10Sstevel@tonic-gate /*
20Sstevel@tonic-gate * CDDL HEADER START
30Sstevel@tonic-gate *
40Sstevel@tonic-gate * The contents of this file are subject to the terms of the
5*5891Sraf * Common Development and Distribution License (the "License").
6*5891Sraf * You may not use this file except in compliance with the License.
70Sstevel@tonic-gate *
80Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
90Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing.
100Sstevel@tonic-gate * See the License for the specific language governing permissions
110Sstevel@tonic-gate * and limitations under the License.
120Sstevel@tonic-gate *
130Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each
140Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
150Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the
160Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying
170Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner]
180Sstevel@tonic-gate *
190Sstevel@tonic-gate * CDDL HEADER END
200Sstevel@tonic-gate */
21*5891Sraf
220Sstevel@tonic-gate /*
23*5891Sraf * Copyright 2008 Sun Microsystems, Inc. All rights reserved.
240Sstevel@tonic-gate * Use is subject to license terms.
250Sstevel@tonic-gate */
260Sstevel@tonic-gate
270Sstevel@tonic-gate #pragma ident "%Z%%M% %I% %E% SMI"
280Sstevel@tonic-gate
29*5891Sraf #include <unistd.h>
300Sstevel@tonic-gate #include <errno.h>
310Sstevel@tonic-gate #include <string.h>
320Sstevel@tonic-gate #include <sys/sysmacros.h>
330Sstevel@tonic-gate #include "umem_base.h"
340Sstevel@tonic-gate #include "misc.h"
350Sstevel@tonic-gate
360Sstevel@tonic-gate /*
370Sstevel@tonic-gate * malloc_data_t is an 8-byte structure which is located "before" the pointer
380Sstevel@tonic-gate * returned from {m,c,re}alloc and memalign. The first four bytes give
390Sstevel@tonic-gate * information about the buffer, and the second four bytes are a status byte.
400Sstevel@tonic-gate *
410Sstevel@tonic-gate * See umem_impl.h for the various magic numbers used, and the size
420Sstevel@tonic-gate * encode/decode macros.
430Sstevel@tonic-gate *
440Sstevel@tonic-gate * The 'size' of the buffer includes the tags. That is, we encode the
450Sstevel@tonic-gate * argument to umem_alloc(), not the argument to malloc().
460Sstevel@tonic-gate */
470Sstevel@tonic-gate
480Sstevel@tonic-gate typedef struct malloc_data {
490Sstevel@tonic-gate uint32_t malloc_size;
500Sstevel@tonic-gate uint32_t malloc_stat; /* = UMEM_MALLOC_ENCODE(state, malloc_size) */
510Sstevel@tonic-gate } malloc_data_t;
520Sstevel@tonic-gate
530Sstevel@tonic-gate void *
malloc(size_t size_arg)540Sstevel@tonic-gate malloc(size_t size_arg)
550Sstevel@tonic-gate {
560Sstevel@tonic-gate #ifdef _LP64
570Sstevel@tonic-gate uint32_t high_size = 0;
580Sstevel@tonic-gate #endif
590Sstevel@tonic-gate size_t size;
600Sstevel@tonic-gate
610Sstevel@tonic-gate malloc_data_t *ret;
620Sstevel@tonic-gate size = size_arg + sizeof (malloc_data_t);
630Sstevel@tonic-gate
640Sstevel@tonic-gate #ifdef _LP64
650Sstevel@tonic-gate if (size > UMEM_SECOND_ALIGN) {
660Sstevel@tonic-gate size += sizeof (malloc_data_t);
