Loading...
--- libmalloc/libmalloc-166.251.2/src/magazine_malloc.c
+++ libmalloc/libmalloc-646.40.3/src/magazine_malloc.c
@@ -26,10 +26,12 @@
/*
* Multithread enhancements for "tiny" allocations introduced February 2008.
* These are in the spirit of "Hoard". See:
- * Berger, E.D.; McKinley, K.S.; Blumofe, R.D.; Wilson, P.R. (2000).
- * "Hoard: a scalable memory allocator for multithreaded applications".
- * ACM SIGPLAN Notices 35 (11): 117-128. Berger2000.
- * <http://portal.acm.org/citation.cfm?id=356989.357000>
+ * Emery D. Berger, Kathryn S. McKinley, Robert D. Blumofe, and Paul R. Wilson. 2000.
+ * Hoard: a scalable memory allocator for multithreaded applications.
+ * In Proceedings of the ninth international conference on Architectural support for
+ * programming languages and operating systems (ASPLOS IX).
+ * ACM, New York, NY, USA, 117-128.
+ * DOI: https://doi.org/10.1145/378993.379232
* Retrieved on 2008-02-22.
*/
@@ -46,10 +48,33 @@
int max_magazines;
// Control whether medium is enabled at all when creating new magazine zones
-bool magazine_medium_enabled = true;
+bool magazine_medium_enabled = DEFAULT_MEDIUM_ALLOCATOR_ENABLED;
// Control the DRAM limit at which medium kicks in.
uint64_t magazine_medium_active_threshold = MEDIUM_ACTIVATION_THRESHOLD;
+
+#if CONFIG_MEDIUM_ALLOCATOR
+
+// Control the dram divisor that's used to scale up medium's madvise window.
+// We'll double the window for each multiple of magazine_medium_madvise_dram_scale_divisor
+// bytes of dram on the system rounded down to the neareast power of 2.
+// This is done by setting magazine_medium_madvise_window_scale_factor.
+uint64_t magazine_medium_madvise_dram_scale_divisor = MEDIUM_MADVISE_DRAM_SCALE_DIVISOR;
+
+// Controls how much to scale up medium's madvise window.
+uint64_t magazine_medium_madvise_window_scale_factor = 1;
+#endif // CONFIG_MEDIUM_ALLOCATOR
+
+// Control the DRAM limit at which the expanded large cache kicks in.
+uint64_t magazine_large_expanded_cache_threshold = LARGE_CACHE_EXPANDED_THRESHOLD;
+
+#if CONFIG_AGGRESSIVE_MADVISE
+bool aggressive_madvise_enabled = DEFAULT_AGGRESSIVE_MADVISE_ENABLED;
+#endif // CONFIG_AGGRESSIVE_MADVISE
+
+#if CONFIG_LARGE_CACHE
+bool large_cache_enabled = DEFAULT_LARGE_CACHE_ENABLED;
+#endif // CONFIG_LARGE_CACHE
// <rdar://problem/47353961> Maximum number of magzines that the medium
// allocator will use. This addresses a 32-bit load-offset range issue found
@@ -65,20 +90,119 @@
/*
* Mark these MALLOC_NOINLINE to avoid bloating the purgeable zone call backs
*/
+static void
+_szone_free(szone_t *szone, void *ptr, bool try)
+{
+ region_t tiny_region;
+ region_t small_region;
+
+#if DEBUG_MALLOC
+ if (LOG(szone, ptr)) {
+ malloc_report(ASL_LEVEL_INFO, "in _szone_free with %p\n", ptr);
+ }
+#endif
+ if (!ptr) {
+ return;
+ }
+ if ((uintptr_t)ptr & (TINY_QUANTUM - 1)) {
+ if (!try) {
+ malloc_zone_error(szone->debug_flags, true, "Non-aligned pointer %p being freed\n", ptr);
+ return;
+ }
+ goto not_claimed;
+ }
+ /*
+ * Try to free to a tiny region.
+ */
+ if ((tiny_region = tiny_region_for_ptr_no_lock(&szone->tiny_rack, ptr)) != NULL) {
+ if (TINY_INDEX_FOR_PTR(ptr) >= NUM_TINY_BLOCKS) {
+ malloc_zone_error(szone->debug_flags, true, "Pointer %p to metadata being freed\n", ptr);
+ return;
+ }
+ free_tiny(&szone->tiny_rack, ptr, tiny_region, 0, false);
+ return;
+ }
+
+ /*
+ * Try to free to a small region.
+ */
+ if ((uintptr_t)ptr & (SMALL_QUANTUM - 1)) {
+ if (!try) {
+ malloc_zone_error(szone->debug_flags, true, "Non-aligned pointer %p being freed (2)\n", ptr);
+ return;
+ }
+ goto not_claimed;
+ }
+ if ((small_region = small_region_for_ptr_no_lock(&szone->small_rack, ptr)) != NULL) {
+ if (SMALL_META_INDEX_FOR_PTR(ptr) >= NUM_SMALL_BLOCKS) {
+ malloc_zone_error(szone->debug_flags, true, "Pointer %p to metadata being freed (2)\n", ptr);
+ return;
+ }
+ free_small(&szone->small_rack, ptr, small_region, 0);
+ return;
+ }
+
+#if CONFIG_MEDIUM_ALLOCATOR
+ region_t medium_region;
+
+ if (szone->is_medium_engaged &&
+ (medium_region = medium_region_for_ptr_no_lock(&szone->medium_rack, ptr)) != NULL) {
+ if (MEDIUM_META_INDEX_FOR_PTR(ptr) >= NUM_MEDIUM_BLOCKS) {
+ malloc_zone_error(szone->debug_flags, true, "Pointer %p to metadata being freed (2)\n", ptr);
+ return;
+ }
+ free_medium(&szone->medium_rack, ptr, medium_region, 0);
+ return;
+ }
+#endif // CONFIG_MEDIUM_ALLOCATOR
+
+ /* check that it's a legal large allocation */
+ if ((uintptr_t)ptr & (vm_page_quanta_size - 1)) {
+ if (!try) {
+ malloc_zone_error(szone->debug_flags, true, "non-page-aligned, non-allocated pointer %p being freed\n", ptr);
+ return;
+ }
+ goto not_claimed;
+ }
+ bool claimed = free_large(szone, ptr, try);
+ if (!try || claimed) {
+ return;
+ }
+
+not_claimed:
+ find_zone_and_free(ptr, true);
+}
+
void
szone_free(szone_t *szone, void *ptr)
{
- region_t tiny_region;
- region_t small_region;
-
+ _szone_free(szone, ptr, false);
+}
+
+static void
+szone_try_free_default(szone_t *szone, void *ptr)
+{
+ _szone_free(szone, ptr, true);
+}
+
+void
+szone_free_definite_size(szone_t *szone, void *ptr, size_t size)
+{
#if DEBUG_MALLOC
if (LOG(szone, ptr)) {
- malloc_report(ASL_LEVEL_INFO, "in szone_free with %p\n", ptr);
- }
+ malloc_report(ASL_LEVEL_INFO, "in szone_free_definite_size with %p\n", ptr);
+ }
+
+ if (0 == size) {
+ malloc_zone_error(szone->debug_flags, true, "pointer %p of size zero being freed\n", ptr);
+ return;
+ }
+
#endif
if (!ptr) {
return;
}
+
/*
* Try to free to a tiny region.
