifdef REALLOC_ZERO_BYTES_FREES |
||
3600 | if (bytes == 0) { |
||
3601 | dlfree(oldmem); |
||
3602 | return 0; |
||
3603 | } |
||
3604 | #endif /* REALLOC_ZERO_BYTES_FREES */ |
||
3605 | else { |
||
3606 | #if ! FOOTERS |
||
3607 | mstate m = gm; |
||
3608 | #else /* FOOTERS */ |
||
3609 | mstate m = get_mstate_for(mem2chunk(oldmem)); |
||
3610 | if (!ok_magic(m)) { |
||
3611 | USAGE_ERROR_ACTION(m, oldmem); |
||
3612 | return 0; |
||
3613 | } |
||
3614 | #endif /* FOOTERS */ |
||
3615 | return internal_realloc(m, oldmem, bytes); |
||
3616 | } |
||
3617 | } |
||
3618 | |||
3619 | void* dlmemalign(size_t alignment, size_t bytes) { |
||
3620 | return internal_memalign(gm, alignment, bytes); |
||
3621 | } |
||
3622 | |||
3623 | void** dlindependent_calloc(size_t n_elements, size_t elem_size, |
||
3624 | void* chunks[]) { |
||
3625 | size_t sz = elem_size; /* serves as 1-element array */ |
||
3626 | return ialloc(gm, n_elements, &sz, 3, chunks); |
||
3627 | } |
||
3628 | |||
3629 | void** dlindependent_comalloc(size_t n_elements, size_t sizes[], |
||
3630 | void* chunks[]) { |
||
3631 | return ialloc(gm, n_elements, sizes, 0, chunks); |
||
3632 | } |
||
3633 | |||
3634 | void* dlvalloc(size_t bytes) { |
||
3635 | size_t pagesz; |
||
3636 | init_mparams(); |
||
3637 | pagesz = mparams.page_size; |
||
3638 | return dlmemalign(pagesz, bytes); |
||
3639 | } |
||
3640 | |||
3641 | void* dlpvalloc(size_t bytes) { |
||
3642 | size_t pagesz; |
||
3643 | init_mparams(); |
||
3644 | pagesz = mparams.page_size; |
||
3645 | return dlmemalign(pagesz, (bytes + pagesz - SIZE_T_ONE) & ~(pagesz - SIZE_T_ONE)); |
||
3646 | } |
||
3647 | |||
3648 | int dlmalloc_trim(size_t pad) { |
||
3649 | int result = 0; |
||
3650 | if (!PREACTION(gm)) { |
||
3651 | result = sys_trim(gm, pad); |
||
3652 | POSTACTION(gm); |
||
3653 | } |
||
3654 | return result; |
||
3655 | } |
||
3656 | |||
3657 | size_t dlmalloc_footprint(void) { |
||
3658 | return gm->footprint; |
||
3659 | } |
||
3660 | |||
3661 | size_t dlmalloc_max_footprint(void) { |
||
3662 | return gm->max_footprint; |
||
3663 | } |
||
3664 | |||
3665 | #if !NO_MALLINFO |
||
3666 | struct mallinfo dlmallinfo(void) { |
||
3667 | return internal_mallinfo(gm); |
||
3668 | } |
||
3669 | #endif /* NO_MALLINFO */ |
||
3670 | |||
3671 | //void dlmalloc_stats() { |
||
3672 | // internal_malloc_stats(gm); |
||
3673 | //} |
||
3674 | |||
3675 | size_t dlmalloc_usable_size(void* mem) { |
||
3676 | if (mem != 0) { |
||
3677 | mchunkptr p = mem2chunk(mem); |
||
3678 | if (cinuse(p)) |
||
3679 | return chunksize(p) - overhead_for(p); |
||
3680 | } |
||
3681 | return 0; |
||
3682 | } |
||
3683 | |||
3684 | int dlmallopt(int param_number, int value) { |
||
3685 | return change_mparam(param_number, value); |
||
3686 | } |
||
3687 | |||
3688 | #endif /* !ONLY_MSPACES */ |
||
3689 | |||
3690 | /* ----------------------------- user mspaces ---------------------------- */ |
||
3691 | |||
3692 | #if MSPACES |
||
3693 | #endif /* MSPACES */ |
||
3694 | |||
3695 | /* -------------------- Alternative MORECORE functions ------------------- */ |
||
3696 | |||
3697 | /* |
||
3698 | Guidelines for creating a custom version of MORECORE: |
||
3699 | |||
3700 | * For best performance, MORECORE should allocate in multiples of pagesize. |
||
3701 | * MORECORE may allocate more memory than requested. (Or even less, |