670Sstevel@tonic-gate high_size = (size >> 32);
680Sstevel@tonic-gate }
690Sstevel@tonic-gate #endif
700Sstevel@tonic-gate if (size < size_arg) {
710Sstevel@tonic-gate errno = ENOMEM; /* overflow */
720Sstevel@tonic-gate return (NULL);
730Sstevel@tonic-gate }
740Sstevel@tonic-gate ret = (malloc_data_t *)_umem_alloc(size, UMEM_DEFAULT);
750Sstevel@tonic-gate if (ret == NULL) {
760Sstevel@tonic-gate if (size <= UMEM_MAXBUF)
770Sstevel@tonic-gate errno = EAGAIN;
780Sstevel@tonic-gate else
790Sstevel@tonic-gate errno = ENOMEM;
800Sstevel@tonic-gate return (NULL);
810Sstevel@tonic-gate #ifdef _LP64
820Sstevel@tonic-gate } else if (high_size > 0) {
830Sstevel@tonic-gate uint32_t low_size = (uint32_t)size;
840Sstevel@tonic-gate
850Sstevel@tonic-gate /*
860Sstevel@tonic-gate * uses different magic numbers to make it harder to
870Sstevel@tonic-gate * undetectably corrupt
880Sstevel@tonic-gate */
890Sstevel@tonic-gate ret->malloc_size = high_size;
900Sstevel@tonic-gate ret->malloc_stat = UMEM_MALLOC_ENCODE(MALLOC_MAGIC, high_size);
910Sstevel@tonic-gate ret++;
920Sstevel@tonic-gate
930Sstevel@tonic-gate ret->malloc_size = low_size;
940Sstevel@tonic-gate ret->malloc_stat = UMEM_MALLOC_ENCODE(MALLOC_OVERSIZE_MAGIC,
950Sstevel@tonic-gate low_size);
960Sstevel@tonic-gate ret++;
970Sstevel@tonic-gate } else if (size > UMEM_SECOND_ALIGN) {
980Sstevel@tonic-gate uint32_t low_size = (uint32_t)size;
990Sstevel@tonic-gate
1000Sstevel@tonic-gate ret++; /* leave the first 8 bytes alone */
1010Sstevel@tonic-gate
1020Sstevel@tonic-gate ret->malloc_size = low_size;
1030Sstevel@tonic-gate ret->malloc_stat = UMEM_MALLOC_ENCODE(MALLOC_SECOND_MAGIC,
1040Sstevel@tonic-gate low_size);
1050Sstevel@tonic-gate ret++;
1060Sstevel@tonic-gate #endif
1070Sstevel@tonic-gate } else {
1080Sstevel@tonic-gate ret->malloc_size = size;
1090Sstevel@tonic-gate ret->malloc_stat = UMEM_MALLOC_ENCODE(MALLOC_MAGIC, size);
1100Sstevel@tonic-gate ret++;
1110Sstevel@tonic-gate }
1120Sstevel@tonic-gate return ((void *)ret);
1130Sstevel@tonic-gate }
1140Sstevel@tonic-gate
1150Sstevel@tonic-gate void *
calloc(size_t nelem,size_t elsize)1160Sstevel@tonic-gate calloc(size_t nelem, size_t elsize)
1170Sstevel@tonic-gate {
1180Sstevel@tonic-gate size_t size = nelem * elsize;
1190Sstevel@tonic-gate void *retval;
1200Sstevel@tonic-gate
1210Sstevel@tonic-gate if (nelem > 0 && elsize > 0 && size/nelem != elsize) {
1220Sstevel@tonic-gate errno = ENOMEM; /* overflow */
1230Sstevel@tonic-gate return (NULL);
1240Sstevel@tonic-gate }
1250Sstevel@tonic-gate
1260Sstevel@tonic-gate retval = malloc(size);
1270Sstevel@tonic-gate if (retval == NULL)
1280Sstevel@tonic-gate return (NULL);
1290Sstevel@tonic-gate
1300Sstevel@tonic-gate (void) memset(retval, 0, size);
1310Sstevel@tonic-gate return (retval);
1320Sstevel@tonic-gate }
1330Sstevel@tonic-gate
1340Sstevel@tonic-gate /*
1350Sstevel@tonic-gate * memalign uses vmem_xalloc to do its work.
1360Sstevel@tonic-gate *
1370Sstevel@tonic-gate * in 64-bit, the memaligned buffer always has two tags. This simplifies the
1380Sstevel@tonic-gate * code.
