207
207
* Python's threads are serialized, so object malloc locking is disabled.
209
#define SIMPLELOCK_DECL(lock) /* simple lock declaration */
210
#define SIMPLELOCK_INIT(lock) /* allocate (if needed) and initialize */
211
#define SIMPLELOCK_FINI(lock) /* free/destroy an existing lock */
212
#define SIMPLELOCK_LOCK(lock) /* acquire released lock */
213
#define SIMPLELOCK_UNLOCK(lock) /* release acquired lock */
209
#define SIMPLELOCK_DECL(lock) /* simple lock declaration */
210
#define SIMPLELOCK_INIT(lock) /* allocate (if needed) and initialize */
211
#define SIMPLELOCK_FINI(lock) /* free/destroy an existing lock */
212
#define SIMPLELOCK_LOCK(lock) /* acquire released lock */
213
#define SIMPLELOCK_UNLOCK(lock) /* release acquired lock */
217
217
* I don't care if these are defined in <sys/types.h> or elsewhere. Axiom.
220
#define uchar unsigned char /* assuming == 8 bits */
220
#define uchar unsigned char /* assuming == 8 bits */
223
#define uint unsigned int /* assuming >= 16 bits */
223
#define uint unsigned int /* assuming >= 16 bits */
226
#define ulong unsigned long /* assuming >= 32 bits */
226
#define ulong unsigned long /* assuming >= 32 bits */
229
#define uptr Py_uintptr_t
229
#define uptr Py_uintptr_t
231
231
/* When you say memory, my mind reasons in terms of (pointers to) blocks */
232
232
typedef uchar block;
234
234
/* Pool for small blocks. */
235
235
struct pool_header {
236
union { block *_padding;
237
uint count; } ref; /* number of allocated blocks */
238
block *freeblock; /* pool's free list head */
239
struct pool_header *nextpool; /* next pool of this size class */
240
struct pool_header *prevpool; /* previous pool "" */
241
uint arenaindex; /* index into arenas of base adr */
242
uint szidx; /* block size class index */
243
uint nextoffset; /* bytes to virgin block */
244
uint maxnextoffset; /* largest valid nextoffset */
236
union { block *_padding;
237
uint count; } ref; /* number of allocated blocks */
238
block *freeblock; /* pool's free list head */
239
struct pool_header *nextpool; /* next pool of this size class */
240
struct pool_header *prevpool; /* previous pool "" */
241
uint arenaindex; /* index into arenas of base adr */
242
uint szidx; /* block size class index */
243
uint nextoffset; /* bytes to virgin block */
244
uint maxnextoffset; /* largest valid nextoffset */
247
247
typedef struct pool_header *poolp;
249
249
/* Record keeping for arenas. */
250
250
struct arena_object {
251
/* The address of the arena, as returned by malloc. Note that 0
252
* will never be returned by a successful malloc, and is used
253
* here to mark an arena_object that doesn't correspond to an
258
/* Pool-aligned pointer to the next pool to be carved off. */
261
/* The number of available pools in the arena: free pools + never-
266
/* The total number of pools in the arena, whether or not available. */
269
/* Singly-linked list of available pools. */
270
struct pool_header* freepools;
272
/* Whenever this arena_object is not associated with an allocated
273
* arena, the nextarena member is used to link all unassociated
274
* arena_objects in the singly-linked `unused_arena_objects` list.
275
* The prevarena member is unused in this case.
277
* When this arena_object is associated with an allocated arena
278
* with at least one available pool, both members are used in the
279
* doubly-linked `usable_arenas` list, which is maintained in
280
* increasing order of `nfreepools` values.
282
* Else this arena_object is associated with an allocated arena
283
* all of whose pools are in use. `nextarena` and `prevarena`
284
* are both meaningless in this case.
286
struct arena_object* nextarena;
287
struct arena_object* prevarena;
251
/* The address of the arena, as returned by malloc. Note that 0
252
* will never be returned by a successful malloc, and is used
253
* here to mark an arena_object that doesn't correspond to an
258
/* Pool-aligned pointer to the next pool to be carved off. */
261
/* The number of available pools in the arena: free pools + never-
266
/* The total number of pools in the arena, whether or not available. */
269
/* Singly-linked list of available pools. */
270
struct pool_header* freepools;
272
/* Whenever this arena_object is not associated with an allocated
273
* arena, the nextarena member is used to link all unassociated
274
* arena_objects in the singly-linked `unused_arena_objects` list.
275
* The prevarena member is unused in this case.
277
* When this arena_object is associated with an allocated arena
278
* with at least one available pool, both members are used in the
279
* doubly-linked `usable_arenas` list, which is maintained in
280
* increasing order of `nfreepools` values.
282
* Else this arena_object is associated with an allocated arena
283
* all of whose pools are in use. `nextarena` and `prevarena`
284
* are both meaningless in this case.
286
struct arena_object* nextarena;
287
struct arena_object* prevarena;
291
#define ROUNDUP(x) (((x) + ALIGNMENT_MASK) & ~ALIGNMENT_MASK)
292
#define POOL_OVERHEAD ROUNDUP(sizeof(struct pool_header))
291
#define ROUNDUP(x) (((x) + ALIGNMENT_MASK) & ~ALIGNMENT_MASK)
292
#define POOL_OVERHEAD ROUNDUP(sizeof(struct pool_header))
294
#define DUMMY_SIZE_IDX 0xffff /* size class of newly cached pools */
294
#define DUMMY_SIZE_IDX 0xffff /* size class of newly cached pools */
296
296
/* Round pointer P down to the closest pool-aligned address <= P, as a poolp */
297
297
#define POOL_ADDR(P) ((poolp)((uptr)(P) & ~(uptr)POOL_SIZE_MASK))
406
406
the prevpool member.
407
407
**************************************************************************** */
409
#define PTA(x) ((poolp )((uchar *)&(usedpools[2*(x)]) - 2*sizeof(block *)))
410
#define PT(x) PTA(x), PTA(x)
409
#define PTA(x) ((poolp )((uchar *)&(usedpools[2*(x)]) - 2*sizeof(block *)))
410
#define PT(x) PTA(x), PTA(x)
412
412
static poolp usedpools[2 * ((NB_SMALL_SIZE_CLASSES + 7) / 8) * 8] = {
413
PT(0), PT(1), PT(2), PT(3), PT(4), PT(5), PT(6), PT(7)
413
PT(0), PT(1), PT(2), PT(3), PT(4), PT(5), PT(6), PT(7)
414
414
#if NB_SMALL_SIZE_CLASSES > 8
415
, PT(8), PT(9), PT(10), PT(11), PT(12), PT(13), PT(14), PT(15)
415
, PT(8), PT(9), PT(10), PT(11), PT(12), PT(13), PT(14), PT(15)
416
416
#if NB_SMALL_SIZE_CLASSES > 16
417
, PT(16), PT(17), PT(18), PT(19), PT(20), PT(21), PT(22), PT(23)
417
, PT(16), PT(17), PT(18), PT(19), PT(20), PT(21), PT(22), PT(23)
418
418
#if NB_SMALL_SIZE_CLASSES > 24
419
, PT(24), PT(25), PT(26), PT(27), PT(28), PT(29), PT(30), PT(31)
419
, PT(24), PT(25), PT(26), PT(27), PT(28), PT(29), PT(30), PT(31)
420
420
#if NB_SMALL_SIZE_CLASSES > 32
421
, PT(32), PT(33), PT(34), PT(35), PT(36), PT(37), PT(38), PT(39)
421
, PT(32), PT(33), PT(34), PT(35), PT(36), PT(37), PT(38), PT(39)
422
422
#if NB_SMALL_SIZE_CLASSES > 40
423
, PT(40), PT(41), PT(42), PT(43), PT(44), PT(45), PT(46), PT(47)
423
, PT(40), PT(41), PT(42), PT(43), PT(44), PT(45), PT(46), PT(47)
424
424
#if NB_SMALL_SIZE_CLASSES > 48
425
, PT(48), PT(49), PT(50), PT(51), PT(52), PT(53), PT(54), PT(55)
425
, PT(48), PT(49), PT(50), PT(51), PT(52), PT(53), PT(54), PT(55)
426
426
#if NB_SMALL_SIZE_CLASSES > 56
427
, PT(56), PT(57), PT(58), PT(59), PT(60), PT(61), PT(62), PT(63)
427
, PT(56), PT(57), PT(58), PT(59), PT(60), PT(61), PT(62), PT(63)
428
428
#endif /* NB_SMALL_SIZE_CLASSES > 56 */
429
429
#endif /* NB_SMALL_SIZE_CLASSES > 48 */
430
430
#endif /* NB_SMALL_SIZE_CLASSES > 40 */
508
508
static struct arena_object*
511
struct arena_object* arenaobj;
512
uint excess; /* number of bytes above pool alignment */
511
struct arena_object* arenaobj;
512
uint excess; /* number of bytes above pool alignment */
514
514
#ifdef PYMALLOC_DEBUG
515
if (Py_GETENV("PYTHONMALLOCSTATS"))
516
_PyObject_DebugMallocStats();
515
if (Py_GETENV("PYTHONMALLOCSTATS"))
516
_PyObject_DebugMallocStats();
518
if (unused_arena_objects == NULL) {
518
if (unused_arena_objects == NULL) {
523
/* Double the number of arena objects on each allocation.
