static void brel_before(char *orig_buf, char *new_buf) { struct bfhead *bf; struct bhead *b; bufsize size; bufsize orig_size; assert(orig_buf < new_buf); /* There has to be room for the freebuf header */ size = (bufsize)(new_buf - orig_buf); assert(size >= (SizeQ + sizeof(struct bhead))); /* Point to head of original buffer */ bf = BFH(orig_buf - sizeof(struct bhead)); orig_size = -bf->bh.bsize; /* negative since it's an allocated buffer */ /* Point to head of the becoming new allocated buffer */ b = BH(new_buf - sizeof(struct bhead)); if (bf->bh.prevfree != 0) { /* Previous buffer is free, consolidate with that buffer */ struct bfhead *bfp; /* Update the previous free buffer */ bfp = BFH((char *)bf - bf->bh.prevfree); assert(bfp->bh.bsize == bf->bh.prevfree); bfp->bh.bsize += size; /* Make a new allocated buffer header */ b->prevfree = bfp->bh.bsize; /* Make it negative since it's an allocated buffer */ b->bsize = -(orig_size - size); } else { /* * Previous buffer is allocated, create a new buffer and * insert on the free list. */ /* Make it negative since it's an allocated buffer */ b->bsize = -(orig_size - size); create_free_block(bf, size, b); } #ifdef BufStats totalloc -= size; assert(totalloc >= 0); #endif }
static bool bpool_foreach_pool(struct bpool_iterator *iterator, void **buf, size_t *len, bool *isfree) { struct bfhead *b = iterator->next_buf; bufsize bs = b->bh.bsize; if (bs == ESent) return false; if (bs < 0) { /* Allocated buffer */ bs = -bs; *isfree = false; } else { /* Free Buffer */ *isfree = true; /* Assert that the free list links are intact */ assert(b->ql.blink->ql.flink == b); assert(b->ql.flink->ql.blink == b); } *buf = (uint8_t *)b + sizeof(struct bhead); *len = bs - sizeof(struct bhead); iterator->next_buf = BFH((uint8_t *)b + bs); return true; }
/* bpoold * Dump a buffer pool. The buffer headers are always listed. * If DUMPALLOC is nonzero, the contents of allocated buffers * are dumped. If DUMPFREE is nonzero, free blocks are * dumped as well. If FreeWipe checking is enabled, free * blocks which have been clobbered will always be dumped. */ void bpoold( _In_ BytePool_t *pool, _In_ void *buf, _In_ int dumpalloc, _In_ int dumpfree) { struct bfhead *b = BFH(buf); while (b->bh.bsize != ESent) { long bs = b->bh.bsize; if (bs < 0) { bs = -bs; V printf("Allocated buffer: size %6ld bytes.\n", (long) bs); if (dumpalloc) { bufdump(pool, (void *) (((char *) b) + sizeof(struct bhead))); } } else { char *lerr = ""; assert(bs > 0); if ((b->ql.blink->ql.flink != b) || (b->ql.flink->ql.blink != b)) { lerr = " (Bad free list links)"; } V printf("Free block: size %6ld bytes.%s\n", (long) bs, lerr); #ifdef FreeWipe lerr = ((char *) b) + sizeof(struct bfhead); if ((bs > sizeof(struct bfhead)) && ((*lerr != 0x55) || (memcmp(lerr, lerr + 1, (MemSize) (bs - (sizeof(struct bfhead) + 1))) != 0))) { V printf( "(Contents of above free block have been overstored.)\n"); bufdump(pool, (void *) (((char *) b) + sizeof(struct bhead))); } else #endif if (dumpfree) { bufdump(pool, (void *) (((char *) b) + sizeof(struct bhead))); } } b = BFH(((char *) b) + bs); } }
