10 * malloc.c (Caltech) 2/21/82
11 * Chris Kingsley, kingsley@cit-20.
13 * This is a very fast storage allocator. It allocates blocks of a small
14 * number of different sizes, and keeps free lists of each size. Blocks that
15 * don't exactly fit are passed up to the next larger size. In this
16 * implementation, the available sizes are 2^n-4 (or 2^n-12) bytes long.
17 * If PACK_MALLOC is defined, small blocks are 2^n bytes long.
18 * This is designed for use in a program that uses vast quantities of memory,
19 * but bombs when it runs out.
27 #define DEBUG_m(a) if (debug & 128) a
30 /* I don't much care whether these are defined in sys/types.h--LAW */
32 #define u_char unsigned char
33 #define u_int unsigned int
34 #define u_short unsigned short
36 /* 286 and atarist like big chunks, which gives too much overhead. */
37 #if (defined(RCHECK) || defined(I286) || defined(atarist)) && defined(PACK_MALLOC)
43 * The description below is applicable if PACK_MALLOC is not defined.
45 * The overhead on a block is at least 4 bytes. When free, this space
46 * contains a pointer to the next free block, and the bottom two bits must
47 * be zero. When in use, the first byte is set to MAGIC, and the second
48 * byte is the size index. The remaining bytes are for alignment.
49 * If range checking is enabled and the size of the block fits
50 * in two bytes, then the top two bytes hold the size of the requested block
51 * plus the range checking words, and the header word MINUS ONE.
54 union overhead *ov_next; /* when free */
55 #if MEM_ALIGNBYTES > 4
56 double strut; /* alignment problems */
59 u_char ovu_magic; /* magic number */
60 u_char ovu_index; /* bucket # */
62 u_short ovu_size; /* actual block size */
63 u_int ovu_rmagic; /* range magic number */
66 #define ov_magic ovu.ovu_magic
67 #define ov_index ovu.ovu_index
68 #define ov_size ovu.ovu_size
69 #define ov_rmagic ovu.ovu_rmagic
73 static void botch _((char *s));
75 static void morecore _((int bucket));
76 static int findbucket _((union overhead *freep, int srchlen));
78 #define MAGIC 0xff /* magic # on accounting info */
79 #define RMAGIC 0x55555555 /* magic # on range info */
81 #define RSLOP sizeof (u_int)
88 * In this case it is assumed that if we do sbrk() in 2K units, we
89 * will get 2K aligned blocks. The bucket number of the given subblock is
90 * on the boundary of 2K block which contains the subblock.
91 * Several following bytes contain the magic numbers for the subblocks
94 * Sizes of chunks are powers of 2 for chunks in buckets <=
95 * MAX_PACKED, after this they are (2^n - sizeof(union overhead)) (to
96 * get alignment right).
98 * We suppose that starts of all the chunks in a 2K block are in
99 * different 2^n-byte-long chunks. If the top of the last chunk is
100 * aligned on a boundary of 2K block, this means that
101 * sizeof(union overhead)*"number of chunks" < 2^n, or
102 * sizeof(union overhead)*2K < 4^n, or n > 6 + log2(sizeof()/2)/2, if a
103 * chunk of size 2^n - overhead is used. Since this rules out n = 7
104 * for 8 byte alignment, we specialcase allocation of the first of 16
105 * 128-byte-long chunks.
107 * Note that with the above assumption we automatically have enough
108 * place for MAGIC at the start of 2K block. Note also that we
109 * overlay union overhead over the chunk, thus the start of the chunk
110 * is immediately overwritten after freeing.
