替换libc中的malloc free
- 不同平台替换方式不同。 基于unix的系统上的glibc,使用了weak alias的方式替换。具体来说是因为这些入口函数都被定义成了weak symbols,再加上gcc支持 alias attribute,所以替换就变成了这种通用形式:
void* malloc(size_t size) __THROW __attribute__ ((alias (tc_malloc)))
因此所有malloc的调用都跳转到了tc_malloc的实现。
小块内存分配 do_malloc_small
小于等于kMaxSize(256K)的内存被划定为小块内存了,由函数do_malloc_small处理,定义如下:
1 inline void * do_malloc_small( ThreadCache* heap , size_t size) {
2
3 ASSERT( Static::IsInited ());
4
5 ASSERT( heap != NULL );
6
7 size_t cl = Static ::sizemap()-> SizeClass(size );
8
9 size = Static::sizemap ()->class_to_size( cl);
10
11 if (( FLAGS_tcmalloc_sample_parameter > 0) && heap ->SampleAllocation( size)) {
12
13 return DoSampledAllocation (size);
14
15 } else {
16
17 // The common case, and also the simplest. This just pops the
18
19 // size-appropriate freelist, after replenishing it if it's empty.
20
21 return CheckedMallocResult (heap-> Allocate(size , cl));
22
23 }
24
25 }
26请求的size会被sizemap对齐成某一个相近的尺寸。sizemap管理着这些映射关系,从源size到目标size的映射主要是通过三个map实现的:
ClassIndex映射
- 映射方式在代码里面有比较详细的注释:
1 // Sizes <= 1024 have an alignment >= 8. So for such sizes we have an
2 // array indexed by ceil(size/8). Sizes > 1024 have an alignment >= 128.
3 // So for these larger sizes we have an array indexed by ceil(size/128).
4 //
5 // We flatten both logical arrays into one physical array and use
6 // arithmetic to compute an appropriate index. The constants used by
7 // ClassIndex() were selected to make the flattening work.
8 //
9 // Examples:
10 // Size Expression Index
11 // -------------------------------------------------------
12 // 0 (0 + 7) / 8 0
13 // 1 (1 + 7) / 8 1
14 // ...
15 // 1024 (1024 + 7) / 8 128
16 // 1025 (1025 + 127 + (120<<7)) / 128 129
17 // ...
18 // 32768 (32768 + 127 + (120<<7)) / 128 376
19简而言之就是 :<= 1024字节按照8字节向上取整对齐,>1024按照128字节对齐
class_array_和class_to_size_
- class_array_和class_to_size_是简单的数组,在模块加载的时候在SizeMap::Init中初始化 :
1 // Compute the size classes we want to use
2 int sc = 1; // Next size class to assign
3 int alignment = kAlignment;
4 CHECK_CONDITION(kAlignment <= kMinAlign);
5 for (size_t size = kAlignment; size <= kMaxSize; size += alignment) {
6 alignment = AlignmentForSize(size);
7 CHECK_CONDITION((size % alignment) == 0);
8
9 int blocks_to_move = NumMoveSize(size) / 4;
10 size_t psize = 0;
11 do {
12 psize += kPageSize;
13 // Allocate enough pages so leftover is less than 1/8 of total.
14 // This bounds wasted space to at most 12.5%.
15 while ((psize % size) > (psize >> 3)) {
16 psize += kPageSize;
17 }
18 // Continue to add pages until there are at least as many objects in
19 // the span as are needed when moving objects from the central
20 // freelists and spans to the thread caches.
21 } while ((psize / size) < (blocks_to_move));
22 const size_t my_pages = psize >> kPageShift;
23
24 if (sc > 1 && my_pages == class_to_pages_[sc-1]) {
25 // See if we can merge this into the previous class without
26 // increasing the fragmentation of the previous class.
