root/lj_alloc.c

/* [<][>][^][v][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. INIT_MMAP
  2. CALL_MMAP
  3. DIRECT_MMAP
  4. CALL_MMAP
  5. DIRECT_MMAP
  6. CALL_MUNMAP
  7. CALL_MMAP
  8. CALL_MMAP
  9. CALL_MMAP
  10. CALL_MUNMAP
  11. CALL_MREMAP_
  12. segment_holding
  13. has_segment_link
  14. direct_alloc
  15. direct_resize
  16. init_top
  17. init_bins
  18. prepend_alloc
  19. add_segment
  20. alloc_sys
  21. release_unused_segments
  22. alloc_trim
  23. tmalloc_large
  24. tmalloc_small
  25. lj_alloc_create
  26. lj_alloc_destroy
  27. lj_alloc_malloc
  28. lj_alloc_free
  29. lj_alloc_realloc
  30. lj_alloc_f

   1 /*
   2 ** Bundled memory allocator.
   3 **
   4 ** Beware: this is a HEAVILY CUSTOMIZED version of dlmalloc.
   5 ** The original bears the following remark:
   6 **
   7 **   This is a version (aka dlmalloc) of malloc/free/realloc written by
   8 **   Doug Lea and released to the public domain, as explained at
   9 **   http://creativecommons.org/licenses/publicdomain.
  10 **
  11 **   * Version pre-2.8.4 Wed Mar 29 19:46:29 2006    (dl at gee)
  12 **
  13 ** No additional copyright is claimed over the customizations.
  14 ** Please do NOT bother the original author about this version here!
  15 **
  16 ** If you want to use dlmalloc in another project, you should get
  17 ** the original from: ftp://gee.cs.oswego.edu/pub/misc/
  18 ** For thread-safe derivatives, take a look at:
  19 ** - ptmalloc: http://www.malloc.de/
  20 ** - nedmalloc: http://www.nedprod.com/programs/portable/nedmalloc/
  21 */
  22 
  23 #define lj_alloc_c
  24 #define LUA_CORE
  25 
  26 /* To get the mremap prototype. Must be defined before any system includes. */
  27 #if defined(__linux__) && !defined(_GNU_SOURCE)
  28 #define _GNU_SOURCE
  29 #endif
  30 
  31 #include "lj_def.h"
  32 #include "lj_arch.h"
  33 #include "lj_alloc.h"
  34 
  35 #ifndef LUAJIT_USE_SYSMALLOC
  36 
  37 #define MAX_SIZE_T              (~(size_t)0)
  38 #define MALLOC_ALIGNMENT        ((size_t)8U)
  39 
  40 #define DEFAULT_GRANULARITY     ((size_t)128U * (size_t)1024U)
  41 #define DEFAULT_TRIM_THRESHOLD  ((size_t)2U * (size_t)1024U * (size_t)1024U)
  42 #define DEFAULT_MMAP_THRESHOLD  ((size_t)128U * (size_t)1024U)
  43 #define MAX_RELEASE_CHECK_RATE  255
  44 
  45 /* ------------------- size_t and alignment properties -------------------- */
  46 
  47 /* The byte and bit size of a size_t */
  48 #define SIZE_T_SIZE             (sizeof(size_t))
  49 #define SIZE_T_BITSIZE          (sizeof(size_t) << 3)
  50 
  51 /* Some constants coerced to size_t */
  52 /* Annoying but necessary to avoid errors on some platforms */
  53 #define SIZE_T_ZERO             ((size_t)0)
  54 #define SIZE_T_ONE              ((size_t)1)
  55 #define SIZE_T_TWO              ((size_t)2)
  56 #define TWO_SIZE_T_SIZES        (SIZE_T_SIZE<<1)
  57 #define FOUR_SIZE_T_SIZES       (SIZE_T_SIZE<<2)
  58 #define SIX_SIZE_T_SIZES        (FOUR_SIZE_T_SIZES+TWO_SIZE_T_SIZES)
  59 
  60 /* The bit mask value corresponding to MALLOC_ALIGNMENT */
  61 #define CHUNK_ALIGN_MASK        (MALLOC_ALIGNMENT - SIZE_T_ONE)
  62 
  63 /* the number of bytes to offset an address to align it */
  64 #define align_offset(A)\
  65  ((((size_t)(A) & CHUNK_ALIGN_MASK) == 0)? 0 :\
  66   ((MALLOC_ALIGNMENT - ((size_t)(A) & CHUNK_ALIGN_MASK)) & CHUNK_ALIGN_MASK))
  67 
  68 /* -------------------------- MMAP support ------------------------------- */
  69 
  70 #define MFAIL                   ((void *)(MAX_SIZE_T))
  71 #define CMFAIL                  ((char *)(MFAIL)) /* defined for convenience */
  72 
  73 #define IS_DIRECT_BIT           (SIZE_T_ONE)
  74 
  75 #if LJ_TARGET_WINDOWS
  76 
  77 #define WIN32_LEAN_AND_MEAN
  78 #include <windows.h>
  79 
  80 #if LJ_64
  81 
  82 /* Undocumented, but hey, that's what we all love so much about Windows. */
  83 typedef long (*PNTAVM)(HANDLE handle, void **addr, ULONG zbits,
  84                        size_t *size, ULONG alloctype, ULONG prot);
  85 static PNTAVM ntavm;
  86 
  87 /* Number of top bits of the lower 32 bits of an address that must be zero.
  88 ** Apparently 0 gives us full 64 bit addresses and 1 gives us the lower 2GB.
  89 */
  90 #define NTAVM_ZEROBITS          1
  91 
  92 static void INIT_MMAP(void)
  93 {
  94   ntavm = (PNTAVM)GetProcAddress(GetModuleHandleA("ntdll.dll"),
  95                                  "NtAllocateVirtualMemory");
  96 }
  97 
  98 /* Win64 32 bit MMAP via NtAllocateVirtualMemory. */
  99 static LJ_AINLINE void *CALL_MMAP(size_t size)
 100 {
 101   DWORD olderr = GetLastError();
 102   void *ptr = NULL;
 103   long st = ntavm(INVALID_HANDLE_VALUE, &ptr, NTAVM_ZEROBITS, &size,
 104                   MEM_RESERVE|MEM_COMMIT, PAGE_READWRITE);
 105   SetLastError(olderr);
 106   return st == 0 ? ptr : MFAIL;
 107 }
 108 
 109 /* For direct MMAP, use MEM_TOP_DOWN to minimize interference */
 110 static LJ_AINLINE void *DIRECT_MMAP(size_t size)
 111 {
 112   DWORD olderr = GetLastError();
 113   void *ptr = NULL;
 114   long st = ntavm(INVALID_HANDLE_VALUE, &ptr, NTAVM_ZEROBITS, &size,
 115                   MEM_RESERVE|MEM_COMMIT|MEM_TOP_DOWN, PAGE_READWRITE);
 116   SetLastError(olderr);
 117   return st == 0 ? ptr : MFAIL;
 118 }
 119 
 120 #else
 121 
 122 #define INIT_MMAP()             ((void)0)
 123 
 124 /* Win32 MMAP via VirtualAlloc */
 125 static LJ_AINLINE void *CALL_MMAP(size_t size)
 126 {
 127   DWORD olderr = GetLastError();
 128   void *ptr = VirtualAlloc(0, size, MEM_RESERVE|MEM_COMMIT, PAGE_READWRITE);
 129   SetLastError(olderr);
 130   return ptr ? ptr : MFAIL;
 131 }
 132 
 133 /* For direct MMAP, use MEM_TOP_DOWN to minimize interference */
 134 static LJ_AINLINE void *DIRECT_MMAP(size_t size)
 135 {
 136   DWORD olderr = GetLastError();
 137   void *ptr = VirtualAlloc(0, size, MEM_RESERVE|MEM_COMMIT|MEM_TOP_DOWN,
 138                            PAGE_READWRITE);
 139   SetLastError(olderr);
 140   return ptr ? ptr : MFAIL;
 141 }
 142 
 143 #endif
 144 
 145 /* This function supports releasing coalesed segments */
 146 static LJ_AINLINE int CALL_MUNMAP(void *ptr, size_t size)
 147 {
 148   DWORD olderr = GetLastError();
 149   MEMORY_BASIC_INFORMATION minfo;
 150   char *cptr = (char *)ptr;
 151   while (size) {
 152     if (VirtualQuery(cptr, &minfo, sizeof(minfo)) == 0)
 153       return -1;
 154     if (minfo.BaseAddress != cptr || minfo.AllocationBase != cptr ||
 155         minfo.State != MEM_COMMIT || minfo.RegionSize > size)
 156       return -1;
 157     if (VirtualFree(cptr, 0, MEM_RELEASE) == 0)
