mirror of
https://github.com/git/git.git
synced 2025-01-10 09:33:43 +08:00
ffeaf2f76a
If len is INT_MAX in mem_pool_strvfmt(), then len + 1 overflows. Casting it to size_t would prevent that. Use st_add() to go a step further and make the addition *obviously* safe. The compiler can optimize the check away on platforms where SIZE_MAX > INT_MAX, i.e. basically everywhere. Signed-off-by: René Scharfe <l.s.r@web.de> Signed-off-by: Junio C Hamano <gitster@pobox.com>
218 lines
5.1 KiB
C
218 lines
5.1 KiB
C
/*
|
|
* Memory Pool implementation logic.
|
|
*/
|
|
|
|
#include "git-compat-util.h"
|
|
#include "mem-pool.h"
|
|
|
|
#define BLOCK_GROWTH_SIZE (1024 * 1024 - sizeof(struct mp_block))
|
|
|
|
/*
|
|
* The inner union is an approximation for C11's max_align_t, and the
|
|
* struct + offsetof computes _Alignof. This can all just be replaced
|
|
* with _Alignof(max_align_t) if/when C11 is part of the baseline.
|
|
* Note that _Alignof(X) need not be the same as sizeof(X); it's only
|
|
* required to be a (possibly trivial) factor. They are the same for
|
|
* most architectures, but m68k for example has only 2-byte alignment
|
|
* for its 4-byte and 8-byte types, so using sizeof would waste space.
|
|
*
|
|
* Add more types to the union if the current set is insufficient.
|
|
*/
|
|
struct git_max_alignment {
|
|
char unalign;
|
|
union {
|
|
uintmax_t max_align_uintmax;
|
|
void *max_align_pointer;
|
|
} aligned;
|
|
};
|
|
#define GIT_MAX_ALIGNMENT offsetof(struct git_max_alignment, aligned)
|
|
|
|
/*
|
|
* Allocate a new mp_block and insert it after the block specified in
|
|
* `insert_after`. If `insert_after` is NULL, then insert block at the
|
|
* head of the linked list.
|
|
*/
|
|
static struct mp_block *mem_pool_alloc_block(struct mem_pool *pool,
|
|
size_t block_alloc,
|
|
struct mp_block *insert_after)
|
|
{
|
|
struct mp_block *p;
|
|
|
|
pool->pool_alloc += sizeof(struct mp_block) + block_alloc;
|
|
p = xmalloc(st_add(sizeof(struct mp_block), block_alloc));
|
|
|
|
p->next_free = (char *)p->space;
|
|
p->end = p->next_free + block_alloc;
|
|
|
|
if (insert_after) {
|
|
p->next_block = insert_after->next_block;
|
|
insert_after->next_block = p;
|
|
} else {
|
|
p->next_block = pool->mp_block;
|
|
pool->mp_block = p;
|
|
}
|
|
|
|
return p;
|
|
}
|
|
|
|
void mem_pool_init(struct mem_pool *pool, size_t initial_size)
|
|
{
|
|
memset(pool, 0, sizeof(*pool));
|
|
pool->block_alloc = BLOCK_GROWTH_SIZE;
|
|
|
|
if (initial_size > 0)
|
|
mem_pool_alloc_block(pool, initial_size, NULL);
|
|
}
|
|
|
|
void mem_pool_discard(struct mem_pool *pool, int invalidate_memory)
|
|
{
|
|
struct mp_block *block, *block_to_free;
|
|
|
|
block = pool->mp_block;
|
|
while (block)
|
|
{
|
|
block_to_free = block;
|
|
block = block->next_block;
|
|
|
|
if (invalidate_memory)
|
|
memset(block_to_free->space, 0xDD, ((char *)block_to_free->end) - ((char *)block_to_free->space));
|
|
|
|
free(block_to_free);
|
|
}
|
|
|
|
pool->mp_block = NULL;
|
|
pool->pool_alloc = 0;
|
|
}
|
|
|
|
void *mem_pool_alloc(struct mem_pool *pool, size_t len)
|
|
{
|
|
struct mp_block *p = NULL;
|
|
void *r;
|
|
|
|
len = DIV_ROUND_UP(len, GIT_MAX_ALIGNMENT) * GIT_MAX_ALIGNMENT;
