2008-02-17 20:03:49 +01:00
|
|
|
/* Version 1.83 for Linux.
|
|
|
|
* Compilation: gcc -shared -fPIC -O2 OpenBSD_malloc_Linux.c -o malloc.so
|
|
|
|
* Launching: LD_PRELOAD=/path/to/malloc.so firefox
|
|
|
|
*/
|
|
|
|
|
|
|
|
/* $OpenBSD: malloc.c,v 1.83 2006/05/14 19:53:40 otto Exp $ */
|
|
|
|
|
|
|
|
/*
|
|
|
|
* ----------------------------------------------------------------------------
|
|
|
|
* "THE BEER-WARE LICENSE" (Revision 42):
|
|
|
|
* <phk@FreeBSD.ORG> wrote this file. As long as you retain this notice you
|
|
|
|
* can do whatever you want with this stuff. If we meet some day, and you think
|
|
|
|
* this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp
|
|
|
|
* ----------------------------------------------------------------------------
|
|
|
|
*/
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Defining MALLOC_EXTRA_SANITY will enable extra checks which are
|
|
|
|
* related to internal conditions and consistency in malloc.c. This has
|
|
|
|
* a noticeable runtime performance hit, and generally will not do you
|
|
|
|
* any good unless you fiddle with the internals of malloc or want
|
|
|
|
* to catch random pointer corruption as early as possible.
|
|
|
|
*/
|
|
|
|
#ifndef MALLOC_EXTRA_SANITY
|
|
|
|
#undef MALLOC_EXTRA_SANITY
|
|
|
|
#endif
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Defining MALLOC_STATS will enable you to call malloc_dump() and set
|
|
|
|
* the [dD] options in the MALLOC_OPTIONS environment variable.
|
|
|
|
* It has no run-time performance hit, but does pull in stdio...
|
|
|
|
*/
|
|
|
|
#ifndef MALLOC_STATS
|
|
|
|
#undef MALLOC_STATS
|
|
|
|
#endif
|
|
|
|
|
|
|
|
/*
|
|
|
|
* What to use for Junk. This is the byte value we use to fill with
|
|
|
|
* when the 'J' option is enabled.
|
|
|
|
*/
|
|
|
|
#define SOME_JUNK 0xd0 /* as in "Duh" :-) */
|
|
|
|
|
|
|
|
#include <sys/types.h>
|
|
|
|
#include <sys/time.h>
|
|
|
|
#include <sys/resource.h>
|
|
|
|
#include <sys/param.h>
|
|
|
|
#include <sys/mman.h>
|
|
|
|
#include <sys/uio.h>
|
|
|
|
#include <stdio.h>
|
|
|
|
#include <stdlib.h>
|
|
|
|
#include <string.h>
|
|
|
|
#include <unistd.h>
|
|
|
|
#include <fcntl.h>
|
|
|
|
#include <limits.h>
|
|
|
|
#include <errno.h>
|
|
|
|
#include <err.h>
|
2008-03-13 16:06:26 +01:00
|
|
|
/* For SIZE_T_MAX */
|
|
|
|
#include "torint.h"
|
2008-02-17 20:03:49 +01:00
|
|
|
|
|
|
|
//#include "thread_private.h"
|
|
|
|
|
|
|
|
/*
|
|
|
|
* The basic parameters you can tweak.
|
|
|
|
*
|
|
|
|
* malloc_pageshift pagesize = 1 << malloc_pageshift
|
|
|
|
* It's probably best if this is the native
|
|
|
|
* page size, but it shouldn't have to be.
|
|
|
|
*
|
|
|
|
* malloc_minsize minimum size of an allocation in bytes.
|
|
|
|
* If this is too small it's too much work
|
|
|
|
* to manage them. This is also the smallest
|
|
|
|
* unit of alignment used for the storage
|
|
|
|
* returned by malloc/realloc.
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
|
|
|
|
static int align = 0;
|
|
|
|
static size_t g_alignment = 0;
|
|
|
|
|
|
|
|
extern int __libc_enable_secure;
|
|
|
|
|
|
|
|
static int issetugid(void)
|
|
|
|
{
|
|
|
|
if (__libc_enable_secure) return 1;
|
|
|
|
if (getuid() != geteuid()) return 1;
|
|
|
|
if (getgid() != getegid()) return 1;
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
#define PGSHIFT 12
|
|
|
|
#define MADV_FREE MADV_DONTNEED
|
|
|
|
#include <pthread.h>
|
|
|
|
static pthread_mutex_t gen_mutex = PTHREAD_MUTEX_INITIALIZER;
|
|
|
|
|
|
|
|
#define _MALLOC_LOCK_INIT() {;}
|
|
|
|
#define _MALLOC_LOCK() {pthread_mutex_lock(&gen_mutex);}
|
|
|
|
#define _MALLOC_UNLOCK() {pthread_mutex_unlock(&gen_mutex);}
|
|
|
|
|
2008-03-17 03:47:40 +01:00
|
|
|
#if defined(__sparc__) || defined(__alpha__)
|
2008-02-17 20:03:49 +01:00
|
|
|
#define malloc_pageshift 13U
|
2008-03-17 10:46:18 +01:00
|
|
|
#endif
|
|
|
|
#if defined(__ia64__)
|
|
|
|
#define malloc_pageshift 14U
|
|
|
|
#endif
|
2008-02-17 20:03:49 +01:00
|
|
|
|
|
|
|
#ifndef malloc_pageshift
|
|
|
|
#define malloc_pageshift (PGSHIFT)
|
|
|
|
#endif
|
|
|
|
|
|
|
|
/*
|
|
|
|
* No user serviceable parts behind this point.
|
|
|
|
*
|
|
|
|
* This structure describes a page worth of chunks.
|
|
|
|
*/
|
|
|
|
struct pginfo {
|
|
|
|
struct pginfo *next; /* next on the free list */
|
|
|
|
void *page; /* Pointer to the page */
|
|
|
|
u_short size; /* size of this page's chunks */
|
|
|
|
u_short shift; /* How far to shift for this size chunks */
|
|
|
|
u_short free; /* How many free chunks */
|
|
|
|
u_short total; /* How many chunk */
|
|
|
|
u_long bits[1];/* Which chunks are free */
|
|
|
|
};
|
|
|
|
|
|
|
|
/* How many bits per u_long in the bitmap */
|
2008-07-06 20:33:35 +02:00
|
|
|
#define MALLOC_BITS (int)((NBBY * sizeof(u_long)))
|
2008-02-17 20:03:49 +01:00
|
|
|
|
|
|
|
/*
|
|
|
|
* This structure describes a number of free pages.
|
|
|
|
*/
|
|
|
|
struct pgfree {
|
|
|
|
struct pgfree *next; /* next run of free pages */
|
|
|
|
struct pgfree *prev; /* prev run of free pages */
|
|
|
|
void *page; /* pointer to free pages */
|
|
|
|
void *pdir; /* pointer to the base page's dir */
|
|
|
|
size_t size; /* number of bytes free */
|
|
|
|
};
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Magic values to put in the page_directory
|
|
|
|
*/
|
|
|
|
#define MALLOC_NOT_MINE ((struct pginfo*) 0)
|
|
|
|
#define MALLOC_FREE ((struct pginfo*) 1)
|
|
|
|
#define MALLOC_FIRST ((struct pginfo*) 2)
|
|
|
|
#define MALLOC_FOLLOW ((struct pginfo*) 3)
|
|
|
|
#define MALLOC_MAGIC ((struct pginfo*) 4)
|
|
|
|
|
|
|
|
#ifndef malloc_minsize
|
|
|
|
#define malloc_minsize 16UL
|
|
|
|
#endif
|
|
|
|
|
|
|
|
#if !defined(malloc_pagesize)
|
|
|
|
#define malloc_pagesize (1UL<<malloc_pageshift)
|
|
|
|
#endif
|
|
|
|
|
|
|
|
#if ((1UL<<malloc_pageshift) != malloc_pagesize)
|
|
|
|
#error "(1UL<<malloc_pageshift) != malloc_pagesize"
|
|
|
|
#endif
|
|
|
|
|
|
|
|
#ifndef malloc_maxsize
|
|
|
|
#define malloc_maxsize ((malloc_pagesize)>>1)
|
|
|
|
#endif
|
|
|
|
|
|
|
|
/* A mask for the offset inside a page. */
|
|
|
|
#define malloc_pagemask ((malloc_pagesize)-1)
|
|
|
|
|
|
|
|
#define pageround(foo) (((foo) + (malloc_pagemask)) & ~malloc_pagemask)
|
|
|
|
#define ptr2index(foo) (((u_long)(foo) >> malloc_pageshift)+malloc_pageshift)
|
|
|
|
#define index2ptr(idx) ((void*)(((idx)-malloc_pageshift)<<malloc_pageshift))
|
|
|
|
|
|
|
|
/* Set when initialization has been done */
|
|
|
|
static unsigned int malloc_started;
|
|
|
|
|
|
|
|
/* Number of free pages we cache */
|
|
|
|
static unsigned int malloc_cache = 16;
|
|
|
|
|
|
|
|
/* Structure used for linking discrete directory pages. */
|
|
|
|
struct pdinfo {
|
|
|
|
struct pginfo **base;
|
|
|
|
struct pdinfo *prev;
|
|
|
|
struct pdinfo *next;
|
|
|
|
u_long dirnum;
|
|
|
|
};
|
|
|
|
static struct pdinfo *last_dir; /* Caches to the last and previous */
|
|
|
|
static struct pdinfo *prev_dir; /* referenced directory pages. */
|
|
|
|
|
|
|
|
static size_t pdi_off;
|
|
|
|
static u_long pdi_mod;
|
|
|
|
#define PD_IDX(num) ((num) / (malloc_pagesize/sizeof(struct pginfo *)))
|
|
|
|
#define PD_OFF(num) ((num) & ((malloc_pagesize/sizeof(struct pginfo *))-1))
|
|
|
|
#define PI_IDX(index) ((index) / pdi_mod)
|
|
|
|
#define PI_OFF(index) ((index) % pdi_mod)
|
|
|
|
|
|
|
|
/* The last index in the page directory we care about */
|
|
|
|
static u_long last_index;
|
|
|
|
|
|
|
|
/* Pointer to page directory. Allocated "as if with" malloc */
|
|
|
|
static struct pginfo **page_dir;
|
|
|
|
|
|
|
|
/* Free pages line up here */
|
|
|
|
static struct pgfree free_list;
|
|
|
|
|
|
|
|
/* Abort(), user doesn't handle problems. */
|
|
|
|
static int malloc_abort = 2;
|
|
|
|
|
|
|
|
/* Are we trying to die ? */
|
|
|
|
static int suicide;
|
|
|
|
|
|
|
|
#ifdef MALLOC_STATS
|
|
|
|
/* dump statistics */
|
|
|
|
static int malloc_stats;
|
|
|
|
#endif
|
|
|
|
|
|
|
|
/* avoid outputting warnings? */
|
|
|
|
static int malloc_silent;
|
|
|
|
|
|
|
|
/* always realloc ? */
|
|
|
|
static int malloc_realloc;
|
|
|
|
|
|
|
|
/* mprotect free pages PROT_NONE? */
|
|
|
|
static int malloc_freeprot;
|
|
|
|
|
|
|
|
/* use guard pages after allocations? */
|
|
|
|
static size_t malloc_guard = 0;
|
|
|
|
static size_t malloc_guarded;
|
|
|
|
/* align pointers to end of page? */
|
|
|
|
static int malloc_ptrguard;
|
|
|
|
|
|
|
|
static int malloc_hint = 1;
|
|
|
|
|
|
|
|
/* xmalloc behaviour ? */
|
|
|
|
static int malloc_xmalloc;
|
|
|
|
|
|
|
|
/* zero fill ? */
|
|
|
|
static int malloc_zero;
|
|
|
|
|
|
|
|
/* junk fill ? */
|
|
|
|
static int malloc_junk;
|
|
|
|
|
|
|
|
#ifdef __FreeBSD__
|
|
|
|
/* utrace ? */
|
|
|
|
static int malloc_utrace;
|
|
|
|
|
|
|
|
struct ut {
|
|
|
|
void *p;
|
|
|
|
size_t s;
|
|
|
|
void *r;
|
|
|
|
};
|
|
|
|
|
|
|
|
void utrace(struct ut *, int);
|
|
|
|
|
|
|
|
#define UTRACE(a, b, c) \
|
|
|
|
if (malloc_utrace) \
|
|
|
|
{struct ut u; u.p=a; u.s = b; u.r=c; utrace(&u, sizeof u);}
|
|
|
|
#else /* !__FreeBSD__ */
|
|
|
|
#define UTRACE(a,b,c)
|
|
|
|
#endif
|
|
|
|
|
|
|
|
/* Status of malloc. */
|
|
|
|
static int malloc_active;
|
|
|
|
|
|
|
|
/* Allocated memory. */
|
|
|
|
static size_t malloc_used;
|
|
|
|
|
|
|
|
/* My last break. */
|
|
|
|
static caddr_t malloc_brk;
|
|
|
|
|
|
|
|
/* One location cache for free-list holders. */
|
|
|
|
static struct pgfree *px;
|
|
|
|
|
|
|
|
/* Compile-time options. */
|
|
|
|
char *malloc_options;
|
|
|
|
|
|
|
|
/* Name of the current public function. */
|
2008-07-05 23:17:04 +02:00
|
|
|
static const char *malloc_func;
|
2008-02-17 20:03:49 +01:00
|
|
|
|
|
|
|
#define MMAP(size) \
|
|
|
|
mmap((void *)0, (size), PROT_READ|PROT_WRITE, MAP_ANON|MAP_PRIVATE, \
|
|
|
|
-1, (off_t)0)
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Necessary function declarations.