524
* Note that it's possible for `numarenas` to overflow.
526
numarenas = maxarenas ? maxarenas << 1 : INITIAL_ARENA_OBJECTS;
527
if (numarenas <= maxarenas)
528
return NULL; /* overflow */
523
/* Double the number of arena objects on each allocation.
524
* Note that it's possible for `numarenas` to overflow.
526
numarenas = maxarenas ? maxarenas << 1 : INITIAL_ARENA_OBJECTS;
527
if (numarenas <= maxarenas)
528
return NULL; /* overflow */
529
529
#if SIZEOF_SIZE_T <= SIZEOF_INT
530
if (numarenas > PY_SIZE_MAX / sizeof(*arenas))
531
return NULL; /* overflow */
530
if (numarenas > PY_SIZE_MAX / sizeof(*arenas))
531
return NULL; /* overflow */
533
nbytes = numarenas * sizeof(*arenas);
534
arenaobj = (struct arena_object *)realloc(arenas, nbytes);
535
if (arenaobj == NULL)
539
/* We might need to fix pointers that were copied. However,
540
* new_arena only gets called when all the pages in the
541
* previous arenas are full. Thus, there are *no* pointers
542
* into the old array. Thus, we don't have to worry about
543
* invalid pointers. Just to be sure, some asserts:
545
assert(usable_arenas == NULL);
546
assert(unused_arena_objects == NULL);
548
/* Put the new arenas on the unused_arena_objects list. */
549
for (i = maxarenas; i < numarenas; ++i) {
550
arenas[i].address = 0; /* mark as unassociated */
551
arenas[i].nextarena = i < numarenas - 1 ?
555
/* Update globals. */
556
unused_arena_objects = &arenas[maxarenas];
557
maxarenas = numarenas;
560
/* Take the next available arena object off the head of the list. */
561
assert(unused_arena_objects != NULL);
562
arenaobj = unused_arena_objects;
563
unused_arena_objects = arenaobj->nextarena;
564
assert(arenaobj->address == 0);
565
arenaobj->address = (uptr)malloc(ARENA_SIZE);
566
if (arenaobj->address == 0) {
567
/* The allocation failed: return NULL after putting the
570
arenaobj->nextarena = unused_arena_objects;
571
unused_arena_objects = arenaobj;
575
++narenas_currently_allocated;
533
nbytes = numarenas * sizeof(*arenas);
534
arenaobj = (struct arena_object *)realloc(arenas, nbytes);
535
if (arenaobj == NULL)
539
/* We might need to fix pointers that were copied. However,
540
* new_arena only gets called when all the pages in the
541
* previous arenas are full. Thus, there are *no* pointers
542
* into the old array. Thus, we don't have to worry about
543
* invalid pointers. Just to be sure, some asserts:
545
assert(usable_arenas == NULL);
546
assert(unused_arena_objects == NULL);
548
/* Put the new arenas on the unused_arena_objects list. */
549
for (i = maxarenas; i < numarenas; ++i) {
550
arenas[i].address = 0; /* mark as unassociated */
551
arenas[i].nextarena = i < numarenas - 1 ?
555
/* Update globals. */
556
unused_arena_objects = &arenas[maxarenas];
557
maxarenas = numarenas;
560
/* Take the next available arena object off the head of the list. */
561
assert(unused_arena_objects != NULL);
562
arenaobj = unused_arena_objects;
563
unused_arena_objects = arenaobj->nextarena;
564
assert(arenaobj->address == 0);
565
arenaobj->address = (uptr)malloc(ARENA_SIZE);
566
if (arenaobj->address == 0) {
567
/* The allocation failed: return NULL after putting the
570
arenaobj->nextarena = unused_arena_objects;
571
unused_arena_objects = arenaobj;
575
++narenas_currently_allocated;
576
576
#ifdef PYMALLOC_DEBUG
577
++ntimes_arena_allocated;
578
if (narenas_currently_allocated > narenas_highwater)
579
narenas_highwater = narenas_currently_allocated;
577
++ntimes_arena_allocated;
578
if (narenas_currently_allocated > narenas_highwater)
579
narenas_highwater = narenas_currently_allocated;
581
arenaobj->freepools = NULL;
582
/* pool_address <- first pool-aligned address in the arena
583
nfreepools <- number of whole pools that fit after alignment */
584
arenaobj->pool_address = (block*)arenaobj->address;
585
arenaobj->nfreepools = ARENA_SIZE / POOL_SIZE;
586
assert(POOL_SIZE * arenaobj->nfreepools == ARENA_SIZE);
587
excess = (uint)(arenaobj->address & POOL_SIZE_MASK);
589
--arenaobj->nfreepools;
590
arenaobj->pool_address += POOL_SIZE - excess;
592
arenaobj->ntotalpools = arenaobj->nfreepools;
581
arenaobj->freepools = NULL;
582
/* pool_address <- first pool-aligned address in the arena
583
nfreepools <- number of whole pools that fit after alignment */
584
arenaobj->pool_address = (block*)arenaobj->address;
585
arenaobj->nfreepools = ARENA_SIZE / POOL_SIZE;
586
assert(POOL_SIZE * arenaobj->nfreepools == ARENA_SIZE);
587
excess = (uint)(arenaobj->address & POOL_SIZE_MASK);
589
--arenaobj->nfreepools;
590
arenaobj->pool_address += POOL_SIZE - excess;
592
arenaobj->ntotalpools = arenaobj->nfreepools;
724
724
PyObject_Malloc(size_t nbytes)
732
* Limit ourselves to PY_SSIZE_T_MAX bytes to prevent security holes.
733
* Most python internals blindly use a signed Py_ssize_t to track
734
* things without checking for overflows or negatives.
735
* As size_t is unsigned, checking for nbytes < 0 is not required.
737
if (nbytes > PY_SSIZE_T_MAX)
741
* This implicitly redirects malloc(0).
743
if ((nbytes - 1) < SMALL_REQUEST_THRESHOLD) {
746
* Most frequent paths first
748
size = (uint)(nbytes - 1) >> ALIGNMENT_SHIFT;
749
pool = usedpools[size + size];
750
if (pool != pool->nextpool) {
752
* There is a used pool for this size class.
753
* Pick up the head block of its free list.
756
bp = pool->freeblock;
758
if ((pool->freeblock = *(block **)bp) != NULL) {
763
* Reached the end of the free list, try to extend it.
765
if (pool->nextoffset <= pool->maxnextoffset) {
766
/* There is room for another block. */
767
pool->freeblock = (block*)pool +
769
pool->nextoffset += INDEX2SIZE(size);
770
*(block **)(pool->freeblock) = NULL;
774
/* Pool is full, unlink from used pools. */
775
next = pool->nextpool;
776
pool = pool->prevpool;
777
next->prevpool = pool;
778
pool->nextpool = next;
783
/* There isn't a pool of the right size class immediately
784
* available: use a free pool.