||
3702 | but this will usually result in a malloc failure.) |
||
3703 | * MORECORE must not allocate memory when given argument zero, but |
||
3704 | instead return one past the end address of memory from previous |
||
3705 | nonzero call. |
||
3706 | * For best performance, consecutive calls to MORECORE with positive |
||
3707 | arguments should return increasing addresses, indicating that |
||
3708 | space has been contiguously extended. |
||
3709 | * Even though consecutive calls to MORECORE need not return contiguous |
||
3710 | addresses, it must be OK for malloc'ed chunks to span multiple |
||
3711 | regions in those cases where they do happen to be contiguous. |
||
3712 | * MORECORE need not handle negative arguments -- it may instead |
||
3713 | just return MFAIL when given negative arguments. |
||
3714 | Negative arguments are always multiples of pagesize. MORECORE |
||
3715 | must not misinterpret negative args as large positive unsigned |
||
3716 | args. You can suppress all such calls from even occurring by defining |
||
3717 | MORECORE_CANNOT_TRIM, |
||
3718 | |||
3719 | As an example alternative MORECORE, here is a custom allocator |
||
3720 | kindly contributed for pre-OSX macOS. It uses virtually but not |
||
3721 | necessarily physically contiguous non-paged memory (locked in, |
||
3722 | present and won't get swapped out). You can use it by uncommenting |
||
3723 | this section, adding some #includes, and setting up the appropriate |
||
3724 | defines above: |
||
3725 | |||
3726 | #define MORECORE osMoreCore |
||
3727 | |||
3728 | There is also a shutdown routine that should somehow be called for |
||
3729 | cleanup upon program exit. |
||
3730 | |||
3731 | #define MAX_POOL_ENTRIES 100 |
||
3732 | #define MINIMUM_MORECORE_SIZE (64 * 1024U) |
||
3733 | static int next_os_pool; |
||
3734 | void *our_os_pools[MAX_POOL_ENTRIES]; |
||
3735 | |||
3736 | void *osMoreCore(int size) |
||
3737 | { |
||
3738 | void *ptr = 0; |
||
3739 | static void *sbrk_top = 0; |
||
3740 | |||
3741 | if (size > 0) |
||
3742 | { |
||
3743 | if (size < MINIMUM_MORECORE_SIZE) |
||
3744 | size = MINIMUM_MORECORE_SIZE; |
||
3745 | if (CurrentExecutionLevel() == kTaskLevel) |
||
3746 | ptr = PoolAllocateResident(size + RM_PAGE_SIZE, 0); |
||
3747 | if (ptr == 0) |
||
3748 | { |
||
3749 | return (void *) MFAIL; |
||
3750 | } |
||
3751 | // save ptrs so they can be freed during cleanup |
||
3752 | our_os_pools[next_os_pool] = ptr; |
||
3753 | next_os_pool++; |
||
3754 | ptr = (void *) ((((size_t) ptr) + RM_PAGE_MASK) & ~RM_PAGE_MASK); |
||
3755 | sbrk_top = (char *) ptr + size; |
||
3756 | return ptr; |
||
3757 | } |
||
3758 | else if (size < 0) |
||
3759 | { |
||
3760 | // we don't currently support shrink behavior |
||
3761 | return (void *) MFAIL; |
||
3762 | } |
||
3763 | else |
||
3764 | { |
||
3765 | return sbrk_top; |
||
3766 | } |
||
3767 | } |
||
3768 | |||
3769 | // cleanup any allocated memory pools |
||
3770 | // called as last thing before shutting down driver |
||
3771 | |||
3772 | void osCleanupMem(void) |
||
3773 | { |
||
3774 | void **ptr; |
||
3775 | |||
3776 | for (ptr = our_os_pools; ptr < &our_os_pools[MAX_POOL_ENTRIES]; ptr++) |
||
3777 | if (*ptr) |
||
3778 | { |
||
3779 | PoolDeallocate(*ptr); |
||
3780 | *ptr = 0; |
||
3781 | } |
||
3782 | } |
||
3783 | |||
3784 | */ |
||
3785 | |||