|
|
|
|
*/
|
|
|
|
static void *imalloc(size_t size);
|
|
|
|
static void ifree(void *ptr);
|
|
|
|
static void *irealloc(void *ptr, size_t size);
|
|
|
|
static void *malloc_bytes(size_t size);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Function for page directory lookup.
|
|
|
|
*/
|
|
|
|
static int
|
|
|
|
pdir_lookup(u_long index, struct pdinfo ** pdi)
|
|
|
|
{
|
|
|
|
struct pdinfo *spi;
|
|
|
|
u_long pidx = PI_IDX(index);
|
|
|
|
|
|
|
|
if (last_dir != NULL && PD_IDX(last_dir->dirnum) == pidx)
|
|
|
|
*pdi = last_dir;
|
|
|
|
else if (prev_dir != NULL && PD_IDX(prev_dir->dirnum) == pidx)
|
|
|
|
*pdi = prev_dir;
|
|
|
|
else if (last_dir != NULL && prev_dir != NULL) {
|
|
|
|
if ((PD_IDX(last_dir->dirnum) > pidx) ?
|
|
|
|
(PD_IDX(last_dir->dirnum) - pidx) :
|
|
|
|
(pidx - PD_IDX(last_dir->dirnum))
|
|
|
|
< (PD_IDX(prev_dir->dirnum) > pidx) ?
|
|
|
|
(PD_IDX(prev_dir->dirnum) - pidx) :
|
|
|
|
(pidx - PD_IDX(prev_dir->dirnum)))
|
|
|
|
*pdi = last_dir;
|
|
|
|
else
|
|
|
|
*pdi = prev_dir;
|
|
|
|
|
|
|
|
if (PD_IDX((*pdi)->dirnum) > pidx) {
|
|
|
|
for (spi = (*pdi)->prev;
|
|
|
|
spi != NULL && PD_IDX(spi->dirnum) > pidx;
|
|
|
|
spi = spi->prev)
|
|
|
|
*pdi = spi;
|
|
|
|
if (spi != NULL)
|
|
|
|
*pdi = spi;
|
|
|
|
} else
|
|
|
|
for (spi = (*pdi)->next;
|
|
|
|
spi != NULL && PD_IDX(spi->dirnum) <= pidx;
|
|
|
|
spi = spi->next)
|
|
|
|
*pdi = spi;
|
|
|
|
} else {
|
|
|
|
*pdi = (struct pdinfo *) ((caddr_t) page_dir + pdi_off);
|
|
|
|
for (spi = *pdi;
|
|
|
|
spi != NULL && PD_IDX(spi->dirnum) <= pidx;
|
|
|
|
spi = spi->next)
|
|
|
|
*pdi = spi;
|
|
|
|
}
|
|
|
|
|
|
|
|
return ((PD_IDX((*pdi)->dirnum) == pidx) ? 0 :
|
|
|
|
(PD_IDX((*pdi)->dirnum) > pidx) ? 1 : -1);
|
|
|
|
}
|
|
|
|
|
|
|
|
#ifdef MALLOC_STATS
|
|
|
|
void
|
|
|
|
malloc_dump(int fd)
|
|
|
|
{
|
|
|
|
char buf[1024];
|
|
|
|
struct pginfo **pd;
|
|
|
|
struct pgfree *pf;
|
|
|
|
struct pdinfo *pi;
|
|
|
|
u_long j;
|
|
|
|
|
|
|
|
pd = page_dir;
|
|
|
|
pi = (struct pdinfo *) ((caddr_t) pd + pdi_off);
|
|
|
|
|
|
|
|
/* print out all the pages */
|
|
|
|
for (j = 0; j <= last_index;) {
|
|
|
|
snprintf(buf, sizeof buf, "%08lx %5lu ", j << malloc_pageshift, j);
|
|
|
|
write(fd, buf, strlen(buf));
|
|
|
|
if (pd[PI_OFF(j)] == MALLOC_NOT_MINE) {
|
|
|
|
for (j++; j <= last_index && pd[PI_OFF(j)] == MALLOC_NOT_MINE;) {
|
|
|
|
if (!PI_OFF(++j)) {
|
|
|
|
if ((pi = pi->next) == NULL ||
|
|
|
|
PD_IDX(pi->dirnum) != PI_IDX(j))
|
|
|
|
break;
|
|
|
|
pd = pi->base;
|
|
|
|
j += pdi_mod;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
j--;
|
|
|
|
snprintf(buf, sizeof buf, ".. %5lu not mine\n", j);
|
|
|
|
write(fd, buf, strlen(buf));
|
|
|
|
} else if (pd[PI_OFF(j)] == MALLOC_FREE) {
|
|
|
|
for (j++; j <= last_index && pd[PI_OFF(j)] == MALLOC_FREE;) {
|
|
|
|
if (!PI_OFF(++j)) {
|
|
|
|
if ((pi = pi->next) == NULL ||
|
|
|
|
PD_IDX(pi->dirnum) != PI_IDX(j))
|
|
|
|
break;
|
|
|
|
pd = pi->base;
|
|
|
|
j += pdi_mod;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
j--;
|
|
|
|
snprintf(buf, sizeof buf, ".. %5lu free\n", j);
|
|
|
|
write(fd, buf, strlen(buf));
|
|
|
|
} else if (pd[PI_OFF(j)] == MALLOC_FIRST) {
|
|
|
|
for (j++; j <= last_index && pd[PI_OFF(j)] == MALLOC_FOLLOW;) {
|
|
|
|
if (!PI_OFF(++j)) {
|
|
|
|
if ((pi = pi->next) == NULL ||
|
|
|
|
PD_IDX(pi->dirnum) != PI_IDX(j))
|
|
|
|
break;
|
|
|
|
pd = pi->base;
|
|
|
|
j += pdi_mod;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
j--;
|
|
|
|
snprintf(buf, sizeof buf, ".. %5lu in use\n", j);
|
|
|
|
write(fd, buf, strlen(buf));
|
|
|
|
} else if (pd[PI_OFF(j)] < MALLOC_MAGIC) {
|
|
|
|
snprintf(buf, sizeof buf, "(%p)\n", pd[PI_OFF(j)]);
|
|
|
|
write(fd, buf, strlen(buf));
|
|
|
|
} else {
|
|
|
|
snprintf(buf, sizeof buf, "%p %d (of %d) x %d @ %p --> %p\n",
|
|
|
|
pd[PI_OFF(j)], pd[PI_OFF(j)]->free,
|
|
|
|
pd[PI_OFF(j)]->total, pd[PI_OFF(j)]->size,
|
|
|
|
pd[PI_OFF(j)]->page, pd[PI_OFF(j)]->next);
|
|
|
|
write(fd, buf, strlen(buf));
|
|
|
|
}
|
|
|
|
if (!PI_OFF(++j)) {
|
|
|
|
if ((pi = pi->next) == NULL)
|
|
|
|
break;
|
|
|
|
pd = pi->base;
|
|
|
|
j += (1 + PD_IDX(pi->dirnum) - PI_IDX(j)) * pdi_mod;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
for (pf = free_list.next; pf; pf = pf->next) {
|
|
|
|
snprintf(buf, sizeof buf, "Free: @%p [%p...%p[ %ld ->%p <-%p\n",
|
|
|
|
pf, pf->page, (char *)pf->page + pf->size,
|
|
|
|
pf->size, pf->prev, pf->next);
|
|
|
|
write(fd, buf, strlen(buf));
|
|
|
|
if (pf == pf->next) {
|
|
|
|
snprintf(buf, sizeof buf, "Free_list loops\n");
|
|
|
|
write(fd, buf, strlen(buf));
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/* print out various info */
|
|
|
|
snprintf(buf, sizeof buf, "Minsize\t%lu\n", malloc_minsize);
|
|
|
|
write(fd, buf, strlen(buf));
|
|
|
|
snprintf(buf, sizeof buf, "Maxsize\t%lu\n", malloc_maxsize);
|
|
|
|
write(fd, buf, strlen(buf));
|
|
|
|
snprintf(buf, sizeof buf, "Pagesize\t%lu\n", malloc_pagesize);
|
|
|
|
write(fd, buf, strlen(buf));
|
|
|
|
snprintf(buf, sizeof buf, "Pageshift\t%u\n", malloc_pageshift);
|
|
|
|
write(fd, buf, strlen(buf));
|
|
|
|
snprintf(buf, sizeof buf, "In use\t%lu\n", (u_long) malloc_used);
|
|
|
|
write(fd, buf, strlen(buf));
|
|
|
|
snprintf(buf, sizeof buf, "Guarded\t%lu\n", (u_long) malloc_guarded);
|
|
|
|
write(fd, buf, strlen(buf));
|
|
|
|
}
|
|
|
|
#endif /* MALLOC_STATS */
|
|
|
|
|
|
|
|
extern char *__progname;
|
|
|
|
|
|
|
|
static void
|
2008-07-05 23:17:04 +02:00
|
|
|
wrterror(const char *p)
|
2008-02-17 20:03:49 +01:00
|
|
|
{
|
2008-07-05 23:17:04 +02:00
|
|
|
const char *q = " error: ";
|
2008-02-17 20:03:49 +01:00
|
|
|
struct iovec iov[5];
|
|
|
|
|
|
|
|
iov[0].iov_base = __progname;
|
|
|
|
iov[0].iov_len = strlen(__progname);
|
2008-07-05 23:17:04 +02:00
|
|
|
iov[1].iov_base = (char*)malloc_func;
|
2008-02-17 20:03:49 +01:00
|
|
|
iov[1].iov_len = strlen(malloc_func);
|
2008-07-05 23:17:04 +02:00
|
|
|
iov[2].iov_base = (char*)q;
|
2008-02-17 20:03:49 +01:00
|
|
|
iov[2].iov_len = strlen(q);
|
2008-07-05 23:17:04 +02:00
|
|
|
iov[3].iov_base = (char*)p;
|
2008-02-17 20:03:49 +01:00
|
|
|
iov[3].iov_len = strlen(p);
|
2008-07-05 23:17:04 +02:00
|
|
|
iov[4].iov_base = (char*)"\n";
|
2008-02-17 20:03:49 +01:00
|
|
|
iov[4].iov_len = 1;
|
|
|
|
writev(STDERR_FILENO, iov, 5);
|
|
|
|
|
|
|
|
suicide = 1;
|
|
|
|
#ifdef MALLOC_STATS
|
|
|
|
if (malloc_stats)
|
|
|
|
malloc_dump(STDERR_FILENO);
|
|
|
|
#endif /* MALLOC_STATS */
|
|
|
|
malloc_active--;
|
|
|
|
if (malloc_abort)
|
|
|
|
abort();
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
2008-07-05 23:17:04 +02:00
|
|
|
wrtwarning(const char *p)
|
2008-02-17 20:03:49 +01:00
|
|
|
{
|
2008-07-05 23:17:04 +02:00
|
|
|
const char *q = " warning: ";
|
2008-02-17 20:03:49 +01:00
|
|
|
struct iovec iov[5];
|
|
|
|
|
|
|
|
if (malloc_abort)
|
|
|
|
wrterror(p);
|
|
|
|
else if (malloc_silent)
|
|
|
|
return;
|
|
|
|
|
|
|
|
iov[0].iov_base = __progname;
|
|
|
|
iov[0].iov_len = strlen(__progname);
|
2008-07-05 23:17:04 +02:00
|
|
|
iov[1].iov_base = (char*)malloc_func;
|
2008-02-17 20:03:49 +01:00
|
|
|
iov[1].iov_len = strlen(malloc_func);
|
2008-07-05 23:17:04 +02:00
|
|
|
iov[2].iov_base = (char*)q;
|
2008-02-17 20:03:49 +01:00
|
|
|
iov[2].iov_len = strlen(q);
|
2008-07-05 23:17:04 +02:00
|
|
|
iov[3].iov_base = (char*)p;
|
2008-02-17 20:03:49 +01:00
|
|
|
iov[3].iov_len = strlen(p);
|
2008-07-05 23:17:04 +02:00
|
|
|
iov[4].iov_base = (char*)"\n";
|
2008-02-17 20:03:49 +01:00
|
|
|
iov[4].iov_len = 1;
|
|
|
|
|
|
|
|
writev(STDERR_FILENO, iov, 5);
|
|
|
|
}
|
|
|
|
|
|
|
|
#ifdef MALLOC_STATS
|
|
|
|
static void
|
|
|
|
malloc_exit(void)
