xref: /csrg-svn/sys/kern/kern_malloc.c (revision 57649) 
131422Smckusick /*
249411Skarels  * Copyright (c) 1987, 1991 The Regents of the University of California.
333439Smckusick  * All rights reserved.
431422Smckusick  *
544437Sbostic  * %sccs.include.redist.c%
633439Smckusick  *
7*57649Smckusick  *	@(#)kern_malloc.c	7.38 (Berkeley) 01/21/93
831422Smckusick  */
931422Smckusick 
1056517Sbostic #include <sys/param.h>
1156517Sbostic #include <sys/proc.h>
1256517Sbostic #include <sys/map.h>
1356517Sbostic #include <sys/kernel.h>
1456517Sbostic #include <sys/malloc.h>
1531422Smckusick 
1656517Sbostic #include <vm/vm.h>
1756517Sbostic #include <vm/vm_kern.h>
1856517Sbostic 
1931422Smckusick struct kmembuckets bucket[MINBUCKET + 16];
2031422Smckusick struct kmemstats kmemstats[M_LAST];
2131422Smckusick struct kmemusage *kmemusage;
2246259Skarels char *kmembase, *kmemlimit;
2345154Smckusick char *memname[] = INITKMEMNAMES;
2431422Smckusick 
2550744Smckusick #ifdef DIAGNOSTIC
2631422Smckusick /*
2752931Smckusick  * This structure provides a set of masks to catch unaligned frees.
2850744Smckusick  */
2952931Smckusick long addrmask[] = { 0,
3050744Smckusick 	0x00000001, 0x00000003, 0x00000007, 0x0000000f,
3150744Smckusick 	0x0000001f, 0x0000003f, 0x0000007f, 0x000000ff,
3250744Smckusick 	0x000001ff, 0x000003ff, 0x000007ff, 0x00000fff,
3350744Smckusick 	0x00001fff, 0x00003fff, 0x00007fff, 0x0000ffff,
3450744Smckusick };
3550937Smckusick 
3650937Smckusick /*
3752931Smckusick  * The WEIRD_ADDR is used as known text to copy into free objects so
3852931Smckusick  * that modifications after frees can be detected.
3952931Smckusick  */
4052931Smckusick #define WEIRD_ADDR	0xdeadbeef
4152931Smckusick #define MAX_COPY	32
4252931Smckusick 
4352931Smckusick /*
4450937Smckusick  * Normally the first word of the structure is used to hold the list
4550937Smckusick  * pointer for free objects. However, when running with diagnostics,
4650937Smckusick  * we use the third and fourth fields, so as to catch modifications
4750937Smckusick  * in the most commonly trashed first two words.
4850937Smckusick  */
4950937Smckusick struct freelist {
5050937Smckusick 	long	spare0;
5153632Smckusick 	short	type;
5250937Smckusick 	long	spare1;
5350937Smckusick 	caddr_t	next;
5450937Smckusick };
5550937Smckusick #else /* !DIAGNOSTIC */
5650937Smckusick struct freelist {
5750937Smckusick 	caddr_t	next;
5850937Smckusick };
5950744Smckusick #endif /* DIAGNOSTIC */
6050744Smckusick 
6150744Smckusick /*
6231422Smckusick  * Allocate a block of memory
6331422Smckusick  */
6449066Skarels void *
6533497Smckusick malloc(size, type, flags)
6631422Smckusick 	unsigned long size;
6734534Skarels 	int type, flags;
6831422Smckusick {
6931422Smckusick 	register struct kmembuckets *kbp;
7031422Smckusick 	register struct kmemusage *kup;
7150937Smckusick 	register struct freelist *freep;
7234534Skarels 	long indx, npg, alloc, allocsize;
7334534Skarels 	int s;
7446259Skarels 	caddr_t va, cp, savedlist;
7550744Smckusick #ifdef DIAGNOSTIC
