| blob | 1edb4d4d35041b552975178c374e728ce7429ef7 |
1 /* Malloc implementation for multiple threads without lock contention.
2 Copyright (C) 2001-2016 Free Software Foundation, Inc.
3 This file is part of the GNU C Library.
4 Contributed by Wolfram Gloger <wg@malloc.de>, 2001.
6 The GNU C Library is free software; you can redistribute it and/or
7 modify it under the terms of the GNU Lesser General Public License as
8 published by the Free Software Foundation; either version 2.1 of the
9 License, or (at your option) any later version.
11 The GNU C Library is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 Lesser General Public License for more details.
16 You should have received a copy of the GNU Lesser General Public
17 License along with the GNU C Library; see the file COPYING.LIB. If
18 not, see <http://www.gnu.org/licenses/>. */
20 #include <stdbool.h>
22 /* Compile-time constants. */
24 #define HEAP_MIN_SIZE (32 * 1024)
25 #ifndef HEAP_MAX_SIZE
26 # ifdef DEFAULT_MMAP_THRESHOLD_MAX
27 # define HEAP_MAX_SIZE (2 * DEFAULT_MMAP_THRESHOLD_MAX)
28 # else
30 # endif
31 #endif
33 /* HEAP_MIN_SIZE and HEAP_MAX_SIZE limit the size of mmap()ed heaps
34 that are dynamically created for multi-threaded programs. The
35 maximum size must be a power of two, for fast determination of
36 which heap belongs to a chunk. It should be much larger than the
37 mmap threshold, so that requests with a size just below that
38 threshold can be fulfilled without creating too many heaps. */
40 /***************************************************************************/
42 #define top(ar_ptr) ((ar_ptr)->top)
44 /* A heap is a single contiguous memory region holding (coalesceable)
45 malloc_chunks. It is allocated with mmap() and always starts at an
46 address aligned to HEAP_MAX_SIZE. */
49 {
54 PROT_READ|PROT_WRITE. */
55 /* Make sure the following data is properly aligned, particularly
56 that sizeof (heap_info) + 2 * SIZE_SZ is a multiple of
57 MALLOC_ALIGNMENT. */
61 /* Get a compile-time error if the heap_info padding is not correct
62 to make alignment work as expected in sYSMALLOc. */
67 /* Thread specific data. */
71 /* Arena free list. free_list_lock synchronizes access to the
72 free_list variable below, and the next_free and attached_threads
73 members of struct malloc_state objects. No other locks must be
74 acquired after free_list_lock has been acquired. */
80 /* list_lock prevents concurrent writes to the next member of struct
81 malloc_state objects.
83 Read access to the next member is supposed to synchronize with the
84 atomic_write_barrier and the write to the next member in
85 _int_new_arena. This suffers from data races; see the FIXME
86 comments in _int_new_arena and reused_arena.
88 list_lock also prevents concurrent forks. At the time list_lock is
89 acquired, no arena lock must have been acquired, but it is
90 permitted to acquire arena locks subsequently, while list_lock is
91 acquired. */
94 /* Mapped memory in non-main arenas (reliable only for NO_THREADS). */
97 /* Already initialized? */
100 /**************************************************************************/
103 /* arena_get() acquires an arena and locks the corresponding mutex.
104 First, try the one last locked successfully by this thread. (This
105 is the common case and handled with a macro for speed.) Then, loop
106 once over the circularly linked list of arenas. If no arena is
107 readily available, create a new one. In this latter case, `size'
108 is just a hint as to how much memory will be required immediately
109 in the new arena. */
111 #define arena_get(ptr, size) do { \
112 ptr = thread_arena; \
113 arena_lock (ptr, size); \
114 } while (0)
116 #define arena_lock(ptr, size) do { \
117 if (ptr && !arena_is_corrupt (ptr)) \
118 (void) mutex_lock (&ptr->mutex); \
119 else \
120 ptr = arena_get2 ((size), NULL); \
121 } while (0)
123 /* find the heap and corresponding arena for a given ptr */
125 #define heap_for_ptr(ptr) \
126 ((heap_info *) ((unsigned long) (ptr) & ~(HEAP_MAX_SIZE - 1)))
127 #define arena_for_chunk(ptr) \
128 (chunk_non_main_arena (ptr) ? heap_for_ptr (ptr)->ar_ptr : &main_arena)
131 /**************************************************************************/
133 #ifndef NO_THREADS
135 /* atfork support. */
141 # ifdef ATFORK_MEM
142 ATFORK_MEM;
143 # endif
145 /* Magic value for the thread-specific arena pointer when
146 malloc_atfork() is in use. */
148 # define ATFORK_ARENA_PTR ((void *) -1)
150 /* The following hooks are used while the `atfork' handling mechanism
151 is active. */
155 {
159 {
160 /* We are the only thread that may allocate at all. */
162 {
164 }
165 else
166 {
172 }
173 }
174 else
175 {
176 /* Suspend the thread until the `atfork' handlers have completed.
