JS_ArenaAllocate(JSArenaPool *pool, size_t nb)
{
JSArena **ap, *a, *b;
jsuword extra, hdrsz, gross;
void *p;
/*
* Search pool from current forward till we find or make enough space.
*
* NB: subtract nb from a->limit in the loop condition, instead of adding
* nb to a->avail, to avoid overflowing a 32-bit address space (possible
* when running a 32-bit program on a 64-bit system where the kernel maps
* the heap up against the top of the 32-bit address space).
*
* Thanks to Juergen Kreileder <*****@*****.**>, who brought this up in
* https://bugzilla.mozilla.org/show_bug.cgi?id=279273.
*/
JS_ASSERT((nb & pool->mask) == 0);
for (a = pool->current; nb > a->limit || a->avail > a->limit - nb;
pool->current = a) {
ap = &a->next;
if (!*ap) {
/* Not enough space in pool, so we must malloc. */
extra = (nb > pool->arenasize) ? HEADER_SIZE(pool) : 0;
hdrsz = sizeof *a + extra + pool->mask;
gross = hdrsz + JS_MAX(nb, pool->arenasize);
if (gross < nb)
return NULL;
if (pool->quotap) {
if (gross > *pool->quotap)
return NULL;
b = (JSArena *) js_malloc(gross);
if (!b)
return NULL;
*pool->quotap -= gross;
} else {
b = (JSArena *) js_malloc(gross);
if (!b)
return NULL;
}
b->next = NULL;
b->limit = (jsuword)b + gross;
JS_COUNT_ARENA(pool,++);
COUNT(pool, nmallocs);
/* If oversized, store ap in the header, just before a->base. */
*ap = a = b;
JS_ASSERT(gross <= JS_UPTRDIFF(a->limit, a));
if (extra) {
a->base = a->avail =
((jsuword)a + hdrsz) & ~HEADER_BASE_MASK(pool);
SET_HEADER(pool, a, ap);
} else {
a->base = a->avail = JS_ARENA_ALIGN(pool, a + 1);
}
continue;
}
a = *ap; /* move to next arena */
}
JS_ArenaAllocate(JSArenaPool *pool, size_t nb)
{
JSArena **ap, **bp, *a, *b;
jsuword extra, hdrsz, gross, sz;
void *p;
/*
* Search pool from current forward till we find or make enough space.
*
* NB: subtract nb from a->limit in the loop condition, instead of adding
* nb to a->avail, to avoid overflowing a 32-bit address space (possible
* when running a 32-bit program on a 64-bit system where the kernel maps
* the heap up against the top of the 32-bit address space).
*
* Thanks to Juergen Kreileder <*****@*****.**>, who brought this up in
* https://bugzilla.mozilla.org/show_bug.cgi?id=279273.
*/
JS_ASSERT((nb & pool->mask) == 0);
for (a = pool->current; nb > a->limit || a->avail > a->limit - nb;
pool->current = a) {
ap = &a->next;
if (!*ap) {
/* Not enough space in pool -- try to reclaim a free arena. */
extra = (nb > pool->arenasize) ? HEADER_SIZE(pool) : 0;
hdrsz = sizeof *a + extra + pool->mask;
gross = hdrsz + JS_MAX(nb, pool->arenasize);
if (gross < nb)
return NULL;
bp = &arena_freelist;
JS_ACQUIRE_LOCK(arena_freelist_lock);
while ((b = *bp) != NULL) {
/*
* Insist on exact arenasize match to avoid leaving alloc'able
* space after an oversized allocation as it grows.
*/
sz = JS_UPTRDIFF(b->limit, b);
if (sz == gross) {
*bp = b->next;
JS_RELEASE_LOCK(arena_freelist_lock);
b->next = NULL;
COUNT(pool, nreclaims);
goto claim;
}
bp = &b->next;
}
/* Nothing big enough on the freelist, so we must malloc. */
JS_RELEASE_LOCK(arena_freelist_lock);
b = (JSArena *) malloc(gross);
if (!b)
return NULL;
b->next = NULL;
b->limit = (jsuword)b + gross;
JS_COUNT_ARENA(pool,++);
COUNT(pool, nmallocs);
claim:
/* If oversized, store ap in the header, just before a->base. */
*ap = a = b;
JS_ASSERT(gross <= JS_UPTRDIFF(a->limit, a));
if (extra) {
a->base = a->avail =
((jsuword)a + hdrsz) & ~HEADER_BASE_MASK(pool);
SET_HEADER(pool, a, ap);
} else {
a->base = a->avail = JS_ARENA_ALIGN(pool, a + 1);
}
continue;
}
a = *ap; /* move to next arena */
}