|
|
|
|
if (pool->mp_block &&
|
|
pool->mp_block->end - pool->mp_block->next_free >= len)
|
|
p = pool->mp_block;
|
|
|
|
if (!p) {
|
|
if (len >= (pool->block_alloc / 2))
|
|
p = mem_pool_alloc_block(pool, len, pool->mp_block);
|
|
else
|
|
p = mem_pool_alloc_block(pool, pool->block_alloc, NULL);
|
|
}
|
|
|
|
r = p->next_free;
|
|
p->next_free += len;
|
|
return r;
|
|
}
|
|
|
|
static char *mem_pool_strvfmt(struct mem_pool *pool, const char *fmt,
|
|
va_list ap)
|
|
{
|
|
struct mp_block *block = pool->mp_block;
|
|
char *next_free = block ? block->next_free : NULL;
|
|
size_t available = block ? block->end - block->next_free : 0;
|
|
va_list cp;
|
|
int len, len2;
|
|
size_t size;
|
|
char *ret;
|
|
|
|
va_copy(cp, ap);
|
|
len = vsnprintf(next_free, available, fmt, cp);
|
|
va_end(cp);
|
|
if (len < 0)
|
|
BUG("your vsnprintf is broken (returned %d)", len);
|
|
|
|
size = st_add(len, 1); /* 1 for NUL */
|
|
ret = mem_pool_alloc(pool, size);
|
|
|
|
/* Shortcut; relies on mem_pool_alloc() not touching buffer contents. */
|
|
if (ret == next_free)
|
|
return ret;
|
|
|
|
len2 = vsnprintf(ret, size, fmt, ap);
|
|
if (len2 != len)
|
|
BUG("your vsnprintf is broken (returns inconsistent lengths)");
|
|
return ret;
|
|
}
|
|
|
|
char *mem_pool_strfmt(struct mem_pool *pool, const char *fmt, ...)
|
|
{
|
|
va_list ap;
|
|
char *ret;
|
|
|
|
va_start(ap, fmt);
|
|
ret = mem_pool_strvfmt(pool, fmt, ap);
|
|
va_end(ap);
|
|
return ret;
|
|
}
|
|
|
|
void *mem_pool_calloc(struct mem_pool *pool, size_t count, size_t size)
|
|
{
|
|
size_t len = st_mult(count, size);
|
|
void *r = mem_pool_alloc(pool, len);
|
|
memset(r, 0, len);
|
|
return r;
|
|
}
|
|
|
|
char *mem_pool_strdup(struct mem_pool *pool, const char *str)
|
|
{
|
|
size_t len = strlen(str) + 1;
|
|
char *ret = mem_pool_alloc(pool, len);
|
|
|
|
return memcpy(ret, str, len);
|
|
}
|
|
|
|
char *mem_pool_strndup(struct mem_pool *pool, const char *str, size_t len)
|
|
{
|
|
char *p = memchr(str, '\0', len);
|
|
size_t actual_len = (p ? p - str : len);
|
|
char *ret = mem_pool_alloc(pool, actual_len+1);
|
|
|
|
ret[actual_len] = '\0';
|
|
return memcpy(ret, str, actual_len);
|
|
}
|
|
|
|
int mem_pool_contains(struct mem_pool *pool, void *mem)
|
|
{
|
|
struct mp_block *p;
|
|
|
|
/* Check if memory is allocated in a block */
|
|
for (p = pool->mp_block; p; p = p->next_block)
|
|
if ((mem >= ((void *)p->space)) &&
|
|
(mem < ((void *)p->end)))
|
|
return 1;
|
|
|
|
return 0;
|
|
}
|
|
|
|
void mem_pool_combine(struct mem_pool *dst, struct mem_pool *src)
|
|
{
|
|
struct mp_block *p;
|
|
|
|
/* Append the blocks from src to dst */
|
|
if (dst->mp_block && src->mp_block) {
|
|
/*
|
|
* src and dst have blocks, append
|
|
* blocks from src to dst.
|
|
*/
|
|
p = dst->mp_block;
|
|
while (p->next_block)
|
|
p = p->next_block;
|
|
|
|
p->next_block = src->mp_block;
|
|
} else if (src->mp_block) {
|
|
/*
|
|
* src has blocks, dst is empty.
|
|
*/
|
|
dst->mp_block = src->mp_block;
|
|
} else {
|
|
/* src is empty, nothing to do. */
|
|
}
|
|
|
|
dst->pool_alloc += src->pool_alloc;
|
|
src->pool_alloc = 0;
|
|
src->mp_block = NULL;
|
|
}
|