786
if (usable_arenas == NULL) {
787
/* No arena has a free pool: allocate a new arena. */
732
* Limit ourselves to PY_SSIZE_T_MAX bytes to prevent security holes.
733
* Most python internals blindly use a signed Py_ssize_t to track
734
* things without checking for overflows or negatives.
735
* As size_t is unsigned, checking for nbytes < 0 is not required.
737
if (nbytes > PY_SSIZE_T_MAX)
741
* This implicitly redirects malloc(0).
743
if ((nbytes - 1) < SMALL_REQUEST_THRESHOLD) {
746
* Most frequent paths first
748
size = (uint)(nbytes - 1) >> ALIGNMENT_SHIFT;
749
pool = usedpools[size + size];
750
if (pool != pool->nextpool) {
752
* There is a used pool for this size class.
753
* Pick up the head block of its free list.
756
bp = pool->freeblock;
758
if ((pool->freeblock = *(block **)bp) != NULL) {
763
* Reached the end of the free list, try to extend it.
765
if (pool->nextoffset <= pool->maxnextoffset) {
766
/* There is room for another block. */
767
pool->freeblock = (block*)pool +
769
pool->nextoffset += INDEX2SIZE(size);
770
*(block **)(pool->freeblock) = NULL;
774
/* Pool is full, unlink from used pools. */
775
next = pool->nextpool;
776
pool = pool->prevpool;
777
next->prevpool = pool;
778
pool->nextpool = next;
783
/* There isn't a pool of the right size class immediately
784
* available: use a free pool.
786
if (usable_arenas == NULL) {
787
/* No arena has a free pool: allocate a new arena. */
788
788
#ifdef WITH_MEMORY_LIMITS
789
if (narenas_currently_allocated >= MAX_ARENAS) {
789
if (narenas_currently_allocated >= MAX_ARENAS) {
794
usable_arenas = new_arena();
795
if (usable_arenas == NULL) {
799
usable_arenas->nextarena =
800
usable_arenas->prevarena = NULL;
802
assert(usable_arenas->address != 0);
804
/* Try to get a cached free pool. */
805
pool = usable_arenas->freepools;
807
/* Unlink from cached pools. */
808
usable_arenas->freepools = pool->nextpool;
810
/* This arena already had the smallest nfreepools
811
* value, so decreasing nfreepools doesn't change
812
* that, and we don't need to rearrange the
813
* usable_arenas list. However, if the arena has
814
* become wholly allocated, we need to remove its
815
* arena_object from usable_arenas.
817
--usable_arenas->nfreepools;
818
if (usable_arenas->nfreepools == 0) {
819
/* Wholly allocated: remove. */
820
assert(usable_arenas->freepools == NULL);
821
assert(usable_arenas->nextarena == NULL ||
822
usable_arenas->nextarena->prevarena ==
825
usable_arenas = usable_arenas->nextarena;
826
if (usable_arenas != NULL) {
827
usable_arenas->prevarena = NULL;
828
assert(usable_arenas->address != 0);
832
/* nfreepools > 0: it must be that freepools
833
* isn't NULL, or that we haven't yet carved
834
* off all the arena's pools for the first
837
assert(usable_arenas->freepools != NULL ||
838
usable_arenas->pool_address <=
839
(block*)usable_arenas->address +
840
ARENA_SIZE - POOL_SIZE);
843
/* Frontlink to used pools. */
844
next = usedpools[size + size]; /* == prev */
845
pool->nextpool = next;
846
pool->prevpool = next;
847
next->nextpool = pool;
848
next->prevpool = pool;
850
if (pool->szidx == size) {
851
/* Luckily, this pool last contained blocks
852
* of the same size class, so its header
853
* and free list are already initialized.
855
bp = pool->freeblock;
856
pool->freeblock = *(block **)bp;
861
* Initialize the pool header, set up the free list to
862
* contain just the second block, and return the first
866
size = INDEX2SIZE(size);
867
bp = (block *)pool + POOL_OVERHEAD;
868
pool->nextoffset = POOL_OVERHEAD + (size << 1);
869
pool->maxnextoffset = POOL_SIZE - size;
870
pool->freeblock = bp + size;
871
*(block **)(pool->freeblock) = NULL;
876
/* Carve off a new pool. */
877
assert(usable_arenas->nfreepools > 0);
878
assert(usable_arenas->freepools == NULL);
879
pool = (poolp)usable_arenas->pool_address;
880
assert((block*)pool <= (block*)usable_arenas->address +
881
ARENA_SIZE - POOL_SIZE);
882
pool->arenaindex = usable_arenas - arenas;
883
assert(&arenas[pool->arenaindex] == usable_arenas);
884
pool->szidx = DUMMY_SIZE_IDX;
885
usable_arenas->pool_address += POOL_SIZE;
886
--usable_arenas->nfreepools;
888
if (usable_arenas->nfreepools == 0) {
889
assert(usable_arenas->nextarena == NULL ||
890
usable_arenas->nextarena->prevarena ==
892
/* Unlink the arena: it is completely allocated. */
893
usable_arenas = usable_arenas->nextarena;
894
if (usable_arenas != NULL) {
895
usable_arenas->prevarena = NULL;
896
assert(usable_arenas->address != 0);
903
/* The small block allocator ends here. */
794
usable_arenas = new_arena();
795
if (usable_arenas == NULL) {
799
usable_arenas->nextarena =
800
usable_arenas->prevarena = NULL;
802
assert(usable_arenas->address != 0);
804
/* Try to get a cached free pool. */
805
pool = usable_arenas->freepools;
807
/* Unlink from cached pools. */
808
usable_arenas->freepools = pool->nextpool;
810
/* This arena already had the smallest nfreepools
811
* value, so decreasing nfreepools doesn't change
812
* that, and we don't need to rearrange the
813
* usable_arenas list. However, if the arena has
814
* become wholly allocated, we need to remove its
815
* arena_object from usable_arenas.
817
--usable_arenas->nfreepools;
818
if (usable_arenas->nfreepools == 0) {
819
/* Wholly allocated: remove. */
820
assert(usable_arenas->freepools == NULL);
821
assert(usable_arenas->nextarena == NULL ||
822
usable_arenas->nextarena->prevarena ==
825
usable_arenas = usable_arenas->nextarena;
826
if (usable_arenas != NULL) {
827
usable_arenas->prevarena = NULL;
828
assert(usable_arenas->address != 0);
832
/* nfreepools > 0: it must be that freepools
833
* isn't NULL, or that we haven't yet carved
834
* off all the arena's pools for the first
837
assert(usable_arenas->freepools != NULL ||
838
usable_arenas->pool_address <=
839
(block*)usable_arenas->address +
840
ARENA_SIZE - POOL_SIZE);
843
/* Frontlink to used pools. */
844
next = usedpools[size + size]; /* == prev */
845
pool->nextpool = next;
846
pool->prevpool = next;
847
next->nextpool = pool;
848
next->prevpool = pool;
850
if (pool->szidx == size) {
851
/* Luckily, this pool last contained blocks
852
* of the same size class, so its header
853
* and free list are already initialized.