void BGet::bpool(void *buf, bufsize len) { struct bfhead *b = BFH(buf); struct bhead *bn; #ifdef SizeQuant len &= ~(SizeQuant - 1); #endif #ifdef BECtl if (pool_len == 0) { pool_len = len; } else if (len != pool_len) { pool_len = -1; } #endif /* BECtl */ /* Since the block is initially occupied by a single free buffer, it had better not be (much) larger than the largest buffer whose size we can store in bhead.bsize. */ assert(len - sizeof(struct bhead) <= -((bufsize) ESent + 1)); /* Clear the backpointer at the start of the block to indicate that there is no free block prior to this one. That blocks recombination when the first block in memory is released. */ b->bh.prevfree = 0; /* Chain the new block to the free list. */ assert(freelist.ql.blink->ql.flink == &freelist); assert(freelist.ql.flink->ql.blink == &freelist); b->ql.flink = &freelist; b->ql.blink = freelist.ql.blink; freelist.ql.blink = b; b->ql.blink->ql.flink = b; /* Create a dummy allocated buffer at the end of the pool. This dummy buffer is seen when a buffer at the end of the pool is released and blocks recombination of the last buffer with the dummy buffer at the end. The length in the dummy buffer is set to the largest negative number to denote the end of the pool for diagnostic routines (this specific value is not counted on by the actual allocation and release functions). */ len -= sizeof(struct bhead); b->bh.bsize = (bufsize) len; #ifdef FreeWipe V memset(((char *) b) + sizeof(struct bfhead), 0x55, (MemSize) (len - sizeof(struct bfhead))); #endif bn = BH(((char *) b) + len); bn->prevfree = (bufsize) len; /* Definition of ESent assumes two's complement! */ assert((~0) == -1); bn->bsize = ESent; }
int32_t bpoolv(void* buf) { #ifdef FreeWipe int32_t memResult; int32_t returnValue = 1; #endif int8_t loop = 1; struct bfhead *b = BFH(buf); while ((b->bh.bsize != ESent) && (loop != 0)) { bufsize bs = b->bh.bsize; if (bs < 0) { bs = -bs; } else { int8_t *lerr = (int8_t *)""; assert(bs > 0); if (bs <= 0) { returnValue = 0; loop = 0; } else if ((b->ql.blink->ql.flink != b) || (b->ql.flink->ql.blink != b)) { assert(0); returnValue = 0; loop = 0; } else { #ifdef FreeWipe lerr = getPointerOffset(b, sizeof(struct bfhead)); memResult = memcmp(lerr, getPointerOffset(lerr,1), (MemSize) (bs - (int32_t)(sizeof(struct bfhead) + 1))); if ((bs > (int32_t)sizeof(struct bfhead)) && ((*lerr != 0x55) || (memResult != 0))) { assert(0); returnValue = 0; loop = 0; } #endif } } if (returnValue != 0) { b = BFH(getPointerOffset(b,bs)); } } return returnValue; }
/* bpoolv * Validate a buffer pool. If NDEBUG isn't defined, * any error generates an assertion failure. */ OsStatus_t bpoolv( _In_ BytePool_t *pool, _In_ void *buf) { struct bfhead *b = BFH(buf); while (b->bh.bsize != ESent) { long bs = b->bh.bsize; if (bs < 0) { bs = -bs; } else { char *lerr = ""; assert(bs > 0); if (bs <= 0) { return OsError; } if ((b->ql.blink->ql.flink != b) || (b->ql.flink->ql.blink != b)) { V printf("Free block: size %6ld bytes. (Bad free list links)\n", (long) bs); assert(0); return OsError; } #ifdef FreeWipe lerr = ((char *) b) + sizeof(struct bfhead); if ((bs > sizeof(struct bfhead)) && ((*lerr != 0x55) || (memcmp(lerr, lerr + 1, (MemSize) (bs - (sizeof(struct bfhead) + 1))) != 0))) { V printf( "(Contents of above free block have been overstored.)\n"); bufdump(pool, (void *) (((char *) b) + sizeof(struct bhead))); assert(0); return OsError; } #endif } b = BFH(((char *) b) + bs); } return OsSuccess; }