|
|
|
|
{
|
|
|
|
char *q = "malloc() warning: Couldn't dump stats\n";
|
|
|
|
int save_errno = errno, fd;
|
|
|
|
|
|
|
|
fd = open("malloc.out", O_RDWR|O_APPEND);
|
|
|
|
if (fd != -1) {
|
|
|
|
malloc_dump(fd);
|
|
|
|
close(fd);
|
|
|
|
} else
|
|
|
|
write(STDERR_FILENO, q, strlen(q));
|
|
|
|
errno = save_errno;
|
|
|
|
}
|
|
|
|
#endif /* MALLOC_STATS */
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Allocate aligned mmaped chunk
|
|
|
|
*/
|
|
|
|
|
|
|
|
static void *MMAP_A(size_t pages, size_t alignment)
|
|
|
|
{
|
2008-07-06 20:33:35 +02:00
|
|
|
void *j, *p;
|
|
|
|
size_t first_size, rest, begin, end;
|
|
|
|
if (pages%malloc_pagesize != 0)
|
|
|
|
pages = pages - pages%malloc_pagesize + malloc_pagesize;
|
|
|
|
first_size = pages + alignment - malloc_pagesize;
|
|
|
|
p = MMAP(first_size);
|
|
|
|
rest = ((size_t)p) % alignment;
|
2008-02-17 20:03:49 +01:00
|
|
|
j = (rest == 0) ? p : (void*) ((size_t)p + alignment - rest);
|
2008-07-06 20:33:35 +02:00
|
|
|
begin = (size_t)j - (size_t)p;
|
2008-02-17 20:03:49 +01:00
|
|
|
if (begin != 0) munmap(p, begin);
|
2008-07-06 20:33:35 +02:00
|
|
|
end = (size_t)p + first_size - ((size_t)j + pages);
|
2008-02-17 20:03:49 +01:00
|
|
|
if(end != 0) munmap( (void*) ((size_t)j + pages), end);
|
|
|
|
|
|
|
|
return j;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Allocate a number of pages from the OS
|
|
|
|
*/
|
|
|
|
static void *
|
|
|
|
map_pages(size_t pages)
|
|
|
|
{
|
|
|
|
struct pdinfo *pi, *spi;
|
|
|
|
struct pginfo **pd;
|
|
|
|
u_long idx, pidx, lidx;
|
|
|
|
caddr_t result, tail;
|
|
|
|
u_long index, lindex;
|
|
|
|
void *pdregion = NULL;
|
|
|
|
size_t dirs, cnt;
|
|
|
|
|
|
|
|
pages <<= malloc_pageshift;
|
|
|
|
if (!align)
|
|
|
|
result = MMAP(pages + malloc_guard);
|
|
|
|
else {
|
|
|
|
result = MMAP_A(pages + malloc_guard, g_alignment);
|
|
|
|
}
|
|
|
|
if (result == MAP_FAILED) {
|
|
|
|
#ifdef MALLOC_EXTRA_SANITY
|
|
|
|
wrtwarning("(ES): map_pages fails");
|
|
|
|
#endif /* MALLOC_EXTRA_SANITY */
|
|
|
|
errno = ENOMEM;
|
|
|
|
return (NULL);
|
|
|
|
}
|
|
|
|
index = ptr2index(result);
|
|
|
|
tail = result + pages + malloc_guard;
|
|
|
|
lindex = ptr2index(tail) - 1;
|
|
|
|
if (malloc_guard)
|
|
|
|
mprotect(result + pages, malloc_guard, PROT_NONE);
|
|
|
|
|
|
|
|
pidx = PI_IDX(index);
|
|
|
|
lidx = PI_IDX(lindex);
|
|
|
|
|
|
|
|
if (tail > malloc_brk) {
|
|
|
|
malloc_brk = tail;
|
|
|
|
last_index = lindex;
|
|
|
|
}
|
|
|
|
|
|
|
|
dirs = lidx - pidx;
|
|
|
|
|
|
|
|
/* Insert directory pages, if needed. */
|
|
|
|
if (pdir_lookup(index, &pi) != 0)
|
|
|
|
dirs++;
|
|
|
|
|
|
|
|
if (dirs > 0) {
|
|
|
|
pdregion = MMAP(malloc_pagesize * dirs);
|
|
|
|
if (pdregion == MAP_FAILED) {
|
|
|
|
munmap(result, tail - result);
|
|
|
|
#ifdef MALLOC_EXTRA_SANITY
|
|
|
|
wrtwarning("(ES): map_pages fails");
|
|
|
|
#endif
|
|
|
|
errno = ENOMEM;
|
|
|
|
return (NULL);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
cnt = 0;
|
|
|
|
for (idx = pidx, spi = pi; idx <= lidx; idx++) {
|
|
|
|
if (pi == NULL || PD_IDX(pi->dirnum) != idx) {
|
|
|
|
pd = (struct pginfo **)((char *)pdregion +
|
|
|
|
cnt * malloc_pagesize);
|
|
|
|
cnt++;
|
|
|
|
memset(pd, 0, malloc_pagesize);
|
|
|
|
pi = (struct pdinfo *) ((caddr_t) pd + pdi_off);
|
|
|
|
pi->base = pd;
|
|
|
|
pi->prev = spi;
|
|
|
|
pi->next = spi->next;
|
|
|
|
pi->dirnum = idx * (malloc_pagesize /
|
|
|
|
sizeof(struct pginfo *));
|
|
|
|
|
|
|
|
if (spi->next != NULL)
|
|
|
|
spi->next->prev = pi;
|
|
|
|
spi->next = pi;
|
|
|
|
}
|
|
|
|
if (idx > pidx && idx < lidx) {
|
|
|
|
pi->dirnum += pdi_mod;
|
|
|
|
} else if (idx == pidx) {
|
|
|
|
if (pidx == lidx) {
|
|
|
|
pi->dirnum += (u_long)(tail - result) >>
|
|
|
|
malloc_pageshift;
|
|
|
|
} else {
|
|
|
|
pi->dirnum += pdi_mod - PI_OFF(index);
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
pi->dirnum += PI_OFF(ptr2index(tail - 1)) + 1;
|
|
|
|
}
|
|
|
|
#ifdef MALLOC_EXTRA_SANITY
|
|
|
|
if (PD_OFF(pi->dirnum) > pdi_mod || PD_IDX(pi->dirnum) > idx) {
|
|
|
|
wrterror("(ES): pages directory overflow");
|
|
|
|
errno = EFAULT;
|
|
|
|
return (NULL);
|
|
|
|
}
|
|
|
|
#endif /* MALLOC_EXTRA_SANITY */
|
|
|
|
if (idx == pidx && pi != last_dir) {
|
|
|
|
prev_dir = last_dir;
|
|
|
|
last_dir = pi;
|
|
|
|
}
|
|
|
|
spi = pi;
|
|
|
|
pi = spi->next;
|
|
|
|
}
|
|
|
|
#ifdef MALLOC_EXTRA_SANITY
|
|
|
|
if (cnt > dirs)
|
|
|
|
wrtwarning("(ES): cnt > dirs");
|
|
|
|
#endif /* MALLOC_EXTRA_SANITY */
|
|
|
|
if (cnt < dirs)
|
|
|
|
munmap((char *)pdregion + cnt * malloc_pagesize,
|
|
|
|
(dirs - cnt) * malloc_pagesize);
|
|
|
|
|
|
|
|
return (result);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Initialize the world
|
|
|
|
*/
|
|
|
|
static void
|
|
|
|
malloc_init(void)
|
|
|
|
{
|
|
|
|
char *p, b[64];
|
|
|
|
int i, j, save_errno = errno;
|
|
|
|
|
|
|
|
_MALLOC_LOCK_INIT();
|
|
|
|
|
|
|
|
#ifdef MALLOC_EXTRA_SANITY
|
|
|
|
malloc_junk = 1;
|
|
|
|
#endif /* MALLOC_EXTRA_SANITY */
|
|
|
|
|
|
|
|
for (i = 0; i < 3; i++) {
|
|
|
|
switch (i) {
|
|
|
|
case 0:
|
|
|
|
j = readlink("/etc/malloc.conf", b, sizeof b - 1);
|
|
|
|
if (j <= 0)
|
|
|
|
continue;
|
|
|
|
b[j] = '\0';
|
|
|
|
p = b;
|
|
|
|
break;
|
|
|
|
case 1:
|
|
|
|
if (issetugid() == 0)
|
|
|
|
p = getenv("MALLOC_OPTIONS");
|
|
|
|
else
|
|
|
|
continue;
|
|
|
|
break;
|
|
|
|
case 2:
|
|
|
|
p = malloc_options;
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
p = NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
for (; p != NULL && *p != '\0'; p++) {
|
|
|
|
switch (*p) {
|
|
|
|
case '>':
|
|
|
|
malloc_cache <<= 1;
|
|
|
|
break;
|
|
|
|
case '<':
|
|
|
|
malloc_cache >>= 1;
|
|
|
|
break;
|
|
|
|
case 'a':
|
|
|
|
malloc_abort = 0;
|
|
|
|
break;
|
|
|
|
case 'A':
|
|
|
|
malloc_abort = 1;
|
|
|
|
break;
|
|
|
|
#ifdef MALLOC_STATS
|
|
|
|
case 'd':
|
|
|
|
malloc_stats = 0;
|
|
|
|
break;
|
|
|
|
case 'D':
|
|
|
|
malloc_stats = 1;
|
|
|
|
break;
|
|
|
|
#endif /* MALLOC_STATS */
|
|
|
|
case 'f':
|
|
|
|
malloc_freeprot = 0;
|
|
|
|
break;
|
|
|
|
case 'F':
|
|
|
|
malloc_freeprot = 1;
|
|
|
|
break;
|
|
|
|
case 'g':
|
|
|
|
malloc_guard = 0;
|
|
|
|
break;
|
|
|
|
case 'G':
|
|
|
|
malloc_guard = malloc_pagesize;
|
|
|
|
break;
|
|
|
|
case 'h':
|
|
|
|
malloc_hint = 0;
|
|
|
|
break;
|
|
|
|
case 'H':
|
|
|
|
malloc_hint = 1;
|
|
|
|
break;
|
|
|
|
case 'j':
|
|
|
|
malloc_junk = 0;
|
|
|
|
break;
|
|
|
|
case 'J':
|
|
|
|
malloc_junk = 1;
|
|
|
|
break;
|
|
|
|
case 'n':
|
|
|
|
malloc_silent = 0;
|
|
|
|
break;
|
|
|
|
case 'N':
|
|
|
|
malloc_silent = 1;
|
|
|
|
break;
|
|
|
|
case 'p':
|
|
|
|
malloc_ptrguard = 0;
|
|
|
|
break;
|
|
|
|
case 'P':
|
|
|
|
malloc_ptrguard = 1;
|
|
|
|
break;
|
|
|
|
case 'r':
|
|
|
|
malloc_realloc = 0;
|
|
|
|
break;
|
|
|
|
case 'R':
|
|
|
|
malloc_realloc = 1;
|
|
|
|
break;
|
|
|
|
#ifdef __FreeBSD__
|
|
|
|
case 'u':
|
|
|
|
malloc_utrace = 0;
|
|
|
|
break;
|
|
|
|
case 'U':
|
|
|
|
malloc_utrace = 1;
|
|
|
|
break;
|
|
|
|
#endif /* __FreeBSD__ */
|
|
|
|
case 'x':
|
|
|
|
malloc_xmalloc = 0;
|
|
|
|
break;
|
|
|
|
case 'X':
|
|
|
|
malloc_xmalloc = 1;
|
|
|
|
break;
|
|
|
|
case 'z':
|
|
|
|
malloc_zero = 0;
|
|
|
|
break;
|
|
|
|
case 'Z':
|
|
|
|
malloc_zero = 1;
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
j = malloc_abort;
|
|
|
|
malloc_abort = 0;
|
|
|
|
wrtwarning("unknown char in MALLOC_OPTIONS");
|
|
|
|
malloc_abort = j;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
UTRACE(0, 0, 0);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* We want junk in the entire allocation, and zero only in the part
|
|
|
|
* the user asked for.