 158       return -1;
 159     cptr += minfo.RegionSize;
 160     size -= minfo.RegionSize;
 161   }
 162   SetLastError(olderr);
 163   return 0;
 164 }
 165 
 166 #else
 167 
 168 #include <errno.h>
 169 #include <sys/mman.h>
 170 
 171 #define MMAP_PROT               (PROT_READ|PROT_WRITE)
 172 #if !defined(MAP_ANONYMOUS) && defined(MAP_ANON)
 173 #define MAP_ANONYMOUS           MAP_ANON
 174 #endif
 175 #define MMAP_FLAGS              (MAP_PRIVATE|MAP_ANONYMOUS)
 176 
 177 #if LJ_64
 178 /* 64 bit mode needs special support for allocating memory in the lower 2GB. */
 179 
 180 #if defined(MAP_32BIT)
 181 
 182 #if defined(__sun__)
 183 #define MMAP_REGION_START       ((uintptr_t)0x1000)
 184 #else
 185 /* Actually this only gives us max. 1GB in current Linux kernels. */
 186 #define MMAP_REGION_START       ((uintptr_t)0)
 187 #endif
 188 
 189 static LJ_AINLINE void *CALL_MMAP(size_t size)
 190 {
 191   int olderr = errno;
 192   void *ptr = mmap((void *)MMAP_REGION_START, size, MMAP_PROT, MAP_32BIT|MMAP_FLAGS, -1, 0);
 193   errno = olderr;
 194   return ptr;
 195 }
 196 
 197 #elif LJ_TARGET_OSX || LJ_TARGET_PS4 || defined(__FreeBSD__) || defined(__FreeBSD_kernel__) || defined(__NetBSD__) || defined(__OpenBSD__) || defined(__DragonFly__) || defined(__sun__) || LJ_TARGET_CYGWIN
 198 
 199 /* OSX and FreeBSD mmap() use a naive first-fit linear search.
 200 ** That's perfect for us. Except that -pagezero_size must be set for OSX,
 201 ** otherwise the lower 4GB are blocked. And the 32GB RLIMIT_DATA needs
 202 ** to be reduced to 250MB on FreeBSD.
 203 */
 204 #if LJ_TARGET_OSX || defined(__DragonFly__)
 205 #define MMAP_REGION_START       ((uintptr_t)0x10000)
 206 #elif LJ_TARGET_PS4
 207 #define MMAP_REGION_START       ((uintptr_t)0x4000)
 208 #else
 209 #define MMAP_REGION_START       ((uintptr_t)0x10000000)
 210 #endif
 211 #define MMAP_REGION_END         ((uintptr_t)0x80000000)
 212 
 213 #if (defined(__FreeBSD__) || defined(__FreeBSD_kernel__)) && !LJ_TARGET_PS4
 214 #include <sys/resource.h>
 215 #endif
 216 
 217 static LJ_AINLINE void *CALL_MMAP(size_t size)
 218 {
 219   int olderr = errno;
 220   /* Hint for next allocation. Doesn't need to be thread-safe. */
 221   static uintptr_t alloc_hint = MMAP_REGION_START;
 222   int retry = 0;
 223 #if (defined(__FreeBSD__) || defined(__FreeBSD_kernel__)) && !LJ_TARGET_PS4
 224   static int rlimit_modified = 0;
 225   if (LJ_UNLIKELY(rlimit_modified == 0)) {
 226     struct rlimit rlim;
 227     rlim.rlim_cur = rlim.rlim_max = MMAP_REGION_START;
 228     setrlimit(RLIMIT_DATA, &rlim);  /* Ignore result. May fail below. */
 229     rlimit_modified = 1;
 230   }
 231 #endif
 232   for (;;) {
 233     void *p = mmap((void *)alloc_hint, size, MMAP_PROT, MMAP_FLAGS, -1, 0);
 234     if ((uintptr_t)p >= MMAP_REGION_START &&
 235         (uintptr_t)p + size < MMAP_REGION_END) {
 236       alloc_hint = (uintptr_t)p + size;
 237       errno = olderr;
 238       return p;
 239     }
 240     if (p != CMFAIL) munmap(p, size);
 241 #if defined(__sun__) || defined(__DragonFly__)
 242     alloc_hint += 0x1000000;  /* Need near-exhaustive linear scan. */
 243     if (alloc_hint + size < MMAP_REGION_END) continue;
 244 #endif
 245     if (retry) break;
 246     retry = 1;
 247     alloc_hint = MMAP_REGION_START;
 248   }
 249   errno = olderr;
 250   return CMFAIL;
 251 }
 252 
 253 #else
 254 
 255 #error "NYI: need an equivalent of MAP_32BIT for this 64 bit OS"
 256 
 257 #endif
 258 
 259 #else
 260 
 261 /* 32 bit mode is easy. */
 262 static LJ_AINLINE void *CALL_MMAP(size_t size)
 263 {
 264   int olderr = errno;
 265   void *ptr = mmap(NULL, size, MMAP_PROT, MMAP_FLAGS, -1, 0);
 266   errno = olderr;
 267   return ptr;
 268 }
 269 
 270 #endif
 271 
 272 #define INIT_MMAP()             ((void)0)
 273 #define DIRECT_MMAP(s)          CALL_MMAP(s)
 274 
 275 static LJ_AINLINE int CALL_MUNMAP(void *ptr, size_t size)
 276 {
 277   int olderr = errno;
 278   int ret = munmap(ptr, size);
 279   errno = olderr;
 280   return ret;
 281 }
 282 
 283 #if LJ_TARGET_LINUX
 284 /* Need to define _GNU_SOURCE to get the mremap prototype. */
 285 static LJ_AINLINE void *CALL_MREMAP_(void *ptr, size_t osz, size_t nsz,
 286                                      int flags)
 287 {
 288   int olderr = errno;
 289   ptr = mremap(ptr, osz, nsz, flags);
 290   errno = olderr;
 291   return ptr;
 292 }
 293 
 294 #define CALL_MREMAP(addr, osz, nsz, mv) CALL_MREMAP_((addr), (osz), (nsz), (mv))
 295 #define CALL_MREMAP_NOMOVE      0
 296 #define CALL_MREMAP_MAYMOVE     1
 297 #if LJ_64
 298 #define CALL_MREMAP_MV          CALL_MREMAP_NOMOVE
 299 #else
 300 #define CALL_MREMAP_MV          CALL_MREMAP_MAYMOVE
 301 #endif
 302 #endif
 303 
 304 #endif
 305 
 306 #ifndef CALL_MREMAP
 307 #define CALL_MREMAP(addr, osz, nsz, mv) ((void)osz, MFAIL)
 308 #endif
 309 
 310 /* -----------------------  Chunk representations ------------------------ */
 311 
 312 struct malloc_chunk {
 313   size_t               prev_foot;  /* Size of previous chunk (if free).  */
 314   size_t               head;       /* Size and inuse bits. */
 315   struct malloc_chunk *fd;         /* double links -- used only if free. */
 316   struct malloc_chunk *bk;
 317 };
 318 
 319 typedef struct malloc_chunk  mchunk;
 320 typedef struct malloc_chunk *mchunkptr;
 321 typedef struct malloc_chunk *sbinptr;  /* The type of bins of chunks */
 322 typedef size_t bindex_t;               /* Described below */
 323 typedef unsigned int binmap_t;         /* Described below */
 324 typedef unsigned int flag_t;           /* The type of various bit flag sets */
 325 
 326 /* ------------------- Chunks sizes and alignments ----------------------- */
 327 
 328 #define MCHUNK_SIZE             (sizeof(mchunk))
 329 
 330 #define CHUNK_OVERHEAD          (SIZE_T_SIZE)
 331 
 332 /* Direct chunks need a second word of overhead ... */
 333 #define DIRECT_CHUNK_OVERHEAD   (TWO_SIZE_T_SIZES)
 334 /* ... and additional padding for fake next-chunk at foot */
 335 #define DIRECT_FOOT_PAD         (FOUR_SIZE_T_SIZES)
 336 
 337 /* The smallest size we can malloc is an aligned minimal chunk */
 338 #define MIN_CHUNK_SIZE\
 339   ((MCHUNK_SIZE + CHUNK_ALIGN_MASK) & ~CHUNK_ALIGN_MASK)
 340 
 341 /* conversion from malloc headers to user pointers, and back */
 342 #define chunk2mem(p)            ((void *)((char *)(p) + TWO_SIZE_T_SIZES))
 343 #define mem2chunk(mem)          ((mchunkptr)((char *)(mem) - TWO_SIZE_T_SIZES))
 344 /* chunk associated with aligned address A */
