musl/src/malloc, branch v0.8.3

use new a_crash() asm to optimize double-free handler.

2011-08-23T13:43:45+00:00

gcc generates extremely bad code (7 byte immediate mov) for the old
null pointer write approach. it should be generating something like
"xor %eax,%eax ; mov %al,(%eax)". in any case, using a dedicated
crashing opcode accomplishes the same thing in one byte.

simplify and improve double-free check

2011-08-15T05:59:15+00:00

a valid mmapped block will have an even (actually aligned) "extra"
field, whereas a freed chunk on the heap will always have an in-use
neighbor.

this fixes a potential bug if mmap ever allocated memory below the
main program/brk (in which case it would be wrongly-detected as a
double-free by the old code) and allows the double-free check to work
for donated memory outside of the brk area (or, in the future,
secondary heap zones if support for their creation is added).

posix_memalign should fail if size is not a multiple of sizeof(void *)

2011-06-29T23:26:30+00:00

eliminate OOB array hacks in malloc

2011-06-26T20:12:43+00:00

malloc: cast size down to int in bin_index functions

2011-06-12T14:53:42+00:00

even if size_t was 32-bit already, the fact that the value was
unsigned and that gcc is too stupid to figure out it would be positive
as a signed quantity (due to the immediately-prior arithmetic and
conditionals) results in gcc compiling the integer-to-float conversion
as zero extension to 64 bits followed by an "fildll" (64 bit)
instruction rather than a simple "fildl" (32 bit) instruction on x86.
reportedly fildll is very slow on certain p4-class machines; even if
not, the new code is slightly smaller.

use volatile pointers for intentional-crash code.

2011-06-06T22:10:43+00:00

namespace fixes for sys/mman.h

2011-04-20T19:55:58+00:00

fix rare but nasty under-allocation bug in malloc with large requests

2011-04-04T21:26:41+00:00

the bug appeared only with requests roughly 2*sizeof(size_t) to
4*sizeof(size_t) bytes smaller than a multiple of the page size, and
only for requests large enough to be serviced by mmap instead of the
normal heap. it was only ever observed on 64-bit machines but
presumably could also affect 32-bit (albeit with a smaller window of
opportunity).

avoid over-allocation of brk on first malloc

2011-04-02T03:07:03+00:00

if init_malloc returns positive (successful first init), malloc will
retry getting a chunk from the free bins rather than expanding the
heap again. also pass init_malloc a hint for the size of the initial
allocation.

rename __simple_malloc.c to lite_malloc.c - yes this affects behavior!

2011-03-30T13:29:49+00:00

why does this affect behavior? well, the linker seems to traverse
archive files starting from its current position when resolving
symbols. since calloc.c comes alphabetically (and thus in sequence in
the archive file) between __simple_malloc.c and malloc.c, attempts to
resolve the "malloc" symbol for use by calloc.c were pulling in the
full malloc.c implementation rather than the __simple_malloc.c
implementation.

as of now, lite_malloc.c and malloc.c are adjacent in the archive and
in the correct order, so malloc.c should never be used to resolve
"malloc" unless it's already needed to resolve another symbol ("free"
or "realloc").