|
|
|
|
*/
|
|
|
|
if (malloc_zero)
|
|
|
|
malloc_junk = 1;
|
|
|
|
|
|
|
|
#ifdef MALLOC_STATS
|
|
|
|
if (malloc_stats && (atexit(malloc_exit) == -1))
|
|
|
|
wrtwarning("atexit(2) failed."
|
|
|
|
" Will not be able to dump malloc stats on exit");
|
|
|
|
#endif /* MALLOC_STATS */
|
|
|
|
|
2008-03-17 03:47:40 +01:00
|
|
|
if (malloc_pagesize != getpagesize()) {
|
|
|
|
wrterror("malloc() replacement compiled with a different "
|
|
|
|
"page size from what we're running with. Failing.");
|
|
|
|
errno = ENOMEM;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2008-02-17 20:03:49 +01:00
|
|
|
/* Allocate one page for the page directory. */
|
|
|
|
page_dir = (struct pginfo **)MMAP(malloc_pagesize);
|
|
|
|
|
|
|
|
if (page_dir == MAP_FAILED) {
|
|
|
|
wrterror("mmap(2) failed, check limits");
|
|
|
|
errno = ENOMEM;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
pdi_off = (malloc_pagesize - sizeof(struct pdinfo)) & ~(malloc_minsize - 1);
|
|
|
|
pdi_mod = pdi_off / sizeof(struct pginfo *);
|
|
|
|
|
|
|
|
last_dir = (struct pdinfo *) ((caddr_t) page_dir + pdi_off);
|
|
|
|
last_dir->base = page_dir;
|
|
|
|
last_dir->prev = last_dir->next = NULL;
|
|
|
|
last_dir->dirnum = malloc_pageshift;
|
|
|
|
|
|
|
|
/* Been here, done that. */
|
|
|
|
malloc_started++;
|
|
|
|
|
|
|
|
/* Recalculate the cache size in bytes, and make sure it's nonzero. */
|
|
|
|
if (!malloc_cache)
|
|
|
|
malloc_cache++;
|
|
|
|
malloc_cache <<= malloc_pageshift;
|
|
|
|
errno = save_errno;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Allocate a number of complete pages
|
|
|
|
*/
|
|
|
|
static void *
|
|
|
|
malloc_pages(size_t size)
|
|
|
|
{
|
|
|
|
void *p, *delay_free = NULL, *tp;
|
2008-07-06 20:33:35 +02:00
|
|
|
size_t i;
|
2008-02-17 20:03:49 +01:00
|
|
|
struct pginfo **pd;
|
|
|
|
struct pdinfo *pi;
|
|
|
|
u_long pidx, index;
|
|
|
|
struct pgfree *pf;
|
|
|
|
|
|
|
|
size = pageround(size) + malloc_guard;
|
|
|
|
|
|
|
|
p = NULL;
|
|
|
|
/* Look for free pages before asking for more */
|
|
|
|
if (!align)
|
|
|
|
for (pf = free_list.next; pf; pf = pf->next) {
|
|
|
|
|
|
|
|
#ifdef MALLOC_EXTRA_SANITY
|
|
|
|
if (pf->size & malloc_pagemask) {
|
|
|
|
wrterror("(ES): junk length entry on free_list");
|
|
|
|
errno = EFAULT;
|
|
|
|
return (NULL);
|
|
|
|
}
|
|
|
|
if (!pf->size) {
|
|
|
|
wrterror("(ES): zero length entry on free_list");
|
|
|
|
errno = EFAULT;
|
|
|
|
return (NULL);
|
|
|
|
}
|
|
|
|
if (pf->page > (pf->page + pf->size)) {
|
|
|
|
wrterror("(ES): sick entry on free_list");
|
|
|
|
errno = EFAULT;
|
|
|
|
return (NULL);
|
|
|
|
}
|
|
|
|
if ((pi = pf->pdir) == NULL) {
|
|
|
|
wrterror("(ES): invalid page directory on free-list");
|
|
|
|
errno = EFAULT;
|
|
|
|
return (NULL);
|
|
|
|
}
|
|
|
|
if ((pidx = PI_IDX(ptr2index(pf->page))) != PD_IDX(pi->dirnum)) {
|
|
|
|
wrterror("(ES): directory index mismatch on free-list");
|
|
|
|
errno = EFAULT;
|
|
|
|
return (NULL);
|
|
|
|
}
|
|
|
|
pd = pi->base;
|
|
|
|
if (pd[PI_OFF(ptr2index(pf->page))] != MALLOC_FREE) {
|
|
|
|
wrterror("(ES): non-free first page on free-list");
|
|
|
|
errno = EFAULT;
|
|
|
|
return (NULL);
|
|
|
|
}
|
|
|
|
pidx = PI_IDX(ptr2index((pf->page) + (pf->size)) - 1);
|
|
|
|
for (pi = pf->pdir; pi != NULL && PD_IDX(pi->dirnum) < pidx;
|
|
|
|
pi = pi->next)
|
|
|
|
;
|
|
|
|
if (pi == NULL || PD_IDX(pi->dirnum) != pidx) {
|
|
|
|
wrterror("(ES): last page not referenced in page directory");
|
|
|
|
errno = EFAULT;
|
|
|
|
return (NULL);
|
|
|
|
}
|
|
|
|
pd = pi->base;
|
|
|
|
if (pd[PI_OFF(ptr2index((pf->page) + (pf->size)) - 1)] != MALLOC_FREE) {
|
|
|
|
wrterror("(ES): non-free last page on free-list");
|
|
|
|
errno = EFAULT;
|
|
|
|
return (NULL);
|
|
|
|
}
|
|
|
|
#endif /* MALLOC_EXTRA_SANITY */
|
|
|
|
|
|
|
|
if (pf->size < size)
|
|
|
|
continue;
|
|
|
|
|
|
|
|
if (pf->size == size) {
|
|
|
|
p = pf->page;
|
|
|
|
pi = pf->pdir;
|
|
|
|
if (pf->next != NULL)
|
|
|
|
pf->next->prev = pf->prev;
|
|
|
|
pf->prev->next = pf->next;
|
|
|
|
delay_free = pf;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
p = pf->page;
|
|
|
|
pf->page = (char *) pf->page + size;
|
|
|
|
pf->size -= size;
|
|
|
|
pidx = PI_IDX(ptr2index(pf->page));
|
|
|
|
for (pi = pf->pdir; pi != NULL && PD_IDX(pi->dirnum) < pidx;
|
|
|
|
pi = pi->next)
|
|
|
|
;
|
|
|
|
if (pi == NULL || PD_IDX(pi->dirnum) != pidx) {
|
|
|
|
wrterror("(ES): hole in directories");
|
|
|
|
errno = EFAULT;
|
|
|
|
return (NULL);
|
|
|
|
}
|
|
|
|
tp = pf->pdir;
|
|
|
|
pf->pdir = pi;
|
|
|
|
pi = tp;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
size -= malloc_guard;
|
|
|
|
|
|
|
|
#ifdef MALLOC_EXTRA_SANITY
|
|
|
|
if (p != NULL && pi != NULL) {
|
|
|
|
pidx = PD_IDX(pi->dirnum);
|
|
|
|
pd = pi->base;
|
|
|
|
}
|
|
|
|
if (p != NULL && pd[PI_OFF(ptr2index(p))] != MALLOC_FREE) {
|
|
|
|
wrterror("(ES): allocated non-free page on free-list");
|
|
|
|
errno = EFAULT;
|
|
|
|
return (NULL);
|
|
|
|
}
|
|
|
|
#endif /* MALLOC_EXTRA_SANITY */
|
|
|
|
|
|
|
|
if (p != NULL && (malloc_guard || malloc_freeprot))
|
|
|
|
mprotect(p, size, PROT_READ | PROT_WRITE);
|
|
|
|
|
|
|
|
size >>= malloc_pageshift;
|
|
|
|
|
|
|
|
/* Map new pages */
|
|
|
|
if (p == NULL)
|
|
|
|
p = map_pages(size);
|
|
|
|
|
|
|
|
if (p != NULL) {
|
|
|
|
index = ptr2index(p);
|
|
|
|
pidx = PI_IDX(index);
|
|
|
|
pdir_lookup(index, &pi);
|
|
|
|
#ifdef MALLOC_EXTRA_SANITY
|
|
|
|
if (pi == NULL || PD_IDX(pi->dirnum) != pidx) {
|
|
|
|
wrterror("(ES): mapped pages not found in directory");
|
|
|
|
errno = EFAULT;
|
|
|
|
return (NULL);
|
|
|
|
}
|
|
|
|
#endif /* MALLOC_EXTRA_SANITY */
|
|
|
|
if (pi != last_dir) {
|
|
|
|
prev_dir = last_dir;
|
|
|
|
last_dir = pi;
|
|
|
|
}
|
|
|
|
pd = pi->base;
|
|
|
|
pd[PI_OFF(index)] = MALLOC_FIRST;
|
2008-07-06 20:33:35 +02:00
|
|
|
|
2008-02-17 20:03:49 +01:00
|
|
|
for (i = 1; i < size; i++) {
|
|
|
|
if (!PI_OFF(index + i)) {
|
|
|
|
pidx++;
|
|
|
|
pi = pi->next;
|
|
|
|
#ifdef MALLOC_EXTRA_SANITY
|
|
|
|
if (pi == NULL || PD_IDX(pi->dirnum) != pidx) {
|
|
|
|
wrterror("(ES): hole in mapped pages directory");
|
|
|
|
errno = EFAULT;
|
|
|
|
return (NULL);
|
|
|
|
}
|
|
|
|
#endif /* MALLOC_EXTRA_SANITY */
|
|
|
|
pd = pi->base;
|
|
|
|
}
|
|
|
|
pd[PI_OFF(index + i)] = MALLOC_FOLLOW;
|
|
|
|
}
|
|
|
|
if (malloc_guard) {
|
|
|
|
if (!PI_OFF(index + i)) {