27 const size_t my_objects = (my_pages << kPageShift) / size;
28 const size_t prev_objects = (class_to_pages_[sc-1] << kPageShift)
29 / class_to_size_[sc-1];
30 if (my_objects == prev_objects) {
31 // Adjust last class to include this size
32 class_to_size_[sc-1] = size;
33 continue;
34 }
35 }
36
37 // Add new class
38 class_to_pages_[sc] = my_pages;
39 class_to_size_[sc] = size;
40 sc++;
41 }
42class_to_size_的映射关系是按照不同size的对齐大小累加而成的,而对齐大小由 alignment = AlignmentForSize(size); 计算出,代码如下:
1 int AlignmentForSize (size_t size) {
2
3 int alignment = kAlignment ;
4
5 if ( size > kMaxSize ) {
6
7 // Cap alignment at kPageSize for large sizes.
8
9 alignment = kPageSize ;
10
11 } else if (size >= 128) {
12
13 // Space wasted due to alignment is at most 1/8, i.e., 12.5%.
14
15 alignment = (1 << LgFloor (size)) / 8;
16
17 } else if (size >= kMinAlign) {
18
19 // We need an alignment of at least 16 bytes to satisfy
20
21 // requirements for some SSE types.
22
23 alignment = kMinAlign ;
24
25 }
26
27 // Maximum alignment allowed is page size alignment.
28
29 if ( alignment > kPageSize ) {
30
31 alignment = kPageSize ;
32
33 }
34
35 CHECK_CONDITION( size < kMinAlign || alignment >= kMinAlign);
36
37 CHECK_CONDITION(( alignment & (alignment - 1)) == 0);
38
39 return alignment;
40
41 }
42
LgFloor是个二分法求数值二进制最高位是哪一位的函数。对齐方式可以简化成如下的公式 :
按照这样的公式 class_to_size_[1] = 8, class_to_size_[2] = 16, class_to_size_[3] = 32 ...
class_array_的初始化在class_to_size_之后:
1 // Initialize the mapping arrays
2
3 int next_size = 0;
4
5 for ( int c = 1; c < kNumClasses; c ++) {
6
7 const int max_size_in_class = class_to_size_[c ];
8
9 for (int s = next_size; s <= max_size_in_class; s += kAlignment ) {
10
11 class_array_[ClassIndex (s)] = c;
12
13 }
14
15 next_size = max_size_in_class + kAlignment;
16
17 }
18总的来说就是 ClassIndex一般按照8字节对齐,结果class_to_size_一般按照16字节对齐,class_array_就是去让他们建立对应关系。
以一个具体例子来说明这个映射关系,比如应用程序申请malloc(25)字节时,tcmalloc实际会给分配多少内存:
ClassIndex class_array_ class_to_size_
25 ----------------> (25+7)/8=4 -------------------> 3 -------------------> 32
结果是32字节的内存。
class_to_pages_ 和num_objects_to_move_
SizeMap中还有两个map:class_to_pages_ , num_objects_to_move_ 。
class_to_pages_用在central free list中,表示该size class每一次从 page heap中分配的内存页数,初始化也在SzieMap::Init中:
1 do {
2
3 psize += kPageSize;
4
5 // Allocate enough pages so leftover is less than 1/8 of total.
6
7 // This bounds wasted space to at most 12.5%.
8
9 while ((psize % size) > (psize >> 3)) {
10
11 psize += kPageSize;
12
13 }
14
15 // Continue to add pages until there are at least as many objects in
16
17 // the span as are needed when moving objects from the central
18
19 // freelists and spans to the thread caches.
20
21 } while ((psize / size) < (blocks_to_move));
22该初始化大小受两个条件决定:
1)必须小于blocks_to_move(既num_objects_to_move_,表示每次分配内存分配多少个object);
2) 使得分配出页内存若被划分出一个个object内存,剩余的内存空间不超过该size的1/8的约束,也就是浪费的空间要小于 size/8;
总结
SizeMap把tcmalloc所有和内存size有关的map收集封装统一管理,可以通过调整SizeMap来微调分配行为。问题是为什么把要申请的size先按照8字节对齐映射,然后又按照16字节对齐映射,最后再映射两个表?我的一开始想法是把src size直接按照16字节映射,即:
src size index dst size
0 0 0
1 1 16
2 1 16
n (n+15)/16 (n+15)/16 *16
这样实现起来更简单直观,也是可以达到目的。可能tcmalloc有更深层的原因我没发现。