*/
@@ -86,84 +210,12 @@
malloc_zone_error(szone->debug_flags, true, "Non-aligned pointer %p being freed\n", ptr);
return;
}
- if ((tiny_region = tiny_region_for_ptr_no_lock(&szone->tiny_rack, ptr)) != NULL) {
- if (TINY_INDEX_FOR_PTR(ptr) >= NUM_TINY_BLOCKS) {
- malloc_zone_error(szone->debug_flags, true, "Pointer %p to metadata being freed\n", ptr);
- return;
- }
- free_tiny(&szone->tiny_rack, ptr, tiny_region, 0);
- return;
- }
-
- /*
- * Try to free to a small region.
- */
- if ((uintptr_t)ptr & (SMALL_QUANTUM - 1)) {
- malloc_zone_error(szone->debug_flags, true, "Non-aligned pointer %p being freed (2)\n", ptr);
- return;
- }
- if ((small_region = small_region_for_ptr_no_lock(&szone->small_rack, ptr)) != NULL) {
- if (SMALL_META_INDEX_FOR_PTR(ptr) >= NUM_SMALL_BLOCKS) {
- malloc_zone_error(szone->debug_flags, true, "Pointer %p to metadata being freed (2)\n", ptr);
- return;
- }
- free_small(&szone->small_rack, ptr, small_region, 0);
- return;
- }
-
-#if CONFIG_MEDIUM_ALLOCATOR
- region_t medium_region;
-
- if (szone->is_medium_engaged &&
- (medium_region = medium_region_for_ptr_no_lock(&szone->medium_rack, ptr)) != NULL) {
- if (MEDIUM_META_INDEX_FOR_PTR(ptr) >= NUM_MEDIUM_BLOCKS) {
- malloc_zone_error(szone->debug_flags, true, "Pointer %p to metadata being freed (2)\n", ptr);
- return;
- }
- free_medium(&szone->medium_rack, ptr, medium_region, 0);
- return;
- }
-#endif // CONFIG_MEDIUM_ALLOCATOR
-
- /* check that it's a legal large allocation */
- if ((uintptr_t)ptr & (vm_page_quanta_size - 1)) {
- malloc_zone_error(szone->debug_flags, true, "non-page-aligned, non-allocated pointer %p being freed\n", ptr);
- return;
- }
- free_large(szone, ptr);
-}
-
-void
-szone_free_definite_size(szone_t *szone, void *ptr, size_t size)
-{
-#if DEBUG_MALLOC
- if (LOG(szone, ptr)) {
- malloc_report(ASL_LEVEL_INFO, "in szone_free_definite_size with %p\n", ptr);
- }
-
- if (0 == size) {
- malloc_zone_error(szone->debug_flags, true, "pointer %p of size zero being freed\n", ptr);
- return;
- }
-
-#endif
- if (!ptr) {
- return;
- }
-
- /*
- * Try to free to a tiny region.
- */
- if ((uintptr_t)ptr & (TINY_QUANTUM - 1)) {
- malloc_zone_error(szone->debug_flags, true, "Non-aligned pointer %p being freed\n", ptr);
- return;
- }
if (size <= TINY_LIMIT_THRESHOLD) {
if (TINY_INDEX_FOR_PTR(ptr) >= NUM_TINY_BLOCKS) {
malloc_zone_error(szone->debug_flags, true, "Pointer %p to metadata being freed\n", ptr);
return;
}
- free_tiny(&szone->tiny_rack, ptr, TINY_REGION_FOR_PTR(ptr), size);
+ free_tiny(&szone->tiny_rack, ptr, TINY_REGION_FOR_PTR(ptr), size, false);
return;
}
@@ -202,7 +254,7 @@
malloc_zone_error(szone->debug_flags, true, "non-page-aligned, non-allocated pointer %p being freed\n", ptr);
return;
}
- free_large(szone, ptr);
+ free_large(szone, ptr, false);
}
MALLOC_NOINLINE void *
@@ -232,7 +284,7 @@
ptr = medium_malloc_should_clear(&szone->medium_rack, msize, cleared_requested);
#endif
} else {
- size_t num_kernel_pages = round_page_quanta(size) >> vm_page_quanta_shift;
+ size_t num_kernel_pages = round_large_page_quanta(size) >> large_vm_page_quanta_shift;
if (num_kernel_pages == 0) { /* Overflowed */
ptr = 0;
} else {
@@ -251,6 +303,10 @@
memset(ptr, SCRIBBLE_BYTE, szone_size(szone, ptr));
}
+ if (os_unlikely(!ptr)) {
+ malloc_set_errno_fast(MZ_POSIX, ENOMEM);
+ }
+
return ptr;
}
@@ -258,6 +314,12 @@
szone_malloc(szone_t *szone, size_t size)
{
return szone_malloc_should_clear(szone, size, 0);
+}
+
+static void *
+szone_malloc_type_malloc(szone_t *szone, size_t size, malloc_type_id_t type_id)
+{
+ return szone_malloc(szone, size);
}
void *
@@ -268,6 +330,13 @@
return NULL;
}
return szone_malloc_should_clear(szone, total_bytes, 1);
+}
+
+static void *
+szone_malloc_type_calloc(szone_t *szone, size_t num_items, size_t size,
+ malloc_type_id_t type_id)
+{
+ return szone_calloc(szone, num_items, size);
}
void *
@@ -280,7 +349,7 @@
} else {
size_t num_kernel_pages;
- num_kernel_pages = round_page_quanta(size) >> vm_page_quanta_shift;
+ num_kernel_pages = round_large_page_quanta(size) >> large_vm_page_quanta_shift;
ptr = large_malloc(szone, num_kernel_pages, 0, 0);
}
@@ -536,6 +605,13 @@
return new_ptr;
}
+static void *
+szone_malloc_type_realloc(szone_t *szone, void *ptr, size_t size,
+ malloc_type_id_t type_id)
+{
+ return szone_realloc(szone, ptr, size);
+}
+
void *
szone_memalign(szone_t *szone, size_t alignment, size_t size)
{
@@ -588,16 +664,25 @@
return szone_malloc(szone, size);
}
// ensure block allocated by large does not have a small-possible size
- size_t num_kernel_pages = round_page_quanta(MAX(LARGE_THRESHOLD(szone) + 1,