|
|
|
|
pidx++;
|
|
|
|
pi = pi->next;
|
|
|
|
#ifdef MALLOC_EXTRA_SANITY
|
|
|
|
if (pi == NULL || PD_IDX(pi->dirnum) != pidx) {
|
|
|
|
wrterror("(ES): hole in mapped pages directory");
|
|
|
|
errno = EFAULT;
|
|
|
|
return (NULL);
|
|
|
|
}
|
|
|
|
#endif /* MALLOC_EXTRA_SANITY */
|
|
|
|
pd = pi->base;
|
|
|
|
}
|
|
|
|
pd[PI_OFF(index + i)] = MALLOC_FIRST;
|
|
|
|
}
|
2008-07-06 20:33:35 +02:00
|
|
|
|
2008-02-17 20:03:49 +01:00
|
|
|
malloc_used += size << malloc_pageshift;
|
|
|
|
malloc_guarded += malloc_guard;
|
|
|
|
|
|
|
|
if (malloc_junk)
|
|
|
|
memset(p, SOME_JUNK, size << malloc_pageshift);
|
|
|
|
}
|
|
|
|
if (delay_free) {
|
|
|
|
if (px == NULL)
|
|
|
|
px = delay_free;
|
|
|
|
else
|
|
|
|
ifree(delay_free);
|
|
|
|
}
|
|
|
|
return (p);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Allocate a page of fragments
|
|
|
|
*/
|
|
|
|
|
|
|
|
static __inline__ int
|
|
|
|
malloc_make_chunks(int bits)
|
|
|
|
{
|
|
|
|
struct pginfo *bp, **pd;
|
|
|
|
struct pdinfo *pi;
|
|
|
|
#ifdef MALLOC_EXTRA_SANITY
|
|
|
|
u_long pidx;
|
|
|
|
#endif /* MALLOC_EXTRA_SANITY */
|
|
|
|
void *pp;
|
|
|
|
long i, k;
|
|
|
|
size_t l;
|
|
|
|
|
|
|
|
/* Allocate a new bucket */
|
|
|
|
pp = malloc_pages((size_t) malloc_pagesize);
|
|
|
|
if (pp == NULL)
|
|
|
|
return (0);
|
|
|
|
|
|
|
|
/* Find length of admin structure */
|
|
|
|
l = sizeof *bp - sizeof(u_long);
|
|
|
|
l += sizeof(u_long) *
|
|
|
|
(((malloc_pagesize >> bits) + MALLOC_BITS - 1) / MALLOC_BITS);
|
|
|
|
|
|
|
|
/* Don't waste more than two chunks on this */
|
|
|
|
|
|
|
|
/*
|
|
|
|
* If we are to allocate a memory protected page for the malloc(0)
|
|
|
|
* case (when bits=0), it must be from a different page than the
|
|
|
|
* pginfo page.
|
|
|
|
* --> Treat it like the big chunk alloc, get a second data page.
|
|
|
|
*/
|
|
|
|
if (bits != 0 && (1UL << (bits)) <= l + l) {
|
|
|
|
bp = (struct pginfo *) pp;
|
|
|
|
} else {
|
|
|
|
bp = (struct pginfo *) imalloc(l);
|
|
|
|
if (bp == NULL) {
|
|
|
|
ifree(pp);
|
|
|
|
return (0);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/* memory protect the page allocated in the malloc(0) case */
|
|
|
|
if (bits == 0) {
|
|
|
|
bp->size = 0;
|
|
|
|
bp->shift = 1;
|
|
|
|
i = malloc_minsize - 1;
|
|
|
|
while (i >>= 1)
|
|
|
|
bp->shift++;
|
|
|
|
bp->total = bp->free = malloc_pagesize >> bp->shift;
|
|
|
|
bp->page = pp;
|
|
|
|
|
|
|
|
k = mprotect(pp, malloc_pagesize, PROT_NONE);
|
|
|
|
if (k < 0) {
|
|
|
|
ifree(pp);
|
|
|
|
ifree(bp);
|
|
|
|
return (0);
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
bp->size = (1UL << bits);
|
|
|
|
bp->shift = bits;
|
|
|
|
bp->total = bp->free = malloc_pagesize >> bits;
|
|
|
|
bp->page = pp;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* set all valid bits in the bitmap */
|
|
|
|
k = bp->total;
|
|
|
|
i = 0;
|
|
|
|
|
|
|
|
/* Do a bunch at a time */
|
|
|
|
for (; (k - i) >= MALLOC_BITS; i += MALLOC_BITS)
|
|
|
|
bp->bits[i / MALLOC_BITS] = ~0UL;
|
|
|
|
|
|
|
|
for (; i < k; i++)
|
|
|
|
bp->bits[i / MALLOC_BITS] |= 1UL << (i % MALLOC_BITS);
|
|
|
|
|
|
|
|
k = (long)l;
|
|
|
|
if (bp == bp->page) {
|
|
|
|
/* Mark the ones we stole for ourselves */
|
|
|
|
for (i = 0; k > 0; i++) {
|
|
|
|
bp->bits[i / MALLOC_BITS] &= ~(1UL << (i % MALLOC_BITS));
|
|
|
|
bp->free--;
|
|
|
|
bp->total--;
|
|
|
|
k -= (1 << bits);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
/* MALLOC_LOCK */
|
|
|
|
|
|
|
|
pdir_lookup(ptr2index(pp), &pi);
|
|
|
|
#ifdef MALLOC_EXTRA_SANITY
|
|
|
|
pidx = PI_IDX(ptr2index(pp));
|
|
|
|
if (pi == NULL || PD_IDX(pi->dirnum) != pidx) {
|
|
|
|
wrterror("(ES): mapped pages not found in directory");
|
|
|
|
errno = EFAULT;
|
|
|
|
return (0);
|
|
|
|
}
|
|
|
|
#endif /* MALLOC_EXTRA_SANITY */
|
|
|
|
if (pi != last_dir) {
|
|
|
|
prev_dir = last_dir;
|
|
|
|
last_dir = pi;
|
|
|
|
}
|
|
|
|
pd = pi->base;
|
|
|
|
pd[PI_OFF(ptr2index(pp))] = bp;
|
|
|
|
|
|
|
|
bp->next = page_dir[bits];
|
|
|
|
page_dir[bits] = bp;
|
|
|
|
|
|
|
|
/* MALLOC_UNLOCK */
|
|
|
|
return (1);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Allocate a fragment
|
|
|
|
*/
|
|
|
|
static void *
|
|
|
|
malloc_bytes(size_t size)
|
|
|
|
{
|
|
|
|
int i, j;
|
|
|
|
size_t k;
|
|
|
|
u_long u, *lp;
|
|
|
|
struct pginfo *bp;
|
|
|
|
|
|
|
|
/* Don't bother with anything less than this */
|
|
|
|
/* unless we have a malloc(0) requests */
|
|
|
|
if (size != 0 && size < malloc_minsize)
|
|
|
|
size = malloc_minsize;
|
|
|
|
|
|
|
|
/* Find the right bucket */
|
|
|
|
if (size == 0)
|
|
|
|
j = 0;
|
|
|
|
else {
|
|
|
|
j = 1;
|
|
|
|
i = size - 1;
|
|
|
|
while (i >>= 1)
|
|
|
|
j++;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* If it's empty, make a page more of that size chunks */
|
|
|
|
if (page_dir[j] == NULL && !malloc_make_chunks(j))
|
|
|
|
return (NULL);
|
|
|
|
|
|
|
|
bp = page_dir[j];
|
|
|
|
|
|
|
|
/* Find first word of bitmap which isn't empty */
|
|
|
|
for (lp = bp->bits; !*lp; lp++);
|
|
|
|
|
|
|
|
/* Find that bit, and tweak it */
|
|
|
|
u = 1;
|
|
|
|
k = 0;
|
|
|
|
while (!(*lp & u)) {
|
|
|
|
u += u;
|
|
|
|
k++;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (malloc_guard) {
|
|
|
|
/* Walk to a random position. */
|
|
|
|
// i = arc4random() % bp->free;
|
|
|
|
i = rand() % bp->free;
|
|
|
|
while (i > 0) {
|
|
|
|
u += u;
|
|
|
|
k++;
|
|
|
|
if (k >= MALLOC_BITS) {
|
|
|
|
lp++;
|
|
|
|
u = 1;
|
|
|
|
k = 0;
|
|
|
|
}
|
|
|
|
#ifdef MALLOC_EXTRA_SANITY
|
|
|
|
if (lp - bp->bits > (bp->total - 1) / MALLOC_BITS) {
|
|
|
|
wrterror("chunk overflow");
|
|
|
|
errno = EFAULT;
|
|
|
|
return (NULL);
|
|
|
|
}
|
|
|
|
#endif /* MALLOC_EXTRA_SANITY */
|
|
|
|
if (*lp & u)
|
|
|
|
i--;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
*lp ^= u;
|
|
|
|
|
|
|
|
/* If there are no more free, remove from free-list */
|
|
|
|
if (!--bp->free) {
|
|
|
|
page_dir[j] = bp->next;
|
|
|
|
bp->next = NULL;
|
|
|
|
}
|
|
|
|
/* Adjust to the real offset of that chunk */
|
|
|
|
k += (lp - bp->bits) * MALLOC_BITS;
|
|
|
|
k <<= bp->shift;
|
|
|
|
|
|
|
|
if (malloc_junk && bp->size != 0)
|
|
|
|
memset((char *)bp->page + k, SOME_JUNK, (size_t)bp->size);
|
|
|
|
|
|
|
|
return ((u_char *) bp->page + k);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Magic so that malloc(sizeof(ptr)) is near the end of the page.
