10 * malloc.c (Caltech) 2/21/82
11 * Chris Kingsley, kingsley@cit-20.
13 * This is a very fast storage allocator. It allocates blocks of a small
14 * number of different sizes, and keeps free lists of each size. Blocks that
15 * don't exactly fit are passed up to the next larger size. In this
16 * implementation, the available sizes are 2^n-4 (or 2^n-12) bytes long.
17 * If PACK_MALLOC is defined, small blocks are 2^n bytes long.
18 * This is designed for use in a program that uses vast quantities of memory,
19 * but bombs when it runs out.
27 #define DEBUG_m(a) if (debug & 128) a
30 /* I don't much care whether these are defined in sys/types.h--LAW */
32 #define u_char unsigned char
33 #define u_int unsigned int
34 #define u_short unsigned short
36 /* 286 and atarist like big chunks, which gives too much overhead. */
37 #if (defined(RCHECK) || defined(I286) || defined(atarist)) && defined(PACK_MALLOC)
43 * The description below is applicable if PACK_MALLOC is not defined.
45 * The overhead on a block is at least 4 bytes. When free, this space
46 * contains a pointer to the next free block, and the bottom two bits must
47 * be zero. When in use, the first byte is set to MAGIC, and the second
48 * byte is the size index. The remaining bytes are for alignment.
49 * If range checking is enabled and the size of the block fits
50 * in two bytes, then the top two bytes hold the size of the requested block
51 * plus the range checking words, and the header word MINUS ONE.
54 union overhead *ov_next; /* when free */
55 #if MEM_ALIGNBYTES > 4
56 double strut; /* alignment problems */
59 u_char ovu_magic; /* magic number */
60 u_char ovu_index; /* bucket # */
62 u_short ovu_size; /* actual block size */
63 u_int ovu_rmagic; /* range magic number */
66 #define ov_magic ovu.ovu_magic
67 #define ov_index ovu.ovu_index
68 #define ov_size ovu.ovu_size
69 #define ov_rmagic ovu.ovu_rmagic
73 static void botch _((char *s));
75 static void morecore _((int bucket));
76 static int findbucket _((union overhead *freep, int srchlen));
78 #define MAGIC 0xff /* magic # on accounting info */
79 #define RMAGIC 0x55555555 /* magic # on range info */
81 #define RSLOP sizeof (u_int)
88 * In this case it is assumed that if we do sbrk() in 2K units, we
89 * will get 2K aligned blocks. The bucket number of the given subblock is
90 * on the boundary of 2K block which contains the subblock.
91 * Several following bytes contain the magic numbers for the subblocks
94 * Sizes of chunks are powers of 2 for chunks in buckets <=
95 * MAX_PACKED, after this they are (2^n - sizeof(union overhead)) (to
96 * get alignment right).
98 * We suppose that starts of all the chunks in a 2K block are in
99 * different 2^n-byte-long chunks. If the top of the last chunk is
100 * aligned on a boundary of 2K block, this means that
101 * sizeof(union overhead)*"number of chunks" < 2^n, or
102 * sizeof(union overhead)*2K < 4^n, or n > 6 + log2(sizeof()/2)/2, if a
103 * chunk of size 2^n - overhead is used. Since this rules out n = 7
104 * for 8 byte alignment, we specialcase allocation of the first of 16
105 * 128-byte-long chunks.
107 * Note that with the above assumption we automatically have enough
108 * place for MAGIC at the start of 2K block. Note also that we
109 * overlay union overhead over the chunk, thus the start of the chunk
110 * is immediately overwritten after freeing.
