1 /* 2 * Copyright (c) 1987, 1991 The Regents of the University of California. 3 * All rights reserved. 4 * 5 * %sccs.include.redist.c% 6 * 7 * @(#)kern_malloc.c 7.37 (Berkeley) 12/11/92 8 */ 9 10 #include <sys/param.h> 11 #include <sys/proc.h> 12 #include <sys/map.h> 13 #include <sys/kernel.h> 14 #include <sys/malloc.h> 15 16 #include <vm/vm.h> 17 #include <vm/vm_kern.h> 18 19 struct kmembuckets bucket[MINBUCKET + 16]; 20 struct kmemstats kmemstats[M_LAST]; 21 struct kmemusage *kmemusage; 22 char *kmembase, *kmemlimit; 23 char *memname[] = INITKMEMNAMES; 24 25 #ifdef DIAGNOSTIC 26 /* 27 * This structure provides a set of masks to catch unaligned frees. 28 */ 29 long addrmask[] = { 0, 30 0x00000001, 0x00000003, 0x00000007, 0x0000000f, 31 0x0000001f, 0x0000003f, 0x0000007f, 0x000000ff, 32 0x000001ff, 0x000003ff, 0x000007ff, 0x00000fff, 33 0x00001fff, 0x00003fff, 0x00007fff, 0x0000ffff, 34 }; 35 36 /* 37 * The WEIRD_ADDR is used as known text to copy into free objects so 38 * that modifications after frees can be detected. 39 */ 40 #define WEIRD_ADDR 0xdeadbeef 41 #define MAX_COPY 32 42 43 /* 44 * Normally the first word of the structure is used to hold the list 45 * pointer for free objects. However, when running with diagnostics, 46 * we use the third and fourth fields, so as to catch modifications 47 * in the most commonly trashed first two words. 48 */ 49 struct freelist { 50 long spare0; 51 short type; 52 long spare1; 53 caddr_t next; 54 }; 55 #else /* !DIAGNOSTIC */ 56 struct freelist { 57 caddr_t next; 58 }; 59 #endif /* DIAGNOSTIC */ 60 61 /* 62 * Allocate a block of memory 63 */ 64 void * 65 malloc(size, type, flags) 66 unsigned long size; 67 int type, flags; 68 { 69 register struct kmembuckets *kbp; 70 register struct kmemusage *kup; 71 register struct freelist *freep; 72 long indx, npg, alloc, allocsize; 73 int s; 74 caddr_t va, cp, savedlist; 75 #ifdef DIAGNOSTIC 76 long *end, *lp; 77 int copysize; 78 char *savedtype; 79 #endif 80 #ifdef KMEMSTATS 81 register struct kmemstats *ksp = &kmemstats[type]; 82 83 if (((unsigned long)type) > M_LAST) 84 panic("malloc - bogus type"); 85 #endif 86 indx = BUCKETINDX(size); 87 kbp = &bucket[indx]; 88 s = splimp(); 89 #ifdef KMEMSTATS 90 while (ksp->ks_memuse >= ksp->ks_limit) { 91 if (flags & M_NOWAIT) { 92 splx(s); 93 return ((void *) NULL); 94 } 95 if (ksp->ks_limblocks < 65535) 96 ksp->ks_limblocks++; 97 tsleep((caddr_t)ksp, PSWP+2, memname[type], 0); 98 } 99 ksp->ks_size |= 1 << indx; 100 #endif 101 #ifdef DIAGNOSTIC 102 copysize = 1 << indx < MAX_COPY ? 1 << indx : MAX_COPY; 103 #endif 104 if (kbp->kb_next == NULL) { 105 kbp->kb_last = NULL; 106 if (size > MAXALLOCSAVE) 107 allocsize = roundup(size, CLBYTES); 108 else 109 allocsize = 1 << indx; 110 npg = clrnd(btoc(allocsize)); 111 va = (caddr_t) kmem_malloc(kmem_map, (vm_size_t)ctob(npg), 112 !(flags & M_NOWAIT)); 113 if (va == NULL) { 114 splx(s); 115 return ((void *) NULL); 116 } 117 #ifdef KMEMSTATS 118 kbp->kb_total += kbp->kb_elmpercl; 119 #endif 120 kup = btokup(va); 121 kup->ku_indx = indx; 122 if (allocsize > MAXALLOCSAVE) { 123 if (npg > 65535) 124 panic("malloc: allocation too large"); 125 kup->ku_pagecnt = npg; 126 #ifdef KMEMSTATS 127 ksp->ks_memuse += allocsize; 128 #endif 129 goto out; 130 } 131 #ifdef KMEMSTATS 132 kup->ku_freecnt = kbp->kb_elmpercl; 133 kbp->kb_totalfree += kbp->kb_elmpercl; 134 #endif 135 /* 136 * Just in case we blocked while allocating memory, 137 * and someone else also allocated memory for this 138 * bucket, don't assume the list is still empty. 