- size)) >> vm_page_quanta_shift;
+ size_t num_kernel_pages = round_large_page_quanta(MAX(LARGE_THRESHOLD(szone) + 1,
+ size)) >> large_vm_page_quanta_shift;
if (num_kernel_pages == 0) { /* Overflowed */
return NULL;
} else {
+ MALLOC_STATIC_ASSERT(sizeof(size_t) == sizeof(long), "builtin_ctzl should be the right intrinsic for size_t");
+
return large_malloc(szone, num_kernel_pages,
- MAX(vm_page_quanta_shift, __builtin_ctz((unsigned)alignment)), 0);
+ MAX(vm_page_quanta_shift, __builtin_ctzl(alignment)), 0);
}
/* NOTREACHED */
__builtin_unreachable();
+}
+
+static void *
+szone_malloc_type_memalign(szone_t *szone, size_t align, size_t size,
+ malloc_type_id_t type_id)
+{
+ return szone_memalign(szone, align, size);
}
// Given a size, returns the number of pointers allocated capable of holding
@@ -649,36 +734,10 @@
vm_range_t range_to_deallocate;
#if CONFIG_LARGE_CACHE
- SZONE_LOCK(szone);
-
- /* disable any memory pressure responder */
- szone->flotsam_enabled = FALSE;
-
- // stack allocated copy of the death-row cache
- int idx = szone->large_entry_cache_oldest, idx_max = szone->large_entry_cache_newest;
- large_entry_t local_entry_cache[LARGE_ENTRY_CACHE_SIZE];
-
- memcpy((void *)local_entry_cache, (void *)szone->large_entry_cache, sizeof(local_entry_cache));
-
- szone->large_entry_cache_oldest = szone->large_entry_cache_newest = 0;
- szone->large_entry_cache[0].address = 0x0;
- szone->large_entry_cache[0].size = 0;
- szone->large_entry_cache_bytes = 0;
- szone->large_entry_cache_reserve_bytes = 0;
-
- SZONE_UNLOCK(szone);
-
- // deallocate the death-row cache outside the zone lock
- while (idx != idx_max) {
- mvm_deallocate_pages((void *)local_entry_cache[idx].address, local_entry_cache[idx].size, 0);
- if (++idx == LARGE_ENTRY_CACHE_SIZE) {
- idx = 0;
- }
- }
- if (0 != local_entry_cache[idx].address && 0 != local_entry_cache[idx].size) {
- mvm_deallocate_pages((void *)local_entry_cache[idx].address, local_entry_cache[idx].size, 0);
- }
-#endif
+ if (large_cache_enabled) {
+ large_destroy_cache(szone);
+ }
+#endif // CONFIG_LARGE_CACHE
/* destroy large entries */
index = szone->num_large_entries;
@@ -691,7 +750,7 @@
}
large_entries_free_no_lock(szone, szone->large_entries, szone->num_large_entries, &range_to_deallocate);
if (range_to_deallocate.size) {
- mvm_deallocate_pages((void *)range_to_deallocate.address, (size_t)range_to_deallocate.size, 0);
+ mvm_deallocate_pages((void *)range_to_deallocate.address, (size_t)range_to_deallocate.size, szone->debug_flags);
}
/* destroy allocator regions */
@@ -747,7 +806,7 @@
// Check for integer overflow on the size, since unlike the two cases above,
// there is no upper bound on allocation size at this point.
- if (size > round_page_quanta(size)) {
+ if (size > round_large_page_quanta(size)) {
return (size_t)(-1LL);
}
@@ -759,7 +818,7 @@
malloc_report(ASL_LEVEL_INFO, "szone_good_size() invariant broken %y\n", size);
}
#endif
- return round_page_quanta(size);
+ return round_large_page_quanta(size);
}
boolean_t
@@ -783,33 +842,10 @@
{
size_t index;
- /* check tiny regions - chould check region count */
- for (index = 0; index < szone->tiny_rack.region_generation->num_regions_allocated; ++index) {
- region_t tiny = szone->tiny_rack.region_generation->hashed_regions[index];
-
- if (HASHRING_REGION_DEALLOCATED == tiny) {
- continue;
- }
-
- if (tiny) {
- magazine_t *tiny_mag_ptr = mag_lock_zine_for_region_trailer(szone->tiny_rack.magazines,
- REGION_TRAILER_FOR_TINY_REGION(tiny),
- MAGAZINE_INDEX_FOR_TINY_REGION(tiny));
-
- if (!tiny_check_region(&szone->tiny_rack, tiny, index, szone_check_counter)) {
- SZONE_MAGAZINE_PTR_UNLOCK(tiny_mag_ptr);
- szone->debug_flags &= ~CHECK_REGIONS;
- return 0;
- }
- SZONE_MAGAZINE_PTR_UNLOCK(tiny_mag_ptr);
- }
- }
- /* check tiny free lists */
- for (index = 0; index < NUM_TINY_SLOTS; ++index) {
- if (!tiny_free_list_check(&szone->tiny_rack, (grain_t)index, szone_check_counter)) {
- szone->debug_flags &= ~CHECK_REGIONS;
- return 0;
- }
+ boolean_t tiny_result = tiny_check(&szone->tiny_rack, szone_check_counter);
+ if (!tiny_result) {
+ szone->debug_flags &= ~CHECK_REGIONS;
+ return 0;
}
/* check small regions - could check region count */
@@ -895,6 +931,10 @@
return szone_check_all(szone, "");
}
+// To support the sanitizer zone, we need to be able to perform zone enumeration across different
+// architecture slices on macOS, because ReportCrash is always running as a native (arm64e) process,
+// but we also need to be able to inspect x86_64 targets that are running under Rosetta. So the data
+// layout and zone logic needs to match between x86_64 and arm64(e).