112 # define MAX_PACKED 6
113 # define MAX_2_POT_ALGO ((1<<(MAX_PACKED + 1)) - M_OVERHEAD)
114 # define TWOK_MASK ((1<<11) - 1)
115 # define TWOK_MASKED(x) ((int)x & ~TWOK_MASK)
116 # define TWOK_SHIFT(x) ((int)x & TWOK_MASK)
117 # define OV_INDEXp(block) ((u_char*)(TWOK_MASKED(block)))
118 # define OV_INDEX(block) (*OV_INDEXp(block))
119 # define OV_MAGIC(block,bucket) (*(OV_INDEXp(block) + \
120 (TWOK_SHIFT(block)>>(bucket + 3)) + \
121 (bucket > MAX_NONSHIFT ? 1 : 0)))
122 # define CHUNK_SHIFT 0
124 static u_char n_blks[11 - 3] = {224, 120, 62, 31, 16, 8, 4, 2};
125 static u_short blk_shift[11 - 3] = {256, 128, 64, 32,
126 16*sizeof(union overhead),
127 8*sizeof(union overhead),
128 4*sizeof(union overhead),
129 2*sizeof(union overhead),
130 # define MAX_NONSHIFT 2 /* Shift 64 greater than chunk 32. */
133 # ifdef DEBUGGING_MSTATS
134 static u_int sbrk_slack;
135 static u_int start_slack;
138 #else /* !PACK_MALLOC */
140 # define OV_MAGIC(block,bucket) (block)->ov_magic
141 # define OV_INDEX(block) (block)->ov_index
142 # define CHUNK_SHIFT 1
143 #endif /* !PACK_MALLOC */
145 # define M_OVERHEAD (sizeof(union overhead) + RSLOP)
148 * nextf[i] is the pointer to the next free block of size 2^(i+3). The
149 * smallest allocatable block is 8 bytes. The overhead information
150 * precedes the data area returned to the user.
153 static union overhead *nextf[NBUCKETS];
156 #define sbrk(a) Perl_sbrk(a)
157 char * Perl_sbrk _((int size));
162 #ifdef DEBUGGING_MSTATS
164 * nmalloc[i] is the difference between the number of mallocs and frees
165 * for a given block size.
167 static u_int nmalloc[NBUCKETS];
171 #define ASSERT(p) if (!(p)) botch("p"); else
177 printf("assertion botched: %s\n", s);
186 register MEM_SIZE nbytes;
188 register union overhead *p;
189 register int bucket = 0;
190 register MEM_SIZE shiftr;
194 MEM_SIZE size = nbytes;
198 if (nbytes > 0xffff) {
199 PerlIO_printf(PerlIO_stderr(), "Allocation too large: %lx\n", (long)nbytes);
204 if ((long)nbytes < 0)
205 croak("panic: malloc");
207 #endif /* safemalloc */
210 * Convert amount of memory requested into
211 * closest block size stored in hash buckets
212 * which satisfies request. Account for
213 * space used per block for accounting.
216 if (nbytes > MAX_2_POT_ALGO) {
218 nbytes += M_OVERHEAD;
219 nbytes = (nbytes + 3) &~ 3;
221 } else if (nbytes == 0) {
225 shiftr = (nbytes - 1) >> 2;
226 /* apart from this loop, this is O(1) */
230 * If nothing in hash bucket right now,
231 * request more memory from the system.
233 if (nextf[bucket] == NULL)
235 if ((p = (union overhead *)nextf[bucket]) == NULL) {
238 PerlIO_puts(PerlIO_stderr(),"Out of memory!\n");
247 DEBUG_m(PerlIO_printf(Perl_debug_log, "0x%lx: (%05d) malloc %ld bytes\n",
248 (unsigned long)(p+1),an++,(long)size));
249 #endif /* safemalloc */
251 /* remove from linked list */
253 if (*((int*)p) & (sizeof(union overhead) - 1))
254 PerlIO_printf(PerlIO_stderr(), "Corrupt malloc ptr 0x%lx at 0x%lx\n",
255 (unsigned long)*((int*)p),(unsigned long)p);
257 nextf[bucket] = p->ov_next;
258 OV_MAGIC(p, bucket) = MAGIC;
260 OV_INDEX(p) = bucket;
262 #ifdef DEBUGGING_MSTATS
267 * Record allocated size of block and
268 * bound space with magic numbers.