3786 | |||
3787 | /* ----------------------------------------------------------------------- |
||
3788 | History: |
||
3789 | V2.8.3 Thu Sep 22 11:16:32 2005 Doug Lea (dl at gee) |
||
3790 | * Add max_footprint functions |
||
3791 | * Ensure all appropriate literals are size_t |
||
3792 | * Fix conditional compilation problem for some #define settings |
||
3793 | * Avoid concatenating segments with the one provided |
||
3794 | in create_mspace_with_base |
||
3795 | * Rename some variables to avoid compiler shadowing warnings |
||
3796 | * Use explicit lock initialization. |
||
3797 | * Better handling of sbrk interference. |
||
3798 | * Simplify and fix segment insertion, trimming and mspace_destroy |
||
3799 | * Reinstate REALLOC_ZERO_BYTES_FREES option from 2.7.x |
||
3800 | * Thanks especially to Dennis Flanagan for help on these. |
||
3801 | |||
3802 | V2.8.2 Sun Jun 12 16:01:10 2005 Doug Lea (dl at gee) |
||
3803 | * Fix memalign brace error. |
||
3804 | |||
3805 | V2.8.1 Wed Jun 8 16:11:46 2005 Doug Lea (dl at gee) |
||
3806 | * Fix improper #endif nesting in C++ |
||
3807 | * Add explicit casts needed for C++ |
||
3808 | |||
3809 | V2.8.0 Mon May 30 14:09:02 2005 Doug Lea (dl at gee) |
||
3810 | * Use trees for large bins |
||
3811 | * Support mspaces |
||
3812 | * Use segments to unify sbrk-based and mmap-based system allocation, |
||
3813 | removing need for emulation on most platforms without sbrk. |
||
3814 | * Default safety checks |
||
3815 | * Optional footer checks. Thanks to William Robertson for the idea. |
||
3816 | * Internal code refactoring |
||
3817 | * Incorporate suggestions and platform-specific changes. |
||
3818 | Thanks to Dennis Flanagan, Colin Plumb, Niall Douglas, |
||
3819 | Aaron Bachmann, Emery Berger, and others. |
||
3820 | * Speed up non-fastbin processing enough to remove fastbins. |
||
3821 | * Remove useless cfree() to avoid conflicts with other apps. |
||
3822 | * Remove internal memcpy, memset. Compilers handle builtins better. |
||
3823 | * Remove some options that no one ever used and rename others. |
||
3824 | |||
3825 | V2.7.2 Sat Aug 17 09:07:30 2002 Doug Lea (dl at gee) |
||
3826 | * Fix malloc_state bitmap array misdeclaration |
||
3827 | |||
3828 | V2.7.1 Thu Jul 25 10:58:03 2002 Doug Lea (dl at gee) |
||
3829 | * Allow tuning of FIRST_SORTED_BIN_SIZE |
||
3830 | * Use PTR_UINT as type for all ptr->int casts. Thanks to John Belmonte. |
||
3831 | * Better detection and support for non-contiguousness of MORECORE. |
||
3832 | Thanks to Andreas Mueller, Conal Walsh, and Wolfram Gloger |
||
3833 | * Bypass most of malloc if no frees. Thanks To Emery Berger. |
||
3834 | * Fix freeing of old top non-contiguous chunk im sysmalloc. |
||
3835 | * Raised default trim and map thresholds to 256K. |
||
3836 | * Fix mmap-related #defines. Thanks to Lubos Lunak. |
||
3837 | * Fix copy macros; added LACKS_FCNTL_H. Thanks to Neal Walfield. |
||
3838 | * Branch-free bin calculation |
||
3839 | * Default trim and mmap thresholds now 256K. |
||
3840 | |||
3841 | V2.7.0 Sun Mar 11 14:14:06 2001 Doug Lea (dl at gee) |
||
3842 | * Introduce independent_comalloc and independent_calloc. |
||
3843 | Thanks to Michael Pachos for motivation and help. |
||
3844 | * Make optional .h file available |
||
3845 | * Allow > 2GB requests on 32bit systems. |
||
3846 | * new WIN32 sbrk, mmap, munmap, lock code from |