static kern_return_t
szone_ptr_in_use_enumerator(task_t task,
void *context,
@@ -906,9 +946,7 @@
szone_t *szone;
kern_return_t err;
- if (!reader) {
- reader = _szone_default_reader;
- }
+ reader = reader_or_in_memory_fallback(reader, task);
err = reader(task, zone_address, sizeof(szone_t), (void **)&szone);
if (err) {
@@ -939,9 +977,9 @@
return err;
}
-// Following method is deprecated: use scalable_zone_statistics instead
-void
-scalable_zone_info(malloc_zone_t *zone, unsigned *info_to_fill, unsigned count)
+static boolean_t
+scalable_zone_info_task(task_t task, memory_reader_t reader,
+ malloc_zone_t *zone, unsigned *info_to_fill, unsigned count)
{
szone_t *szone = (void *)zone;
unsigned info[13];
@@ -953,21 +991,30 @@
size_t u = 0;
mag_index_t mag_index;
+ magazine_t *mapped_magazines;
+ if (reader(task, (vm_address_t)szone->tiny_rack.magazines,
+ sizeof(magazine_t), (void **)&mapped_magazines)) {
+ return false;
+ }
for (mag_index = -1; mag_index < szone->tiny_rack.num_magazines; mag_index++) {
- s += szone->tiny_rack.magazines[mag_index].mag_bytes_free_at_start;
- s += szone->tiny_rack.magazines[mag_index].mag_bytes_free_at_end;
- t += szone->tiny_rack.magazines[mag_index].mag_num_objects;
- u += szone->tiny_rack.magazines[mag_index].mag_num_bytes_in_objects;
+ s += mapped_magazines[mag_index].mag_bytes_free_at_start;
+ s += mapped_magazines[mag_index].mag_bytes_free_at_end;
+ t += mapped_magazines[mag_index].mag_num_objects;
+ u += mapped_magazines[mag_index].mag_num_bytes_in_objects;
}
info[4] = (unsigned)t;
info[5] = (unsigned)u;
+ if (reader(task, (vm_address_t)szone->small_rack.magazines,
+ sizeof(magazine_t), (void **)&mapped_magazines)) {
+ return false;
+ }
for (t = 0, u = 0, mag_index = -1; mag_index < szone->small_rack.num_magazines; mag_index++) {
- s += szone->small_rack.magazines[mag_index].mag_bytes_free_at_start;
- s += szone->small_rack.magazines[mag_index].mag_bytes_free_at_end;
- t += szone->small_rack.magazines[mag_index].mag_num_objects;
- u += szone->small_rack.magazines[mag_index].mag_num_bytes_in_objects;
+ s += mapped_magazines[mag_index].mag_bytes_free_at_start;
+ s += mapped_magazines[mag_index].mag_bytes_free_at_end;
+ t += mapped_magazines[mag_index].mag_num_objects;
+ u += mapped_magazines[mag_index].mag_num_bytes_in_objects;
}
info[6] = (unsigned)t;
@@ -989,86 +1036,275 @@
info[2] = info[3] - (unsigned)s;
memcpy(info_to_fill, info, sizeof(unsigned) * count);
+
+ return true;
+}
+
+// Following method is deprecated: use scalable_zone_statistics instead
+// Required for backward compatibility.
+void
+scalable_zone_info(malloc_zone_t *zone, unsigned *info_to_fill, unsigned count) {
+ scalable_zone_info_task(mach_task_self(), _malloc_default_reader, zone,
+ info_to_fill, count);
}
// FIXME: consistent picture requires locking!
static MALLOC_NOINLINE void
-szone_print(szone_t *szone, boolean_t verbose)
+szone_print(task_t task, unsigned level, vm_address_t zone_address,
+ memory_reader_t reader, print_task_printer_t printer)
{
unsigned info[13];
size_t index;
region_t region;
-
- scalable_zone_info((void *)szone, info, 13);
- malloc_report(MALLOC_REPORT_NOLOG | MALLOC_REPORT_NOPREFIX,
- "Scalable zone %p: inUse=%u(%y) touched=%y allocated=%y flags=%d\n", szone, info[0], info[1], info[2], info[3],
- info[12]);
- malloc_report(MALLOC_REPORT_NOLOG | MALLOC_REPORT_NOPREFIX, "\ttiny=%u(%y) small=%u(%y) large=%u(%y) huge=%u(%y)\n", info[4],
- info[5], info[6], info[7], info[8], info[9], info[10], info[11]);
+ region_t mapped_region;
+
+ szone_t *szone = (szone_t *)zone_address;
+ szone_t *mapped_szone;
+ if (reader(task, zone_address, sizeof(szone_t), (void **)&mapped_szone)) {
+ printer("Failed to read szone structure\n");
+ return;
+ }
+
+ if (!scalable_zone_info_task(task, reader, (void *)mapped_szone, info, 13)) {
+ printer("Failed to get scalable zone info\n");
+ return;
+ }
+ printer("Scalable zone %p: inUse=%u(%u) touched=%u allocated=%u flags=0x%x\n",
+ zone_address, info[0], info[1], info[2], info[3], info[12]);
+ printer("\ttiny=%u(%u) small=%u(%u) large=%u(%u)\n", info[4],
+ info[5], info[6], info[7], info[8], info[9]);
+
+ // FIXME: The rest of the code here assumes that regions have their normal
+ // alignment, which isn't guaranteed when looking at regions mapped from
+ // other processes
+ if (!mach_task_is_self(task)) {
+ printer("(unable to safely further examine remote process)\n");
+ return;
+ }
+
// tiny
- malloc_report(MALLOC_REPORT_NOLOG | MALLOC_REPORT_NOPREFIX, "%lu tiny regions:\n", szone->tiny_rack.num_regions);
- if (szone->tiny_rack.num_regions_dealloc) {
- malloc_report(MALLOC_REPORT_NOLOG | MALLOC_REPORT_NOPREFIX, "[%lu tiny regions have been vm_deallocate'd]\n",
- szone->tiny_rack.num_regions_dealloc);
- }
- for (index = 0; index < szone->tiny_rack.region_generation->num_regions_allocated; ++index) {
- region = szone->tiny_rack.region_generation->hashed_regions[index];
+ printer("%lu tiny regions:\n", mapped_szone->tiny_rack.num_regions);
+ if (mapped_szone->tiny_rack.num_regions_dealloc) {
+ printer("[%lu tiny regions have been vm_deallocate'd]\n",
+ mapped_szone->tiny_rack.num_regions_dealloc);
+ }
+
+ region_hash_generation_t *mapped_region_generation;
+ region_t *mapped_hashed_regions;
+ magazine_t *mapped_magazines;
