118 lines
4.5 KiB
C
118 lines
4.5 KiB
C
// tiny_nextptr.h - Authoritative next-pointer offset/load/store for tiny boxes
|
|
//
|
|
// Finalized Phase E1-CORRECT spec (物理制約込み):
|
|
//
|
|
// HAKMEM_TINY_HEADER_CLASSIDX != 0 のとき:
|
|
//
|
|
// Class 0:
|
|
// [1B header][7B payload] (total 8B)
|
|
// → offset 1 に 8B ポインタは入らないため不可能
|
|
// → freelist中は header を潰して next を base+0 に格納
|
|
// → next_off = 0
|
|
//
|
|
// Class 1〜6:
|
|
// [1B header][payload >= 8B]
|
|
// → headerは保持し、next は header直後 base+1 に格納
|
|
// → next_off = 1
|
|
//
|
|
// Class 7:
|
|
// [1B header][payload 2047B]
|
|
// → C7アップグレード後も header保持、next は base+1 に格納
|
|
// → next_off = 1
|
|
//
|
|
// HAKMEM_TINY_HEADER_CLASSIDX == 0 のとき:
|
|
//
|
|
// 全クラス headerなし → next_off = 0
|
|
//
|
|
// このヘッダは上記仕様を唯一の真実として提供する。
|
|
// すべての tiny freelist / TLS / fast-cache / refill / SLL で
|
|
// tiny_next_off/tiny_next_load/tiny_next_store を経由すること。
|
|
// 直接の *(void**) アクセスやローカルな offset 分岐は使用禁止。
|
|
|
|
#ifndef TINY_NEXTPTR_H
|
|
#define TINY_NEXTPTR_H
|
|
|
|
#include <stdint.h>
|
|
#include <string.h>
|
|
#include "hakmem_build_flags.h"
|
|
#include "tiny_region_id.h" // HEADER_MAGIC/HEADER_CLASS_MASK for header repair/logging
|
|
#include "hakmem_super_registry.h" // hak_super_lookup
|
|
#include "superslab/superslab_inline.h" // slab_index_for
|
|
#include <stdio.h>
|
|
#include <stdatomic.h>
|
|
#include <dlfcn.h>
|
|
#include <execinfo.h> // backtrace for rare misalign diagnostics
|
|
|
|
// Compute freelist next-pointer offset within a block for the given class.
|
|
static inline __attribute__((always_inline)) size_t tiny_next_off(int class_idx) {
|
|
#if HAKMEM_TINY_HEADER_CLASSIDX
|
|
// Phase E1-CORRECT FINAL (C7 user data corruption fix):
|
|
// Class 0, 7 → offset 0 (freelist中はheader潰す - next pointerをuser dataから保護)
|
|
// - C0: 8B block, header後に8Bポインタ入らない (物理制約)
|
|
// - C7: 2048B block, nextを base[0] に格納してuser accessible領域から隔離 (設計選択)
|
|
// Class 1-6 → offset 1 (header保持 - 十分なpayloadあり、user dataと干渉しない)
|
|
return (class_idx == 0 || class_idx == 7) ? 0u : 1u;
|
|
#else
|
|
(void)class_idx;
|
|
return 0u;
|
|
#endif
|
|
}
|
|
|
|
// Safe load of next pointer from a block base.
|
|
static inline __attribute__((always_inline)) void* tiny_next_load(const void* base, int class_idx) {
|
|
size_t off = tiny_next_off(class_idx);
|
|
|
|
if (off == 0) {
|
|
// Aligned access at base (header無し or C0/C7 freelist時)
|
|
return *(void* const*)base;
|
|
}
|
|
|
|
// off != 0: use memcpy to avoid UB on architectures that forbid unaligned loads.
|
|
void* next = NULL;
|
|
const uint8_t* p = (const uint8_t*)base + off;
|
|
memcpy(&next, p, sizeof(void*));
|
|
return next;
|
|
}
|
|
|
|
// Safe store of next pointer into a block base.
|
|
static inline __attribute__((always_inline)) void tiny_next_store(void* base, int class_idx, void* next) {
|
|
size_t off = tiny_next_off(class_idx);
|
|
|
|
#if HAKMEM_TINY_HEADER_CLASSIDX
|
|
// Only restore header for C1-C6 (offset=1 classes)
|
|
// C0, C7 use offset=0, so header will be overwritten by next pointer
|
|
if (class_idx != 0 && class_idx != 7) {
|
|
uint8_t expected = (uint8_t)(HEADER_MAGIC | (class_idx & HEADER_CLASS_MASK));
|
|
uint8_t got = *(uint8_t*)base;
|
|
if (__builtin_expect(got != expected, 0)) {
|
|
static _Atomic uint32_t g_next_hdr_diag = 0;
|
|
uint32_t n = atomic_fetch_add_explicit(&g_next_hdr_diag, 1, memory_order_relaxed);
|
|
if (n < 16) {
|
|
fprintf(stderr, "[NXT_HDR_MISMATCH] cls=%d base=%p got=0x%02x expect=0x%02x\n",
|
|
class_idx, base, got, expected);
|
|
}
|
|
}
|
|
*(uint8_t*)base = expected; // Always restore header before writing next
|
|
}
|
|
#endif
|
|
|
|
// DISABLED: Misalignment detector produces false positives
|
|
// Reason: Slab base offsets (2048, 65536) are not stride-aligned,
|
|
// causing all blocks in a slab to appear "misaligned"
|
|
// TODO: Reimplement to check stride DISTANCE between consecutive blocks
|
|
// instead of absolute alignment to stride boundaries
|
|
// NOTE: Disabled alignment check removed (was 47 LOC of #if 0 code)
|
|
|
|
if (off == 0) {
|
|
// Aligned access at base.
|
|
*(void**)base = next;
|
|
return;
|
|
}
|
|
|
|
// off != 0: use memcpy for portability / UB-avoidance.
|
|
uint8_t* p = (uint8_t*)base + off;
|
|
memcpy(p, &next, sizeof(void*));
|
|
}
|
|
|
|
#endif // TINY_NEXTPTR_H
|