/* bufdump * Dump the data in a buffer. This is called with the user * data pointer, and backs up to the buffer header. It will * dump either a free block or an allocated one. */ void bufdump( _In_ BytePool_t *pool, _In_ void *buf) { // Variables struct bfhead *b; unsigned char *bdump; long bdlen; b = BFH(((char *) buf) - sizeof(struct bhead)); assert(b->bh.bsize != 0); if (b->bh.bsize < 0) { bdump = (unsigned char *) buf; bdlen = (-b->bh.bsize) - sizeof(struct bhead); } else { bdump = (unsigned char *) (((char *) b) + sizeof(struct bfhead)); bdlen = b->bh.bsize - sizeof(struct bfhead); } while (bdlen > 0) { int i, dupes = 0; long l = bdlen; char bhex[50], bascii[20]; if (l > 16) { l = 16; } for (i = 0; i < l; i++) { V sprintf(bhex + i * 3, "%02X ", bdump[i]); bascii[i] = isprint(bdump[i]) ? bdump[i] : ' '; } bascii[i] = 0; V printf("%-48s %s\n", bhex, bascii); bdump += l; bdlen -= l; while ((bdlen > 16) && (memcmp((char *) (bdump - 16), (char *) bdump, 16) == 0)) { dupes++; bdump += 16; bdlen -= 16; } if (dupes > 1) { V printf( " (%d lines [%d bytes] identical to above line skipped)\n", dupes, dupes * 16); } else if (dupes == 1) { bdump -= 16; bdlen += 16; } } }
static bool bpool_foreach(struct bpool_iterator *iterator, void **buf) { while (true) { size_t len; bool isfree; if (bpool_foreach_pool(iterator, buf, &len, &isfree)) { if (isfree) continue; return true; } if ((iterator->pool_idx + 1) >= malloc_pool_len) return false; iterator->pool_idx++; iterator->next_buf = BFH(malloc_pool[iterator->pool_idx].buf); } }
static void brel_after(char *buf, bufsize size) { struct bhead *b = BH(buf - sizeof(struct bhead)); struct bhead *bn; bufsize new_size = size; bufsize free_size; /* Select the size in the same way as in bget() */ if (new_size < SizeQ) new_size = SizeQ; #ifdef SizeQuant #if SizeQuant > 1 new_size = (new_size + (SizeQuant - 1)) & (~(SizeQuant - 1)); #endif #endif new_size += sizeof(struct bhead); assert(new_size <= -b->bsize); /* * Check if there's enough space at the end of the buffer to be * able to free anything. */ free_size = -b->bsize - new_size; if (free_size < SizeQ + sizeof(struct bhead)) return; bn = BH((char *)b - b->bsize); /* * Set the new size of the buffer; */ b->bsize = -new_size; if (bn->bsize > 0) { /* Next buffer is free, consolidate with that buffer */ struct bfhead *bfn = BFH(bn); struct bfhead *nbf = BFH((char *)b + new_size); struct bhead *bnn = BH((char *)bn + bn->bsize); assert(bfn->bh.prevfree == 0); assert(bnn->prevfree == bfn->bh.bsize); /* Construct the new free header */ nbf->bh.prevfree = 0; nbf->bh.bsize = bfn->bh.bsize + free_size; /* Update the buffer after this to point to this header */ bnn->prevfree += free_size; /* * Unlink the previous free buffer and link the new free * buffer. */ assert(bfn->ql.blink->ql.flink == bfn); assert(bfn->ql.flink->ql.blink == bfn); /* Assing blink and flink from old free buffer */ nbf->ql.blink = bfn->ql.blink; nbf->ql.flink = bfn->ql.flink; /* Replace the old free buffer with the new one */ nbf->ql.blink->ql.flink = nbf; nbf->ql.flink->ql.blink = nbf; } else { /* New buffer is allocated, create a new free buffer */ create_free_block(BFH((char *)b + new_size), free_size, bn); } #ifdef BufStats totalloc -= free_size; assert(totalloc >= 0); #endif }
static void bpool_foreach_iterator_init(struct bpool_iterator *iterator) { iterator->pool_idx = 0; iterator->next_buf = BFH(malloc_pool[0].buf); }
void bpool(void *buf, bufsize length) { struct bfhead *b = BFH(buf); struct bhead *bn; uint32_t len = (uint32_t)length; #ifdef SizeQuant len &= ~((uint32_t)SizeQuant - 1); #endif #ifdef BECtl if (pool_len == 0) { pool_len = (int32_t)len; } else if ((int32_t)len != pool_len) { pool_len = -1; } else { /* this else statement is just here for MISRA compliance */ } #ifdef BufStats numpget++; /* Number of block acquisitions */ numpblk++; /* Number of blocks total */ assert(numpblk == (numpget - numprel)); #endif /* BufStats */ #endif /* BECtl */ /* Since the block is initially occupied by a single free buffer, it had