855
bp = pool->freeblock;
856
pool->freeblock = *(block **)bp;
861
* Initialize the pool header, set up the free list to
862
* contain just the second block, and return the first
866
size = INDEX2SIZE(size);
867
bp = (block *)pool + POOL_OVERHEAD;
868
pool->nextoffset = POOL_OVERHEAD + (size << 1);
869
pool->maxnextoffset = POOL_SIZE - size;
870
pool->freeblock = bp + size;
871
*(block **)(pool->freeblock) = NULL;
876
/* Carve off a new pool. */
877
assert(usable_arenas->nfreepools > 0);
878
assert(usable_arenas->freepools == NULL);
879
pool = (poolp)usable_arenas->pool_address;
880
assert((block*)pool <= (block*)usable_arenas->address +
881
ARENA_SIZE - POOL_SIZE);
882
pool->arenaindex = usable_arenas - arenas;
883
assert(&arenas[pool->arenaindex] == usable_arenas);
884
pool->szidx = DUMMY_SIZE_IDX;
885
usable_arenas->pool_address += POOL_SIZE;
886
--usable_arenas->nfreepools;
888
if (usable_arenas->nfreepools == 0) {
889
assert(usable_arenas->nextarena == NULL ||
890
usable_arenas->nextarena->prevarena ==
892
/* Unlink the arena: it is completely allocated. */
893
usable_arenas = usable_arenas->nextarena;
894
if (usable_arenas != NULL) {
895
usable_arenas->prevarena = NULL;
896
assert(usable_arenas->address != 0);
903
/* The small block allocator ends here. */
906
/* Redirect the original request to the underlying (libc) allocator.
907
* We jump here on bigger requests, on error in the code above (as a
908
* last chance to serve the request) or when the max memory limit
913
return (void *)malloc(nbytes);
906
/* Redirect the original request to the underlying (libc) allocator.
907
* We jump here on bigger requests, on error in the code above (as a
908
* last chance to serve the request) or when the max memory limit
913
return (void *)malloc(nbytes);
920
920
PyObject_Free(void *p)
927
if (p == NULL) /* free(NULL) has no effect */
931
if (Py_ADDRESS_IN_RANGE(p, pool)) {
932
/* We allocated this address. */
934
/* Link p to the start of the pool's freeblock list. Since
935
* the pool had at least the p block outstanding, the pool
936
* wasn't empty (so it's already in a usedpools[] list, or
937
* was full and is in no list -- it's not in the freeblocks
940
assert(pool->ref.count > 0); /* else it was empty */
941
*(block **)p = lastfree = pool->freeblock;
942
pool->freeblock = (block *)p;
944
struct arena_object* ao;
945
uint nf; /* ao->nfreepools */
947
/* freeblock wasn't NULL, so the pool wasn't full,
948
* and the pool is in a usedpools[] list.
950
if (--pool->ref.count != 0) {
951
/* pool isn't empty: leave it in usedpools */
955
/* Pool is now empty: unlink from usedpools, and
956
* link to the front of freepools. This ensures that
957
* previously freed pools will be allocated later
958
* (being not referenced, they are perhaps paged out).
960
next = pool->nextpool;
961
prev = pool->prevpool;
962
next->prevpool = prev;
963
prev->nextpool = next;
965
/* Link the pool to freepools. This is a singly-linked
966
* list, and pool->prevpool isn't used there.
968
ao = &arenas[pool->arenaindex];
969
pool->nextpool = ao->freepools;
970
ao->freepools = pool;
971
nf = ++ao->nfreepools;
973
/* All the rest is arena management. We just freed
974
* a pool, and there are 4 cases for arena mgmt:
975
* 1. If all the pools are free, return the arena to
977
* 2. If this is the only free pool in the arena,
978
* add the arena back to the `usable_arenas` list.
979
* 3. If the "next" arena has a smaller count of free
980
* pools, we have to "slide this arena right" to
981
* restore that usable_arenas is sorted in order of
983
* 4. Else there's nothing more to do.
985
if (nf == ao->ntotalpools) {
986
/* Case 1. First unlink ao from usable_arenas.
988
assert(ao->prevarena == NULL ||
989
ao->prevarena->address != 0);
990
assert(ao ->nextarena == NULL ||
991
ao->nextarena->address != 0);
993
/* Fix the pointer in the prevarena, or the
994
* usable_arenas pointer.
996
if (ao->prevarena == NULL) {
997
usable_arenas = ao->nextarena;
998
assert(usable_arenas == NULL ||
999
usable_arenas->address != 0);
1002
assert(ao->prevarena->nextarena == ao);
1003
ao->prevarena->nextarena =
1006
/* Fix the pointer in the nextarena. */
1007
if (ao->nextarena != NULL) {
1008
assert(ao->nextarena->prevarena == ao);
1009
ao->nextarena->prevarena =
1012
/* Record that this arena_object slot is
1013
* available to be reused.
1015
ao->nextarena = unused_arena_objects;
1016
unused_arena_objects = ao;
1018
/* Free the entire arena. */
1019
free((void *)ao->address);
1020
ao->address = 0; /* mark unassociated */
1021
--narenas_currently_allocated;
1027
/* Case 2. Put ao at the head of
1028
* usable_arenas. Note that because
1029
* ao->nfreepools was 0 before, ao isn't
1030
* currently on the usable_arenas list.
1032
ao->nextarena = usable_arenas;
1033
ao->prevarena = NULL;
1035
usable_arenas->prevarena = ao;
1037
assert(usable_arenas->address != 0);
1042
/* If this arena is now out of order, we need to keep
1043
* the list sorted. The list is kept sorted so that
1044
* the "most full" arenas are used first, which allows
1045
* the nearly empty arenas to be completely freed. In
1046
* a few un-scientific tests, it seems like this
1047
* approach allowed a lot more memory to be freed.
1049
if (ao->nextarena == NULL ||
1050
nf <= ao->nextarena->nfreepools) {
1051
/* Case 4. Nothing to do. */
1055
/* Case 3: We have to move the arena towards the end
1056
* of the list, because it has more free pools than
1057
* the arena to its right.
1058
* First unlink ao from usable_arenas.
1060
if (ao->prevarena != NULL) {
1061
/* ao isn't at the head of the list */
1062
assert(ao->prevarena->nextarena == ao);
1063
ao->prevarena->nextarena = ao->nextarena;
1066
/* ao is at the head of the list */
1067
assert(usable_arenas == ao);
1068
usable_arenas = ao->nextarena;
1070
ao->nextarena->prevarena = ao->prevarena;
1072
/* Locate the new insertion point by iterating over
1073
* the list, using our nextarena pointer.
1075
while (ao->nextarena != NULL &&
1076
nf > ao->nextarena->nfreepools) {
1077
ao->prevarena = ao->nextarena;
1078
ao->nextarena = ao->nextarena->nextarena;
1081
/* Insert ao at this point. */
1082
assert(ao->nextarena == NULL ||
1083
ao->prevarena == ao->nextarena->prevarena);
1084
assert(ao->prevarena->nextarena == ao->nextarena);
1086
ao->prevarena->nextarena = ao;
1087
if (ao->nextarena != NULL)
1088
ao->nextarena->prevarena = ao;
1090
/* Verify that the swaps worked. */
1091
assert(ao->nextarena == NULL ||
1092
nf <= ao->nextarena->nfreepools);
1093
assert(ao->prevarena == NULL ||
1094
nf > ao->prevarena->nfreepools);
1095
assert(ao->nextarena == NULL ||
1096
ao->nextarena->prevarena == ao);
1097
assert((usable_arenas == ao &&
1098
ao->prevarena == NULL) ||
1099
ao->prevarena->nextarena == ao);
1104
/* Pool was full, so doesn't currently live in any list:
1105
* link it to the front of the appropriate usedpools[] list.
1106
* This mimics LRU pool usage for new allocations and
1107
* targets optimal filling when several pools contain
1108
* blocks of the same size class.
1111
assert(pool->ref.count > 0); /* else the pool is empty */
1113
next = usedpools[size + size];
1114
prev = next->prevpool;
1115
/* insert pool before next: prev <-> pool <-> next */
1116
pool->nextpool = next;
1117
pool->prevpool = prev;
1118
next->prevpool = pool;
1119
prev->nextpool = pool;
1124
/* We didn't allocate this address. */
927
if (p == NULL) /* free(NULL) has no effect */
931
if (Py_ADDRESS_IN_RANGE(p, pool)) {
932
/* We allocated this address. */
934
/* Link p to the start of the pool's freeblock list. Since
935
* the pool had at least the p block outstanding, the pool
936
* wasn't empty (so it's already in a usedpools[] list, or
937
* was full and is in no list -- it's not in the freeblocks
940
assert(pool->ref.count > 0); /* else it was empty */
941
*(block **)p = lastfree = pool->freeblock;
942
pool->freeblock = (block *)p;
944
struct arena_object* ao;
945
uint nf; /* ao->nfreepools */
947
/* freeblock wasn't NULL, so the pool wasn't full,
948
* and the pool is in a usedpools[] list.