+ if (reader(task, (vm_address_t)mapped_szone->tiny_rack.region_generation,
+ sizeof(region_hash_generation_t), (void **)&mapped_region_generation)) {
+ printer("Failed to map tiny rack region_generation\n");
+ return;
+ }
+ if (reader(task, (vm_address_t)mapped_region_generation->hashed_regions,
+ sizeof(region_t), (void **)&mapped_hashed_regions)) {
+ printer("Failed to map tiny rack hashed_regions\n");
+ return;
+ }
+ if (reader(task, (vm_address_t)mapped_szone->tiny_rack.magazines,
+ mapped_szone->tiny_rack.num_magazines * sizeof(magazine_t),
+ (void **)&mapped_magazines)) {
+ printer("Failed to map tiny rack magazines\n");
+ return;
+ }
+
+ int recirc_regions = 0;
+ for (index = 0; index < mapped_region_generation->num_regions_allocated; ++index) {
+ region = mapped_hashed_regions[index];
if (HASHRING_OPEN_ENTRY != region && HASHRING_REGION_DEALLOCATED != region) {
- mag_index_t mag_index = MAGAZINE_INDEX_FOR_TINY_REGION(region);
- print_tiny_region(verbose, region, (region == szone->tiny_rack.magazines[mag_index].mag_last_region)
- ? szone->tiny_rack.magazines[mag_index].mag_bytes_free_at_start
- : 0,
- (region == szone->tiny_rack.magazines[mag_index].mag_last_region)
- ? szone->tiny_rack.magazines[mag_index].mag_bytes_free_at_end
- : 0);
- }
- }
- if (verbose) {
- print_tiny_free_list(&szone->tiny_rack);
- }
+ if (reader(task, (vm_address_t)region, sizeof(struct tiny_region),
+ (void **)&mapped_region)) {
+ printer("Failed to map region %p\n", region);
+ return;
+ }
+ mag_index_t mag_index = MAGAZINE_INDEX_FOR_TINY_REGION(mapped_region);
+ if (mag_index == DEPOT_MAGAZINE_INDEX) {
+ recirc_regions++;
+ }
+ print_tiny_region(task, reader, printer, level, region,
+ (region == mapped_magazines[mag_index].mag_last_region)
+ ? mapped_magazines[mag_index].mag_bytes_free_at_start
+ : 0,
+ (region == mapped_magazines[mag_index].mag_last_region)
+ ? mapped_magazines[mag_index].mag_bytes_free_at_end
+ : 0);
+ }
+ }
+
+#if CONFIG_RECIRC_DEPOT
+ magazine_t *mapped_recirc_depot = &mapped_magazines[DEPOT_MAGAZINE_INDEX];
+ if (mapped_recirc_depot->mag_num_bytes_in_objects) {
+ printer("Tiny recirc depot: total bytes: %llu, in-use bytes: %llu, "
+ "allocations: %llu, regions: %d (min # retained regions: %d)\n",
+ mapped_recirc_depot->num_bytes_in_magazine,
+ mapped_recirc_depot->mag_num_bytes_in_objects,
+ mapped_recirc_depot->mag_num_objects, recirc_regions,
+ recirc_retained_regions);
+ } else {
+ printer("Tiny recirc depot is empty\n");
+ }
+#else // CONFIG_RECIRC_DEPOT
+ printer("Tiny recirc depot not configured\n");
+#endif // CONFIG_RECIRC_DEPOT
+
+ if (level > 0) {
+ print_tiny_free_list(task, reader, printer, &szone->tiny_rack);
+ }
+
// small
- malloc_report(MALLOC_REPORT_NOLOG | MALLOC_REPORT_NOPREFIX, "%lu small regions:\n", szone->small_rack.num_regions);
- if (szone->small_rack.num_regions_dealloc) {
- malloc_report(MALLOC_REPORT_NOLOG | MALLOC_REPORT_NOPREFIX, "[%lu small regions have been vm_deallocate'd]\n",
- szone->small_rack.num_regions_dealloc);
- }
- for (index = 0; index < szone->small_rack.region_generation->num_regions_allocated; ++index) {
- region = szone->small_rack.region_generation->hashed_regions[index];
+ printer("%lu small regions:\n", mapped_szone->small_rack.num_regions);
+ if (mapped_szone->small_rack.num_regions_dealloc) {
+ printer("[%lu small regions have been vm_deallocate'd]\n",
+ mapped_szone->small_rack.num_regions_dealloc);
+ }
+ if (reader(task, (vm_address_t)mapped_szone->small_rack.region_generation,
+ sizeof(region_hash_generation_t), (void **)&mapped_region_generation)) {
+ printer("Failed to map small rack region_generation\n");
+ return;
+ }
+ if (reader(task, (vm_address_t)mapped_region_generation->hashed_regions,
+ sizeof(region_t), (void **)&mapped_hashed_regions)) {
+ printer("Failed to map small rack hashed_regions\n");
+ return;
+ }
+ if (reader(task, (vm_address_t)mapped_szone->small_rack.magazines,
+ mapped_szone->small_rack.num_magazines * sizeof(magazine_t),
+ (void **)&mapped_magazines)) {
+ printer("Failed to map small rack magazines\n");
+ return;
+ }
+
+ recirc_regions = 0;
+ for (index = 0; index < mapped_region_generation->num_regions_allocated; ++index) {
+ region = mapped_hashed_regions[index];
if (HASHRING_OPEN_ENTRY != region && HASHRING_REGION_DEALLOCATED != region) {
- mag_index_t mag_index = MAGAZINE_INDEX_FOR_SMALL_REGION(region);
- print_small_region(szone, verbose, region, (region == szone->small_rack.magazines[mag_index].mag_last_region)
- ? szone->small_rack.magazines[mag_index].mag_bytes_free_at_start
- : 0,
- (region == szone->small_rack.magazines[mag_index].mag_last_region)
- ? szone->small_rack.magazines[mag_index].mag_bytes_free_at_end
- : 0);
- }
- }
+ if (reader(task, (vm_address_t)region, sizeof(struct small_region),
+ (void **)&mapped_region)) {
+ printer("Failed to map region %p\n", region);
+ return;
+ }
+ mag_index_t mag_index = MAGAZINE_INDEX_FOR_SMALL_REGION(mapped_region);
+ if (mag_index == DEPOT_MAGAZINE_INDEX) {
+ recirc_regions++;
+ }
+ print_small_region(task, reader, printer, mapped_szone, level, region,
+ (region == mapped_magazines[mag_index].mag_last_region)
+ ? mapped_magazines[mag_index].mag_bytes_free_at_start
+ : 0,
+ (region == mapped_magazines[mag_index].mag_last_region)