112 # define MAX_PACKED 6
113 # define MAX_2_POT_ALGO ((1<<(MAX_PACKED + 1)) - M_OVERHEAD)
114 # define TWOK_MASK ((1<<11) - 1)
115 # define TWOK_MASKED(x) ((int)x & ~TWOK_MASK)
116 # define TWOK_SHIFT(x) ((int)x & TWOK_MASK)
117 # define OV_INDEXp(block) ((u_char*)(TWOK_MASKED(block)))
118 # define OV_INDEX(block) (*OV_INDEXp(block))
119 # define OV_MAGIC(block,bucket) (*(OV_INDEXp(block) + \
120 (TWOK_SHIFT(block)>>(bucket + 3)) + \
121 (bucket > MAX_NONSHIFT ? 1 : 0)))
122 # define CHUNK_SHIFT 0
124 static u_char n_blks[11 - 3] = {224, 120, 62, 31, 16, 8, 4, 2};
125 static u_short blk_shift[11 - 3] = {256, 128, 64, 32,
126 16*sizeof(union overhead),
127 8*sizeof(union overhead),
128 4*sizeof(union overhead),
129 2*sizeof(union overhead),
130 # define MAX_NONSHIFT 2 /* Shift 64 greater than chunk 32. */
133 # ifdef DEBUGGING_MSTATS
134 static u_int sbrk_slack;
135 static u_int start_slack;
138 #else /* !PACK_MALLOC */
140 # define OV_MAGIC(block,bucket) (block)->ov_magic
141 # define OV_INDEX(block) (block)->ov_index
142 # define CHUNK_SHIFT 1
143 #endif /* !PACK_MALLOC */
145 # define M_OVERHEAD (sizeof(union overhead) + RSLOP)
148 * nextf[i] is the pointer to the next free block of size 2^(i+3). The
149 * smallest allocatable block is 8 bytes. The overhead information
150 * precedes the data area returned to the user.
153 static union overhead *nextf[NBUCKETS];
156 #define sbrk(a) Perl_sbrk(a)
157 char * Perl_sbrk _((int size));
162 #ifdef DEBUGGING_MSTATS
164 * nmalloc[i] is the difference between the number of mallocs and frees
165 * for a given block size.
167 static u_int nmalloc[NBUCKETS];
171 #define ASSERT(p) if (!(p)) botch(STRINGIFY(p)); else
176 PerlIO_printf(PerlIO_stderr(), "assertion botched: %s\n", s);
185 register MEM_SIZE nbytes;
187 register union overhead *p;
188 register int bucket = 0;
189 register MEM_SIZE shiftr;
193 MEM_SIZE size = nbytes;
197 if (nbytes > 0xffff) {
198 PerlIO_printf(PerlIO_stderr(), "Allocation too large: %lx\n", (long)nbytes);
203 if ((long)nbytes < 0)
204 croak("panic: malloc");
206 #endif /* safemalloc */
209 * Convert amount of memory requested into
210 * closest block size stored in hash buckets
211 * which satisfies request. Account for
212 * space used per block for accounting.
215 if (nbytes > MAX_2_POT_ALGO) {
217 nbytes += M_OVERHEAD;
218 nbytes = (nbytes + 3) &~ 3;
220 } else if (nbytes == 0) {
224 shiftr = (nbytes - 1) >> 2;
225 /* apart from this loop, this is O(1) */
229 * If nothing in hash bucket right now,
230 * request more memory from the system.
232 if (nextf[bucket] == NULL)
234 if ((p = (union overhead *)nextf[bucket]) == NULL) {
237 PerlIO_puts(PerlIO_stderr(),"Out of memory!\n");
246 DEBUG_m(PerlIO_printf(Perl_debug_log, "0x%lx: (%05d) malloc %ld bytes\n",
247 (unsigned long)(p+1),an++,(long)size));
248 #endif /* safemalloc */
250 /* remove from linked list */
252 if (*((int*)p) & (sizeof(union overhead) - 1))
253 PerlIO_printf(PerlIO_stderr(), "Corrupt malloc ptr 0x%lx at 0x%lx\n",
254 (unsigned long)*((int*)p),(unsigned long)p);
256 nextf[bucket] = p->ov_next;
257 OV_MAGIC(p, bucket) = MAGIC;
259 OV_INDEX(p) = bucket;
261 #ifdef DEBUGGING_MSTATS
266 * Record allocated size of block and
267 * bound space with magic numbers.