177 By that time, the hooks will have been reset as well, so that
178 mALLOc() can be used again. */
182 }
183 }
185 static void
187 {
188 mstate ar_ptr;
197 {
200 }
204 }
207 /* Counter for number of times the list is locked by the same thread. */
210 /* The following two functions are registered via thread_atfork() to
211 make sure that the mutexes remain in a consistent state in the
212 fork()ed version of a thread. Also adapt the malloc and free hooks
213 temporarily, because the `atfork' handler mechanism may use
214 malloc/free internally (e.g. in LinuxThreads). */
216 static void
218 {
219 mstate ar_ptr;
224 /* We do not acquire free_list_lock here because we completely
225 reconstruct free_list in ptmalloc_unlock_all2. */
228 {
230 /* This is the same thread which already locks the global list.
231 Just bump the counter. */
234 /* This thread has to wait its turn. */
236 }
238 {
243 }
248 /* Only the current thread may perform malloc/free calls now.
249 save_arena will be reattached to the current thread, in
250 ptmalloc_lock_all, so save_arena->attached_threads is not
251 updated. */
254 out:
256 }
258 static void
260 {
261 mstate ar_ptr;
269 /* Replace ATFORK_ARENA_PTR with save_arena.
270 save_arena->attached_threads was not changed in ptmalloc_lock_all
271 and is still correct. */
276 {
281 }
283 }
285 # ifdef __linux__
287 /* In NPTL, unlocking a mutex in the child process after a
288 fork() is currently unsafe, whereas re-initializing it is safe and
289 does not leak resources. Therefore, a special atfork handler is
290 installed for the child. */
292 static void
294 {
295 mstate ar_ptr;
304 /* Push all arenas to the free list, except save_arena, which is
305 attached to the current thread. */
311 {
314 {
315 /* This arena is no longer attached to any thread. */
319 }
323 }
327 }
329 # else
331 # define ptmalloc_unlock_all2 ptmalloc_unlock_all
332 # endif
335 /* Initialization routine. */
336 #include <string.h>
340 internal_function
342 {
347 {
355 {
358 /* Save current position for next visit. */
362 }
365 }
368 }
371 #ifdef SHARED
374 {
376 }
380 #endif
382 static void
384 {
390 #ifdef SHARED
391 /* In case this libc copy is in a non-default namespace, never use brk.
392 Likewise if dlopened from statically linked program. */
393 Dl_info di;
400 #endif
406 {
412 {
416 /* This is a "MALLOC_" variable at the end of the string
417 without a '=' character. Ignore it since otherwise we
418 will access invalid memory below. */
422 {
429 {
434 }
438 {
443 }
447 {
450 }
454 {
459 }
463 }
464 }
465 }
467 {
471 }
476 }
478 /* There are platforms (e.g. Hurd) with a link-time hook mechanism. */
479 #ifdef thread_atfork_static
481 ptmalloc_unlock_all2)
482 #endif
486 /* Managing heaps and arenas (for concurrent threads) */
488 #if MALLOC_DEBUG > 1
490 /* Print the complete contents of a single heap to stderr. */
492 static void
494 {
496 mchunkptr p;
504 {
507 {
510 }
512 {
515 }
518 }
519 }
522 /* If consecutive mmap (0, HEAP_MAX_SIZE << 1, ...) calls return decreasing
523 addresses as opposed to increasing, new_heap would badly fragment the
524 address space. In that case remember the second HEAP_MAX_SIZE part
525 aligned to HEAP_MAX_SIZE from last mmap (0, HEAP_MAX_SIZE << 1, ...)
526 call (if it is already aligned) and try to reuse it next time. We need
527 no locking for it, as kernel ensures the atomicity for us - worst case
528 we'll call mmap (addr, HEAP_MAX_SIZE, ...) for some value of addr in
529 multiple threads, but only one will succeed. */
532 /* Create a new heap. size is automatically rounded up to a multiple
533 of the page size. */
536 internal_function
538 {
550 else
554 /* A memory region aligned to a multiple of HEAP_MAX_SIZE is needed.