270 if (nbytes <= 0x10000)
271 p->ov_size = nbytes - 1;
272 p->ov_rmagic = RMAGIC;
273 *((u_int *)((caddr_t)p + nbytes - RSLOP)) = RMAGIC;
275 return ((Malloc_t)(p + CHUNK_SHIFT));
279 * Allocate more memory to the indicated bucket.
285 register union overhead *op;
286 register int rnu; /* 2^rnu bytes will be requested */
287 register int nblks; /* become nblks blocks of the desired size */
288 register MEM_SIZE siz;
294 * Insure memory is allocated
295 * on a page boundary. Should
296 * make getpageize call?
298 #ifndef atarist /* on the atari we dont have to worry about this */
299 op = (union overhead *)sbrk(0);
303 (void)sbrk(slack = 2048 - ((int)op & 0x7ff));
306 (void)sbrk(slack = 1024 - ((int)op & 0x3ff));
308 # if defined(DEBUGGING_MSTATS) && defined(PACK_MALLOC)
312 /* The sbrk(0) call on the I286 always returns the next segment */
316 #if !(defined(I286) || defined(atarist))
317 /* take 2k unless the block is bigger than that */
318 rnu = (bucket <= 8) ? 11 : bucket + 3;
320 /* take 16k unless the block is bigger than that
321 (80286s like large segments!), probably good on the atari too */
322 rnu = (bucket <= 11) ? 14 : bucket + 3;
324 nblks = 1 << (rnu - (bucket + 3)); /* how many blocks to get */
326 rnu = bucket; Why anyone needs this? */
327 op = (union overhead *)sbrk(1L << rnu);
332 * Round up to minimum allocation size boundary
333 * and deduct from block count to reflect.
338 croak("panic: Off-page sbrk");
341 op = (union overhead *)(((MEM_SIZE)op + 8) &~ 7);
345 /* Again, this should always be ok on an 80286 */
348 * Add new memory allocated to that on
349 * free list for this hash bucket.
351 siz = 1 << (bucket + 3);
353 *(u_char*)op = bucket; /* Fill index. */
354 if (bucket <= MAX_PACKED - 3) {
355 op = (union overhead *) ((char*)op + blk_shift[bucket]);
356 nblks = n_blks[bucket];
357 # ifdef DEBUGGING_MSTATS
358 start_slack += blk_shift[bucket];
360 } else if (bucket <= 11 - 1 - 3) {
361 op = (union overhead *) ((char*)op + blk_shift[bucket]);
362 /* nblks = n_blks[bucket]; */
363 siz -= sizeof(union overhead);
364 } else op++; /* One chunk per block. */
365 #endif /* !PACK_MALLOC */
367 while (--nblks > 0) {
368 op->ov_next = (union overhead *)((caddr_t)op + siz);
369 op = (union overhead *)((caddr_t)op + siz);
371 #if defined(USE_PERL_SBRK) || defined(OS2)
372 /* all real sbrks return zeroe-d memory, perl's sbrk doesn't guarantee this */
373 op->ov_next = (union overhead *)NULL;
376 if (bucket == 7 - 3) { /* Special case, explanation is above. */
377 union overhead *n_op = nextf[7 - 3]->ov_next;
378 nextf[7 - 3] = (union overhead *)((caddr_t)nextf[7 - 3]
379 - sizeof(union overhead));
380 nextf[7 - 3]->ov_next = n_op;
382 #endif /* !PACK_MALLOC */
389 register MEM_SIZE size;
390 register union overhead *op;
391 char *cp = (char*)mp;
397 DEBUG_m(PerlIO_printf(Perl_debug_log, "0x%lx: (%05d) free\n",(unsigned long)cp,an++));
398 #endif /* safemalloc */
402 op = (union overhead *)((caddr_t)cp
403 - sizeof (union overhead) * CHUNK_SHIFT);
405 bucket = OV_INDEX(op);
408 ASSERT(OV_MAGIC(op, bucket) == MAGIC); /* make sure it was in use */
410 if (OV_MAGIC(op, bucket) != MAGIC) {
411 static bad_free_warn = -1;