7652931Smckusick 	long *end, *lp;
7752931Smckusick 	int copysize;
7852943Sralph 	char *savedtype;
7950744Smckusick #endif
8031422Smckusick #ifdef KMEMSTATS
8133438Smckusick 	register struct kmemstats *ksp = &kmemstats[type];
8239732Smckusick 
8339732Smckusick 	if (((unsigned long)type) > M_LAST)
8437478Ssklower 		panic("malloc - bogus type");
8533438Smckusick #endif
8631422Smckusick 	indx = BUCKETINDX(size);
8731422Smckusick 	kbp = &bucket[indx];
8831422Smckusick 	s = splimp();
8933438Smckusick #ifdef KMEMSTATS
9033613Smckusick 	while (ksp->ks_memuse >= ksp->ks_limit) {
9133438Smckusick 		if (flags & M_NOWAIT) {
9233438Smckusick 			splx(s);
9349066Skarels 			return ((void *) NULL);
9433438Smckusick 		}
9533438Smckusick 		if (ksp->ks_limblocks < 65535)
9633438Smckusick 			ksp->ks_limblocks++;
9745154Smckusick 		tsleep((caddr_t)ksp, PSWP+2, memname[type], 0);
9833438Smckusick 	}
9956606Smckusick 	ksp->ks_size |= 1 << indx;
10033438Smckusick #endif
10150744Smckusick #ifdef DIAGNOSTIC
10252931Smckusick 	copysize = 1 << indx < MAX_COPY ? 1 << indx : MAX_COPY;
10350744Smckusick #endif
10431422Smckusick 	if (kbp->kb_next == NULL) {
10556499Smckusick 		kbp->kb_last = NULL;
10631422Smckusick 		if (size > MAXALLOCSAVE)
10731422Smckusick 			allocsize = roundup(size, CLBYTES);
10831422Smckusick 		else
10931422Smckusick 			allocsize = 1 << indx;
11031422Smckusick 		npg = clrnd(btoc(allocsize));
11146259Skarels 		va = (caddr_t) kmem_malloc(kmem_map, (vm_size_t)ctob(npg),
11246259Skarels 					   !(flags & M_NOWAIT));
11346259Skarels 		if (va == NULL) {
11431422Smckusick 			splx(s);
11549066Skarels 			return ((void *) NULL);
11631422Smckusick 		}
11733438Smckusick #ifdef KMEMSTATS
11831422Smckusick 		kbp->kb_total += kbp->kb_elmpercl;
11931422Smckusick #endif
12031422Smckusick 		kup = btokup(va);
12131422Smckusick 		kup->ku_indx = indx;
12231422Smckusick 		if (allocsize > MAXALLOCSAVE) {
12331422Smckusick 			if (npg > 65535)
12431422Smckusick 				panic("malloc: allocation too large");
12531422Smckusick 			kup->ku_pagecnt = npg;
12633438Smckusick #ifdef KMEMSTATS
12733438Smckusick 			ksp->ks_memuse += allocsize;
12833438Smckusick #endif
12931422Smckusick 			goto out;
13031422Smckusick 		}
13131422Smckusick #ifdef KMEMSTATS
13231422Smckusick 		kup->ku_freecnt = kbp->kb_elmpercl;
13331422Smckusick 		kbp->kb_totalfree += kbp->kb_elmpercl;
13431422Smckusick #endif
13546259Skarels 		/*
13646259Skarels 		 * Just in case we blocked while allocating memory,
13746259Skarels 		 * and someone else also allocated memory for this
13846259Skarels 		 * bucket, don't assume the list is still empty.
13946259Skarels 		 */
14046259Skarels 		savedlist = kbp->kb_next;
14152943Sralph 		kbp->kb_next = cp = va + (npg * NBPG) - allocsize;
14252943Sralph 		for (;;) {
14350937Smckusick 			freep = (struct freelist *)cp;
14450744Smckusick #ifdef DIAGNOSTIC
14550744Smckusick 			/*
14650744Smckusick 			 * Copy in known text to detect modification
14750744Smckusick 			 * after freeing.
