1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
|
------------------------------------------------------------------------------
-- --
-- GNAT RUN-TIME COMPONENTS --
-- --
-- S Y S T E M . M E M O R Y --
-- --
-- S p e c --
-- --
-- --
-- Copyright (C) 2001 Free Software Foundation, Inc. --
-- --
-- This specification is derived from the Ada Reference Manual for use with --
-- GNAT. The copyright notice above, and the license provisions that follow --
-- apply solely to the contents of the part following the private keyword. --
-- --
-- GNAT is free software; you can redistribute it and/or modify it under --
-- terms of the GNU General Public License as published by the Free Soft- --
-- ware Foundation; either version 2, or (at your option) any later ver- --
-- sion. GNAT is distributed in the hope that it will be useful, but WITH- --
-- OUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY --
-- or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License --
-- for more details. You should have received a copy of the GNU General --
-- Public License distributed with GNAT; see file COPYING. If not, write --
-- to the Free Software Foundation, 59 Temple Place - Suite 330, Boston, --
-- MA 02111-1307, USA. --
-- --
-- As a special exception, if other files instantiate generics from this --
-- unit, or you link this unit with other files to produce an executable, --
-- this unit does not by itself cause the resulting executable to be --
-- covered by the GNU General Public License. This exception does not --
-- however invalidate any other reasons why the executable file might be --
-- covered by the GNU Public License. --
-- --
-- GNAT was originally developed by the GNAT team at New York University. --
-- Extensive contributions were provided by Ada Core Technologies Inc. --
-- --
------------------------------------------------------------------------------
-- This version provides ways to limit the amount of used memory for systems
-- that do not have OS support for that.
-- The amount of available memory available for dynamic allocation is limited
-- by setting the environment variable GNAT_MEMORY_LIMIT to the number of
-- kilobytes that can be used.
--
-- Windows is currently using this version.
with Ada.Exceptions;
with System.Soft_Links;
package body System.Memory is
use Ada.Exceptions;
use System.Soft_Links;
function c_malloc (Size : size_t) return System.Address;
pragma Import (C, c_malloc, "malloc");
procedure c_free (Ptr : System.Address);
pragma Import (C, c_free, "free");
function c_realloc
(Ptr : System.Address; Size : size_t) return System.Address;
pragma Import (C, c_realloc, "realloc");
function msize (Ptr : System.Address) return size_t;
pragma Import (C, msize, "_msize");
function getenv (Str : String) return System.Address;
pragma Import (C, getenv);
function atoi (Str : System.Address) return Integer;
pragma Import (C, atoi);
Available_Memory : size_t := 0;
-- Amount of memory that is available for heap allocations.
-- A value of 0 means that the amount is not yet initialized.
Msize_Accuracy : constant := 4096;
-- Defines the amount of memory to add to requested allocation sizes,
-- because malloc may return a bigger block than requested. As msize
-- is used when by Free, it must be used on allocation as well. To
-- prevent underflow of available_memory we need to use a reserve.
procedure Check_Available_Memory (Size : size_t);
-- This routine must be called while holding the task lock. When the
-- memory limit is not yet initialized, it will be set to the value of
-- the GNAT_MEMORY_LIMIT environment variable or to unlimited if that
-- does not exist. If the size is larger than the amount of available
-- memory, the task lock will be freed and a storage_error exception
-- will be raised.
-----------
-- Alloc --
-----------
function Alloc (Size : size_t) return System.Address is
Result : System.Address;
Actual_Size : size_t := Size;
begin
if Size = size_t'Last then
Raise_Exception (Storage_Error'Identity, "object too large");
end if;
-- Change size from zero to non-zero. We still want a proper pointer
-- for the zero case because pointers to zero length objects have to
-- be distinct, but we can't just go ahead and allocate zero bytes,
-- since some malloc's return zero for a zero argument.
if Size = 0 then
Actual_Size := 1;
end if;
Lock_Task.all;
if Actual_Size + Msize_Accuracy >= Available_Memory then
Check_Available_Memory (Size + Msize_Accuracy);
end if;
Result := c_malloc (Actual_Size);
if Result /= System.Null_Address then
Available_Memory := Available_Memory - msize (Result);
end if;
Unlock_Task.all;
if Result = System.Null_Address then
Raise_Exception (Storage_Error'Identity, "heap exhausted");
end if;
return Result;
end Alloc;
----------------------------
-- Check_Available_Memory --
----------------------------
procedure Check_Available_Memory (Size : size_t) is
Gnat_Memory_Limit : System.Address;
begin
if Available_Memory = 0 then
-- The amount of available memory hasn't been initialized yet
Gnat_Memory_Limit := getenv ("GNAT_MEMORY_LIMIT" & ASCII.NUL);
if Gnat_Memory_Limit /= System.Null_Address then
Available_Memory :=
size_t (atoi (Gnat_Memory_Limit)) * 1024 + Msize_Accuracy;
else
Available_Memory := size_t'Last;
end if;
end if;
if Size >= Available_Memory then
-- There is a memory overflow
Unlock_Task.all;
Raise_Exception
(Storage_Error'Identity, "heap memory limit exceeded");
end if;
end Check_Available_Memory;
----------
-- Free --
----------
procedure Free (Ptr : System.Address) is
begin
Lock_Task.all;
if Ptr /= System.Null_Address then
Available_Memory := Available_Memory + msize (Ptr);
end if;
c_free (Ptr);
Unlock_Task.all;
end Free;
-------------
-- Realloc --
-------------
function Realloc
(Ptr : System.Address;
Size : size_t)
return System.Address
is
Result : System.Address;
Actual_Size : size_t := Size;
Old_Size : size_t;
begin
if Size = size_t'Last then
Raise_Exception (Storage_Error'Identity, "object too large");
end if;
Lock_Task.all;
Old_Size := msize (Ptr);
-- Conservative check - no need to try to be precise here
if Size + Msize_Accuracy >= Available_Memory then
Check_Available_Memory (Size + Msize_Accuracy);
end if;
Result := c_realloc (Ptr, Actual_Size);
if Result /= System.Null_Address then
Available_Memory := Available_Memory + Old_Size - msize (Result);
end if;
Unlock_Task.all;
if Result = System.Null_Address then
Raise_Exception (Storage_Error'Identity, "heap exhausted");
end if;
return Result;
end Realloc;
end System.Memory;
|