412 if (bad_free_warn == -1) {
413 char *pbf = getenv("PERL_BADFREE");
414 bad_free_warn = (pbf) ? atoi(pbf) : 1;
419 warn("%s free() ignored",
420 op->ov_rmagic == RMAGIC - 1 ? "Duplicate" : "Bad");
422 warn("Bad free() ignored");
428 ASSERT(op->ov_rmagic == RMAGIC);
429 if (OV_INDEX(op) <= 13)
430 ASSERT(*(u_int *)((caddr_t)op + op->ov_size + 1 - RSLOP) == RMAGIC);
431 op->ov_rmagic = RMAGIC - 1;
433 ASSERT(OV_INDEX(op) < NBUCKETS);
435 op->ov_next = nextf[size];
437 #ifdef DEBUGGING_MSTATS
443 * When a program attempts "storage compaction" as mentioned in the
444 * old malloc man page, it realloc's an already freed block. Usually
445 * this is the last block it freed; occasionally it might be farther
446 * back. We have to search all the free lists for the block in order
447 * to determine its bucket: 1st we make one pass thru the lists
448 * checking only the first block in each; if that fails we search
449 * ``reall_srchlen'' blocks in each list for a match (the variable
450 * is extern so the caller can modify it). If that fails we just copy
451 * however many bytes was given to realloc() and hope it's not huge.
453 int reall_srchlen = 4; /* 4 should be plenty, -1 =>'s whole list */
460 register MEM_SIZE onb;
465 char *cp = (char*)mp;
469 MEM_SIZE size = nbytes;
473 if (nbytes > 0xffff) {
474 PerlIO_printf(PerlIO_stderr(), "Reallocation too large: %lx\n", size);
479 return malloc(nbytes);
481 if ((long)nbytes < 0)
482 croak("panic: realloc");
484 #endif /* safemalloc */
486 op = (union overhead *)((caddr_t)cp
487 - sizeof (union overhead) * CHUNK_SHIFT);
489 if (OV_MAGIC(op, i) == MAGIC) {
493 * Already free, doing "compaction".
495 * Search for the old block of memory on the
496 * free list. First, check the most common
497 * case (last element free'd), then (this failing)
498 * the last ``reall_srchlen'' items free'd.
499 * If all lookups fail, then assume the size of
500 * the memory block being realloc'd is the
503 if ((i = findbucket(op, 1)) < 0 &&
504 (i = findbucket(op, reall_srchlen)) < 0)
507 onb = (1L << (i + 3)) -
509 (i <= (MAX_PACKED - 3) ? 0 : M_OVERHEAD)
514 /* avoid the copy if same size block */
516 nbytes <= onb && nbytes > (onb >> 1) - M_OVERHEAD) {
519 * Record new allocated size of block and
520 * bound space with magic numbers.
522 if (OV_INDEX(op) <= 13) {
524 * Convert amount of memory requested into
525 * closest block size stored in hash buckets
526 * which satisfies request. Account for
527 * space used per block for accounting.
529 nbytes += M_OVERHEAD;
530 nbytes = (nbytes + 3) &~ 3;
531 op->ov_size = nbytes - 1;
532 *((u_int *)((caddr_t)op + nbytes - RSLOP)) = RMAGIC;
538 if ((res = (char*)malloc(nbytes)) == NULL)
540 if (cp != res) /* common optimization */
541 Copy(cp, res, (MEM_SIZE)(nbytes<onb?nbytes:onb), char);
549 PerlIO_printf(PerlIO_stderr(), "0x%lx: (%05d) rfree\n",(unsigned long)res,an++);
550 PerlIO_printf(PerlIO_stderr(), "0x%lx: (%05d) realloc %ld bytes\n",
551 (unsigned long)res,an++,(long)size);
554 #endif /* safemalloc */
555 return ((Malloc_t)res);
559 * Search ``srchlen'' elements of each free list for a block whose
560 * header starts at ``freep''. If srchlen is -1 search the whole list.