14850744Smckusick 			 */
14952931Smckusick 			end = (long *)&cp[copysize];
15052931Smckusick 			for (lp = (long *)cp; lp < end; lp++)
15152931Smckusick 				*lp = WEIRD_ADDR;
15250937Smckusick 			freep->type = M_FREE;
15350744Smckusick #endif /* DIAGNOSTIC */
15450744Smckusick 			if (cp <= va)
15550744Smckusick 				break;
15652943Sralph 			cp -= allocsize;
15752943Sralph 			freep->next = cp;
15850744Smckusick 		}
15950937Smckusick 		freep->next = savedlist;
16056499Smckusick 		if (kbp->kb_last == NULL)
16156499Smckusick 			kbp->kb_last = (caddr_t)freep;
16231422Smckusick 	}
16331422Smckusick 	va = kbp->kb_next;
16450937Smckusick 	kbp->kb_next = ((struct freelist *)va)->next;
16550744Smckusick #ifdef DIAGNOSTIC
16650937Smckusick 	freep = (struct freelist *)va;
16752943Sralph 	savedtype = (unsigned)freep->type < M_LAST ?
16852943Sralph 		memname[freep->type] : "???";
169*57649Smckusick 	if (kbp->kb_next &&
170*57649Smckusick 	    !kernacc(kbp->kb_next, sizeof(struct freelist), 0)) {
17157077Smckusick 		printf("%s of object 0x%x size %d %s %s (invalid addr 0x%x)\n",
17257077Smckusick 			"Data modified on freelist: word 2.5", va, size,
17357077Smckusick 			"previous type", savedtype, kbp->kb_next);
17457077Smckusick 		kbp->kb_next = NULL;
17557077Smckusick 	}
17652943Sralph #if BYTE_ORDER == BIG_ENDIAN
17752931Smckusick 	freep->type = WEIRD_ADDR >> 16;
17852943Sralph #endif
17952943Sralph #if BYTE_ORDER == LITTLE_ENDIAN
18052943Sralph 	freep->type = WEIRD_ADDR;
18152943Sralph #endif
18253632Smckusick 	if (((long)(&freep->next)) & 0x2)
18353632Smckusick 		freep->next = (caddr_t)((WEIRD_ADDR >> 16)|(WEIRD_ADDR << 16));
18453632Smckusick 	else
18553632Smckusick 		freep->next = (caddr_t)WEIRD_ADDR;
18652931Smckusick 	end = (long *)&va[copysize];
18752931Smckusick 	for (lp = (long *)va; lp < end; lp++) {
18852931Smckusick 		if (*lp == WEIRD_ADDR)
18952423Storek 			continue;
19050937Smckusick 		printf("%s %d of object 0x%x size %d %s %s (0x%x != 0x%x)\n",
19152943Sralph 			"Data modified on freelist: word", lp - (long *)va,
19252943Sralph 			va, size, "previous type", savedtype, *lp, WEIRD_ADDR);
19352931Smckusick 		break;
19450744Smckusick 	}
19550937Smckusick 	freep->spare0 = 0;
19650744Smckusick #endif /* DIAGNOSTIC */
19731422Smckusick #ifdef KMEMSTATS
19831422Smckusick 	kup = btokup(va);
19931422Smckusick 	if (kup->ku_indx != indx)
20031422Smckusick 		panic("malloc: wrong bucket");
20131422Smckusick 	if (kup->ku_freecnt == 0)
20231422Smckusick 		panic("malloc: lost data");
20331422Smckusick 	kup->ku_freecnt--;
20431422Smckusick 	kbp->kb_totalfree--;
20533438Smckusick 	ksp->ks_memuse += 1 << indx;
20631422Smckusick out:
20731422Smckusick 	kbp->kb_calls++;
20831422Smckusick 	ksp->ks_inuse++;
20931422Smckusick 	ksp->ks_calls++;
21033613Smckusick 	if (ksp->ks_memuse > ksp->ks_maxused)
21133613Smckusick 		ksp->ks_maxused = ksp->ks_memuse;
21231422Smckusick #else
21331422Smckusick out:
21431422Smckusick #endif
21531422Smckusick 	splx(s);
21649066Skarels 	return ((void *) va);
21731422Smckusick }
21831422Smckusick 
21931422Smckusick /*
22031422Smckusick  * Free a block of memory allocated by malloc.