 345 #define align_as_chunk(A)       (mchunkptr)((A) + align_offset(chunk2mem(A)))
 346 
 347 /* Bounds on request (not chunk) sizes. */
 348 #define MAX_REQUEST             ((~MIN_CHUNK_SIZE+1) << 2)
 349 #define MIN_REQUEST             (MIN_CHUNK_SIZE - CHUNK_OVERHEAD - SIZE_T_ONE)
 350 
 351 /* pad request bytes into a usable size */
 352 #define pad_request(req) \
 353    (((req) + CHUNK_OVERHEAD + CHUNK_ALIGN_MASK) & ~CHUNK_ALIGN_MASK)
 354 
 355 /* pad request, checking for minimum (but not maximum) */
 356 #define request2size(req) \
 357   (((req) < MIN_REQUEST)? MIN_CHUNK_SIZE : pad_request(req))
 358 
 359 /* ------------------ Operations on head and foot fields ----------------- */
 360 
 361 #define PINUSE_BIT              (SIZE_T_ONE)
 362 #define CINUSE_BIT              (SIZE_T_TWO)
 363 #define INUSE_BITS              (PINUSE_BIT|CINUSE_BIT)
 364 
 365 /* Head value for fenceposts */
 366 #define FENCEPOST_HEAD          (INUSE_BITS|SIZE_T_SIZE)
 367 
 368 /* extraction of fields from head words */
 369 #define cinuse(p)               ((p)->head & CINUSE_BIT)
 370 #define pinuse(p)               ((p)->head & PINUSE_BIT)
 371 #define chunksize(p)            ((p)->head & ~(INUSE_BITS))
 372 
 373 #define clear_pinuse(p)         ((p)->head &= ~PINUSE_BIT)
 374 #define clear_cinuse(p)         ((p)->head &= ~CINUSE_BIT)
 375 
 376 /* Treat space at ptr +/- offset as a chunk */
 377 #define chunk_plus_offset(p, s)         ((mchunkptr)(((char *)(p)) + (s)))
 378 #define chunk_minus_offset(p, s)        ((mchunkptr)(((char *)(p)) - (s)))
 379 
 380 /* Ptr to next or previous physical malloc_chunk. */
 381 #define next_chunk(p)   ((mchunkptr)(((char *)(p)) + ((p)->head & ~INUSE_BITS)))
 382 #define prev_chunk(p)   ((mchunkptr)(((char *)(p)) - ((p)->prev_foot) ))
 383 
 384 /* extract next chunk's pinuse bit */
 385 #define next_pinuse(p)  ((next_chunk(p)->head) & PINUSE_BIT)
 386 
 387 /* Get/set size at footer */
 388 #define get_foot(p, s)  (((mchunkptr)((char *)(p) + (s)))->prev_foot)
 389 #define set_foot(p, s)  (((mchunkptr)((char *)(p) + (s)))->prev_foot = (s))
 390 
 391 /* Set size, pinuse bit, and foot */
 392 #define set_size_and_pinuse_of_free_chunk(p, s)\
 393   ((p)->head = (s|PINUSE_BIT), set_foot(p, s))
 394 
 395 /* Set size, pinuse bit, foot, and clear next pinuse */
 396 #define set_free_with_pinuse(p, s, n)\
 397   (clear_pinuse(n), set_size_and_pinuse_of_free_chunk(p, s))
 398 
 399 #define is_direct(p)\
 400   (!((p)->head & PINUSE_BIT) && ((p)->prev_foot & IS_DIRECT_BIT))
 401 
 402 /* Get the internal overhead associated with chunk p */
 403 #define overhead_for(p)\
 404  (is_direct(p)? DIRECT_CHUNK_OVERHEAD : CHUNK_OVERHEAD)
 405 
 406 /* ---------------------- Overlaid data structures ----------------------- */
 407 
 408 struct malloc_tree_chunk {
 409   /* The first four fields must be compatible with malloc_chunk */
 410   size_t                    prev_foot;
 411   size_t                    head;
 412   struct malloc_tree_chunk *fd;
 413   struct malloc_tree_chunk *bk;
 414 
 415   struct malloc_tree_chunk *child[2];
 416   struct malloc_tree_chunk *parent;
 417   bindex_t                  index;
 418 };
 419 
 420 typedef struct malloc_tree_chunk  tchunk;
 421 typedef struct malloc_tree_chunk *tchunkptr;
 422 typedef struct malloc_tree_chunk *tbinptr; /* The type of bins of trees */
 423 
 424 /* A little helper macro for trees */
 425 #define leftmost_child(t) ((t)->child[0] != 0? (t)->child[0] : (t)->child[1])
 426 
 427 /* ----------------------------- Segments -------------------------------- */
 428 
 429 struct malloc_segment {
 430   char        *base;             /* base address */
 431   size_t       size;             /* allocated size */
 432   struct malloc_segment *next;   /* ptr to next segment */
 433 };
 434 
 435 typedef struct malloc_segment  msegment;
 436 typedef struct malloc_segment *msegmentptr;
 437 
 438 /* ---------------------------- malloc_state ----------------------------- */
 439 
 440 /* Bin types, widths and sizes */
 441 #define NSMALLBINS              (32U)
 442 #define NTREEBINS               (32U)
 443 #define SMALLBIN_SHIFT          (3U)
 444 #define SMALLBIN_WIDTH          (SIZE_T_ONE << SMALLBIN_SHIFT)
 445 #define TREEBIN_SHIFT           (8U)
 446 #define MIN_LARGE_SIZE          (SIZE_T_ONE << TREEBIN_SHIFT)
 447 #define MAX_SMALL_SIZE          (MIN_LARGE_SIZE - SIZE_T_ONE)
 448 #define MAX_SMALL_REQUEST  (MAX_SMALL_SIZE - CHUNK_ALIGN_MASK - CHUNK_OVERHEAD)
 449 
 450 struct malloc_state {
 451   binmap_t   smallmap;
 452   binmap_t   treemap;
 453   size_t     dvsize;
 454   size_t     topsize;
 455   mchunkptr  dv;
 456   mchunkptr  top;
 457   size_t     trim_check;
 458   size_t     release_checks;
 459   mchunkptr  smallbins[(NSMALLBINS+1)*2];
 460   tbinptr    treebins[NTREEBINS];
 461   msegment   seg;
 462 };
 463 
 464 typedef struct malloc_state *mstate;
 465 
 466 #define is_initialized(M)       ((M)->top != 0)
 467 
 468 /* -------------------------- system alloc setup ------------------------- */
 469 
 470 /* page-align a size */
 471 #define page_align(S)\
 472  (((S) + (LJ_PAGESIZE - SIZE_T_ONE)) & ~(LJ_PAGESIZE - SIZE_T_ONE))
 473 
 474 /* granularity-align a size */
 475 #define granularity_align(S)\
 476   (((S) + (DEFAULT_GRANULARITY - SIZE_T_ONE))\
 477    & ~(DEFAULT_GRANULARITY - SIZE_T_ONE))
 478 
 479 #if LJ_TARGET_WINDOWS
 480 #define mmap_align(S)   granularity_align(S)
 481 #else
 482 #define mmap_align(S)   page_align(S)
 483 #endif
 484 
 485 /*  True if segment S holds address A */
 486 #define segment_holds(S, A)\
 487   ((char *)(A) >= S->base && (char *)(A) < S->base + S->size)
 488 
 489 /* Return segment holding given address */
 490 static msegmentptr segment_holding(mstate m, char *addr)
 491 {
 492   msegmentptr sp = &m->seg;
 493   for (;;) {
 494     if (addr >= sp->base && addr < sp->base + sp->size)
 495       return sp;
 496     if ((sp = sp->next) == 0)
 497       return 0;
 498   }
 499 }
 500 
 501 /* Return true if segment contains a segment link */
 502 static int has_segment_link(mstate m, msegmentptr ss)
 503 {
 504   msegmentptr sp = &m->seg;
 505   for (;;) {
 506     if ((char *)sp >= ss->base && (char *)sp < ss->base + ss->size)
 507       return 1;
 508     if ((sp = sp->next) == 0)
 509       return 0;
 510   }
 511 }
 512 
 513 /*
 514   TOP_FOOT_SIZE is padding at the end of a segment, including space
 515   that may be needed to place segment records and fenceposts when new
 516   noncontiguous segments are added.