139 */ 140 savedlist = kbp->kb_next; 141 kbp->kb_next = cp = va + (npg * NBPG) - allocsize; 142 for (;;) { 143 freep = (struct freelist *)cp; 144 #ifdef DIAGNOSTIC 145 /* 146 * Copy in known text to detect modification 147 * after freeing. 148 */ 149 end = (long *)&cp[copysize]; 150 for (lp = (long *)cp; lp < end; lp++) 151 *lp = WEIRD_ADDR; 152 freep->type = M_FREE; 153 #endif /* DIAGNOSTIC */ 154 if (cp <= va) 155 break; 156 cp -= allocsize; 157 freep->next = cp; 158 } 159 freep->next = savedlist; 160 if (kbp->kb_last == NULL) 161 kbp->kb_last = (caddr_t)freep; 162 } 163 va = kbp->kb_next; 164 kbp->kb_next = ((struct freelist *)va)->next; 165 #ifdef DIAGNOSTIC 166 freep = (struct freelist *)va; 167 savedtype = (unsigned)freep->type < M_LAST ? 168 memname[freep->type] : "???"; 169 if (!kernacc(kbp->kb_next, sizeof(struct freelist), 0)) { 170 printf("%s of object 0x%x size %d %s %s (invalid addr 0x%x)\n", 171 "Data modified on freelist: word 2.5", va, size, 172 "previous type", savedtype, kbp->kb_next); 173 kbp->kb_next = NULL; 174 } 175 #if BYTE_ORDER == BIG_ENDIAN 176 freep->type = WEIRD_ADDR >> 16; 177 #endif 178 #if BYTE_ORDER == LITTLE_ENDIAN 179 freep->type = WEIRD_ADDR; 180 #endif 181 if (((long)(&freep->next)) & 0x2) 182 freep->next = (caddr_t)((WEIRD_ADDR >> 16)|(WEIRD_ADDR << 16)); 183 else 184 freep->next = (caddr_t)WEIRD_ADDR; 185 end = (long *)&va[copysize]; 186 for (lp = (long *)va; lp < end; lp++) { 187 if (*lp == WEIRD_ADDR) 188 continue; 189 printf("%s %d of object 0x%x size %d %s %s (0x%x != 0x%x)\n", 190 "Data modified on freelist: word", lp - (long *)va, 191 va, size, "previous type", savedtype, *lp, WEIRD_ADDR); 192 break; 193 } 194 freep->spare0 = 0; 195 #endif /* DIAGNOSTIC */ 196 #ifdef KMEMSTATS 197 kup = btokup(va); 198 if (kup->ku_indx != indx) 199 panic("malloc: wrong bucket"); 200 if (kup->ku_freecnt == 0) 201 panic("malloc: lost data"); 202 kup->ku_freecnt--; 203 kbp->kb_totalfree--; 204 ksp->ks_memuse += 1 << indx; 205 out: 206 kbp->kb_calls++; 207 ksp->ks_inuse++; 208 ksp->ks_calls++; 209 if (ksp->ks_memuse > ksp->ks_maxused) 210 ksp->ks_maxused = ksp->ks_memuse; 211 #else 212 out: 213 #endif 214 splx(s); 215 return ((void *) va); 216 } 217 218 /* 219 * Free a block of memory allocated by malloc. 220 */ 221 void 222 free(addr, type) 223 void *addr; 224 int type; 225 { 226 register struct kmembuckets *kbp; 227 register struct kmemusage *kup; 228 register struct freelist *freep; 229 long size; 230 int s; 231 #ifdef DIAGNOSTIC 232 caddr_t cp; 233 long *end, *lp, alloc, copysize; 234 #endif 235 #ifdef KMEMSTATS 236 register struct kmemstats *ksp = &kmemstats[type]; 237 #endif 238 239 kup = btokup(addr); 240 size = 1 << kup->ku_indx; 241 kbp = &bucket[kup->ku_indx]; 242 s = splimp(); 243 #ifdef DIAGNOSTIC 244 /* 245 * Check for returns of data that do not point to the 246 * beginning of the allocation. 