950
if (--pool->ref.count != 0) {
951
/* pool isn't empty: leave it in usedpools */
955
/* Pool is now empty: unlink from usedpools, and
956
* link to the front of freepools. This ensures that
957
* previously freed pools will be allocated later
958
* (being not referenced, they are perhaps paged out).
960
next = pool->nextpool;
961
prev = pool->prevpool;
962
next->prevpool = prev;
963
prev->nextpool = next;
965
/* Link the pool to freepools. This is a singly-linked
966
* list, and pool->prevpool isn't used there.
968
ao = &arenas[pool->arenaindex];
969
pool->nextpool = ao->freepools;
970
ao->freepools = pool;
971
nf = ++ao->nfreepools;
973
/* All the rest is arena management. We just freed
974
* a pool, and there are 4 cases for arena mgmt:
975
* 1. If all the pools are free, return the arena to
977
* 2. If this is the only free pool in the arena,
978
* add the arena back to the `usable_arenas` list.
979
* 3. If the "next" arena has a smaller count of free
980
* pools, we have to "slide this arena right" to
981
* restore that usable_arenas is sorted in order of
983
* 4. Else there's nothing more to do.
985
if (nf == ao->ntotalpools) {
986
/* Case 1. First unlink ao from usable_arenas.
988
assert(ao->prevarena == NULL ||
989
ao->prevarena->address != 0);
990
assert(ao ->nextarena == NULL ||
991
ao->nextarena->address != 0);
993
/* Fix the pointer in the prevarena, or the
994
* usable_arenas pointer.
996
if (ao->prevarena == NULL) {
997
usable_arenas = ao->nextarena;
998
assert(usable_arenas == NULL ||
999
usable_arenas->address != 0);
1002
assert(ao->prevarena->nextarena == ao);
1003
ao->prevarena->nextarena =
1006
/* Fix the pointer in the nextarena. */
1007
if (ao->nextarena != NULL) {
1008
assert(ao->nextarena->prevarena == ao);
1009
ao->nextarena->prevarena =
1012
/* Record that this arena_object slot is
1013
* available to be reused.
1015
ao->nextarena = unused_arena_objects;
1016
unused_arena_objects = ao;
1018
/* Free the entire arena. */
1019
free((void *)ao->address);
1020
ao->address = 0; /* mark unassociated */
1021
--narenas_currently_allocated;
1027
/* Case 2. Put ao at the head of
1028
* usable_arenas. Note that because
1029
* ao->nfreepools was 0 before, ao isn't
1030
* currently on the usable_arenas list.
1032
ao->nextarena = usable_arenas;
1033
ao->prevarena = NULL;
1035
usable_arenas->prevarena = ao;
1037
assert(usable_arenas->address != 0);
1042
/* If this arena is now out of order, we need to keep
1043
* the list sorted. The list is kept sorted so that
1044
* the "most full" arenas are used first, which allows
1045
* the nearly empty arenas to be completely freed. In
1046
* a few un-scientific tests, it seems like this
1047
* approach allowed a lot more memory to be freed.
1049
if (ao->nextarena == NULL ||
1050
nf <= ao->nextarena->nfreepools) {
1051
/* Case 4. Nothing to do. */
1055
/* Case 3: We have to move the arena towards the end
1056
* of the list, because it has more free pools than
1057
* the arena to its right.
1058
* First unlink ao from usable_arenas.
1060
if (ao->prevarena != NULL) {
1061
/* ao isn't at the head of the list */
1062
assert(ao->prevarena->nextarena == ao);
1063
ao->prevarena->nextarena = ao->nextarena;
1066
/* ao is at the head of the list */
1067
assert(usable_arenas == ao);
1068
usable_arenas = ao->nextarena;
1070
ao->nextarena->prevarena = ao->prevarena;
1072
/* Locate the new insertion point by iterating over
1073
* the list, using our nextarena pointer.
1075
while (ao->nextarena != NULL &&
1076
nf > ao->nextarena->nfreepools) {
1077
ao->prevarena = ao->nextarena;
1078
ao->nextarena = ao->nextarena->nextarena;
1081
/* Insert ao at this point. */
1082
assert(ao->nextarena == NULL ||
1083
ao->prevarena == ao->nextarena->prevarena);
1084
assert(ao->prevarena->nextarena == ao->nextarena);
1086
ao->prevarena->nextarena = ao;
1087
if (ao->nextarena != NULL)
1088
ao->nextarena->prevarena = ao;
1090
/* Verify that the swaps worked. */
1091
assert(ao->nextarena == NULL ||
1092
nf <= ao->nextarena->nfreepools);
1093
assert(ao->prevarena == NULL ||
1094
nf > ao->prevarena->nfreepools);
1095
assert(ao->nextarena == NULL ||
1096
ao->nextarena->prevarena == ao);
1097
assert((usable_arenas == ao &&
1098
ao->prevarena == NULL) ||
1099
ao->prevarena->nextarena == ao);
1104
/* Pool was full, so doesn't currently live in any list:
1105
* link it to the front of the appropriate usedpools[] list.
1106
* This mimics LRU pool usage for new allocations and
1107
* targets optimal filling when several pools contain
1108
* blocks of the same size class.
1111
assert(pool->ref.count > 0); /* else the pool is empty */
1113
next = usedpools[size + size];
1114
prev = next->prevpool;
1115
/* insert pool before next: prev <-> pool <-> next */
1116
pool->nextpool = next;
1117
pool->prevpool = prev;
1118
next->prevpool = pool;
1119
prev->nextpool = pool;
1124
/* We didn't allocate this address. */
1128
1128
/* realloc. If p is NULL, this acts like malloc(nbytes). Else if nbytes==0,
1135
1135
PyObject_Realloc(void *p, size_t nbytes)
1142
return PyObject_Malloc(nbytes);
1145
* Limit ourselves to PY_SSIZE_T_MAX bytes to prevent security holes.
1146
* Most python internals blindly use a signed Py_ssize_t to track
1147
* things without checking for overflows or negatives.
1148
* As size_t is unsigned, checking for nbytes < 0 is not required.
1150
if (nbytes > PY_SSIZE_T_MAX)
1153
pool = POOL_ADDR(p);
1154
if (Py_ADDRESS_IN_RANGE(p, pool)) {
1155
/* We're in charge of this block */
1156
size = INDEX2SIZE(pool->szidx);
1157
if (nbytes <= size) {
1158
/* The block is staying the same or shrinking. If
1159
* it's shrinking, there's a tradeoff: it costs
1160
* cycles to copy the block to a smaller size class,
1161
* but it wastes memory not to copy it. The
1162
* compromise here is to copy on shrink only if at
1163
* least 25% of size can be shaved off.
1165
if (4 * nbytes > 3 * size) {
1167
* or shrinking and new/old > 3/4.
1173
bp = PyObject_Malloc(nbytes);
1175
memcpy(bp, p, size);
1180
/* We're not managing this block. If nbytes <=
1181
* SMALL_REQUEST_THRESHOLD, it's tempting to try to take over this
1182
* block. However, if we do, we need to copy the valid data from
1183
* the C-managed block to one of our blocks, and there's no portable
1184
* way to know how much of the memory space starting at p is valid.
1185
* As bug 1185883 pointed out the hard way, it's possible that the
1186
* C-managed block is "at the end" of allocated VM space, so that
1187
* a memory fault can occur if we try to copy nbytes bytes starting
1188
* at p. Instead we punt: let C continue to manage this block.