561 * Return bucket number, or -1 if not found.
564 findbucket(freep, srchlen)
565 union overhead *freep;
568 register union overhead *p;
571 for (i = 0; i < NBUCKETS; i++) {
573 for (p = nextf[i]; p && j != srchlen; p = p->ov_next) {
583 calloc(elements, size)
584 register MEM_SIZE elements;
585 register MEM_SIZE size;
587 long sz = elements * size;
588 Malloc_t p = malloc(sz);
591 memset((void*)p, 0, sz);
596 #ifdef DEBUGGING_MSTATS
598 * mstats - print out statistics about malloc
600 * Prints two lines of numbers, one showing the length of the free list
601 * for each size category, the second showing the number of mallocs -
602 * frees for each size category.
609 register union overhead *p;
610 int topbucket=0, totfree=0, totused=0;
611 u_int nfree[NBUCKETS];
613 for (i=0; i < NBUCKETS; i++) {
614 for (j = 0, p = nextf[i]; p; p = p->ov_next, j++)
617 totfree += nfree[i] * (1 << (i + 3));
618 totused += nmalloc[i] * (1 << (i + 3));
619 if (nfree[i] || nmalloc[i])
623 PerlIO_printf(PerlIO_stderr(), "Memory allocation statistics %s (buckets 8..%d)\n",
624 s, (1 << (topbucket + 3)) );
625 PerlIO_printf(PerlIO_stderr(), " %7d free: ", totfree);
626 for (i=0; i <= topbucket; i++) {
627 PerlIO_printf(PerlIO_stderr(), (i<5)?" %5d":" %3d", nfree[i]);
629 PerlIO_printf(PerlIO_stderr(), "\n %7d used: ", totused);
630 for (i=0; i <= topbucket; i++) {
631 PerlIO_printf(PerlIO_stderr(), (i<5)?" %5d":" %3d", nmalloc[i]);
633 PerlIO_printf(PerlIO_stderr(), "\n");
635 if (sbrk_slack || start_slack) {
636 PerlIO_printf(PerlIO_stderr(), "Odd ends: %7d bytes from sbrk(), %7d from malloc.\n",
637 sbrk_slack, start_slack);
654 # define PERL_SBRK_VIA_MALLOC
657 # ifdef PERL_SBRK_VIA_MALLOC
661 # include "Error: -DPERL_SBRK_VIA_MALLOC requires -DHIDEMYMALLOC"
664 /* it may seem schizophrenic to use perl's malloc and let it call system */
665 /* malloc, the reason for that is only the 3.2 version of the OS that had */
666 /* frequent core dumps within nxzonefreenolock. This sbrk routine put an */
667 /* end to the cores */
669 # define SYSTEM_ALLOC(a) malloc(a)
671 # endif /* PERL_SBRK_VIA_MALLOC */
673 static IV Perl_sbrk_oldchunk;
674 static long Perl_sbrk_oldsize;
676 # define PERLSBRK_32_K (1<<15)
677 # define PERLSBRK_64_K (1<<16)
688 reqsize = size; /* just for the DEBUG_m statement */
690 if (size <= Perl_sbrk_oldsize) {
691 got = Perl_sbrk_oldchunk;
692 Perl_sbrk_oldchunk += size;
693 Perl_sbrk_oldsize -= size;
695 if (size >= PERLSBRK_32_K) {
701 size = PERLSBRK_64_K;
704 got = (IV)SYSTEM_ALLOC(size);
706 /* Chunk is small, register the rest for future allocs. */
707 Perl_sbrk_oldchunk = got + reqsize;
708 Perl_sbrk_oldsize = size - reqsize;
713 DEBUG_m(PerlIO_printf(PerlIO_stderr(), "sbrk malloc size %ld (reqsize %ld), left size %ld, give addr 0x%lx\n",
714 size, reqsize, Perl_sbrk_oldsize, got));
720 #endif /* ! defined USE_PERL_SBRK */