22131422Smckusick  */
22233497Smckusick void
22333497Smckusick free(addr, type)
22449066Skarels 	void *addr;
22534534Skarels 	int type;
22631422Smckusick {
22731422Smckusick 	register struct kmembuckets *kbp;
22831422Smckusick 	register struct kmemusage *kup;
22950937Smckusick 	register struct freelist *freep;
23050744Smckusick 	long size;
23134534Skarels 	int s;
23250744Smckusick #ifdef DIAGNOSTIC
23350744Smckusick 	caddr_t cp;
23452931Smckusick 	long *end, *lp, alloc, copysize;
23550744Smckusick #endif
23633438Smckusick #ifdef KMEMSTATS
23733438Smckusick 	register struct kmemstats *ksp = &kmemstats[type];
23833438Smckusick #endif
23931422Smckusick 
24031422Smckusick 	kup = btokup(addr);
24145000Smckusick 	size = 1 << kup->ku_indx;
24250744Smckusick 	kbp = &bucket[kup->ku_indx];
24350744Smckusick 	s = splimp();
24445000Smckusick #ifdef DIAGNOSTIC
24550744Smckusick 	/*
24650744Smckusick 	 * Check for returns of data that do not point to the
24750744Smckusick 	 * beginning of the allocation.
24850744Smckusick 	 */
24945000Smckusick 	if (size > NBPG * CLSIZE)
25045000Smckusick 		alloc = addrmask[BUCKETINDX(NBPG * CLSIZE)];
25145000Smckusick 	else
25245000Smckusick 		alloc = addrmask[kup->ku_indx];
25352536Smckusick 	if (((u_long)addr & alloc) != 0)
25452536Smckusick 		panic("free: unaligned addr 0x%x, size %d, type %s, mask %d\n",
25552536Smckusick 			addr, size, memname[type], alloc);
25645000Smckusick #endif /* DIAGNOSTIC */
25733613Smckusick 	if (size > MAXALLOCSAVE) {
25846259Skarels 		kmem_free(kmem_map, (vm_offset_t)addr, ctob(kup->ku_pagecnt));
25931422Smckusick #ifdef KMEMSTATS
26033613Smckusick 		size = kup->ku_pagecnt << PGSHIFT;
26133613Smckusick 		ksp->ks_memuse -= size;
26231422Smckusick 		kup->ku_indx = 0;
26331422Smckusick 		kup->ku_pagecnt = 0;
26433613Smckusick 		if (ksp->ks_memuse + size >= ksp->ks_limit &&
26533613Smckusick 		    ksp->ks_memuse < ksp->ks_limit)
26633438Smckusick 			wakeup((caddr_t)ksp);
26733438Smckusick 		ksp->ks_inuse--;
26833497Smckusick 		kbp->kb_total -= 1;
26931422Smckusick #endif
27031422Smckusick 		splx(s);
27131422Smckusick 		return;
27231422Smckusick 	}
27350937Smckusick 	freep = (struct freelist *)addr;
27450744Smckusick #ifdef DIAGNOSTIC
27550744Smckusick 	/*
27650744Smckusick 	 * Check for multiple frees. Use a quick check to see if
27750744Smckusick 	 * it looks free before laboriously searching the freelist.
27850744Smckusick 	 */
27950937Smckusick 	if (freep->spare0 == WEIRD_ADDR) {
28052931Smckusick 		for (cp = kbp->kb_next; cp; cp = *(caddr_t *)cp) {
28152931Smckusick 			if (addr != cp)
28252931Smckusick 				continue;
28352931Smckusick 			printf("multiply freed item 0x%x\n", addr);
28452931Smckusick 			panic("free: duplicated free");
28550744Smckusick 		}
28650744Smckusick 	}
28750744Smckusick 	/*
28850744Smckusick 	 * Copy in known text to detect modification after freeing
28950937Smckusick 	 * and to make it look free. Also, save the type being freed
29050937Smckusick 	 * so we can list likely culprit if modification is detected
29150937Smckusick 	 * when the object is reallocated.