269 if (nbytes <= 0x10000)
270 p->ov_size = nbytes - 1;
271 p->ov_rmagic = RMAGIC;
272 *((u_int *)((caddr_t)p + nbytes - RSLOP)) = RMAGIC;
274 return ((Malloc_t)(p + CHUNK_SHIFT));
278 * Allocate more memory to the indicated bucket.
284 register union overhead *op;
285 register int rnu; /* 2^rnu bytes will be requested */
286 register int nblks; /* become nblks blocks of the desired size */
287 register MEM_SIZE siz;
293 * Insure memory is allocated
294 * on a page boundary. Should
295 * make getpageize call?
297 #ifndef atarist /* on the atari we dont have to worry about this */
298 op = (union overhead *)sbrk(0);
302 (void)sbrk(slack = 2048 - ((int)op & 0x7ff));
305 (void)sbrk(slack = 1024 - ((int)op & 0x3ff));
307 # if defined(DEBUGGING_MSTATS) && defined(PACK_MALLOC)
311 /* The sbrk(0) call on the I286 always returns the next segment */
315 #if !(defined(I286) || defined(atarist))
316 /* take 2k unless the block is bigger than that */
317 rnu = (bucket <= 8) ? 11 : bucket + 3;
319 /* take 16k unless the block is bigger than that
320 (80286s like large segments!), probably good on the atari too */
321 rnu = (bucket <= 11) ? 14 : bucket + 3;
323 nblks = 1 << (rnu - (bucket + 3)); /* how many blocks to get */
325 rnu = bucket; Why anyone needs this? */
326 op = (union overhead *)sbrk(1L << rnu);
331 * Round up to minimum allocation size boundary
332 * and deduct from block count to reflect.
337 croak("panic: Off-page sbrk");
340 op = (union overhead *)(((MEM_SIZE)op + 8) &~ 7);
344 /* Again, this should always be ok on an 80286 */
347 * Add new memory allocated to that on
348 * free list for this hash bucket.
350 siz = 1 << (bucket + 3);
352 *(u_char*)op = bucket; /* Fill index. */
353 if (bucket <= MAX_PACKED - 3) {
354 op = (union overhead *) ((char*)op + blk_shift[bucket]);
355 nblks = n_blks[bucket];
356 # ifdef DEBUGGING_MSTATS
357 start_slack += blk_shift[bucket];
359 } else if (bucket <= 11 - 1 - 3) {
360 op = (union overhead *) ((char*)op + blk_shift[bucket]);
361 /* nblks = n_blks[bucket]; */
362 siz -= sizeof(union overhead);
363 } else op++; /* One chunk per block. */
364 #endif /* !PACK_MALLOC */
366 while (--nblks > 0) {
367 op->ov_next = (union overhead *)((caddr_t)op + siz);
368 op = (union overhead *)((caddr_t)op + siz);
370 #if defined(USE_PERL_SBRK) || defined(OS2)
371 /* all real sbrks return zeroe-d memory, perl's sbrk doesn't guarantee this */
372 op->ov_next = (union overhead *)NULL;
375 if (bucket == 7 - 3) { /* Special case, explanation is above. */
376 union overhead *n_op = nextf[7 - 3]->ov_next;
377 nextf[7 - 3] = (union overhead *)((caddr_t)nextf[7 - 3]
378 - sizeof(union overhead));
379 nextf[7 - 3]->ov_next = n_op;
381 #endif /* !PACK_MALLOC */
388 register MEM_SIZE size;
389 register union overhead *op;
390 char *cp = (char*)mp;
396 DEBUG_m(PerlIO_printf(Perl_debug_log, "0x%lx: (%05d) free\n",(unsigned long)cp,an++));
397 #endif /* safemalloc */
401 op = (union overhead *)((caddr_t)cp
402 - sizeof (union overhead) * CHUNK_SHIFT);
404 bucket = OV_INDEX(op);
407 ASSERT(OV_MAGIC(op, bucket) == MAGIC); /* make sure it was in use */
409 if (OV_MAGIC(op, bucket) != MAGIC) {
410 static bad_free_warn = -1;