|
|
|
|
*/
|
|
|
|
#define PTR_GAP (malloc_pagesize - sizeof(void *))
|
|
|
|
#define PTR_SIZE (sizeof(void *))
|
|
|
|
#define PTR_ALIGNED(p) (((unsigned long)p & malloc_pagemask) == PTR_GAP)
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Allocate a piece of memory
|
|
|
|
*/
|
|
|
|
static void *
|
|
|
|
imalloc(size_t size)
|
|
|
|
{
|
|
|
|
void *result;
|
|
|
|
int ptralloc = 0;
|
|
|
|
|
|
|
|
if (!malloc_started)
|
|
|
|
malloc_init();
|
|
|
|
|
|
|
|
if (suicide)
|
|
|
|
abort();
|
|
|
|
|
|
|
|
/* does not matter if malloc_bytes fails */
|
|
|
|
if (px == NULL)
|
|
|
|
px = malloc_bytes(sizeof *px);
|
|
|
|
|
|
|
|
if (malloc_ptrguard && size == PTR_SIZE) {
|
|
|
|
ptralloc = 1;
|
|
|
|
size = malloc_pagesize;
|
|
|
|
}
|
2011-09-20 03:25:23 +02:00
|
|
|
if (size > SIZE_MAX - malloc_pagesize) { /* Check for overflow */
|
2008-02-17 20:03:49 +01:00
|
|
|
result = NULL;
|
|
|
|
errno = ENOMEM;
|
|
|
|
} else if (size <= malloc_maxsize)
|
|
|
|
result = malloc_bytes(size);
|
|
|
|
else
|
|
|
|
result = malloc_pages(size);
|
|
|
|
|
|
|
|
if (malloc_abort == 1 && result == NULL)
|
|
|
|
wrterror("allocation failed");
|
|
|
|
|
|
|
|
if (malloc_zero && result != NULL)
|
|
|
|
memset(result, 0, size);
|
|
|
|
|
|
|
|
if (result && ptralloc)
|
|
|
|
return ((char *) result + PTR_GAP);
|
|
|
|
return (result);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Change the size of an allocation.
|
|
|
|
*/
|
|
|
|
static void *
|
|
|
|
irealloc(void *ptr, size_t size)
|
|
|
|
{
|
|
|
|
void *p;
|
|
|
|
size_t osize;
|
|
|
|
u_long index, i;
|
|
|
|
struct pginfo **mp;
|
|
|
|
struct pginfo **pd;
|
|
|
|
struct pdinfo *pi;
|
|
|
|
#ifdef MALLOC_EXTRA_SANITY
|
|
|
|
u_long pidx;
|
|
|
|
#endif /* MALLOC_EXTRA_SANITY */
|
|
|
|
|
|
|
|
if (suicide)
|
|
|
|
abort();
|
|
|
|
|
|
|
|
if (!malloc_started) {
|
|
|
|
wrtwarning("malloc() has never been called");
|
|
|
|
return (NULL);
|
|
|
|
}
|
|
|
|
if (malloc_ptrguard && PTR_ALIGNED(ptr)) {
|
|
|
|
if (size <= PTR_SIZE)
|
|
|
|
return (ptr);
|
|
|
|
|
|
|
|
p = imalloc(size);
|
|
|
|
if (p)
|
|
|
|
memcpy(p, ptr, PTR_SIZE);
|
|
|
|
ifree(ptr);
|
|
|
|
return (p);
|
|
|
|
}
|
|
|
|
index = ptr2index(ptr);
|
|
|
|
|
|
|
|
if (index < malloc_pageshift) {
|
|
|
|
wrtwarning("junk pointer, too low to make sense");
|
|
|
|
return (NULL);
|
|
|
|
}
|
|
|
|
if (index > last_index) {
|
|
|
|
wrtwarning("junk pointer, too high to make sense");
|
|
|
|
return (NULL);
|
|
|
|
}
|
|
|
|
pdir_lookup(index, &pi);
|
|
|
|
#ifdef MALLOC_EXTRA_SANITY
|
|
|
|
pidx = PI_IDX(index);
|
|
|
|
if (pi == NULL || PD_IDX(pi->dirnum) != pidx) {
|
|
|
|
wrterror("(ES): mapped pages not found in directory");
|
|
|
|
errno = EFAULT;
|
|
|
|
return (NULL);
|
|
|
|
}
|
|
|
|
#endif /* MALLOC_EXTRA_SANITY */
|
|
|
|
if (pi != last_dir) {
|
|
|
|
prev_dir = last_dir;
|
|
|
|
last_dir = pi;
|
|
|
|
}
|
|
|
|
pd = pi->base;
|
|
|
|
mp = &pd[PI_OFF(index)];
|
|
|
|
|
|
|
|
if (*mp == MALLOC_FIRST) { /* Page allocation */
|
|
|
|
|
|
|
|
/* Check the pointer */
|
|
|
|
if ((u_long) ptr & malloc_pagemask) {
|
|
|
|
wrtwarning("modified (page-) pointer");
|
|
|
|
return (NULL);
|
|
|
|
}
|
|
|
|
/* Find the size in bytes */
|
|
|
|
i = index;
|
|
|
|
if (!PI_OFF(++i)) {
|
|
|
|
pi = pi->next;
|
|
|
|
if (pi != NULL && PD_IDX(pi->dirnum) != PI_IDX(i))
|
|
|
|
pi = NULL;
|
|
|
|
if (pi != NULL)
|
|
|
|
pd = pi->base;
|
|
|
|
}
|
|
|
|
for (osize = malloc_pagesize;
|
|
|
|
pi != NULL && pd[PI_OFF(i)] == MALLOC_FOLLOW;) {
|
|
|
|
osize += malloc_pagesize;
|
|
|
|
if (!PI_OFF(++i)) {
|
|
|
|
pi = pi->next;
|
|
|
|
if (pi != NULL && PD_IDX(pi->dirnum) != PI_IDX(i))
|
|
|
|
pi = NULL;
|
|
|
|
if (pi != NULL)
|
|
|
|
pd = pi->base;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!malloc_realloc && size <= osize &&
|
|
|
|
size > osize - malloc_pagesize) {
|
|
|
|
if (malloc_junk)
|
|
|
|
memset((char *)ptr + size, SOME_JUNK, osize - size);
|
|
|
|
return (ptr); /* ..don't do anything else. */
|
|
|
|
}
|
|
|
|
} else if (*mp >= MALLOC_MAGIC) { /* Chunk allocation */
|
|
|
|
|
|
|
|
/* Check the pointer for sane values */
|
|
|
|
if ((u_long) ptr & ((1UL << ((*mp)->shift)) - 1)) {
|
|
|
|
wrtwarning("modified (chunk-) pointer");
|
|
|
|
return (NULL);
|
|
|
|
}
|
|
|
|
/* Find the chunk index in the page */
|
|
|
|
i = ((u_long) ptr & malloc_pagemask) >> (*mp)->shift;
|
|
|
|
|
|
|
|
/* Verify that it isn't a free chunk already */
|
|
|
|
if ((*mp)->bits[i / MALLOC_BITS] & (1UL << (i % MALLOC_BITS))) {
|
|
|
|
wrtwarning("chunk is already free");
|
|
|
|
return (NULL);
|
|
|
|
}
|
|
|
|
osize = (*mp)->size;
|
|
|
|
|
|
|
|
if (!malloc_realloc && size <= osize &&
|
|
|
|
(size > osize / 2 || osize == malloc_minsize)) {
|
|
|
|
if (malloc_junk)
|
|
|
|
memset((char *) ptr + size, SOME_JUNK, osize - size);
|
|
|
|
return (ptr); /* ..don't do anything else. */
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
wrtwarning("irealloc: pointer to wrong page");
|
|
|
|
return (NULL);
|
|
|
|
}
|
|
|
|
|
|
|
|
p = imalloc(size);
|
|
|
|
|
|
|
|
if (p != NULL) {
|
|
|
|
/* copy the lesser of the two sizes, and free the old one */
|
|
|
|
/* Don't move from/to 0 sized region !!! */
|
|
|
|
if (osize != 0 && size != 0) {
|
|
|
|
if (osize < size)
|
|
|
|
memcpy(p, ptr, osize);
|
|
|
|
else
|
|
|
|
memcpy(p, ptr, size);
|
|
|
|
}
|
|
|
|
ifree(ptr);
|
|
|
|
}
|
|
|
|
return (p);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Free a sequence of pages
|
|
|
|
*/
|
|
|
|
static __inline__ void
|
|
|
|
free_pages(void *ptr, u_long index, struct pginfo * info)
|
|
|
|
{
|
|
|
|
u_long i, pidx, lidx;
|
|
|
|
size_t l, cachesize = 0;
|
|
|
|
struct pginfo **pd;
|
|
|
|
struct pdinfo *pi, *spi;
|
|
|
|
struct pgfree *pf, *pt = NULL;
|
|
|
|
caddr_t tail;
|
|
|
|
|
|
|
|
if (info == MALLOC_FREE) {
|
|
|
|
wrtwarning("page is already free");
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
if (info != MALLOC_FIRST) {
|
|
|
|
wrtwarning("free_pages: pointer to wrong page");
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
if ((u_long) ptr & malloc_pagemask) {
|
|
|
|
wrtwarning("modified (page-) pointer");
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
/* Count how many pages and mark them free at the same time */
|
|
|
|
pidx = PI_IDX(index);
|
|
|
|
pdir_lookup(index, &pi);
|
|
|
|
#ifdef MALLOC_EXTRA_SANITY
|
|
|
|
if (pi == NULL || PD_IDX(pi->dirnum) != pidx) {
|
|
|
|
wrterror("(ES): mapped pages not found in directory");
|
|
|
|
errno = EFAULT;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
#endif /* MALLOC_EXTRA_SANITY */
|
|
|
|
|
|
|
|
spi = pi; /* Save page index for start of region. */
|
|
|
|
|
|
|
|
pd = pi->base;
|
|
|
|
pd[PI_OFF(index)] = MALLOC_FREE;
|
|
|
|
i = 1;
|
|
|
|
if (!PI_OFF(index + i)) {
|
|
|
|
pi = pi->next;
|
|
|
|
if (pi == NULL || PD_IDX(pi->dirnum) != PI_IDX(index + i))
|
|
|
|
pi = NULL;
|
|
|
|
else
|
|
|
|
pd = pi->base;
|
|
|
|
}
|
|
|
|
while (pi != NULL && pd[PI_OFF(index + i)] == MALLOC_FOLLOW) {
|
|
|
|
pd[PI_OFF(index + i)] = MALLOC_FREE;
|
|
|
|
i++;
|
|
|
|
if (!PI_OFF(index + i)) {
|
|
|
|
if ((pi = pi->next) == NULL ||
|
|
|
|
PD_IDX(pi->dirnum) != PI_IDX(index + i))
|
|
|
|
pi = NULL;
|
|
|
|
else
|
|
|
|
pd = pi->base;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
l = i << malloc_pageshift;
|
|
|
|
|
|
|
|
if (malloc_junk)
|
|
|
|
memset(ptr, SOME_JUNK, l);
|
|
|
|
|
|
|
|
malloc_used -= l;
|
|
|
|
malloc_guarded -= malloc_guard;
|
|
|
|
if (malloc_guard) {
|
|
|
|
#ifdef MALLOC_EXTRA_SANITY
|
|
|
|
if (pi == NULL || PD_IDX(pi->dirnum) != PI_IDX(index + i)) {
|
|
|
|
wrterror("(ES): hole in mapped pages directory");
|
|
|
|
errno = EFAULT;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
#endif /* MALLOC_EXTRA_SANITY */
|
|
|
|
pd[PI_OFF(index + i)] = MALLOC_FREE;
|
|
|
|
l += malloc_guard;
|
|
|
|
}
|
|
|
|
tail = (caddr_t)ptr + l;
|
|
|
|
|
|
|
|
if (malloc_hint)
|
|
|
|
madvise(ptr, l, MADV_FREE);
|
|
|
|
|
|
|
|
if (malloc_freeprot)
|
|
|
|
mprotect(ptr, l, PROT_NONE);
|
|
|
|
|
|
|
|
/* Add to free-list. */
|
|
|
|
if (px == NULL && (px = malloc_bytes(sizeof *px)) == NULL)
|
|
|
|
goto not_return;
|
|
|
|
px->page = ptr;
|
|
|
|
px->pdir = spi;
|
|
|
|
px->size = l;
|
|
|
|
|
|
|
|
if (free_list.next == NULL) {
|
|
|
|
/* Nothing on free list, put this at head. */
|
|
|
|
px->next = NULL;
|
|
|
|
px->prev = &free_list;
|
|
|
|
free_list.next = px;
|
|
|
|
pf = px;
|
|
|
|
px = NULL;
|
|
|
|
} else {
|
|
|
|
/*
|
|
|
|
* Find the right spot, leave pf pointing to the modified
|
|
|
|
* entry.