29250744Smckusick 	 */
29352931Smckusick 	copysize = size < MAX_COPY ? size : MAX_COPY;
29452931Smckusick 	end = (long *)&((caddr_t)addr)[copysize];
29552931Smckusick 	for (lp = (long *)addr; lp < end; lp++)
29652931Smckusick 		*lp = WEIRD_ADDR;
29750937Smckusick 	freep->type = type;
29850744Smckusick #endif /* DIAGNOSTIC */
29931422Smckusick #ifdef KMEMSTATS
30031422Smckusick 	kup->ku_freecnt++;
30131422Smckusick 	if (kup->ku_freecnt >= kbp->kb_elmpercl)
30231422Smckusick 		if (kup->ku_freecnt > kbp->kb_elmpercl)
30331422Smckusick 			panic("free: multiple frees");
30431422Smckusick 		else if (kbp->kb_totalfree > kbp->kb_highwat)
30531422Smckusick 			kbp->kb_couldfree++;
30631422Smckusick 	kbp->kb_totalfree++;
30733613Smckusick 	ksp->ks_memuse -= size;
30833613Smckusick 	if (ksp->ks_memuse + size >= ksp->ks_limit &&
30933613Smckusick 	    ksp->ks_memuse < ksp->ks_limit)
31033438Smckusick 		wakeup((caddr_t)ksp);
31133438Smckusick 	ksp->ks_inuse--;
31231422Smckusick #endif
31356499Smckusick 	if (kbp->kb_next == NULL)
31456499Smckusick 		kbp->kb_next = addr;
31556499Smckusick 	else
31656499Smckusick 		((struct freelist *)kbp->kb_last)->next = addr;
31756499Smckusick 	freep->next = NULL;
31856499Smckusick 	kbp->kb_last = addr;
31931422Smckusick 	splx(s);
32031422Smckusick }
32131422Smckusick 
32231422Smckusick /*
32331422Smckusick  * Initialize the kernel memory allocator
32431422Smckusick  */
32531422Smckusick kmeminit()
32631422Smckusick {
32731422Smckusick 	register long indx;
32833497Smckusick 	int npg;
32931422Smckusick 
33034534Skarels #if	((MAXALLOCSAVE & (MAXALLOCSAVE - 1)) != 0)
33134534Skarels 		ERROR!_kmeminit:_MAXALLOCSAVE_not_power_of_2
33234534Skarels #endif
33334534Skarels #if	(MAXALLOCSAVE > MINALLOCSIZE * 32768)
33434534Skarels 		ERROR!_kmeminit:_MAXALLOCSAVE_too_big
33534534Skarels #endif
33634534Skarels #if	(MAXALLOCSAVE < CLBYTES)
33734534Skarels 		ERROR!_kmeminit:_MAXALLOCSAVE_too_small
33834534Skarels #endif
33946259Skarels 	npg = VM_KMEM_SIZE/ NBPG;
34046259Skarels 	kmemusage = (struct kmemusage *) kmem_alloc(kernel_map,
34146259Skarels 		(vm_size_t)(npg * sizeof(struct kmemusage)));
34252423Storek 	kmem_map = kmem_suballoc(kernel_map, (vm_offset_t *)&kmembase,
34352423Storek 		(vm_offset_t *)&kmemlimit, (vm_size_t)(npg * NBPG), FALSE);
34431422Smckusick #ifdef KMEMSTATS
34531422Smckusick 	for (indx = 0; indx < MINBUCKET + 16; indx++) {
34631422Smckusick 		if (1 << indx >= CLBYTES)
34731422Smckusick 			bucket[indx].kb_elmpercl = 1;
34831422Smckusick 		else
34931422Smckusick 			bucket[indx].kb_elmpercl = CLBYTES / (1 << indx);
35031422Smckusick 		bucket[indx].kb_highwat = 5 * bucket[indx].kb_elmpercl;
35131422Smckusick 	}
35231422Smckusick 	for (indx = 0; indx < M_LAST; indx++)
35341950Smckusick 		kmemstats[indx].ks_limit = npg * NBPG * 6 / 10;
35431422Smckusick #endif
35531422Smckusick }
356