1191
return realloc(p, nbytes);
1192
/* C doesn't define the result of realloc(p, 0) (it may or may not
1193
* return NULL then), but Python's docs promise that nbytes==0 never
1194
* returns NULL. We don't pass 0 to realloc(), to avoid that endcase
1195
* to begin with. Even then, we can't be sure that realloc() won't
1142
return PyObject_Malloc(nbytes);
1145
* Limit ourselves to PY_SSIZE_T_MAX bytes to prevent security holes.
1146
* Most python internals blindly use a signed Py_ssize_t to track
1147
* things without checking for overflows or negatives.
1148
* As size_t is unsigned, checking for nbytes < 0 is not required.
1150
if (nbytes > PY_SSIZE_T_MAX)
1153
pool = POOL_ADDR(p);
1154
if (Py_ADDRESS_IN_RANGE(p, pool)) {
1155
/* We're in charge of this block */
1156
size = INDEX2SIZE(pool->szidx);
1157
if (nbytes <= size) {
1158
/* The block is staying the same or shrinking. If
1159
* it's shrinking, there's a tradeoff: it costs
1160
* cycles to copy the block to a smaller size class,
1161
* but it wastes memory not to copy it. The
1162
* compromise here is to copy on shrink only if at
1163
* least 25% of size can be shaved off.
1165
if (4 * nbytes > 3 * size) {
1167
* or shrinking and new/old > 3/4.
1173
bp = PyObject_Malloc(nbytes);
1175
memcpy(bp, p, size);
1180
/* We're not managing this block. If nbytes <=
1181
* SMALL_REQUEST_THRESHOLD, it's tempting to try to take over this
1182
* block. However, if we do, we need to copy the valid data from
1183
* the C-managed block to one of our blocks, and there's no portable
1184
* way to know how much of the memory space starting at p is valid.
1185
* As bug 1185883 pointed out the hard way, it's possible that the
1186
* C-managed block is "at the end" of allocated VM space, so that
1187
* a memory fault can occur if we try to copy nbytes bytes starting
1188
* at p. Instead we punt: let C continue to manage this block.
1191
return realloc(p, nbytes);
1192
/* C doesn't define the result of realloc(p, 0) (it may or may not
1193
* return NULL then), but Python's docs promise that nbytes==0 never
1194
* returns NULL. We don't pass 0 to realloc(), to avoid that endcase
1195
* to begin with. Even then, we can't be sure that realloc() won't
1202
#else /* ! WITH_PYMALLOC */
1202
#else /* ! WITH_PYMALLOC */
1204
1204
/*==========================================================================*/
1205
1205
/* pymalloc not enabled: Redirect the entry points to malloc. These will
1370
1370
_PyObject_DebugFree(void *p)
1372
uchar *q = (uchar *)p - 2*SST; /* address returned from malloc */
1372
uchar *q = (uchar *)p - 2*SST; /* address returned from malloc */
1377
_PyObject_DebugCheckAddress(p);
1378
nbytes = read_size_t(q);
1380
memset(q, DEADBYTE, nbytes);
1377
_PyObject_DebugCheckAddress(p);
1378
nbytes = read_size_t(q);
1380
memset(q, DEADBYTE, nbytes);
1385
1385
_PyObject_DebugRealloc(void *p, size_t nbytes)
1387
uchar *q = (uchar *)p;
1389
size_t total; /* nbytes + 4*SST */
1390
size_t original_nbytes;
1394
return _PyObject_DebugMalloc(nbytes);
1396
_PyObject_DebugCheckAddress(p);
1398
original_nbytes = read_size_t(q - 2*SST);
1399
total = nbytes + 4*SST;
1401
/* overflow: can't represent total as a size_t */
1404
if (nbytes < original_nbytes) {
1405
/* shrinking: mark old extra memory dead */
1406
memset(q + nbytes, DEADBYTE, original_nbytes - nbytes);
1409
/* Resize and add decorations. */
1410
q = (uchar *)PyObject_Realloc(q - 2*SST, total);
1414
write_size_t(q, nbytes);
1415
for (i = 0; i < SST; ++i)
1416
assert(q[SST + i] == FORBIDDENBYTE);
1419
memset(tail, FORBIDDENBYTE, SST);
1420
write_size_t(tail + SST, serialno);
1422
if (nbytes > original_nbytes) {
1423
/* growing: mark new extra memory clean */
1424
memset(q + original_nbytes, CLEANBYTE,
1425
nbytes - original_nbytes);
1387
uchar *q = (uchar *)p;
1389
size_t total; /* nbytes + 4*SST */
1390
size_t original_nbytes;
1394
return _PyObject_DebugMalloc(nbytes);
1396
_PyObject_DebugCheckAddress(p);
1398
original_nbytes = read_size_t(q - 2*SST);
1399
total = nbytes + 4*SST;
1401
/* overflow: can't represent total as a size_t */
1404
if (nbytes < original_nbytes) {
1405
/* shrinking: mark old extra memory dead */
1406
memset(q + nbytes, DEADBYTE, original_nbytes - nbytes);
1409
/* Resize and add decorations. */
1410
q = (uchar *)PyObject_Realloc(q - 2*SST, total);
1414
write_size_t(q, nbytes);
1415
for (i = 0; i < SST; ++i)
1416
assert(q[SST + i] == FORBIDDENBYTE);
1419
memset(tail, FORBIDDENBYTE, SST);
1420
write_size_t(tail + SST, serialno);
1422
if (nbytes > original_nbytes) {
1423
/* growing: mark new extra memory clean */
1424
memset(q + original_nbytes, CLEANBYTE,
1425
nbytes - original_nbytes);
1431
1431
/* Check the forbidden bytes on both ends of the memory allocated for p.
1436
1436
_PyObject_DebugCheckAddress(const void *p)
1438
const uchar *q = (const uchar *)p;
1445
msg = "didn't expect a NULL pointer";
1449
/* Check the stuff at the start of p first: if there's underwrite
1450
* corruption, the number-of-bytes field may be nuts, and checking
1451
* the tail could lead to a segfault then.
1453
for (i = SST; i >= 1; --i) {
1454
if (*(q-i) != FORBIDDENBYTE) {
1455
msg = "bad leading pad byte";
1460
nbytes = read_size_t(q - 2*SST);
1462
for (i = 0; i < SST; ++i) {
1463
if (tail[i] != FORBIDDENBYTE) {
1464
msg = "bad trailing pad byte";
1438
const uchar *q = (const uchar *)p;
1445
msg = "didn't expect a NULL pointer";
1449
/* Check the stuff at the start of p first: if there's underwrite
1450
* corruption, the number-of-bytes field may be nuts, and checking
1451
* the tail could lead to a segfault then.