|
|
|
|
*/
|
|
|
|
|
|
|
|
/* Race ahead here, while calculating cache size. */
|
|
|
|
for (pf = free_list.next;
|
|
|
|
(caddr_t)ptr > ((caddr_t)pf->page + pf->size)
|
|
|
|
&& pf->next != NULL;
|
|
|
|
pf = pf->next)
|
|
|
|
cachesize += pf->size;
|
|
|
|
|
|
|
|
/* Finish cache size calculation. */
|
|
|
|
pt = pf;
|
|
|
|
while (pt) {
|
|
|
|
cachesize += pt->size;
|
|
|
|
pt = pt->next;
|
|
|
|
}
|
|
|
|
|
|
|
|
if ((caddr_t)pf->page > tail) {
|
|
|
|
/* Insert before entry */
|
|
|
|
px->next = pf;
|
|
|
|
px->prev = pf->prev;
|
|
|
|
pf->prev = px;
|
|
|
|
px->prev->next = px;
|
|
|
|
pf = px;
|
|
|
|
px = NULL;
|
|
|
|
} else if (((caddr_t)pf->page + pf->size) == ptr) {
|
|
|
|
/* Append to the previous entry. */
|
|
|
|
cachesize -= pf->size;
|
|
|
|
pf->size += l;
|
|
|
|
if (pf->next != NULL &&
|
|
|
|
pf->next->page == ((caddr_t)pf->page + pf->size)) {
|
|
|
|
/* And collapse the next too. */
|
|
|
|
pt = pf->next;
|
|
|
|
pf->size += pt->size;
|
|
|
|
pf->next = pt->next;
|
|
|
|
if (pf->next != NULL)
|
|
|
|
pf->next->prev = pf;
|
|
|
|
}
|
|
|
|
} else if (pf->page == tail) {
|
|
|
|
/* Prepend to entry. */
|
|
|
|
cachesize -= pf->size;
|
|
|
|
pf->size += l;
|
|
|
|
pf->page = ptr;
|
|
|
|
pf->pdir = spi;
|
|
|
|
} else if (pf->next == NULL) {
|
|
|
|
/* Append at tail of chain. */
|
|
|
|
px->next = NULL;
|
|
|
|
px->prev = pf;
|
|
|
|
pf->next = px;
|
|
|
|
pf = px;
|
|
|
|
px = NULL;
|
|
|
|
} else {
|
|
|
|
wrterror("freelist is destroyed");
|
|
|
|
errno = EFAULT;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (pf->pdir != last_dir) {
|
|
|
|
prev_dir = last_dir;
|
|
|
|
last_dir = pf->pdir;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Return something to OS ? */
|
|
|
|
if (pf->size > (malloc_cache - cachesize)) {
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Keep the cache intact. Notice that the '>' above guarantees that
|
|
|
|
* the pf will always have at least one page afterwards.
|
|
|
|
*/
|
|
|
|
if (munmap((char *) pf->page + (malloc_cache - cachesize),
|
|
|
|
pf->size - (malloc_cache - cachesize)) != 0)
|
|
|
|
goto not_return;
|
|
|
|
tail = (caddr_t)pf->page + pf->size;
|
|
|
|
lidx = ptr2index(tail) - 1;
|
|
|
|
pf->size = malloc_cache - cachesize;
|
|
|
|
|
|
|
|
index = ptr2index((caddr_t)pf->page + pf->size);
|
|
|
|
|
|
|
|
pidx = PI_IDX(index);
|
|
|
|
if (prev_dir != NULL && PD_IDX(prev_dir->dirnum) >= pidx)
|
|
|
|
prev_dir = NULL; /* Will be wiped out below ! */
|
|
|
|
|
|
|
|
for (pi = pf->pdir; pi != NULL && PD_IDX(pi->dirnum) < pidx;
|
|
|
|
pi = pi->next)
|
|
|
|
;
|
|
|
|
|
|
|
|
spi = pi;
|
|
|
|
if (pi != NULL && PD_IDX(pi->dirnum) == pidx) {
|
|
|
|
pd = pi->base;
|
|
|
|
|
|
|
|
for (i = index; i <= lidx;) {
|
|
|
|
if (pd[PI_OFF(i)] != MALLOC_NOT_MINE) {
|
|
|
|
pd[PI_OFF(i)] = MALLOC_NOT_MINE;
|
|
|
|
#ifdef MALLOC_EXTRA_SANITY
|
|
|
|
if (!PD_OFF(pi->dirnum)) {
|
|
|
|
wrterror("(ES): pages directory underflow");
|
|
|
|
errno = EFAULT;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
#endif /* MALLOC_EXTRA_SANITY */
|
|
|
|
pi->dirnum--;
|
|
|
|
}
|
|
|
|
#ifdef MALLOC_EXTRA_SANITY
|
|
|
|
else
|
|
|
|
wrtwarning("(ES): page already unmapped");
|
|
|
|
#endif /* MALLOC_EXTRA_SANITY */
|
|
|
|
i++;
|
|
|
|
if (!PI_OFF(i)) {
|
|
|
|
/*
|
|
|
|
* If no page in that dir, free
|
|
|
|
* directory page.
|
|
|
|
*/
|
|
|
|
if (!PD_OFF(pi->dirnum)) {
|
|
|
|
/* Remove from list. */
|
|
|
|
if (spi == pi)
|
|
|
|
spi = pi->prev;
|
|
|
|
if (pi->prev != NULL)
|
|
|
|
pi->prev->next = pi->next;
|
|
|
|
if (pi->next != NULL)
|
|
|
|
pi->next->prev = pi->prev;
|
|
|
|
pi = pi->next;
|
|
|
|
munmap(pd, malloc_pagesize);
|
|
|
|
} else
|
|
|
|
pi = pi->next;
|
|
|
|
if (pi == NULL ||
|
|
|
|
PD_IDX(pi->dirnum) != PI_IDX(i))
|
|
|
|
break;
|
|
|
|
pd = pi->base;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (pi && !PD_OFF(pi->dirnum)) {
|
|
|
|
/* Resulting page dir is now empty. */
|
|
|
|
/* Remove from list. */
|
|
|
|
if (spi == pi) /* Update spi only if first. */
|
|
|
|
spi = pi->prev;
|
|
|
|
if (pi->prev != NULL)
|
|
|
|
pi->prev->next = pi->next;
|
|
|
|
if (pi->next != NULL)
|
|
|
|
pi->next->prev = pi->prev;
|
|
|
|
pi = pi->next;
|
|
|
|
munmap(pd, malloc_pagesize);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (pi == NULL && malloc_brk == tail) {
|
|
|
|
/* Resize down the malloc upper boundary. */
|
|
|
|
last_index = index - 1;
|
|
|
|
malloc_brk = index2ptr(index);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* XXX: We could realloc/shrink the pagedir here I guess. */
|
|
|
|
if (pf->size == 0) { /* Remove from free-list as well. */
|
|
|
|
if (px)
|
|
|
|
ifree(px);
|
|
|
|
if ((px = pf->prev) != &free_list) {
|
|
|
|
if (pi == NULL && last_index == (index - 1)) {
|
|
|
|
if (spi == NULL) {
|
|
|
|
malloc_brk = NULL;
|
|
|
|
i = 11;
|
|
|
|
} else {
|
|
|
|
pd = spi->base;
|
|
|
|
if (PD_IDX(spi->dirnum) < pidx)
|
|
|
|
index =
|
|
|
|
((PD_IDX(spi->dirnum) + 1) *
|
|
|
|
pdi_mod) - 1;
|
|
|
|
for (pi = spi, i = index;
|
|
|
|
pd[PI_OFF(i)] == MALLOC_NOT_MINE;
|
|
|
|
i--)
|
|
|
|
#ifdef MALLOC_EXTRA_SANITY
|
|
|
|
if (!PI_OFF(i)) {
|
|
|
|
pi = pi->prev;
|
|
|
|
if (pi == NULL || i == 0)
|
|
|
|
break;
|
|
|
|
pd = pi->base;
|
|
|
|
i = (PD_IDX(pi->dirnum) + 1) * pdi_mod;
|
|
|
|
}
|
|
|
|
#else /* !MALLOC_EXTRA_SANITY */
|
|
|
|
{
|
|
|
|
}
|
|
|
|
#endif /* MALLOC_EXTRA_SANITY */
|
|
|
|
malloc_brk = index2ptr(i + 1);
|
|
|
|
}
|
|
|
|
last_index = i;
|
|
|
|
}
|
|
|
|
if ((px->next = pf->next) != NULL)
|
|
|
|
px->next->prev = px;
|
|
|
|
} else {
|
|
|
|
if ((free_list.next = pf->next) != NULL)
|
|
|
|
free_list.next->prev = &free_list;
|
|
|
|
}
|
|
|
|
px = pf;
|
|
|
|
last_dir = prev_dir;
|
|
|
|
prev_dir = NULL;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
not_return:
|
|
|
|
if (pt != NULL)
|
|
|
|
ifree(pt);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Free a chunk, and possibly the page it's on, if the page becomes empty.