411 if (bad_free_warn == -1) {
412 char *pbf = getenv("PERL_BADFREE");
413 bad_free_warn = (pbf) ? atoi(pbf) : 1;
418 warn("%s free() ignored",
419 op->ov_rmagic == RMAGIC - 1 ? "Duplicate" : "Bad");
421 warn("Bad free() ignored");
427 ASSERT(op->ov_rmagic == RMAGIC);
428 if (OV_INDEX(op) <= 13)
429 ASSERT(*(u_int *)((caddr_t)op + op->ov_size + 1 - RSLOP) == RMAGIC);
430 op->ov_rmagic = RMAGIC - 1;
432 ASSERT(OV_INDEX(op) < NBUCKETS);
434 op->ov_next = nextf[size];
436 #ifdef DEBUGGING_MSTATS
442 * When a program attempts "storage compaction" as mentioned in the
443 * old malloc man page, it realloc's an already freed block. Usually
444 * this is the last block it freed; occasionally it might be farther
445 * back. We have to search all the free lists for the block in order
446 * to determine its bucket: 1st we make one pass thru the lists
447 * checking only the first block in each; if that fails we search
448 * ``reall_srchlen'' blocks in each list for a match (the variable
449 * is extern so the caller can modify it). If that fails we just copy
450 * however many bytes was given to realloc() and hope it's not huge.
452 int reall_srchlen = 4; /* 4 should be plenty, -1 =>'s whole list */
459 register MEM_SIZE onb;
464 char *cp = (char*)mp;
468 MEM_SIZE size = nbytes;
472 if (nbytes > 0xffff) {
473 PerlIO_printf(PerlIO_stderr(), "Reallocation too large: %lx\n", size);
478 return malloc(nbytes);
480 if ((long)nbytes < 0)
481 croak("panic: realloc");
483 #endif /* safemalloc */
485 op = (union overhead *)((caddr_t)cp
486 - sizeof (union overhead) * CHUNK_SHIFT);
488 if (OV_MAGIC(op, i) == MAGIC) {
492 * Already free, doing "compaction".
494 * Search for the old block of memory on the
495 * free list. First, check the most common
496 * case (last element free'd), then (this failing)
497 * the last ``reall_srchlen'' items free'd.
498 * If all lookups fail, then assume the size of
499 * the memory block being realloc'd is the
502 if ((i = findbucket(op, 1)) < 0 &&
503 (i = findbucket(op, reall_srchlen)) < 0)
506 onb = (1L << (i + 3)) -
508 (i <= (MAX_PACKED - 3) ? 0 : M_OVERHEAD)
513 /* avoid the copy if same size block */
515 nbytes <= onb && nbytes > (onb >> 1) - M_OVERHEAD) {
518 * Record new allocated size of block and
519 * bound space with magic numbers.
521 if (OV_INDEX(op) <= 13) {
523 * Convert amount of memory requested into
524 * closest block size stored in hash buckets
525 * which satisfies request. Account for
526 * space used per block for accounting.
528 nbytes += M_OVERHEAD;
529 nbytes = (nbytes + 3) &~ 3;
530 op->ov_size = nbytes - 1;
531 *((u_int *)((caddr_t)op + nbytes - RSLOP)) = RMAGIC;
537 if ((res = (char*)malloc(nbytes)) == NULL)
539 if (cp != res) /* common optimization */
540 Copy(cp, res, (MEM_SIZE)(nbytes<onb?nbytes:onb), char);
548 PerlIO_printf(PerlIO_stderr(), "0x%lx: (%05d) rfree\n",(unsigned long)res,an++);
549 PerlIO_printf(PerlIO_stderr(), "0x%lx: (%05d) realloc %ld bytes\n",
550 (unsigned long)res,an++,(long)size);
553 #endif /* safemalloc */
554 return ((Malloc_t)res);
558 * Search ``srchlen'' elements of each free list for a block whose
559 * header starts at ``freep''. If srchlen is -1 search the whole list.