+ ? mapped_magazines[mag_index].mag_bytes_free_at_end
+ : 0);
+ }
+ }
+
+#if CONFIG_RECIRC_DEPOT
+ mapped_recirc_depot = &mapped_magazines[DEPOT_MAGAZINE_INDEX];
+ if (mapped_recirc_depot->mag_num_bytes_in_objects) {
+ printer("Small recirc depot: total bytes: %llu, in-use bytes: %llu, "
+ "allocations: %llu, regions: %d (min # retained regions: %d)\n",
+ mapped_recirc_depot->num_bytes_in_magazine,
+ mapped_recirc_depot->mag_num_bytes_in_objects,
+ mapped_recirc_depot->mag_num_objects, recirc_regions,
+ recirc_retained_regions);
+ } else {
+ printer("Small recirc depot is empty\n");
+ }
+#else // CONFIG_RECIRC_DEPOT
+ printer("Small recirc depot not configured\n");
+#endif // CONFIG_RECIRC_DEPOT
+
+ if (level > 0) {
+ print_small_free_list(task, reader, printer, &szone->small_rack);
+ }
+
#if CONFIG_MEDIUM_ALLOCATOR
if (szone->is_medium_engaged) {
// medium
- malloc_report(MALLOC_REPORT_NOLOG | MALLOC_REPORT_NOPREFIX, "%lu medium regions:\n", szone->medium_rack.num_regions);
- if (szone->medium_rack.num_regions_dealloc) {
- malloc_report(MALLOC_REPORT_NOLOG | MALLOC_REPORT_NOPREFIX, "[%lu medium regions have been vm_deallocate'd]\n",
- szone->medium_rack.num_regions_dealloc);
- }
- for (index = 0; index < szone->medium_rack.region_generation->num_regions_allocated; ++index) {
- region = szone->medium_rack.region_generation->hashed_regions[index];
+ printer("%lu medium regions:\n", mapped_szone->medium_rack.num_regions);
+ if (mapped_szone->medium_rack.num_regions_dealloc) {
+ printer("[%lu medium regions have been vm_deallocate'd]\n",
+ mapped_szone->medium_rack.num_regions_dealloc);
+ }
+ if (reader(task, (vm_address_t)mapped_szone->medium_rack.region_generation,
+ sizeof(region_hash_generation_t), (void **)&mapped_region_generation)) {
+ printer("Failed to map medium rack region_generation\n");
+ return;
+ }
+ if (reader(task, (vm_address_t)mapped_region_generation->hashed_regions,
+ sizeof(region_t), (void **)&mapped_hashed_regions)) {
+ printer("Failed to map medium rack hashed_regions\n");
+ return;
+ }
+ if (reader(task, (vm_address_t)mapped_szone->medium_rack.magazines,
+ mapped_szone->medium_rack.num_magazines * sizeof(magazine_t),
+ (void **)&mapped_magazines)) {
+ printer("Failed to map medium rack magazines\n");
+ return;
+ }
+
+ recirc_regions = 0;
+ for (index = 0; index < mapped_region_generation->num_regions_allocated; ++index) {
+ region = mapped_hashed_regions[index];
if (HASHRING_OPEN_ENTRY != region && HASHRING_REGION_DEALLOCATED != region) {
- mag_index_t mag_index = MAGAZINE_INDEX_FOR_MEDIUM_REGION(region);
- print_medium_region(szone, verbose, region, (region == szone->medium_rack.magazines[mag_index].mag_last_region)
- ? szone->medium_rack.magazines[mag_index].mag_bytes_free_at_start
- : 0,
- (region == szone->medium_rack.magazines[mag_index].mag_last_region)
- ? szone->medium_rack.magazines[mag_index].mag_bytes_free_at_end
- : 0);
+ if (reader(task, (vm_address_t)region, sizeof(struct medium_region),
+ (void **)&mapped_region)) {
+ printer("Failed to map region %p\n", region);
+ return;
+ }
+ mag_index_t mag_index = MAGAZINE_INDEX_FOR_MEDIUM_REGION(mapped_region);
+ if (mag_index == DEPOT_MAGAZINE_INDEX) {
+ recirc_regions++;
+ }
+ print_medium_region(task, reader, printer, mapped_szone, level,
+ region,
+ (region == mapped_magazines[mag_index].mag_last_region)
+ ? mapped_magazines[mag_index].mag_bytes_free_at_start
+ : 0,
+ (region == mapped_magazines[mag_index].mag_last_region)
+ ? mapped_magazines[mag_index].mag_bytes_free_at_end
+ : 0);
}
}
- }
-#endif // CONFIG_MEDIUM_ALLOCATOR
- if (verbose) {
- print_small_free_list(&szone->small_rack);
- }
+
+#if CONFIG_RECIRC_DEPOT
+ mapped_recirc_depot = &mapped_magazines[DEPOT_MAGAZINE_INDEX];
+ if (mapped_recirc_depot->mag_num_bytes_in_objects) {
+ printer("Medium recirc depot: total bytes: %llu, in-use bytes: %llu, "
+ "allocations: %llu, regions: %d (min # retained regions: %d)\n",
+ mapped_recirc_depot->num_bytes_in_magazine,
+ mapped_recirc_depot->mag_num_bytes_in_objects,
+ mapped_recirc_depot->mag_num_objects, recirc_regions,
+ recirc_retained_regions);
+ } else {
+ printer("Medium recirc depot is empty\n");
+ }
+#else // CONFIG_RECIRC_DEPOT
+ printer("Medium recirc depot not configured\n");
+#endif // CONFIG_RECIRC_DEPOT
+
+ if (level > 0) {
+ print_medium_free_list(task, reader, printer, &szone->medium_rack);
+ }
+ }
+#endif // CONFIG_MEDIUM_ALLOCATOR
+
+ // Large
+ large_debug_print(task, level, zone_address, reader, printer);
+}
+
+static void
+szone_print_self(szone_t *szone, boolean_t verbose)
+{
+ szone_print(mach_task_self(), verbose ? MALLOC_VERBOSE_PRINT_LEVEL : 0,
+ (vm_address_t)szone, _malloc_default_reader, malloc_report_simple);
+}
+
+static void
+szone_print_task(task_t task, unsigned level, vm_address_t zone_address,
+ memory_reader_t reader, print_task_printer_t printer)
+{
+ szone_print(task, level, zone_address, reader, printer);
}
static void
@@ -1084,15 +1320,9 @@
static MALLOC_INLINE void
szone_force_lock_magazine(szone_t *szone, magazine_t *mag)
{
- while (1) {
- SZONE_MAGAZINE_PTR_LOCK(mag);
- if (!mag->alloc_underway) {
- return;
- }
-
- SZONE_MAGAZINE_PTR_UNLOCK(mag);
- yield();
- }
+ // Acquire the alloc lock first to avoid deadlocking with allocating threads