 517 */
 518 #define TOP_FOOT_SIZE\
 519   (align_offset(chunk2mem(0))+pad_request(sizeof(struct malloc_segment))+MIN_CHUNK_SIZE)
 520 
 521 /* ---------------------------- Indexing Bins ---------------------------- */
 522 
 523 #define is_small(s)             (((s) >> SMALLBIN_SHIFT) < NSMALLBINS)
 524 #define small_index(s)          ((s)  >> SMALLBIN_SHIFT)
 525 #define small_index2size(i)     ((i)  << SMALLBIN_SHIFT)
 526 #define MIN_SMALL_INDEX         (small_index(MIN_CHUNK_SIZE))
 527 
 528 /* addressing by index. See above about smallbin repositioning */
 529 #define smallbin_at(M, i)       ((sbinptr)((char *)&((M)->smallbins[(i)<<1])))
 530 #define treebin_at(M,i)         (&((M)->treebins[i]))
 531 
 532 /* assign tree index for size S to variable I */
 533 #define compute_tree_index(S, I)\
 534 {\
 535   unsigned int X = (unsigned int)(S >> TREEBIN_SHIFT);\
 536   if (X == 0) {\
 537     I = 0;\
 538   } else if (X > 0xFFFF) {\
 539     I = NTREEBINS-1;\
 540   } else {\
 541     unsigned int K = lj_fls(X);\
 542     I =  (bindex_t)((K << 1) + ((S >> (K + (TREEBIN_SHIFT-1)) & 1)));\
 543   }\
 544 }
 545 
 546 /* Bit representing maximum resolved size in a treebin at i */
 547 #define bit_for_tree_index(i) \
 548    (i == NTREEBINS-1)? (SIZE_T_BITSIZE-1) : (((i) >> 1) + TREEBIN_SHIFT - 2)
 549 
 550 /* Shift placing maximum resolved bit in a treebin at i as sign bit */
 551 #define leftshift_for_tree_index(i) \
 552    ((i == NTREEBINS-1)? 0 : \
 553     ((SIZE_T_BITSIZE-SIZE_T_ONE) - (((i) >> 1) + TREEBIN_SHIFT - 2)))
 554 
 555 /* The size of the smallest chunk held in bin with index i */
 556 #define minsize_for_tree_index(i) \
 557    ((SIZE_T_ONE << (((i) >> 1) + TREEBIN_SHIFT)) |  \
 558    (((size_t)((i) & SIZE_T_ONE)) << (((i) >> 1) + TREEBIN_SHIFT - 1)))
 559 
 560 /* ------------------------ Operations on bin maps ----------------------- */
 561 
 562 /* bit corresponding to given index */
 563 #define idx2bit(i)              ((binmap_t)(1) << (i))
 564 
 565 /* Mark/Clear bits with given index */
 566 #define mark_smallmap(M,i)      ((M)->smallmap |=  idx2bit(i))
 567 #define clear_smallmap(M,i)     ((M)->smallmap &= ~idx2bit(i))
 568 #define smallmap_is_marked(M,i) ((M)->smallmap &   idx2bit(i))
 569 
 570 #define mark_treemap(M,i)       ((M)->treemap  |=  idx2bit(i))
 571 #define clear_treemap(M,i)      ((M)->treemap  &= ~idx2bit(i))
 572 #define treemap_is_marked(M,i)  ((M)->treemap  &   idx2bit(i))
 573 
 574 /* mask with all bits to left of least bit of x on */
 575 #define left_bits(x)            ((x<<1) | (~(x<<1)+1))
 576 
 577 /* Set cinuse bit and pinuse bit of next chunk */
 578 #define set_inuse(M,p,s)\
 579   ((p)->head = (((p)->head & PINUSE_BIT)|s|CINUSE_BIT),\
 580   ((mchunkptr)(((char *)(p)) + (s)))->head |= PINUSE_BIT)
 581 
 582 /* Set cinuse and pinuse of this chunk and pinuse of next chunk */
 583 #define set_inuse_and_pinuse(M,p,s)\
 584   ((p)->head = (s|PINUSE_BIT|CINUSE_BIT),\
 585   ((mchunkptr)(((char *)(p)) + (s)))->head |= PINUSE_BIT)
 586 
 587 /* Set size, cinuse and pinuse bit of this chunk */
 588 #define set_size_and_pinuse_of_inuse_chunk(M, p, s)\
 589   ((p)->head = (s|PINUSE_BIT|CINUSE_BIT))
 590 
 591 /* ----------------------- Operations on smallbins ----------------------- */
 592 
 593 /* Link a free chunk into a smallbin  */
 594 #define insert_small_chunk(M, P, S) {\
 595   bindex_t I = small_index(S);\
 596   mchunkptr B = smallbin_at(M, I);\
 597   mchunkptr F = B;\
 598   if (!smallmap_is_marked(M, I))\
 599     mark_smallmap(M, I);\
 600   else\
 601     F = B->fd;\
 602   B->fd = P;\
 603   F->bk = P;\
 604   P->fd = F;\
 605   P->bk = B;\
 606 }
 607 
 608 /* Unlink a chunk from a smallbin  */
 609 #define unlink_small_chunk(M, P, S) {\
 610   mchunkptr F = P->fd;\
 611   mchunkptr B = P->bk;\
 612   bindex_t I = small_index(S);\
 613   if (F == B) {\
 614     clear_smallmap(M, I);\
 615   } else {\
 616     F->bk = B;\
 617     B->fd = F;\
 618   }\
 619 }
 620 
 621 /* Unlink the first chunk from a smallbin */
 622 #define unlink_first_small_chunk(M, B, P, I) {\
 623   mchunkptr F = P->fd;\
 624   if (B == F) {\
 625     clear_smallmap(M, I);\
 626   } else {\
 627     B->fd = F;\
 628     F->bk = B;\
 629   }\
 630 }
 631 
 632 /* Replace dv node, binning the old one */
 633 /* Used only when dvsize known to be small */
 634 #define replace_dv(M, P, S) {\
 635   size_t DVS = M->dvsize;\
 636   if (DVS != 0) {\
 637     mchunkptr DV = M->dv;\
 638     insert_small_chunk(M, DV, DVS);\
 639   }\
 640   M->dvsize = S;\
 641   M->dv = P;\
 642 }
 643 
 644 /* ------------------------- Operations on trees ------------------------- */
 645 
 646 /* Insert chunk into tree */
 647 #define insert_large_chunk(M, X, S) {\
 648   tbinptr *H;\
 649   bindex_t I;\
 650   compute_tree_index(S, I);\
 651   H = treebin_at(M, I);\
 652   X->index = I;\
 653   X->child[0] = X->child[1] = 0;\
 654   if (!treemap_is_marked(M, I)) {\
 655     mark_treemap(M, I);\
 656     *H = X;\
 657     X->parent = (tchunkptr)H;\
 658     X->fd = X->bk = X;\
 659   } else {\
 660     tchunkptr T = *H;\
 661     size_t K = S << leftshift_for_tree_index(I);\
 662     for (;;) {\
 663       if (chunksize(T) != S) {\
 664         tchunkptr *C = &(T->child[(K >> (SIZE_T_BITSIZE-SIZE_T_ONE)) & 1]);\
 665         K <<= 1;\
 666         if (*C != 0) {\
 667           T = *C;\
 668         } else {\
 669           *C = X;\
 670           X->parent = T;\
 671           X->fd = X->bk = X;\
 672           break;\
 673         }\
 674       } else {\