||
3847 | Thanks also to Andreas Mueller |
||
3848 | and Anonymous. |
||
3849 | * Allow override of MALLOC_ALIGNMENT (Thanks to Ruud Waij for |
||
3850 | helping test this.) |
||
3851 | * memalign: check alignment arg |
||
3852 | * realloc: don't try to shift chunks backwards, since this |
||
3853 | leads to more fragmentation in some programs and doesn't |
||
3854 | seem to help in any others. |
||
3855 | * Collect all cases in malloc requiring system memory into sysmalloc |
||
3856 | * Use mmap as backup to sbrk |
||
3857 | * Place all internal state in malloc_state |
||
3858 | * Introduce fastbins (although similar to 2.5.1) |
||
3859 | * Many minor tunings and cosmetic improvements |
||
3860 | * Introduce USE_PUBLIC_MALLOC_WRAPPERS, USE_MALLOC_LOCK |
||
3861 | * Introduce MALLOC_FAILURE_ACTION, MORECORE_CONTIGUOUS |
||
3862 | Thanks to Tony E. Bennett |
||
3863 | * Include errno.h to support default failure action. |
||
3864 | |||
3865 | V2.6.6 Sun Dec 5 07:42:19 1999 Doug Lea (dl at gee) |
||
3866 | * return null for negative arguments |
||
3867 | * Added Several WIN32 cleanups from Martin C. Fong |
||
3868 | * Add 'LACKS_SYS_PARAM_H' for those systems without 'sys/param.h' |
||
3869 | (e.g. WIN32 platforms) |
||
3870 | * Cleanup header file inclusion for WIN32 platforms |
||
3871 | * Cleanup code to avoid Microsoft Visual C++ compiler complaints |
||
3872 | * Add 'USE_DL_PREFIX' to quickly allow co-existence with existing |
||
3873 | memory allocation routines |
||
3874 | * Set 'malloc_getpagesize' for WIN32 platforms (needs more work) |
||
3875 | * Use 'assert' rather than 'ASSERT' in WIN32 code to conform to |
||
3876 | usage of 'assert' in non-WIN32 code |
||
3877 | * Improve WIN32 'sbrk()' emulation's 'findRegion()' routine to |
||
3878 | avoid infinite loop |
||
3879 | * Always call 'fREe()' rather than 'free()' |
||
3880 | |||
3881 | V2.6.5 Wed Jun 17 15:57:31 1998 Doug Lea (dl at gee) |
||
3882 | * Fixed ordering problem with boundary-stamping |
||
3883 | |||
3884 | V2.6.3 Sun May 19 08:17:58 1996 Doug Lea (dl at gee) |
||
3885 | * Added pvalloc, as recommended by H.J. Liu |
||
3886 | * Added 64bit pointer support mainly from Wolfram Gloger |
||
3887 | * Added anonymously donated WIN32 sbrk emulation |
||
3888 | * Malloc, calloc, getpagesize: add optimizations from Raymond Nijssen |
||
3889 | * malloc_extend_top: fix mask error that caused wastage after |
||
3890 | foreign sbrks |
||
3891 | * Add linux mremap support code from HJ Liu |
||
3892 | |||
3893 | V2.6.2 Tue Dec 5 06:52:55 1995 Doug Lea (dl at gee) |
||
3894 | * Integrated most documentation with the code. |
||
3895 | * Add support for mmap, with help from |
||
3896 | Wolfram Gloger (Gloger@lrz.uni-muenchen.de). |
||
3897 | * Use last_remainder in more cases. |
||
3898 | * Pack bins using idea from colin@nyx10.cs.du.edu |
||
3899 | * Use ordered bins instead of best-fit threshhold |
||
3900 | * Eliminate block-local decls to simplify tracing and debugging. |
||
3901 | * Support another case of realloc via move into top |
||
3902 | * Fix error occuring when initial sbrk_base not word-aligned. |
||
3903 | * Rely on page size for units instead of SBRK_UNIT to |
||
3904 | avoid surprises about sbrk alignment conventions. |
||
3905 | * Add mallinfo, mallopt. Thanks to Raymond Nijssen |
||