555 No swap space needs to be reserved for the following large
556 mapping (on Linux, this is the case for all non-writable mappings
557 anyway). */
560 {
562 MAP_NORESERVE);
565 {
568 }
569 }
571 {
574 {
580 else
583 }
584 else
585 {
586 /* Try to take the chance that an allocation of only HEAP_MAX_SIZE
587 is already aligned. */
593 {
596 }
597 }
598 }
600 {
603 }
609 }
611 /* Grow a heap. size is automatically rounded up to a
612 multiple of the page size. */
614 static int
616 {
626 {
633 }
638 }
640 /* Shrink a heap. */
642 static int
644 {
651 /* Try to re-map the extra heap space freshly to save memory, and make it
652 inaccessible. See malloc-sysdep.h to know when this is true. */
654 {
660 }
661 else
663 /*fprintf(stderr, "shrink %p %08lx\n", h, new_size);*/
668 }
670 /* Delete a heap. */
672 #define delete_heap(heap) \
673 do { \
674 if ((char *) (heap) + HEAP_MAX_SIZE == aligned_heap_area) \
675 aligned_heap_area = NULL; \
676 __munmap ((char *) (heap), HEAP_MAX_SIZE); \
677 } while (0)
679 static int
680 internal_function
682 {
689 /* Can this heap go away completely? */
691 {
695 /* fencepost must be properly aligned. */
713 {
716 }
721 /*check_chunk(ar_ptr, top_chunk);*/
722 }
724 /* Uses similar logic for per-thread arenas as the main arena with systrim
725 and _int_free by preserving the top pad and rounding down to the nearest
726 page. */
736 /* Release in pagesize units and round down to the nearest page. */
741 /* Try to shrink. */
748 /* Success. Adjust top accordingly. */
750 /*check_chunk(ar_ptr, top_chunk);*/
752 }
754 /* Create a new arena with initial size "size". */
756 /* If REPLACED_ARENA is not NULL, detach it from this thread. Must be
757 called while free_list_lock is held. */
758 static void
760 {
762 {
764 /* The current implementation only detaches from main_arena in
765 case of allocation failure. This means that it is likely not
766 beneficial to put the arena on free_list even if the
767 reference count reaches zero. */
769 }
770 }
772 static mstate
774 {
775 mstate a;
783 {
784 /* Maybe size is too large to fit in a single heap. So, just try
785 to create a minimally-sized arena and let _int_malloc() attempt
786 to deal with the large request via mmap_chunk(). */
790 }
794 /*a->next = NULL;*/
798 /* Set up the top chunk, with proper alignment. */
813 /* Add the new arena to the global list. */
815 /* FIXME: The barrier is an attempt to synchronize with read access
816 in reused_arena, which does not acquire list_lock while
817 traversing the list. */
827 /* Lock this arena. NB: Another thread may have been attached to
828 this arena because the arena is now accessible from the
829 main_arena.next list and could have been picked by reused_arena.
830 This can only happen for the last arena created (before the arena
831 limit is reached). At this point, some arena has to be attached
832 to two threads. We could acquire the arena lock before list_lock
833 to make it less likely that reused_arena picks this new arena,
834 but this could result in a deadlock with ptmalloc_lock_all. */
839 }
842 /* Remove an arena from free_list. The arena may be in use because it
843 was attached concurrently to a thread by reused_arena below. */
844 static mstate
846 {
850 {
854 {
857 /* The arena will be attached to this thread. */
861 }
865 {
869 }
870 }
873 }
875 /* Lock and return an arena that can be reused for memory allocation.
876 Avoid AVOID_ARENA as we have already failed to allocate memory in
877 it and it is currently locked. */
878 static mstate
880 {
881 mstate result;
882 /* FIXME: Access to next_to_use suffers from data races. */
887 /* Iterate over all arenas (including those linked from
888 free_list). */
890 do
891 {
895 /* FIXME: This is a data race, see _int_new_arena. */
897 }
900 /* Avoid AVOID_ARENA as we have already failed to allocate memory
901 in that arena and it is currently locked. */
905 /* Make sure that the arena we get is not corrupted. */
908 {
912 }
914 /* We could not find any arena that was either not corrupted or not the one
915 we wanted to avoid. */
919 /* No arena available without contention. Wait for the next in line. */
923 out:
924 /* Attach the arena to the current thread. Note that we may have
925 selected an arena which was on free_list. */
926 {
927 /* Update the arena thread attachment counters. */
933 }
940 }
942 static mstate
943 internal_function
945 {
946 mstate a;
952 {
953 /* Nothing immediately available, so generate a new arena. */
955 {
959 {
964 else
965 /* We have no information about the system. Assume two
966 cores. */
968 }
969 }
970 repeat:;
972 /* NB: the following depends on the fact that (size_t)0 - 1 is a
973 very large number and that the underflow is OK. If arena_max
974 is set the value of arena_test is irrelevant. If arena_test
975 is set but narenas is not yet larger or equal to arena_test
976 narenas_limit is 0. There is no possibility for narenas to
977 be too big for the test to always fail since there is not
978 enough address space to create that many arenas. */
980 {
986 }
987 else
989 }
991 }
993 /* If we don't have the main arena, then maybe the failure is due to running
994 out of mmapped areas, so we can try allocating on the main arena.
995 Otherwise, it is likely that sbrk() has failed and there is still a chance
996 to mmap(), so try one of the other arenas. */
997 static mstate
999 {
1002 {
1004 /* Don't touch the main arena if it is corrupt. */
1010 }
1011 else
1012 {
1015 }
1018 }
1022 {
1027 {
1029 /* If this was the last attached thread for this arena, put the
1030 arena on the free list. */
1033 {
1036 }
1038 }
1039 }
1042 /*
1043 * Local variables:
1044 * c-basic-offset: 2
1045 * End:
1046 */