|
|
|
|
*/
|
|
|
|
|
|
|
|
/* ARGSUSED */
|
|
|
|
static __inline__ void
|
|
|
|
free_bytes(void *ptr, u_long index, struct pginfo * info)
|
|
|
|
{
|
|
|
|
struct pginfo **mp, **pd;
|
|
|
|
struct pdinfo *pi;
|
|
|
|
#ifdef MALLOC_EXTRA_SANITY
|
|
|
|
u_long pidx;
|
|
|
|
#endif /* MALLOC_EXTRA_SANITY */
|
|
|
|
void *vp;
|
|
|
|
long i;
|
2008-07-05 23:17:04 +02:00
|
|
|
(void) index;
|
2008-02-17 20:03:49 +01:00
|
|
|
|
|
|
|
/* Find the chunk number on the page */
|
|
|
|
i = ((u_long) ptr & malloc_pagemask) >> info->shift;
|
|
|
|
|
|
|
|
if ((u_long) ptr & ((1UL << (info->shift)) - 1)) {
|
|
|
|
wrtwarning("modified (chunk-) pointer");
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
if (info->bits[i / MALLOC_BITS] & (1UL << (i % MALLOC_BITS))) {
|
|
|
|
wrtwarning("chunk is already free");
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
if (malloc_junk && info->size != 0)
|
|
|
|
memset(ptr, SOME_JUNK, (size_t)info->size);
|
|
|
|
|
|
|
|
info->bits[i / MALLOC_BITS] |= 1UL << (i % MALLOC_BITS);
|
|
|
|
info->free++;
|
|
|
|
|
|
|
|
if (info->size != 0)
|
|
|
|
mp = page_dir + info->shift;
|
|
|
|
else
|
|
|
|
mp = page_dir;
|
|
|
|
|
|
|
|
if (info->free == 1) {
|
|
|
|
/* Page became non-full */
|
|
|
|
|
|
|
|
/* Insert in address order */
|
|
|
|
while (*mp != NULL && (*mp)->next != NULL &&
|
|
|
|
(*mp)->next->page < info->page)
|
|
|
|
mp = &(*mp)->next;
|
|
|
|
info->next = *mp;
|
|
|
|
*mp = info;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
if (info->free != info->total)
|
|
|
|
return;
|
|
|
|
|
|
|
|
/* Find & remove this page in the queue */
|
|
|
|
while (*mp != info) {
|
|
|
|
mp = &((*mp)->next);
|
|
|
|
#ifdef MALLOC_EXTRA_SANITY
|
|
|
|
if (!*mp) {
|
|
|
|
wrterror("(ES): Not on queue");
|
|
|
|
errno = EFAULT;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
#endif /* MALLOC_EXTRA_SANITY */
|
|
|
|
}
|
|
|
|
*mp = info->next;
|
|
|
|
|
|
|
|
/* Free the page & the info structure if need be */
|
|
|
|
pdir_lookup(ptr2index(info->page), &pi);
|
|
|
|
#ifdef MALLOC_EXTRA_SANITY
|
|
|
|
pidx = PI_IDX(ptr2index(info->page));
|
|
|
|
if (pi == NULL || PD_IDX(pi->dirnum) != pidx) {
|
|
|
|
wrterror("(ES): mapped pages not found in directory");
|
|
|
|
errno = EFAULT;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
#endif /* MALLOC_EXTRA_SANITY */
|
|
|
|
if (pi != last_dir) {
|
|
|
|
prev_dir = last_dir;
|
|
|
|
last_dir = pi;
|
|
|
|
}
|
|
|
|
pd = pi->base;
|
|
|
|
pd[PI_OFF(ptr2index(info->page))] = MALLOC_FIRST;
|
|
|
|
|
|
|
|
/* If the page was mprotected, unprotect it before releasing it */
|
|
|
|
if (info->size == 0)
|
|
|
|
mprotect(info->page, malloc_pagesize, PROT_READ | PROT_WRITE);
|
|
|
|
|
|
|
|
vp = info->page; /* Order is important ! */
|
|
|
|
if (vp != (void *) info)
|
|
|
|
ifree(info);
|
|
|
|
ifree(vp);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
ifree(void *ptr)
|
|
|
|
{
|
|
|
|
struct pginfo *info, **pd;
|
|
|
|
u_long index;
|
|
|
|
#ifdef MALLOC_EXTRA_SANITY
|
|
|
|
u_long pidx;
|
|
|
|
#endif /* MALLOC_EXTRA_SANITY */
|
|
|
|
struct pdinfo *pi;
|
|
|
|
|
|
|
|
if (!malloc_started) {
|
|
|
|
wrtwarning("malloc() has never been called");
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
/* If we're already sinking, don't make matters any worse. */
|
|
|
|
if (suicide)
|
|
|
|
return;
|
|
|
|
|
|
|
|
if (malloc_ptrguard && PTR_ALIGNED(ptr))
|
|
|
|
ptr = (char *) ptr - PTR_GAP;
|
|
|
|
|
|
|
|
index = ptr2index(ptr);
|
|
|
|
|
|
|
|
if (index < malloc_pageshift) {
|
|
|
|
warnx("(%p)", ptr);
|
|
|
|
wrtwarning("ifree: junk pointer, too low to make sense");
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
if (index > last_index) {
|
|
|
|
warnx("(%p)", ptr);
|
|
|
|
wrtwarning("ifree: junk pointer, too high to make sense");
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
pdir_lookup(index, &pi);
|
|
|
|
#ifdef MALLOC_EXTRA_SANITY
|
|
|
|
pidx = PI_IDX(index);
|
|
|
|
if (pi == NULL || PD_IDX(pi->dirnum) != pidx) {
|
|
|
|
wrterror("(ES): mapped pages not found in directory");
|
|
|
|
errno = EFAULT;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
#endif /* MALLOC_EXTRA_SANITY */
|
|
|
|
if (pi != last_dir) {
|
|
|
|
prev_dir = last_dir;
|
|
|
|
last_dir = pi;
|
|
|
|
}
|
|
|
|
pd = pi->base;
|
|
|
|
info = pd[PI_OFF(index)];
|
|
|
|
|
|
|
|
if (info < MALLOC_MAGIC)
|
|
|
|
free_pages(ptr, index, info);
|
|
|
|
else
|
|
|
|
free_bytes(ptr, index, info);
|
|
|
|
|
|
|
|
/* does not matter if malloc_bytes fails */
|
|
|
|
if (px == NULL)
|
|
|
|
px = malloc_bytes(sizeof *px);
|
|
|
|
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Common function for handling recursion. Only
|
|
|
|
* print the error message once, to avoid making the problem
|
|
|
|
* potentially worse.
|
|
|
|
*/
|
|
|
|
static void
|
|
|
|
malloc_recurse(void)
|
|
|
|
{
|
|
|
|
static int noprint;
|
|
|
|
|
|
|
|
if (noprint == 0) {
|
|
|
|
noprint = 1;
|
|
|
|
wrtwarning("recursive call");
|
|
|
|
}
|
|
|
|
malloc_active--;
|
|
|
|
_MALLOC_UNLOCK();
|
|
|
|
errno = EDEADLK;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* These are the public exported interface routines.
|
|
|
|
*/
|
|
|
|
void *
|
|
|
|
malloc(size_t size)
|
|
|
|
{
|
|
|
|
void *r;
|
|
|
|
|
|
|
|
if (!align)
|
|
|
|
_MALLOC_LOCK();
|
|
|
|
malloc_func = " in malloc():";
|
|
|
|
if (malloc_active++) {
|
|
|
|
malloc_recurse();
|
|
|
|
return (NULL);
|
|
|
|
}
|
|
|
|
r = imalloc(size);
|
|
|
|
UTRACE(0, size, r);
|
|
|
|
malloc_active--;
|
|
|
|
if (!align)
|
|
|
|
_MALLOC_UNLOCK();
|
|
|
|
if (malloc_xmalloc && r == NULL) {
|
|
|
|
wrterror("out of memory");
|
|
|
|
errno = ENOMEM;
|
|
|
|
}
|
|
|
|
return (r);
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
|
|
|
free(void *ptr)
|
|
|
|
{
|
|
|
|
/* This is legal. XXX quick path */
|
|
|
|
if (ptr == NULL)
|
|
|
|
return;
|
|
|
|
|
|
|
|
_MALLOC_LOCK();
|
|
|
|
malloc_func = " in free():";
|
|
|
|
if (malloc_active++) {
|
|
|
|
malloc_recurse();
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
ifree(ptr);
|
|
|
|
UTRACE(ptr, 0, 0);
|
|
|
|
malloc_active--;
|
|
|
|
_MALLOC_UNLOCK();
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
void *
|
|
|
|
realloc(void *ptr, size_t size)
|
|
|
|
{
|
|
|
|
void *r;
|
|
|
|
|
|
|
|
_MALLOC_LOCK();
|
|
|
|
malloc_func = " in realloc():";
|
|
|
|
if (malloc_active++) {
|
|
|
|
malloc_recurse();
|
|
|
|
return (NULL);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (ptr == NULL)
|
|
|
|
r = imalloc(size);
|
|
|
|
else
|
|
|
|
r = irealloc(ptr, size);
|
|
|
|
|
|
|
|
UTRACE(ptr, size, r);
|
|
|
|
malloc_active--;
|
|
|
|
_MALLOC_UNLOCK();
|
|
|
|
if (malloc_xmalloc && r == NULL) {
|
|
|
|
wrterror("out of memory");
|
|
|
|
errno = ENOMEM;
|
|
|
|
}
|
|
|
|
return (r);
|
|
|
|
}
|
|
|
|
|
2008-03-13 16:06:49 +01:00
|
|
|
#ifndef SIZE_MAX
|
|
|
|
//#if defined(__i386__)||defined(__arm__)||defined(__powerpc__)
|
|
|
|
//#define SIZE_MAX 0xffffffff
|
|
|
|
//#endif
|
|
|
|
//#if defined(__x86_64__)
|
|
|
|
//#define SIZE_MAX 0xffffffffffffffff
|
|
|
|
//#endif
|
2008-03-13 16:06:26 +01:00
|
|
|
#define SIZE_MAX SIZE_T_MAX
|
|
|
|
#endif
|
2008-02-17 20:03:49 +01:00
|
|
|
|
|
|
|
void *
|
|
|
|
calloc(size_t num, size_t size)
|
|
|
|
{
|
|
|
|
void *p;
|
|
|
|
|
|
|
|
if (num && SIZE_MAX / num < size) {
|
|
|
|
fprintf(stderr,"OOOOPS");
|
|
|
|
errno = ENOMEM;
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
size *= num;
|
|
|
|
p = malloc(size);
|
|
|
|
if (p)
|
|
|
|
memset(p, 0, size);
|
|
|
|
return(p);
|
|
|
|
}
|
|
|
|
|
|
|
|
static int ispowerof2 (size_t a) {
|
|
|
|
size_t b;
|
|
|
|
for (b = 1ULL << (sizeof(size_t)*NBBY - 1); b > 1; b >>= 1)
|
|
|
|
if (b == a)
|
|
|
|
return 1;
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
int posix_memalign(void **memptr, size_t alignment, size_t size)
|
|
|
|
{
|
|
|
|
void *r;
|
|
|
|
if ((alignment < PTR_SIZE) || (alignment%PTR_SIZE != 0)) return EINVAL;
|
|
|
|
if (!ispowerof2(alignment)) return EINVAL;
|
|
|
|
if (alignment < malloc_minsize) alignment = malloc_minsize;
|
|
|
|
size_t max = alignment > size ? alignment : size;
|
|
|
|
if (alignment <= malloc_pagesize)
|
|
|
|
r = malloc(max);
|
|
|
|
else {
|
|
|
|
_MALLOC_LOCK();
|
|
|
|
align = 1;
|
|
|
|
g_alignment = alignment;
|
|
|
|
r = malloc(size);
|
|
|
|
align=0;
|
|
|
|
_MALLOC_UNLOCK();
|
|
|
|
}
|
|
|
|
*memptr = r;
|
|
|
|
if (!r) return ENOMEM;
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
void *memalign(size_t boundary, size_t size)
|
|
|
|
{
|
|
|
|
void *r;
|
|
|
|
posix_memalign(&r, boundary, size);
|
|
|
|
return r;
|
|
|
|
}
|
|
|
|
|
|
|
|
void *valloc(size_t size)
|
|
|
|
{
|
|
|
|
void *r;
|
|
|
|
posix_memalign(&r, malloc_pagesize, size);
|
|
|
|
return r;
|
|
|
|
}
|
2008-03-13 19:11:33 +01:00
|
|
|
|
|
|
|
size_t malloc_good_size(size_t size)
|
|
|
|
{
|
|
|
|
if (size == 0) {
|
|
|
|
return 1;
|
|
|
|
} else if (size <= malloc_maxsize) {
|
|
|
|
int i, j;
|
|
|
|
/* round up to the nearest power of 2, with same approach
|
|
|
|
* as malloc_bytes() uses. */
|
|
|
|
j = 1;
|
|
|
|
i = size - 1;
|
|
|
|
while (i >>= 1)
|
|
|
|
j++;
|
|
|
|
return ((size_t)1) << j;
|
|
|
|
} else {
|
|
|
|
return pageround(size);
|
|
|
|
}
|
|
|
|
}
|