 675         tchunkptr F = T->fd;\
 676         T->fd = F->bk = X;\
 677         X->fd = F;\
 678         X->bk = T;\
 679         X->parent = 0;\
 680         break;\
 681       }\
 682     }\
 683   }\
 684 }
 685 
 686 #define unlink_large_chunk(M, X) {\
 687   tchunkptr XP = X->parent;\
 688   tchunkptr R;\
 689   if (X->bk != X) {\
 690     tchunkptr F = X->fd;\
 691     R = X->bk;\
 692     F->bk = R;\
 693     R->fd = F;\
 694   } else {\
 695     tchunkptr *RP;\
 696     if (((R = *(RP = &(X->child[1]))) != 0) ||\
 697         ((R = *(RP = &(X->child[0]))) != 0)) {\
 698       tchunkptr *CP;\
 699       while ((*(CP = &(R->child[1])) != 0) ||\
 700              (*(CP = &(R->child[0])) != 0)) {\
 701         R = *(RP = CP);\
 702       }\
 703       *RP = 0;\
 704     }\
 705   }\
 706   if (XP != 0) {\
 707     tbinptr *H = treebin_at(M, X->index);\
 708     if (X == *H) {\
 709       if ((*H = R) == 0) \
 710         clear_treemap(M, X->index);\
 711     } else {\
 712       if (XP->child[0] == X) \
 713         XP->child[0] = R;\
 714       else \
 715         XP->child[1] = R;\
 716     }\
 717     if (R != 0) {\
 718       tchunkptr C0, C1;\
 719       R->parent = XP;\
 720       if ((C0 = X->child[0]) != 0) {\
 721         R->child[0] = C0;\
 722         C0->parent = R;\
 723       }\
 724       if ((C1 = X->child[1]) != 0) {\
 725         R->child[1] = C1;\
 726         C1->parent = R;\
 727       }\
 728     }\
 729   }\
 730 }
 731 
 732 /* Relays to large vs small bin operations */
 733 
 734 #define insert_chunk(M, P, S)\
 735   if (is_small(S)) { insert_small_chunk(M, P, S)\
 736   } else { tchunkptr TP = (tchunkptr)(P); insert_large_chunk(M, TP, S); }
 737 
 738 #define unlink_chunk(M, P, S)\
 739   if (is_small(S)) { unlink_small_chunk(M, P, S)\
 740   } else { tchunkptr TP = (tchunkptr)(P); unlink_large_chunk(M, TP); }
 741 
 742 /* -----------------------  Direct-mmapping chunks ----------------------- */
 743 
 744 static void *direct_alloc(size_t nb)
 745 {
 746   size_t mmsize = mmap_align(nb + SIX_SIZE_T_SIZES + CHUNK_ALIGN_MASK);
 747   if (LJ_LIKELY(mmsize > nb)) {     /* Check for wrap around 0 */
 748     char *mm = (char *)(DIRECT_MMAP(mmsize));
 749     if (mm != CMFAIL) {
 750       size_t offset = align_offset(chunk2mem(mm));
 751       size_t psize = mmsize - offset - DIRECT_FOOT_PAD;
 752       mchunkptr p = (mchunkptr)(mm + offset);
 753       p->prev_foot = offset | IS_DIRECT_BIT;
 754       p->head = psize|CINUSE_BIT;
 755       chunk_plus_offset(p, psize)->head = FENCEPOST_HEAD;
 756       chunk_plus_offset(p, psize+SIZE_T_SIZE)->head = 0;
 757       return chunk2mem(p);
 758     }
 759   }
 760   return NULL;
 761 }
 762 
 763 static mchunkptr direct_resize(mchunkptr oldp, size_t nb)
 764 {
 765   size_t oldsize = chunksize(oldp);
 766   if (is_small(nb)) /* Can't shrink direct regions below small size */
 767     return NULL;
 768   /* Keep old chunk if big enough but not too big */
 769   if (oldsize >= nb + SIZE_T_SIZE &&
 770       (oldsize - nb) <= (DEFAULT_GRANULARITY >> 1)) {
 771     return oldp;
 772   } else {
 773     size_t offset = oldp->prev_foot & ~IS_DIRECT_BIT;
 774     size_t oldmmsize = oldsize + offset + DIRECT_FOOT_PAD;
 775     size_t newmmsize = mmap_align(nb + SIX_SIZE_T_SIZES + CHUNK_ALIGN_MASK);
 776     char *cp = (char *)CALL_MREMAP((char *)oldp - offset,
 777                                    oldmmsize, newmmsize, CALL_MREMAP_MV);
 778     if (cp != CMFAIL) {
 779       mchunkptr newp = (mchunkptr)(cp + offset);
 780       size_t psize = newmmsize - offset - DIRECT_FOOT_PAD;
 781       newp->head = psize|CINUSE_BIT;
 782       chunk_plus_offset(newp, psize)->head = FENCEPOST_HEAD;
 783       chunk_plus_offset(newp, psize+SIZE_T_SIZE)->head = 0;
 784       return newp;
 785     }
 786   }
 787   return NULL;
 788 }
 789 
 790 /* -------------------------- mspace management -------------------------- */
 791 
 792 /* Initialize top chunk and its size */
 793 static void init_top(mstate m, mchunkptr p, size_t psize)
 794 {
 795   /* Ensure alignment */
 796   size_t offset = align_offset(chunk2mem(p));
 797   p = (mchunkptr)((char *)p + offset);
 798   psize -= offset;
 799 
 800   m->top = p;
 801   m->topsize = psize;
 802   p->head = psize | PINUSE_BIT;
 803   /* set size of fake trailing chunk holding overhead space only once */
 804   chunk_plus_offset(p, psize)->head = TOP_FOOT_SIZE;
 805   m->trim_check = DEFAULT_TRIM_THRESHOLD; /* reset on each update */
 806 }
 807 
 808 /* Initialize bins for a new mstate that is otherwise zeroed out */
 809 static void init_bins(mstate m)
 810 {
 811   /* Establish circular links for smallbins */
 812   bindex_t i;
 813   for (i = 0; i < NSMALLBINS; i++) {
 814     sbinptr bin = smallbin_at(m,i);
 815     bin->fd = bin->bk = bin;
 816   }
 817 }
 818 
 819 /* Allocate chunk and prepend remainder with chunk in successor base. */
 820 static void *prepend_alloc(mstate m, char *newbase, char *oldbase, size_t nb)
 821 {
 822   mchunkptr p = align_as_chunk(newbase);
 823   mchunkptr oldfirst = align_as_chunk(oldbase);
 824   size_t psize = (size_t)((char *)oldfirst - (char *)p);
 825   mchunkptr q = chunk_plus_offset(p, nb);
 826   size_t qsize = psize - nb;
 827   set_size_and_pinuse_of_inuse_chunk(m, p, nb);
 828 
 829   /* consolidate remainder with first chunk of old base */
 830   if (oldfirst == m->top) {
 831     size_t tsize = m->topsize += qsize;
 832     m->top = q;
 833     q->head = tsize | PINUSE_BIT;
 834   } else if (oldfirst == m->dv) {
 835     size_t dsize = m->dvsize += qsize;