better not be (much) larger than the largest buffer whose size we can store in bhead.bsize. */ assert((len - sizeof(struct bhead)) <= -((bufsize) ESent + 1)); /* Clear the backpointer at the start of the block to indicate that there is no free block prior to this one. That blocks recombination when the first block in memory is released. */ b->bh.prevfree = 0; /* Chain the new block to the free list. */ assert(freelist.ql.blink->ql.flink == &freelist); assert(freelist.ql.flink->ql.blink == &freelist); b->ql.flink = &freelist; b->ql.blink = freelist.ql.blink; freelist.ql.blink = b; b->ql.blink->ql.flink = b; /* Create a dummy allocated buffer at the end of the pool. This dummy buffer is seen when a buffer at the end of the pool is released and blocks recombination of the last buffer with the dummy buffer at the end. The length in the dummy buffer is set to the largest negative number to denote the end of the pool for diagnostic routines (this specific value is not counted on by the actual allocation and release functions). */ len -= (int32_t)sizeof(struct bhead); b->bh.bsize = (bufsize) len; #ifdef FreeWipe V memset(getPointerOffset(b,sizeof(struct bfhead)), 0x55, (MemSize) (len - (int32_t)sizeof(struct bfhead))); #endif bn = BH(getPointerOffset(b,(int32_t)len)); bn->prevfree = (bufsize) len; /* Definition of ESent assumes two's complement! */ assert((~0) == -1); bn->bsize = ESent; }
void brel(void *buf) { struct bfhead *b, *bn; b = BFH(getPointerOffset(buf, -(int32_t)sizeof(struct bhead))); #ifdef BufStats numrel++; /* Increment number of brel() calls */ #endif assert(buf != NULL); #ifdef BECtl if (b->bh.bsize == 0) { /* Directly-acquired buffer? */ struct bdhead *bdh; bdh = BDH(getPointerOffset(buf, -(int32_t)sizeof(struct bdhead))); assert(b->bh.prevfree == 0); #ifdef BufStats totalloc -= bdh->tsize; assert(totalloc >= 0); numdrel++; /* Number of direct releases */ #endif /* BufStats */ #ifdef FreeWipe V memset((int8_t *) buf, 0x55, (MemSize) (bdh->tsize - (int32_t)sizeof(struct bdhead))); #endif /* FreeWipe */ assert(relfcn != NULL); (*relfcn)((void *) bdh); /* Release it directly. */ } else { #endif /* BECtl */ /* Buffer size must be negative, indicating that the buffer is allocated. */ if (b->bh.bsize >= 0) { bn = NULL; } assert(b->bh.bsize < 0); /* Back pointer in next buffer must be zero, indicating the same thing: */ assert(BH((int8_t *) b - b->bh.bsize)->prevfree == 0); #ifdef BufStats totalloc += b->bh.bsize; assert(totalloc >= 0); #endif /* If the back link is nonzero, the previous buffer is free. */ if (b->bh.prevfree != 0) { /* The previous buffer is free. Consolidate this buffer with it by adding the length of this buffer to the previous free buffer. Note that we subtract the size in the buffer being released, since it's negative to indicate that the buffer is allocated. */ register bufsize size = b->bh.bsize; /* Make the previous buffer the one we're working on. */ assert(BH(b - b->bh.prevfree)->bsize == b->bh.prevfree); b = BFH(getPointerOffset(b, -b->bh.prevfree)); b->bh.bsize -= size; } else { /* The previous buffer isn't allocated. Insert this buffer on the free list as an isolated free block. */ assert(freelist.ql.blink->ql.flink == &freelist); assert(freelist.ql.flink->ql.blink == &freelist); b->ql.flink = &freelist; b->ql.blink = freelist.ql.blink; freelist.ql.blink = b; b->ql.blink->ql.flink = b; b->bh.bsize = -b->bh.bsize; } /* Now we look at the next buffer in memory, located by advancing from the start of this buffer by its size, to see if that buffer is free. If