1453
for (i = SST; i >= 1; --i) {
1454
if (*(q-i) != FORBIDDENBYTE) {
1455
msg = "bad leading pad byte";
1460
nbytes = read_size_t(q - 2*SST);
1462
for (i = 0; i < SST; ++i) {
1463
if (tail[i] != FORBIDDENBYTE) {
1464
msg = "bad trailing pad byte";
1472
_PyObject_DebugDumpAddress(p);
1472
_PyObject_DebugDumpAddress(p);
1476
1476
/* Display info to stderr about the memory block at p. */
1478
1478
_PyObject_DebugDumpAddress(const void *p)
1480
const uchar *q = (const uchar *)p;
1482
size_t nbytes, serial;
1486
fprintf(stderr, "Debug memory block at address p=%p:\n", p);
1490
nbytes = read_size_t(q - 2*SST);
1491
fprintf(stderr, " %" PY_FORMAT_SIZE_T "u bytes originally "
1492
"requested\n", nbytes);
1494
/* In case this is nuts, check the leading pad bytes first. */
1495
fprintf(stderr, " The %d pad bytes at p-%d are ", SST, SST);
1497
for (i = 1; i <= SST; ++i) {
1498
if (*(q-i) != FORBIDDENBYTE) {
1504
fputs("FORBIDDENBYTE, as expected.\n", stderr);
1506
fprintf(stderr, "not all FORBIDDENBYTE (0x%02x):\n",
1508
for (i = SST; i >= 1; --i) {
1509
const uchar byte = *(q-i);
1510
fprintf(stderr, " at p-%d: 0x%02x", i, byte);
1511
if (byte != FORBIDDENBYTE)
1512
fputs(" *** OUCH", stderr);
1513
fputc('\n', stderr);
1516
fputs(" Because memory is corrupted at the start, the "
1517
"count of bytes requested\n"
1518
" may be bogus, and checking the trailing pad "
1519
"bytes may segfault.\n", stderr);
1523
fprintf(stderr, " The %d pad bytes at tail=%p are ", SST, tail);
1525
for (i = 0; i < SST; ++i) {
1526
if (tail[i] != FORBIDDENBYTE) {
1532
fputs("FORBIDDENBYTE, as expected.\n", stderr);
1534
fprintf(stderr, "not all FORBIDDENBYTE (0x%02x):\n",
1536
for (i = 0; i < SST; ++i) {
1537
const uchar byte = tail[i];
1538
fprintf(stderr, " at tail+%d: 0x%02x",
1540
if (byte != FORBIDDENBYTE)
1541
fputs(" *** OUCH", stderr);
1542
fputc('\n', stderr);
1546
serial = read_size_t(tail + SST);
1547
fprintf(stderr, " The block was made by call #%" PY_FORMAT_SIZE_T
1548
"u to debug malloc/realloc.\n", serial);
1552
fputs(" Data at p:", stderr);
1553
/* print up to 8 bytes at the start */
1554
while (q < tail && i < 8) {
1555
fprintf(stderr, " %02x", *q);
1559
/* and up to 8 at the end */
1562
fputs(" ...", stderr);
1566
fprintf(stderr, " %02x", *q);
1570
fputc('\n', stderr);
1480
const uchar *q = (const uchar *)p;
1482
size_t nbytes, serial;
1486
fprintf(stderr, "Debug memory block at address p=%p:\n", p);
1490
nbytes = read_size_t(q - 2*SST);
1491
fprintf(stderr, " %" PY_FORMAT_SIZE_T "u bytes originally "
1492
"requested\n", nbytes);
1494
/* In case this is nuts, check the leading pad bytes first. */
1495
fprintf(stderr, " The %d pad bytes at p-%d are ", SST, SST);
1497
for (i = 1; i <= SST; ++i) {
1498
if (*(q-i) != FORBIDDENBYTE) {
1504
fputs("FORBIDDENBYTE, as expected.\n", stderr);
1506
fprintf(stderr, "not all FORBIDDENBYTE (0x%02x):\n",
1508
for (i = SST; i >= 1; --i) {
1509
const uchar byte = *(q-i);
1510
fprintf(stderr, " at p-%d: 0x%02x", i, byte);
1511
if (byte != FORBIDDENBYTE)
1512
fputs(" *** OUCH", stderr);
1513
fputc('\n', stderr);
1516
fputs(" Because memory is corrupted at the start, the "
1517
"count of bytes requested\n"
1518
" may be bogus, and checking the trailing pad "
1519
"bytes may segfault.\n", stderr);
1523
fprintf(stderr, " The %d pad bytes at tail=%p are ", SST, tail);
1525
for (i = 0; i < SST; ++i) {
1526
if (tail[i] != FORBIDDENBYTE) {
1532
fputs("FORBIDDENBYTE, as expected.\n", stderr);
1534
fprintf(stderr, "not all FORBIDDENBYTE (0x%02x):\n",
1536
for (i = 0; i < SST; ++i) {
1537
const uchar byte = tail[i];
1538
fprintf(stderr, " at tail+%d: 0x%02x",
1540
if (byte != FORBIDDENBYTE)
1541
fputs(" *** OUCH", stderr);
1542
fputc('\n', stderr);
1546
serial = read_size_t(tail + SST);
1547
fprintf(stderr, " The block was made by call #%" PY_FORMAT_SIZE_T
1548
"u to debug malloc/realloc.\n", serial);
1552
fputs(" Data at p:", stderr);
1553
/* print up to 8 bytes at the start */
1554
while (q < tail && i < 8) {
1555
fprintf(stderr, " %02x", *q);
1559
/* and up to 8 at the end */
1562
fputs(" ...", stderr);
1566
fprintf(stderr, " %02x", *q);
1570
fputc('\n', stderr);
1575
1575
printone(const char* msg, size_t value)
1579
size_t origvalue = value;
1582
for (i = (int)strlen(msg); i < 35; ++i)
1586
/* Write the value with commas. */
1592
size_t nextvalue = value / 10;
1593
uint digit = (uint)(value - nextvalue * 10);
1595
buf[i--] = (char)(digit + '0');
1597
if (k == 0 && value && i >= 0) {
1601
} while (value && i >= 0);
1579
size_t origvalue = value;
1582
for (i = (int)strlen(msg); i < 35; ++i)
1586
/* Write the value with commas. */
1592
size_t nextvalue = value / 10;
1593
uint digit = (uint)(value - nextvalue * 10);
1595
buf[i--] = (char)(digit + '0');
1597
if (k == 0 && value && i >= 0) {
1601
} while (value && i >= 0);
1610
1610
/* Print summary info to stderr about the state of pymalloc's structures.
1615
1615
_PyObject_DebugMallocStats(void)
1618
const uint numclasses = SMALL_REQUEST_THRESHOLD >> ALIGNMENT_SHIFT;
1619
/* # of pools, allocated blocks, and free blocks per class index */
1620
size_t numpools[SMALL_REQUEST_THRESHOLD >> ALIGNMENT_SHIFT];
1621
size_t numblocks[SMALL_REQUEST_THRESHOLD >> ALIGNMENT_SHIFT];
1622
size_t numfreeblocks[SMALL_REQUEST_THRESHOLD >> ALIGNMENT_SHIFT];
1623
/* total # of allocated bytes in used and full pools */
1624
size_t allocated_bytes = 0;
1625
/* total # of available bytes in used pools */
1626
size_t available_bytes = 0;
1627
/* # of free pools + pools not yet carved out of current arena */
1628
uint numfreepools = 0;
1629
/* # of bytes for arena alignment padding */
1630
size_t arena_alignment = 0;
1631
/* # of bytes in used and full pools used for pool_headers */
1632
size_t pool_header_bytes = 0;
1633
/* # of bytes in used and full pools wasted due to quantization,
1634
* i.e. the necessarily leftover space at the ends of used and
1637
size_t quantization = 0;
1638
/* # of arenas actually allocated. */
1640
/* running total -- should equal narenas * ARENA_SIZE */
1644
fprintf(stderr, "Small block threshold = %d, in %u size classes.\n",
1645
SMALL_REQUEST_THRESHOLD, numclasses);
1647
for (i = 0; i < numclasses; ++i)
1648
numpools[i] = numblocks[i] = numfreeblocks[i] = 0;
1650
/* Because full pools aren't linked to from anything, it's easiest
1651
* to march over all the arenas. If we're lucky, most of the memory
1652
* will be living in full pools -- would be a shame to miss them.