+ _malloc_lock_lock(&mag->magazine_alloc_lock);
+ SZONE_MAGAZINE_PTR_LOCK(mag);
}
static void
@@ -1133,16 +1363,19 @@
if (szone->is_medium_engaged) {
for (i = -1; i < szone->medium_rack.num_magazines; ++i) {
SZONE_MAGAZINE_PTR_UNLOCK((&(szone->medium_rack.magazines[i])));
+ _malloc_lock_unlock(&szone->medium_rack.magazines[i].magazine_alloc_lock);
}
}
#endif // CONFIG_MEDIUM_ALLOCATOR
for (i = -1; i < szone->small_rack.num_magazines; ++i) {
SZONE_MAGAZINE_PTR_UNLOCK((&(szone->small_rack.magazines[i])));
+ _malloc_lock_unlock(&szone->small_rack.magazines[i].magazine_alloc_lock);
}
for (i = -1; i < szone->tiny_rack.num_magazines; ++i) {
SZONE_MAGAZINE_PTR_UNLOCK((&(szone->tiny_rack.magazines[i])));
+ _malloc_lock_unlock(&szone->tiny_rack.magazines[i].magazine_alloc_lock);
}
}
@@ -1157,16 +1390,19 @@
if (szone->is_medium_engaged) {
for (i = -1; i < szone->medium_rack.num_magazines; ++i) {
SZONE_MAGAZINE_PTR_REINIT_LOCK((&(szone->medium_rack.magazines[i])));
+ _malloc_lock_init(&szone->medium_rack.magazines[i].magazine_alloc_lock);
}
}
#endif // CONFIG_MEDIUM_ALLOCATOR
for (i = -1; i < szone->small_rack.num_magazines; ++i) {
SZONE_MAGAZINE_PTR_REINIT_LOCK((&(szone->small_rack.magazines[i])));
+ _malloc_lock_init(&szone->small_rack.magazines[i].magazine_alloc_lock);
}
for (i = -1; i < szone->tiny_rack.num_magazines; ++i) {
SZONE_MAGAZINE_PTR_REINIT_LOCK((&(szone->tiny_rack.magazines[i])));
+ _malloc_lock_init(&szone->tiny_rack.magazines[i].magazine_alloc_lock);
}
}
@@ -1190,6 +1426,11 @@
return 1;
}
SZONE_MAGAZINE_PTR_UNLOCK((&(szone->small_rack.magazines[i])));
+ tookLock = _malloc_lock_trylock(&szone->medium_rack.magazines[i].magazine_alloc_lock);
+ if (tookLock == 0) {
+ return 1;
+ }
+ _malloc_lock_unlock(&szone->medium_rack.magazines[i].magazine_alloc_lock);
}
}
#endif // CONFIG_MEDIUM_ALLOCATOR
@@ -1200,6 +1441,11 @@
return 1;
}
SZONE_MAGAZINE_PTR_UNLOCK((&(szone->small_rack.magazines[i])));
+ tookLock = _malloc_lock_trylock(&szone->small_rack.magazines[i].magazine_alloc_lock);
+ if (tookLock == 0) {
+ return 1;
+ }
+ _malloc_lock_unlock(&szone->small_rack.magazines[i].magazine_alloc_lock);
}
for (i = -1; i < szone->tiny_rack.num_magazines; ++i) {
@@ -1208,6 +1454,11 @@
return 1;
}
SZONE_MAGAZINE_PTR_UNLOCK((&(szone->tiny_rack.magazines[i])));
+ tookLock = _malloc_lock_trylock(&szone->tiny_rack.magazines[i].magazine_alloc_lock);
+ if (tookLock == 0) {
+ return 1;
+ }
+ _malloc_lock_unlock(&szone->tiny_rack.magazines[i].magazine_alloc_lock);
}
return 0;
}
@@ -1231,13 +1482,13 @@
#endif // CONFIG_MEDIUM_ALLOCATOR
#endif // CONFIG_MADVISE_PRESSURE_RELIEF
-#if CONFIG_LARGE_CACHE
- if (szone->flotsam_enabled) {
+#if CONFIG_LARGE_CACHE && !CONFIG_DEFERRED_RECLAIM
+ if (large_cache_enabled && szone->flotsam_enabled) {
SZONE_LOCK(szone);
// stack allocated copy of the death-row cache
int idx = szone->large_entry_cache_oldest, idx_max = szone->large_entry_cache_newest;
- large_entry_t local_entry_cache[LARGE_ENTRY_CACHE_SIZE];
+ large_entry_t local_entry_cache[LARGE_ENTRY_CACHE_SIZE_HIGH];
memcpy((void *)local_entry_cache, (void *)szone->large_entry_cache, sizeof(local_entry_cache));
@@ -1254,18 +1505,18 @@
// deallocate the death-row cache outside the zone lock
size_t total = 0;
while (idx != idx_max) {
- mvm_deallocate_pages((void *)local_entry_cache[idx].address, local_entry_cache[idx].size, 0);
+ mvm_deallocate_pages((void *)local_entry_cache[idx].address, local_entry_cache[idx].size, szone->debug_flags);
total += local_entry_cache[idx].size;
- if (++idx == LARGE_ENTRY_CACHE_SIZE) {
+ if (++idx == szone->large_cache_depth) {
idx = 0;
}
}
if (0 != local_entry_cache[idx].address && 0 != local_entry_cache[idx].size) {
- mvm_deallocate_pages((void *)local_entry_cache[idx].address, local_entry_cache[idx].size, 0);
+ mvm_deallocate_pages((void *)local_entry_cache[idx].address, local_entry_cache[idx].size, szone->debug_flags);
total += local_entry_cache[idx].size;
}
}
-#endif
+#endif // CONFIG_LARGE_CACHE && !CONFIG_DEFERRED_RECLAIM
MAGMALLOC_PRESSURERELIEFEND((void *)szone, szone->basic_zone.zone_name, (int)goal, (int)total); // DTrace USDT Probe
MALLOC_TRACE(TRACE_malloc_memory_pressure | DBG_FUNC_END, (uint64_t)szone, goal, total, 0);
@@ -1356,28 +1607,43 @@
return 0;
}
-static void
-szone_statistics(szone_t *szone, malloc_statistics_t *stats)
-{
+static kern_return_t
+szone_statistics_task(task_t task, vm_address_t zone_address,
+ memory_reader_t reader, malloc_statistics_t *stats)
+{
+ reader = reader_or_in_memory_fallback(reader, task);
+
+ szone_t *szone;
+ kern_return_t err;
+
+ err = reader(task, zone_address, sizeof(szone_t), (void**)&szone);
+ if (err) return err;
+
size_t large;
-
size_t s = 0;
unsigned t = 0;
size_t u = 0;
mag_index_t mag_index;
+ magazine_t *mags;
+ err = reader(task, (vm_address_t)szone->tiny_rack.magazines, sizeof(magazine_t) * szone->tiny_rack.num_magazines, (void**)&mags);
+ if (err) return err;
+
for (mag_index = -1; mag_index < szone->tiny_rack.num_magazines; mag_index++) {
- s += szone->tiny_rack.magazines[mag_index].mag_bytes_free_at_start;
- s += szone->tiny_rack.magazines[mag_index].mag_bytes_free_at_end;
- t += szone->tiny_rack.magazines[mag_index].mag_num_objects;
- u += szone->tiny_rack.magazines[mag_index].mag_num_bytes_in_objects;
- }