it is, we combine this buffer with the next one in memory, dechaining the second buffer from the free list. */ bn = BFH(getPointerOffset(b, b->bh.bsize)); if (bn->bh.bsize > 0) { /* The buffer is free. Remove it from the free list and add its size to that of our buffer. */ assert(BH(bn + bn->bh.bsize)->prevfree == bn->bh.bsize); assert(bn->ql.blink->ql.flink == bn); assert(bn->ql.flink->ql.blink == bn); bn->ql.blink->ql.flink = bn->ql.flink; bn->ql.flink->ql.blink = bn->ql.blink; b->bh.bsize += bn->bh.bsize; /* Finally, advance to the buffer that follows the newly consolidated free block. We must set its backpointer to the head of the consolidated free block. We know the next block must be an allocated block because the process of recombination guarantees that two free blocks will never be contiguous in memory. */ bn = BFH(getPointerOffset(b, b->bh.bsize)); } #ifdef FreeWipe V memset(getPointerOffset(b, sizeof(struct bfhead)), 0x55, (MemSize) (b->bh.bsize - (int32_t)sizeof(struct bfhead))); #endif assert(bn->bh.bsize < 0); /* The next buffer is allocated. Set the backpointer in it to point to this buffer; the previous free buffer in memory. */ bn->bh.prevfree = b->bh.bsize; #ifdef BECtl /* If a block-release function is defined, and this free buffer constitutes the entire block, release it. Note that pool_len is defined in such a way that the test will fail unless all pool blocks are the same size. */ if ((relfcn != NULL) && (((bufsize) b->bh.bsize) == (pool_len - (int32_t)sizeof(struct bhead)))) { assert(b->bh.prevfree == 0); assert(BH(b + b->bh.bsize)->bsize == ESent); assert(BH(b + b->bh.bsize)->prevfree == b->bh.bsize); /* Unlink the buffer from the free list */ b->ql.blink->ql.flink = b->ql.flink; b->ql.flink->ql.blink = b->ql.blink; (*relfcn)(b); #ifdef BufStats numprel++; /* Nr of expansion block releases */ numpblk--; /* Total number of blocks */ assert(numpblk == numpget - numprel); #endif /* BufStats */ } } #endif /* BECtl */ }
void BGet::brel(void *buf) { struct bfhead *b, *bn; b = BFH(((char *) buf) - sizeof(struct bhead)); assert(buf != NULL); /* Buffer size must be negative, indicating that the buffer is allocated. */ if (b->bh.bsize >= 0) { bn = NULL; } assert(b->bh.bsize < 0); /* Back pointer in next buffer must be zero, indicating the same thing: */ assert(BH((char *) b - b->bh.bsize)->prevfree == 0); /* If the back link is nonzero, the previous buffer is free. */ if (b->bh.prevfree != 0) { /* The previous buffer is free. Consolidate this buffer with it by adding the length of this buffer to the previous free buffer. Note that we subtract the size in the buffer being released, since it's negative to indicate that the buffer is allocated. */ register bufsize size = b->bh.bsize; /* Make the previous buffer the one we're working on. */ assert(BH((char *) b - b->bh.prevfree)->bsize == b->bh.prevfree); b = BFH(((char *) b) - b->bh.prevfree); b->bh.bsize -= size; } else { /* The previous buffer isn't allocated. Insert this buffer on the free list as an isolated free block. */ assert(freelist.ql.blink->ql.flink == &freelist); assert(freelist.ql.flink->ql.blink == &freelist); b->ql.flink = &freelist; b->ql.blink = freelist.ql.blink; freelist.ql.blink = b; b->ql.blink->ql.flink = b; b->bh.bsize = -b->bh.bsize; } /* Now we look at the next buffer in memory, located by advancing from the start of this buffer by its size, to see if that buffer is free. If it is, we combine this buffer with the next one in memory, dechaining the second buffer from the free list. */ bn = BFH(((char *) b) + b->bh.bsize); if (bn->bh.bsize > 0) { /* The buffer is free. Remove it from the free list and add its size to that of our buffer. */ assert(BH((char *) bn + bn->bh.bsize)->prevfree == bn->bh.bsize); assert(bn->ql.blink->ql.flink == bn); assert(bn->ql.flink->ql.blink == bn); bn->ql.blink->ql.flink = bn->ql.flink; bn->ql.flink->ql.blink = bn->ql.blink; b->bh.bsize += bn->bh.bsize; /* Finally, advance to the buffer that follows the newly consolidated free block. We must set its backpointer to the head of the consolidated free block. We know the next block must be an allocated block because the process of recombination guarantees that two free blocks will never be contiguous in memory. */ bn = BFH(((char *) b) + b->bh.bsize); } #ifdef FreeWipe V memset(((char *) b) + sizeof(struct bfhead), 0x55, (MemSize) (b->bh.bsize - sizeof(struct bfhead))); #endif assert(bn->bh.bsize < 0); /* The next buffer is allocated. Set the backpointer in it to point to this buffer; the previous free buffer in memory. */ bn->bh.prevfree = b->bh.bsize; }
/* bpool * Add a region of memory to the buffer pool. If the pointer to the bytepool is passed as * null, it is treated as a new memory region and thus initialized. Otherwise memory is * added to the existing pool. */ OsStatus_t bpool( _In_ void *buf, _In_ long len, _Out_ BytePool_t **out) { // Variables struct bfhead *b = BFH(buf); struct bhead *bn; // Determine if we should create a new pool if (*out == NULL) { *out = (BytePool_t*)malloc(sizeof(BytePool_t)); memset(*out, 0, sizeof(BytePool_t)); (*out)->freelist.ql.flink = &(*out)->freelist; (*out)->freelist.ql.blink = &(*out)->freelist; } #ifdef SizeQuant len &= ~(SizeQuant - 1); #endif #ifdef BECtl if ((*out)->pool_len == 0) { (*out)->pool_len = len; } else if (len != (*out)->pool_len) { (*out)->pool_len = -1; } #ifdef BufStats (*out)->numpget++; /* Number of block acquisitions */ (*out)->numpblk++; /* Number of blocks total */ assert((*out)->numpblk == (*out)->numpget - (*out)->numprel); #endif /* BufStats */ #endif /* BECtl */ /* Since the block is initially occupied by a single free buffer, it had better not be (much) larger than the largest buffer whose size we can store in bhead.bsize. */ assert(len - sizeof(struct bhead) <= -((long) ESent + 1)); /* Clear the backpointer at the start of the block to indicate that there is no free block prior to this one. That blocks recombination when the first block in memory is released. */ b->bh.prevfree = 0; /* Chain the new block to the free list. */ assert((*out)->freelist.ql.blink->ql.flink == &(*out)->freelist); assert((*out)->freelist.ql.flink->ql.blink == &(*out)->freelist); b->ql.flink = &(*out)->freelist; b->ql.blink = (*out)->freelist.ql.blink; (*out)->freelist.ql.blink = b; b->ql.blink->ql.flink = b; /* Create a dummy allocated buffer at the end of the pool. This dummy buffer is seen when a buffer at the end of the pool is released and blocks recombination of the last buffer with the dummy buffer at the end. The length in the dummy buffer is set to the largest negative number to denote the end of the pool for diagnostic routines (this specific value is not counted on by the actual allocation and release functions). */ len -= sizeof(struct bhead); b->bh.bsize = (long) len; #ifdef FreeWipe V memset(((char *) b) + sizeof(struct bfhead), 0x55, (MemSize) (len - sizeof(struct bfhead))); #endif bn = BH(((char *) b) + len); bn->prevfree = (long) len; /* Definition of ESent assumes two's complement! */ assert((~0) == -1); bn->bsize = ESent; return OsSuccess; }