1654
for (i = 0; i < maxarenas; ++i) {
1657
uptr base = arenas[i].address;
1659
/* Skip arenas which are not allocated. */
1660
if (arenas[i].address == (uptr)NULL)
1664
poolsinarena = arenas[i].ntotalpools;
1665
numfreepools += arenas[i].nfreepools;
1667
/* round up to pool alignment */
1668
if (base & (uptr)POOL_SIZE_MASK) {
1669
arena_alignment += POOL_SIZE;
1670
base &= ~(uptr)POOL_SIZE_MASK;
1674
/* visit every pool in the arena */
1675
assert(base <= (uptr) arenas[i].pool_address);
1677
base < (uptr) arenas[i].pool_address;
1678
++j, base += POOL_SIZE) {
1679
poolp p = (poolp)base;
1680
const uint sz = p->szidx;
1683
if (p->ref.count == 0) {
1684
/* currently unused */
1685
assert(pool_is_in_list(p, arenas[i].freepools));
1689
numblocks[sz] += p->ref.count;
1690
freeblocks = NUMBLOCKS(sz) - p->ref.count;
1691
numfreeblocks[sz] += freeblocks;
1618
const uint numclasses = SMALL_REQUEST_THRESHOLD >> ALIGNMENT_SHIFT;
1619
/* # of pools, allocated blocks, and free blocks per class index */
1620
size_t numpools[SMALL_REQUEST_THRESHOLD >> ALIGNMENT_SHIFT];
1621
size_t numblocks[SMALL_REQUEST_THRESHOLD >> ALIGNMENT_SHIFT];
1622
size_t numfreeblocks[SMALL_REQUEST_THRESHOLD >> ALIGNMENT_SHIFT];
1623
/* total # of allocated bytes in used and full pools */
1624
size_t allocated_bytes = 0;
1625
/* total # of available bytes in used pools */
1626
size_t available_bytes = 0;
1627
/* # of free pools + pools not yet carved out of current arena */
1628
uint numfreepools = 0;
1629
/* # of bytes for arena alignment padding */
1630
size_t arena_alignment = 0;
1631
/* # of bytes in used and full pools used for pool_headers */
1632
size_t pool_header_bytes = 0;
1633
/* # of bytes in used and full pools wasted due to quantization,
1634
* i.e. the necessarily leftover space at the ends of used and
1637
size_t quantization = 0;
1638
/* # of arenas actually allocated. */
1640
/* running total -- should equal narenas * ARENA_SIZE */
1644
fprintf(stderr, "Small block threshold = %d, in %u size classes.\n",
1645
SMALL_REQUEST_THRESHOLD, numclasses);
1647
for (i = 0; i < numclasses; ++i)
1648
numpools[i] = numblocks[i] = numfreeblocks[i] = 0;
1650
/* Because full pools aren't linked to from anything, it's easiest
1651
* to march over all the arenas. If we're lucky, most of the memory
1652
* will be living in full pools -- would be a shame to miss them.
1654
for (i = 0; i < maxarenas; ++i) {
1657
uptr base = arenas[i].address;
1659
/* Skip arenas which are not allocated. */
1660
if (arenas[i].address == (uptr)NULL)
1664
poolsinarena = arenas[i].ntotalpools;
1665
numfreepools += arenas[i].nfreepools;
1667
/* round up to pool alignment */
1668
if (base & (uptr)POOL_SIZE_MASK) {
1669
arena_alignment += POOL_SIZE;
1670
base &= ~(uptr)POOL_SIZE_MASK;
1674
/* visit every pool in the arena */
1675
assert(base <= (uptr) arenas[i].pool_address);
1677
base < (uptr) arenas[i].pool_address;
1678
++j, base += POOL_SIZE) {
1679
poolp p = (poolp)base;
1680
const uint sz = p->szidx;
1683
if (p->ref.count == 0) {
1684
/* currently unused */
1685
assert(pool_is_in_list(p, arenas[i].freepools));
1689
numblocks[sz] += p->ref.count;
1690
freeblocks = NUMBLOCKS(sz) - p->ref.count;
1691
numfreeblocks[sz] += freeblocks;
1692
1692
#ifdef Py_DEBUG
1694
assert(pool_is_in_list(p, usedpools[sz + sz]));
1694
assert(pool_is_in_list(p, usedpools[sz + sz]));
1698
assert(narenas == narenas_currently_allocated);
1700
fputc('\n', stderr);
1701
fputs("class size num pools blocks in use avail blocks\n"
1702
"----- ---- --------- ------------- ------------\n",
1705
for (i = 0; i < numclasses; ++i) {
1706
size_t p = numpools[i];
1707
size_t b = numblocks[i];
1708
size_t f = numfreeblocks[i];
1709
uint size = INDEX2SIZE(i);
1711
assert(b == 0 && f == 0);
1714
fprintf(stderr, "%5u %6u "
1715
"%11" PY_FORMAT_SIZE_T "u "
1716
"%15" PY_FORMAT_SIZE_T "u "
1717
"%13" PY_FORMAT_SIZE_T "u\n",
1719
allocated_bytes += b * size;
1720
available_bytes += f * size;
1721
pool_header_bytes += p * POOL_OVERHEAD;
1722
quantization += p * ((POOL_SIZE - POOL_OVERHEAD) % size);
1724
fputc('\n', stderr);
1725
(void)printone("# times object malloc called", serialno);
1727
(void)printone("# arenas allocated total", ntimes_arena_allocated);
1728
(void)printone("# arenas reclaimed", ntimes_arena_allocated - narenas);
1729
(void)printone("# arenas highwater mark", narenas_highwater);
1730
(void)printone("# arenas allocated current", narenas);
1732
PyOS_snprintf(buf, sizeof(buf),
1733
"%" PY_FORMAT_SIZE_T "u arenas * %d bytes/arena",
1734
narenas, ARENA_SIZE);
1735
(void)printone(buf, narenas * ARENA_SIZE);
1737
fputc('\n', stderr);
1739
total = printone("# bytes in allocated blocks", allocated_bytes);
1740
total += printone("# bytes in available blocks", available_bytes);
1742
PyOS_snprintf(buf, sizeof(buf),
1743
"%u unused pools * %d bytes", numfreepools, POOL_SIZE);
1744
total += printone(buf, (size_t)numfreepools * POOL_SIZE);
1746
total += printone("# bytes lost to pool headers", pool_header_bytes);
1747
total += printone("# bytes lost to quantization", quantization);
1748
total += printone("# bytes lost to arena alignment", arena_alignment);
1749
(void)printone("Total", total);
1698
assert(narenas == narenas_currently_allocated);
1700
fputc('\n', stderr);
1701
fputs("class size num pools blocks in use avail blocks\n"
1702
"----- ---- --------- ------------- ------------\n",
1705
for (i = 0; i < numclasses; ++i) {
1706
size_t p = numpools[i];
1707
size_t b = numblocks[i];
1708
size_t f = numfreeblocks[i];
1709
uint size = INDEX2SIZE(i);
1711
assert(b == 0 && f == 0);
1714
fprintf(stderr, "%5u %6u "
1715
"%11" PY_FORMAT_SIZE_T "u "
1716
"%15" PY_FORMAT_SIZE_T "u "
1717
"%13" PY_FORMAT_SIZE_T "u\n",
1719
allocated_bytes += b * size;
1720
available_bytes += f * size;
1721
pool_header_bytes += p * POOL_OVERHEAD;
1722
quantization += p * ((POOL_SIZE - POOL_OVERHEAD) % size);
1724
fputc('\n', stderr);
1725
(void)printone("# times object malloc called", serialno);
1727
(void)printone("# arenas allocated total", ntimes_arena_allocated);
1728
(void)printone("# arenas reclaimed", ntimes_arena_allocated - narenas);
1729
(void)printone("# arenas highwater mark", narenas_highwater);
1730
(void)printone("# arenas allocated current", narenas);
1732
PyOS_snprintf(buf, sizeof(buf),
1733
"%" PY_FORMAT_SIZE_T "u arenas * %d bytes/arena",
1734
narenas, ARENA_SIZE);
1735
(void)printone(buf, narenas * ARENA_SIZE);
1737
fputc('\n', stderr);
1739
total = printone("# bytes in allocated blocks", allocated_bytes);
1740
total += printone("# bytes in available blocks", available_bytes);
1742
PyOS_snprintf(buf, sizeof(buf),
1743
"%u unused pools * %d bytes", numfreepools, POOL_SIZE);
1744
total += printone(buf, (size_t)numfreepools * POOL_SIZE);
1746
total += printone("# bytes lost to pool headers", pool_header_bytes);
1747
total += printone("# bytes lost to quantization", quantization);
1748
total += printone("# bytes lost to arena alignment", arena_alignment);
1749
(void)printone("Total", total);
1752
#endif /* PYMALLOC_DEBUG */
1752
#endif /* PYMALLOC_DEBUG */
1754
1754
#ifdef Py_USING_MEMORY_DEBUGGER
1755
1755
/* Make this function last so gcc won't inline it since the definition is