 836     m->dv = q;
 837     set_size_and_pinuse_of_free_chunk(q, dsize);
 838   } else {
 839     if (!cinuse(oldfirst)) {
 840       size_t nsize = chunksize(oldfirst);
 841       unlink_chunk(m, oldfirst, nsize);
 842       oldfirst = chunk_plus_offset(oldfirst, nsize);
 843       qsize += nsize;
 844     }
 845     set_free_with_pinuse(q, qsize, oldfirst);
 846     insert_chunk(m, q, qsize);
 847   }
 848 
 849   return chunk2mem(p);
 850 }
 851 
 852 /* Add a segment to hold a new noncontiguous region */
 853 static void add_segment(mstate m, char *tbase, size_t tsize)
 854 {
 855   /* Determine locations and sizes of segment, fenceposts, old top */
 856   char *old_top = (char *)m->top;
 857   msegmentptr oldsp = segment_holding(m, old_top);
 858   char *old_end = oldsp->base + oldsp->size;
 859   size_t ssize = pad_request(sizeof(struct malloc_segment));
 860   char *rawsp = old_end - (ssize + FOUR_SIZE_T_SIZES + CHUNK_ALIGN_MASK);
 861   size_t offset = align_offset(chunk2mem(rawsp));
 862   char *asp = rawsp + offset;
 863   char *csp = (asp < (old_top + MIN_CHUNK_SIZE))? old_top : asp;
 864   mchunkptr sp = (mchunkptr)csp;
 865   msegmentptr ss = (msegmentptr)(chunk2mem(sp));
 866   mchunkptr tnext = chunk_plus_offset(sp, ssize);
 867   mchunkptr p = tnext;
 868 
 869   /* reset top to new space */
 870   init_top(m, (mchunkptr)tbase, tsize - TOP_FOOT_SIZE);
 871 
 872   /* Set up segment record */
 873   set_size_and_pinuse_of_inuse_chunk(m, sp, ssize);
 874   *ss = m->seg; /* Push current record */
 875   m->seg.base = tbase;
 876   m->seg.size = tsize;
 877   m->seg.next = ss;
 878 
 879   /* Insert trailing fenceposts */
 880   for (;;) {
 881     mchunkptr nextp = chunk_plus_offset(p, SIZE_T_SIZE);
 882     p->head = FENCEPOST_HEAD;
 883     if ((char *)(&(nextp->head)) < old_end)
 884       p = nextp;
 885     else
 886       break;
 887   }
 888 
 889   /* Insert the rest of old top into a bin as an ordinary free chunk */
 890   if (csp != old_top) {
 891     mchunkptr q = (mchunkptr)old_top;
 892     size_t psize = (size_t)(csp - old_top);
 893     mchunkptr tn = chunk_plus_offset(q, psize);
 894     set_free_with_pinuse(q, psize, tn);
 895     insert_chunk(m, q, psize);
 896   }
 897 }
 898 
 899 /* -------------------------- System allocation -------------------------- */
 900 
 901 static void *alloc_sys(mstate m, size_t nb)
 902 {
 903   char *tbase = CMFAIL;
 904   size_t tsize = 0;
 905 
 906   /* Directly map large chunks */
 907   if (LJ_UNLIKELY(nb >= DEFAULT_MMAP_THRESHOLD)) {
 908     void *mem = direct_alloc(nb);
 909     if (mem != 0)
 910       return mem;
 911   }
 912 
 913   {
 914     size_t req = nb + TOP_FOOT_SIZE + SIZE_T_ONE;
 915     size_t rsize = granularity_align(req);
 916     if (LJ_LIKELY(rsize > nb)) { /* Fail if wraps around zero */
 917       char *mp = (char *)(CALL_MMAP(rsize));
 918       if (mp != CMFAIL) {
 919         tbase = mp;
 920         tsize = rsize;
 921       }
 922     }
 923   }
 924 
 925   if (tbase != CMFAIL) {
 926     msegmentptr sp = &m->seg;
 927     /* Try to merge with an existing segment */
 928     while (sp != 0 && tbase != sp->base + sp->size)
 929       sp = sp->next;
 930     if (sp != 0 && segment_holds(sp, m->top)) { /* append */
 931       sp->size += tsize;
 932       init_top(m, m->top, m->topsize + tsize);
 933     } else {
 934       sp = &m->seg;
 935       while (sp != 0 && sp->base != tbase + tsize)
 936         sp = sp->next;
 937       if (sp != 0) {
 938         char *oldbase = sp->base;
 939         sp->base = tbase;
 940         sp->size += tsize;
 941         return prepend_alloc(m, tbase, oldbase, nb);
 942       } else {
 943         add_segment(m, tbase, tsize);
 944       }
 945     }
 946 
 947     if (nb < m->topsize) { /* Allocate from new or extended top space */
 948       size_t rsize = m->topsize -= nb;
 949       mchunkptr p = m->top;
 950       mchunkptr r = m->top = chunk_plus_offset(p, nb);
 951       r->head = rsize | PINUSE_BIT;
 952       set_size_and_pinuse_of_inuse_chunk(m, p, nb);
 953       return chunk2mem(p);
 954     }
 955   }
 956 
 957   return NULL;
 958 }
 959 
 960 /* -----------------------  system deallocation -------------------------- */
 961 
 962 /* Unmap and unlink any mmapped segments that don't contain used chunks */
 963 static size_t release_unused_segments(mstate m)
 964 {
 965   size_t released = 0;
 966   size_t nsegs = 0;
 967   msegmentptr pred = &m->seg;
 968   msegmentptr sp = pred->next;
 969   while (sp != 0) {
 970     char *base = sp->base;
 971     size_t size = sp->size;
 972     msegmentptr next = sp->next;
 973     nsegs++;
 974     {
 975       mchunkptr p = align_as_chunk(base);
 976       size_t psize = chunksize(p);
 977       /* Can unmap if first chunk holds entire segment and not pinned */
 978       if (!cinuse(p) && (char *)p + psize >= base + size - TOP_FOOT_SIZE) {
 979         tchunkptr tp = (tchunkptr)p;
 980         if (p == m->dv) {
 981           m->dv = 0;
 982           m->dvsize = 0;
 983         } else {
 984           unlink_large_chunk(m, tp);
 985         }
 986         if (CALL_MUNMAP(base, size) == 0) {
 987           released += size;
 988           /* unlink obsoleted record */
 989           sp = pred;
 990           sp->next = next;
 991         } else { /* back out if cannot unmap */
 992           insert_large_chunk(m, tp, psize);
 993         }
 994       }
 995     }
 996     pred = sp;
 997     sp = next;
 998   }
 999   /* Reset check counter */
1000   m->release_checks = nsegs > MAX_RELEASE_CHECK_RATE ?