3906 | (raymond@es.ele.tue.nl) for the suggestion. |
||
3907 | * Add `pad' argument to malloc_trim and top_pad mallopt parameter. |
||
3908 | * More precautions for cases where other routines call sbrk, |
||
3909 | courtesy of Wolfram Gloger (Gloger@lrz.uni-muenchen.de). |
||
3910 | * Added macros etc., allowing use in linux libc from |
||
3911 | H.J. Lu (hjl@gnu.ai.mit.edu) |
||
3912 | * Inverted this history list |
||
3913 | |||
3914 | V2.6.1 Sat Dec 2 14:10:57 1995 Doug Lea (dl at gee) |
||
3915 | * Re-tuned and fixed to behave more nicely with V2.6.0 changes. |
||
3916 | * Removed all preallocation code since under current scheme |
||
3917 | the work required to undo bad preallocations exceeds |
||
3918 | the work saved in good cases for most test programs. |
||
3919 | * No longer use return list or unconsolidated bins since |
||
3920 | no scheme using them consistently outperforms those that don't |
||
3921 | given above changes. |
||
3922 | * Use best fit for very large chunks to prevent some worst-cases. |
||
3923 | * Added some support for debugging |
||
3924 | |||
3925 | V2.6.0 Sat Nov 4 07:05:23 1995 Doug Lea (dl at gee) |
||
3926 | * Removed footers when chunks are in use. Thanks to |
||
3927 | Paul Wilson (wilson@cs.texas.edu) for the suggestion. |
||
3928 | |||
3929 | V2.5.4 Wed Nov 1 07:54:51 1995 Doug Lea (dl at gee) |
||
3930 | * Added malloc_trim, with help from Wolfram Gloger |
||
3931 | (wmglo@Dent.MED.Uni-Muenchen.DE). |
||
3932 | |||
3933 | V2.5.3 Tue Apr 26 10:16:01 1994 Doug Lea (dl at g) |
||
3934 | |||
3935 | V2.5.2 Tue Apr 5 16:20:40 1994 Doug Lea (dl at g) |
||
3936 | * realloc: try to expand in both directions |
||
3937 | * malloc: swap order of clean-bin strategy; |
||
3938 | * realloc: only conditionally expand backwards |
||
3939 | * Try not to scavenge used bins |
||
3940 | * Use bin counts as a guide to preallocation |
||
3941 | * Occasionally bin return list chunks in first scan |
||
3942 | * Add a few optimizations from colin@nyx10.cs.du.edu |
||
3943 | |||
3944 | V2.5.1 Sat Aug 14 15:40:43 1993 Doug Lea (dl at g) |
||
3945 | * faster bin computation & slightly different binning |
||
3946 | * merged all consolidations to one part of malloc proper |
||
3947 | (eliminating old malloc_find_space & malloc_clean_bin) |
||
3948 | * Scan 2 returns chunks (not just 1) |
||
3949 | * Propagate failure in realloc if malloc returns 0 |
||
3950 | * Add stuff to allow compilation on non-ANSI compilers |
||
3951 | from kpv@research.att.com |
||
3952 | |||
3953 | V2.5 Sat Aug 7 07:41:59 1993 Doug Lea (dl at g.oswego.edu) |
||
3954 | * removed potential for odd address access in prev_chunk |
||
3955 | * removed dependency on getpagesize.h |
||
3956 | * misc cosmetics and a bit more internal documentation |
||
3957 | * anticosmetics: mangled names in macros to evade debugger strangeness |
||
3958 | * tested on sparc, hp-700, dec-mips, rs6000 |
||
3959 | with gcc & native cc (hp, dec only) allowing |
||
3960 | Detlefs & Zorn comparison study (in SIGPLAN Notices.) |
||
3961 | |||
3962 | Trial version Fri Aug 28 13:14:29 1992 Doug Lea (dl at g.oswego.edu) |
||
3963 | * Based loosely on libg++-1.2X malloc. (It retains some of the overall |
||
3964 | structure of old version, but most details differ.) |
||
3965 | |||
3966 | */>>>>=>>><>>=>>=><=>>><>>=>>>>>>>=><=>>><>>>>>>>>>>>>>>>>>><>=>>=><=>><>>>>>1)) |