247 */ 248 if (size > NBPG * CLSIZE) 249 alloc = addrmask[BUCKETINDX(NBPG * CLSIZE)]; 250 else 251 alloc = addrmask[kup->ku_indx]; 252 if (((u_long)addr & alloc) != 0) 253 panic("free: unaligned addr 0x%x, size %d, type %s, mask %d\n", 254 addr, size, memname[type], alloc); 255 #endif /* DIAGNOSTIC */ 256 if (size > MAXALLOCSAVE) { 257 kmem_free(kmem_map, (vm_offset_t)addr, ctob(kup->ku_pagecnt)); 258 #ifdef KMEMSTATS 259 size = kup->ku_pagecnt << PGSHIFT; 260 ksp->ks_memuse -= size; 261 kup->ku_indx = 0; 262 kup->ku_pagecnt = 0; 263 if (ksp->ks_memuse + size >= ksp->ks_limit && 264 ksp->ks_memuse < ksp->ks_limit) 265 wakeup((caddr_t)ksp); 266 ksp->ks_inuse--; 267 kbp->kb_total -= 1; 268 #endif 269 splx(s); 270 return; 271 } 272 freep = (struct freelist *)addr; 273 #ifdef DIAGNOSTIC 274 /* 275 * Check for multiple frees. Use a quick check to see if 276 * it looks free before laboriously searching the freelist. 277 */ 278 if (freep->spare0 == WEIRD_ADDR) { 279 for (cp = kbp->kb_next; cp; cp = *(caddr_t *)cp) { 280 if (addr != cp) 281 continue; 282 printf("multiply freed item 0x%x\n", addr); 283 panic("free: duplicated free"); 284 } 285 } 286 /* 287 * Copy in known text to detect modification after freeing 288 * and to make it look free. Also, save the type being freed 289 * so we can list likely culprit if modification is detected 290 * when the object is reallocated. 291 */ 292 copysize = size < MAX_COPY ? size : MAX_COPY; 293 end = (long *)&((caddr_t)addr)[copysize]; 294 for (lp = (long *)addr; lp < end; lp++) 295 *lp = WEIRD_ADDR; 296 freep->type = type; 297 #endif /* DIAGNOSTIC */ 298 #ifdef KMEMSTATS 299 kup->ku_freecnt++; 300 if (kup->ku_freecnt >= kbp->kb_elmpercl) 301 if (kup->ku_freecnt > kbp->kb_elmpercl) 302 panic("free: multiple frees"); 303 else if (kbp->kb_totalfree > kbp->kb_highwat) 304 kbp->kb_couldfree++; 305 kbp->kb_totalfree++; 306 ksp->ks_memuse -= size; 307 if (ksp->ks_memuse + size >= ksp->ks_limit && 308 ksp->ks_memuse < ksp->ks_limit) 309 wakeup((caddr_t)ksp); 310 ksp->ks_inuse--; 311 #endif 312 if (kbp->kb_next == NULL) 313 kbp->kb_next = addr; 314 else 315 ((struct freelist *)kbp->kb_last)->next = addr; 316 freep->next = NULL; 317 kbp->kb_last = addr; 318 splx(s); 319 } 320 321 /* 322 * Initialize the kernel memory allocator 323 */ 324 kmeminit() 325 { 326 register long indx; 327 int npg; 328 329 #if ((MAXALLOCSAVE & (MAXALLOCSAVE - 1)) != 0) 330 ERROR!_kmeminit:_MAXALLOCSAVE_not_power_of_2 331 #endif 332 #if (MAXALLOCSAVE > MINALLOCSIZE * 32768) 333 ERROR!_kmeminit:_MAXALLOCSAVE_too_big 334 #endif 335 #if (MAXALLOCSAVE < CLBYTES) 336 ERROR!_kmeminit:_MAXALLOCSAVE_too_small 337 #endif 338 npg = VM_KMEM_SIZE/ NBPG; 339 kmemusage = (struct kmemusage *) kmem_alloc(kernel_map, 340 (vm_size_t)(npg * sizeof(struct kmemusage))); 341 kmem_map = kmem_suballoc(kernel_map, (vm_offset_t *)&kmembase, 342 (vm_offset_t *)&kmemlimit, (vm_size_t)(npg * NBPG), FALSE); 343 #ifdef KMEMSTATS 344 for (indx = 0; indx < MINBUCKET + 16; indx++) { 345 if (1 << indx >= CLBYTES) 346 bucket[indx].kb_elmpercl = 1; 347 else 348 bucket[indx].kb_elmpercl = CLBYTES / (1 << indx); 349 bucket[indx].kb_highwat = 5 * bucket[indx].kb_elmpercl; 350 } 351 for (indx = 0; indx < M_LAST; indx++) 352 kmemstats[indx].ks_limit = npg * NBPG * 6 / 10; 353 #endif 354 } 355