560 * Return bucket number, or -1 if not found.
563 findbucket(freep, srchlen)
564 union overhead *freep;
567 register union overhead *p;
570 for (i = 0; i < NBUCKETS; i++) {
572 for (p = nextf[i]; p && j != srchlen; p = p->ov_next) {
582 calloc(elements, size)
583 register MEM_SIZE elements;
584 register MEM_SIZE size;
586 long sz = elements * size;
587 Malloc_t p = malloc(sz);
590 memset((void*)p, 0, sz);
595 #ifdef DEBUGGING_MSTATS
597 * mstats - print out statistics about malloc
599 * Prints two lines of numbers, one showing the length of the free list
600 * for each size category, the second showing the number of mallocs -
601 * frees for each size category.
608 register union overhead *p;
609 int topbucket=0, totfree=0, totused=0;
610 u_int nfree[NBUCKETS];
612 for (i=0; i < NBUCKETS; i++) {
613 for (j = 0, p = nextf[i]; p; p = p->ov_next, j++)
616 totfree += nfree[i] * (1 << (i + 3));
617 totused += nmalloc[i] * (1 << (i + 3));
618 if (nfree[i] || nmalloc[i])
622 PerlIO_printf(PerlIO_stderr(), "Memory allocation statistics %s (buckets 8..%d)\n",
623 s, (1 << (topbucket + 3)) );
624 PerlIO_printf(PerlIO_stderr(), " %7d free: ", totfree);
625 for (i=0; i <= topbucket; i++) {
626 PerlIO_printf(PerlIO_stderr(), (i<5)?" %5d":" %3d", nfree[i]);
628 PerlIO_printf(PerlIO_stderr(), "\n %7d used: ", totused);
629 for (i=0; i <= topbucket; i++) {
630 PerlIO_printf(PerlIO_stderr(), (i<5)?" %5d":" %3d", nmalloc[i]);
632 PerlIO_printf(PerlIO_stderr(), "\n");
634 if (sbrk_slack || start_slack) {
635 PerlIO_printf(PerlIO_stderr(), "Odd ends: %7d bytes from sbrk(), %7d from malloc.\n",
636 sbrk_slack, start_slack);
653 # define PERL_SBRK_VIA_MALLOC
656 # ifdef PERL_SBRK_VIA_MALLOC
660 # include "Error: -DPERL_SBRK_VIA_MALLOC requires -DHIDEMYMALLOC"
663 /* it may seem schizophrenic to use perl's malloc and let it call system */
664 /* malloc, the reason for that is only the 3.2 version of the OS that had */
665 /* frequent core dumps within nxzonefreenolock. This sbrk routine put an */
666 /* end to the cores */
668 # define SYSTEM_ALLOC(a) malloc(a)
670 # endif /* PERL_SBRK_VIA_MALLOC */
672 static IV Perl_sbrk_oldchunk;
673 static long Perl_sbrk_oldsize;
675 # define PERLSBRK_32_K (1<<15)
676 # define PERLSBRK_64_K (1<<16)
687 reqsize = size; /* just for the DEBUG_m statement */
689 if (size <= Perl_sbrk_oldsize) {
690 got = Perl_sbrk_oldchunk;
691 Perl_sbrk_oldchunk += size;
692 Perl_sbrk_oldsize -= size;
694 if (size >= PERLSBRK_32_K) {
700 size = PERLSBRK_64_K;
703 got = (IV)SYSTEM_ALLOC(size);
705 /* Chunk is small, register the rest for future allocs. */
706 Perl_sbrk_oldchunk = got + reqsize;
707 Perl_sbrk_oldsize = size - reqsize;
712 DEBUG_m(PerlIO_printf(PerlIO_stderr(), "sbrk malloc size %ld (reqsize %ld), left size %ld, give addr 0x%lx\n",
713 size, reqsize, Perl_sbrk_oldsize, got));
719 #endif /* ! defined USE_PERL_SBRK */