1001                       nsegs : MAX_RELEASE_CHECK_RATE;
1002   return released;
1003 }
1004 
1005 static int alloc_trim(mstate m, size_t pad)
1006 {
1007   size_t released = 0;
1008   if (pad < MAX_REQUEST && is_initialized(m)) {
1009     pad += TOP_FOOT_SIZE; /* ensure enough room for segment overhead */
1010 
1011     if (m->topsize > pad) {
1012       /* Shrink top space in granularity-size units, keeping at least one */
1013       size_t unit = DEFAULT_GRANULARITY;
1014       size_t extra = ((m->topsize - pad + (unit - SIZE_T_ONE)) / unit -
1015                       SIZE_T_ONE) * unit;
1016       msegmentptr sp = segment_holding(m, (char *)m->top);
1017 
1018       if (sp->size >= extra &&
1019           !has_segment_link(m, sp)) { /* can't shrink if pinned */
1020         size_t newsize = sp->size - extra;
1021         /* Prefer mremap, fall back to munmap */
1022         if ((CALL_MREMAP(sp->base, sp->size, newsize, CALL_MREMAP_NOMOVE) != MFAIL) ||
1023             (CALL_MUNMAP(sp->base + newsize, extra) == 0)) {
1024           released = extra;
1025         }
1026       }
1027 
1028       if (released != 0) {
1029         sp->size -= released;
1030         init_top(m, m->top, m->topsize - released);
1031       }
1032     }
1033 
1034     /* Unmap any unused mmapped segments */
1035     released += release_unused_segments(m);
1036 
1037     /* On failure, disable autotrim to avoid repeated failed future calls */
1038     if (released == 0 && m->topsize > m->trim_check)
1039       m->trim_check = MAX_SIZE_T;
1040   }
1041 
1042   return (released != 0)? 1 : 0;
1043 }
1044 
1045 /* ---------------------------- malloc support --------------------------- */
1046 
1047 /* allocate a large request from the best fitting chunk in a treebin */
1048 static void *tmalloc_large(mstate m, size_t nb)
1049 {
1050   tchunkptr v = 0;
1051   size_t rsize = ~nb+1; /* Unsigned negation */
1052   tchunkptr t;
1053   bindex_t idx;
1054   compute_tree_index(nb, idx);
1055 
1056   if ((t = *treebin_at(m, idx)) != 0) {
1057     /* Traverse tree for this bin looking for node with size == nb */
1058     size_t sizebits = nb << leftshift_for_tree_index(idx);
1059     tchunkptr rst = 0;  /* The deepest untaken right subtree */
1060     for (;;) {
1061       tchunkptr rt;
1062       size_t trem = chunksize(t) - nb;
1063       if (trem < rsize) {
1064         v = t;
1065         if ((rsize = trem) == 0)
1066           break;
1067       }
1068       rt = t->child[1];
1069       t = t->child[(sizebits >> (SIZE_T_BITSIZE-SIZE_T_ONE)) & 1];
1070       if (rt != 0 && rt != t)
1071         rst = rt;
1072       if (t == 0) {
1073         t = rst; /* set t to least subtree holding sizes > nb */
1074         break;
1075       }
1076       sizebits <<= 1;
1077     }
1078   }
1079 
1080   if (t == 0 && v == 0) { /* set t to root of next non-empty treebin */
1081     binmap_t leftbits = left_bits(idx2bit(idx)) & m->treemap;
1082     if (leftbits != 0)
1083       t = *treebin_at(m, lj_ffs(leftbits));
1084   }
1085 
1086   while (t != 0) { /* find smallest of tree or subtree */
1087     size_t trem = chunksize(t) - nb;
1088     if (trem < rsize) {
1089       rsize = trem;
1090       v = t;
1091     }
1092     t = leftmost_child(t);
1093   }
1094 
1095   /*  If dv is a better fit, return NULL so malloc will use it */
1096   if (v != 0 && rsize < (size_t)(m->dvsize - nb)) {
1097     mchunkptr r = chunk_plus_offset(v, nb);
1098     unlink_large_chunk(m, v);
1099     if (rsize < MIN_CHUNK_SIZE) {
1100       set_inuse_and_pinuse(m, v, (rsize + nb));
1101     } else {
1102       set_size_and_pinuse_of_inuse_chunk(m, v, nb);
1103       set_size_and_pinuse_of_free_chunk(r, rsize);
1104       insert_chunk(m, r, rsize);
1105     }
1106     return chunk2mem(v);
1107   }
1108   return NULL;
1109 }
1110 
1111 /* allocate a small request from the best fitting chunk in a treebin */
1112 static void *tmalloc_small(mstate m, size_t nb)
1113 {
1114   tchunkptr t, v;
1115   mchunkptr r;
1116   size_t rsize;
1117   bindex_t i = lj_ffs(m->treemap);
1118 
1119   v = t = *treebin_at(m, i);
1120   rsize = chunksize(t) - nb;
1121 
1122   while ((t = leftmost_child(t)) != 0) {
1123     size_t trem = chunksize(t) - nb;
1124     if (trem < rsize) {
1125       rsize = trem;
1126       v = t;
1127     }
1128   }
1129 
1130   r = chunk_plus_offset(v, nb);
1131   unlink_large_chunk(m, v);
1132   if (rsize < MIN_CHUNK_SIZE) {
1133     set_inuse_and_pinuse(m, v, (rsize + nb));
1134   } else {
1135     set_size_and_pinuse_of_inuse_chunk(m, v, nb);
1136     set_size_and_pinuse_of_free_chunk(r, rsize);
1137     replace_dv(m, r, rsize);
1138   }
1139   return chunk2mem(v);
1140 }
1141 
1142 /* ----------------------------------------------------------------------- */
1143 
1144 void *lj_alloc_create(void)
1145 {
1146   size_t tsize = DEFAULT_GRANULARITY;
1147   char *tbase;
1148   INIT_MMAP();
1149   tbase = (char *)(CALL_MMAP(tsize));
1150   if (tbase != CMFAIL) {
1151     size_t msize = pad_request(sizeof(struct malloc_state));
1152     mchunkptr mn;
1153     mchunkptr msp = align_as_chunk(tbase);
1154     mstate m = (mstate)(chunk2mem(msp));
1155     memset(m, 0, msize);
1156     msp->head = (msize|PINUSE_BIT|CINUSE_BIT);
1157     m->seg.base = tbase;
1158     m->seg.size = tsize;
1159     m->release_checks = MAX_RELEASE_CHECK_RATE;
1160     init_bins(m);
1161     mn = next_chunk(mem2chunk(m));
1162     init_top(m, mn, (size_t)((tbase + tsize) - (char *)mn) - TOP_FOOT_SIZE);
1163     return m;
1164   }
1165   return NULL;
1166 }
1167 
1168 void lj_alloc_destroy(void *msp)
1169 {
1170   mstate ms = (mstate)msp;
1171   msegmentptr sp = &ms->seg;
1172   while (sp != 0) {
1173     char *base = sp->base;
1174     size_t size = sp->size;
1175     sp = sp->next;
1176     CALL_MUNMAP(base, size);
1177   }
1178 }
1179 
1180 static LJ_NOINLINE void *lj_alloc_malloc(void *msp, size_t nsize)
1181 {
1182   mstate ms = (mstate)msp;
1183   void *mem;
1184   size_t nb;
1185   if (nsize <= MAX_SMALL_REQUEST) {
1186     bindex_t idx;
1187     binmap_t smallbits;
1188     nb = (nsize < MIN_REQUEST)? MIN_CHUNK_SIZE : pad_request(nsize);
1189     idx = small_index(nb);
1190     smallbits = ms->smallmap >> idx;
1191 
1192     if ((smallbits & 0x3U) != 0) { /* Remainderless fit to a smallbin. */
1193       mchunkptr b, p;
1194       idx += ~smallbits & 1;       /* Uses next bin if idx empty */
1195       b = smallbin_at(ms, idx);
1196       p = b->fd;
1197       unlink_first_small_chunk(ms, b, p, idx);
1198       set_inuse_and_pinuse(ms, p, small_index2size(idx));
1199       mem = chunk2mem(p);
1200       return mem;
1201     } else if (nb > ms->dvsize) {
1202       if (smallbits != 0) { /* Use chunk in next nonempty smallbin */