+ s += mags[mag_index].mag_bytes_free_at_start;
+ s += mags[mag_index].mag_bytes_free_at_end;
+ t += mags[mag_index].mag_num_objects;
+ u += mags[mag_index].mag_num_bytes_in_objects;
+ }
+
+ err = reader(task, (vm_address_t)szone->small_rack.magazines, sizeof(magazine_t) * szone->small_rack.num_magazines, (void**)&mags);
+ if (err) return err;
for (mag_index = -1; mag_index < szone->small_rack.num_magazines; mag_index++) {
- s += szone->small_rack.magazines[mag_index].mag_bytes_free_at_start;
- s += szone->small_rack.magazines[mag_index].mag_bytes_free_at_end;
- t += szone->small_rack.magazines[mag_index].mag_num_objects;
- u += szone->small_rack.magazines[mag_index].mag_num_bytes_in_objects;
+ s += mags[mag_index].mag_bytes_free_at_start;
+ s += mags[mag_index].mag_bytes_free_at_end;
+ t += mags[mag_index].mag_num_objects;
+ u += mags[mag_index].mag_num_bytes_in_objects;
}
#if CONFIG_MEDIUM_ALLOCATOR
@@ -1391,9 +1657,9 @@
}
#endif // CONFIG_MEDIUM_ALLOCATOR
- large = szone->num_bytes_in_large_objects + 0; // DEPRECATED szone->num_bytes_in_huge_objects;
-
- stats->blocks_in_use = t + szone->num_large_objects_in_use + 0; // DEPRECATED szone->num_huge_entries;
+ large = szone->num_bytes_in_large_objects;
+
+ stats->blocks_in_use = t + szone->num_large_objects_in_use;
stats->size_in_use = u + large;
stats->max_size_in_use = stats->size_allocated =
(szone->tiny_rack.num_regions - szone->tiny_rack.num_regions_dealloc) * TINY_REGION_SIZE +
@@ -1407,13 +1673,23 @@
#endif
// Now we account for the untouched areas
stats->max_size_in_use -= s;
+
+ return KERN_SUCCESS;
+}
+
+static void
+szone_statistics(szone_t *szone, malloc_statistics_t *stats)
+{
+ szone_statistics_task(mach_task_self(), (vm_address_t)szone, NULL, stats);
}
const struct malloc_introspection_t szone_introspect = {
- (void *)szone_ptr_in_use_enumerator, (void *)szone_good_size, (void *)szone_check, (void *)szone_print, szone_log,
+ (void *)szone_ptr_in_use_enumerator, (void *)szone_good_size, (void *)szone_check, (void *)szone_print_self, szone_log,
(void *)szone_force_lock, (void *)szone_force_unlock, (void *)szone_statistics, (void *)szone_locked, NULL, NULL, NULL,
NULL, /* Zone enumeration version 7 and forward. */
- (void *)szone_reinit_lock, // reinit_lock version 9 and foward
+ (void *)szone_reinit_lock, // reinit_lock version 9 and forward
+ (void *)szone_print_task, // print task, version 11 and forward
+ (void *)szone_statistics_task // stats for task, version 12 and forward
}; // marked as const to spare the DATA section
szone_t *
@@ -1428,7 +1704,7 @@
#endif
/* get memory for the zone. */
- szone = mvm_allocate_pages(SZONE_PAGED_SIZE, 0, 0, VM_MEMORY_MALLOC);
+ szone = mvm_allocate_pages(SZONE_PAGED_SIZE, 0, DISABLE_ASLR, VM_MEMORY_MALLOC);
if (!szone) {
return NULL;
}
@@ -1478,22 +1754,31 @@
#endif // CONFIG_MEDIUM_ALLOCATOR
#if CONFIG_LARGE_CACHE
- // madvise(..., MADV_REUSABLE) death-row arrivals above this threshold [~0.1%]
- szone->large_entry_cache_reserve_limit = (size_t)(memsize >> 10);
-
- /* <rdar://problem/6610904> Reset protection when returning a previous large allocation? */
- int32_t libSystemVersion = NSVersionOfLinkTimeLibrary("System");
- if ((-1 != libSystemVersion) && ((libSystemVersion >> 16) < 112) /* CFSystemVersionSnowLeopard */) {
- szone->large_legacy_reset_mprotect = TRUE;
- } else {
- szone->large_legacy_reset_mprotect = FALSE;
+ if (large_cache_enabled) {
+ // madvise(..., MADV_REUSABLE) death-row arrivals above this threshold [~0.1%]
+ szone->large_entry_cache_reserve_limit = (size_t)(memsize >> 10);
+ if (memsize >= magazine_large_expanded_cache_threshold) {
+ szone->large_cache_depth = LARGE_ENTRY_CACHE_SIZE_HIGH;
+ szone->large_cache_entry_limit = LARGE_ENTRY_SIZE_ENTRY_LIMIT_HIGH;
+ } else {
+ szone->large_cache_depth = LARGE_ENTRY_CACHE_SIZE_LOW;
+ szone->large_cache_entry_limit = LARGE_ENTRY_SIZE_ENTRY_LIMIT_LOW;
+ }
+
+ /* <rdar://problem/6610904> Reset protection when returning a previous large allocation? */
+ int32_t libSystemVersion = NSVersionOfLinkTimeLibrary("System");
+ if ((-1 != libSystemVersion) && ((libSystemVersion >> 16) < 112) /* CFSystemVersionSnowLeopard */) {
+ szone->large_legacy_reset_mprotect = TRUE;
+ } else {
+ szone->large_legacy_reset_mprotect = FALSE;
+ }
}
#endif
// Initialize the security token.
szone->cookie = (uintptr_t)malloc_entropy[0];
- szone->basic_zone.version = 10;
+ szone->basic_zone.version = 16;
szone->basic_zone.size = (void *)szone_size;
szone->basic_zone.malloc = (void *)szone_malloc;
szone->basic_zone.calloc = (void *)szone_calloc;
@@ -1508,6 +1793,12 @@
szone->basic_zone.free_definite_size = (void *)szone_free_definite_size;
szone->basic_zone.pressure_relief = (void *)szone_pressure_relief;
szone->basic_zone.claimed_address = (void *)szone_claimed_address;
+ szone->basic_zone.try_free_default = (void *)szone_try_free_default;
+
+ szone->basic_zone.malloc_type_malloc = (void *)szone_malloc_type_malloc;
+ szone->basic_zone.malloc_type_calloc = (void *)szone_malloc_type_calloc;
+ szone->basic_zone.malloc_type_realloc = (void *)szone_malloc_type_realloc;
+ szone->basic_zone.malloc_type_memalign = (void *)szone_malloc_type_memalign;
/* Set to zero once and for all as required by CFAllocator. */
szone->basic_zone.reserved1 = 0;