1203         mchunkptr b, p, r;
1204         size_t rsize;
1205         binmap_t leftbits = (smallbits << idx) & left_bits(idx2bit(idx));
1206         bindex_t i = lj_ffs(leftbits);
1207         b = smallbin_at(ms, i);
1208         p = b->fd;
1209         unlink_first_small_chunk(ms, b, p, i);
1210         rsize = small_index2size(i) - nb;
1211         /* Fit here cannot be remainderless if 4byte sizes */
1212         if (SIZE_T_SIZE != 4 && rsize < MIN_CHUNK_SIZE) {
1213           set_inuse_and_pinuse(ms, p, small_index2size(i));
1214         } else {
1215           set_size_and_pinuse_of_inuse_chunk(ms, p, nb);
1216           r = chunk_plus_offset(p, nb);
1217           set_size_and_pinuse_of_free_chunk(r, rsize);
1218           replace_dv(ms, r, rsize);
1219         }
1220         mem = chunk2mem(p);
1221         return mem;
1222       } else if (ms->treemap != 0 && (mem = tmalloc_small(ms, nb)) != 0) {
1223         return mem;
1224       }
1225     }
1226   } else if (nsize >= MAX_REQUEST) {
1227     nb = MAX_SIZE_T; /* Too big to allocate. Force failure (in sys alloc) */
1228   } else {
1229     nb = pad_request(nsize);
1230     if (ms->treemap != 0 && (mem = tmalloc_large(ms, nb)) != 0) {
1231       return mem;
1232     }
1233   }
1234 
1235   if (nb <= ms->dvsize) {
1236     size_t rsize = ms->dvsize - nb;
1237     mchunkptr p = ms->dv;
1238     if (rsize >= MIN_CHUNK_SIZE) { /* split dv */
1239       mchunkptr r = ms->dv = chunk_plus_offset(p, nb);
1240       ms->dvsize = rsize;
1241       set_size_and_pinuse_of_free_chunk(r, rsize);
1242       set_size_and_pinuse_of_inuse_chunk(ms, p, nb);
1243     } else { /* exhaust dv */
1244       size_t dvs = ms->dvsize;
1245       ms->dvsize = 0;
1246       ms->dv = 0;
1247       set_inuse_and_pinuse(ms, p, dvs);
1248     }
1249     mem = chunk2mem(p);
1250     return mem;
1251   } else if (nb < ms->topsize) { /* Split top */
1252     size_t rsize = ms->topsize -= nb;
1253     mchunkptr p = ms->top;
1254     mchunkptr r = ms->top = chunk_plus_offset(p, nb);
1255     r->head = rsize | PINUSE_BIT;
1256     set_size_and_pinuse_of_inuse_chunk(ms, p, nb);
1257     mem = chunk2mem(p);
1258     return mem;
1259   }
1260   return alloc_sys(ms, nb);
1261 }
1262 
1263 static LJ_NOINLINE void *lj_alloc_free(void *msp, void *ptr)
1264 {
1265   if (ptr != 0) {
1266     mchunkptr p = mem2chunk(ptr);
1267     mstate fm = (mstate)msp;
1268     size_t psize = chunksize(p);
1269     mchunkptr next = chunk_plus_offset(p, psize);
1270     if (!pinuse(p)) {
1271       size_t prevsize = p->prev_foot;
1272       if ((prevsize & IS_DIRECT_BIT) != 0) {
1273         prevsize &= ~IS_DIRECT_BIT;
1274         psize += prevsize + DIRECT_FOOT_PAD;
1275         CALL_MUNMAP((char *)p - prevsize, psize);
1276         return NULL;
1277       } else {
1278         mchunkptr prev = chunk_minus_offset(p, prevsize);
1279         psize += prevsize;
1280         p = prev;
1281         /* consolidate backward */
1282         if (p != fm->dv) {
1283           unlink_chunk(fm, p, prevsize);
1284         } else if ((next->head & INUSE_BITS) == INUSE_BITS) {
1285           fm->dvsize = psize;
1286           set_free_with_pinuse(p, psize, next);
1287           return NULL;
1288         }
1289       }
1290     }
1291     if (!cinuse(next)) {  /* consolidate forward */
1292       if (next == fm->top) {
1293         size_t tsize = fm->topsize += psize;
1294         fm->top = p;
1295         p->head = tsize | PINUSE_BIT;
1296         if (p == fm->dv) {
1297           fm->dv = 0;
1298           fm->dvsize = 0;
1299         }
1300         if (tsize > fm->trim_check)
1301           alloc_trim(fm, 0);
1302         return NULL;
1303       } else if (next == fm->dv) {
1304         size_t dsize = fm->dvsize += psize;
1305         fm->dv = p;
1306         set_size_and_pinuse_of_free_chunk(p, dsize);
1307         return NULL;
1308       } else {
1309         size_t nsize = chunksize(next);
1310         psize += nsize;
1311         unlink_chunk(fm, next, nsize);
1312         set_size_and_pinuse_of_free_chunk(p, psize);
1313         if (p == fm->dv) {
1314           fm->dvsize = psize;
1315           return NULL;
1316         }
1317       }
1318     } else {
1319       set_free_with_pinuse(p, psize, next);
1320     }
1321 
1322     if (is_small(psize)) {
1323       insert_small_chunk(fm, p, psize);
1324     } else {
1325       tchunkptr tp = (tchunkptr)p;
1326       insert_large_chunk(fm, tp, psize);
1327       if (--fm->release_checks == 0)
1328         release_unused_segments(fm);
1329     }
1330   }
1331   return NULL;
1332 }
1333 
1334 static LJ_NOINLINE void *lj_alloc_realloc(void *msp, void *ptr, size_t nsize)
1335 {
1336   if (nsize >= MAX_REQUEST) {
1337     return NULL;
1338   } else {
1339     mstate m = (mstate)msp;
1340     mchunkptr oldp = mem2chunk(ptr);
1341     size_t oldsize = chunksize(oldp);
1342     mchunkptr next = chunk_plus_offset(oldp, oldsize);
1343     mchunkptr newp = 0;
1344     size_t nb = request2size(nsize);
1345 
1346     /* Try to either shrink or extend into top. Else malloc-copy-free */
1347     if (is_direct(oldp)) {
1348       newp = direct_resize(oldp, nb);  /* this may return NULL. */
1349     } else if (oldsize >= nb) { /* already big enough */
1350       size_t rsize = oldsize - nb;
1351       newp = oldp;
1352       if (rsize >= MIN_CHUNK_SIZE) {
1353         mchunkptr rem = chunk_plus_offset(newp, nb);
1354         set_inuse(m, newp, nb);
1355         set_inuse(m, rem, rsize);
1356         lj_alloc_free(m, chunk2mem(rem));
1357       }
1358     } else if (next == m->top && oldsize + m->topsize > nb) {
1359       /* Expand into top */
1360       size_t newsize = oldsize + m->topsize;
1361       size_t newtopsize = newsize - nb;
1362       mchunkptr newtop = chunk_plus_offset(oldp, nb);
1363       set_inuse(m, oldp, nb);
1364       newtop->head = newtopsize |PINUSE_BIT;
1365       m->top = newtop;
1366       m->topsize = newtopsize;
1367       newp = oldp;
1368     }
1369 
1370     if (newp != 0) {
1371       return chunk2mem(newp);
1372     } else {
1373       void *newmem = lj_alloc_malloc(m, nsize);
1374       if (newmem != 0) {
1375         size_t oc = oldsize - overhead_for(oldp);
1376         memcpy(newmem, ptr, oc < nsize ? oc : nsize);
1377         lj_alloc_free(m, ptr);
1378       }
1379       return newmem;
1380     }
1381   }
1382 }
1383 
1384 void *lj_alloc_f(void *msp, void *ptr, size_t osize, size_t nsize)
1385 {
1386   (void)osize;
1387   if (nsize == 0) {
1388     return lj_alloc_free(msp, ptr);
1389   } else if (ptr == NULL) {
1390     return lj_alloc_malloc(msp, nsize);
1391   } else {
1392     return lj_alloc_realloc(msp, ptr, nsize);
1393   }
1394 }
1395 
1396 #endif

/* [<][>][^][v][top][bottom][index][help] */