1390Sstevel@tonic-gate */
1400Sstevel@tonic-gate
1410Sstevel@tonic-gate void *
memalign(size_t align,size_t size_arg)1420Sstevel@tonic-gate memalign(size_t align, size_t size_arg)
1430Sstevel@tonic-gate {
1440Sstevel@tonic-gate size_t size;
1450Sstevel@tonic-gate uintptr_t phase;
1460Sstevel@tonic-gate
1470Sstevel@tonic-gate void *buf;
1480Sstevel@tonic-gate malloc_data_t *ret;
1490Sstevel@tonic-gate
1500Sstevel@tonic-gate size_t overhead;
1510Sstevel@tonic-gate
1520Sstevel@tonic-gate if (size_arg == 0 || align == 0 || (align & (align - 1)) != 0) {
1530Sstevel@tonic-gate errno = EINVAL;
1540Sstevel@tonic-gate return (NULL);
1550Sstevel@tonic-gate }
1560Sstevel@tonic-gate
1570Sstevel@tonic-gate /*
1580Sstevel@tonic-gate * if malloc provides the required alignment, use it.
1590Sstevel@tonic-gate */
1600Sstevel@tonic-gate if (align <= UMEM_ALIGN ||
1610Sstevel@tonic-gate (align <= UMEM_SECOND_ALIGN && size_arg >= UMEM_SECOND_ALIGN))
1620Sstevel@tonic-gate return (malloc(size_arg));
1630Sstevel@tonic-gate
1640Sstevel@tonic-gate #ifdef _LP64
1650Sstevel@tonic-gate overhead = 2 * sizeof (malloc_data_t);
1660Sstevel@tonic-gate #else
1670Sstevel@tonic-gate overhead = sizeof (malloc_data_t);
1680Sstevel@tonic-gate #endif
1690Sstevel@tonic-gate
1700Sstevel@tonic-gate ASSERT(overhead <= align);
1710Sstevel@tonic-gate
1720Sstevel@tonic-gate size = size_arg + overhead;
1730Sstevel@tonic-gate phase = align - overhead;
1740Sstevel@tonic-gate
1750Sstevel@tonic-gate if (umem_memalign_arena == NULL && umem_init() == 0) {
1760Sstevel@tonic-gate errno = ENOMEM;
1770Sstevel@tonic-gate return (NULL);
1780Sstevel@tonic-gate }
1790Sstevel@tonic-gate
1800Sstevel@tonic-gate if (size < size_arg) {
1810Sstevel@tonic-gate errno = ENOMEM; /* overflow */
1820Sstevel@tonic-gate return (NULL);
1830Sstevel@tonic-gate }
1840Sstevel@tonic-gate
1850Sstevel@tonic-gate buf = vmem_xalloc(umem_memalign_arena, size, align, phase,
1860Sstevel@tonic-gate 0, NULL, NULL, VM_NOSLEEP);
1870Sstevel@tonic-gate
1880Sstevel@tonic-gate if (buf == NULL) {
1890Sstevel@tonic-gate if ((size_arg + align) <= UMEM_MAXBUF)
1900Sstevel@tonic-gate errno = EAGAIN;
1910Sstevel@tonic-gate else
1920Sstevel@tonic-gate errno = ENOMEM;
1930Sstevel@tonic-gate
1940Sstevel@tonic-gate return (NULL);
1950Sstevel@tonic-gate }
1960Sstevel@tonic-gate
1970Sstevel@tonic-gate ret = (malloc_data_t *)buf;
1980Sstevel@tonic-gate {
1990Sstevel@tonic-gate uint32_t low_size = (uint32_t)size;
2000Sstevel@tonic-gate
2010Sstevel@tonic-gate #ifdef _LP64
2020Sstevel@tonic-gate uint32_t high_size = (uint32_t)(size >> 32);
2030Sstevel@tonic-gate
2040Sstevel@tonic-gate ret->malloc_size = high_size;
2050Sstevel@tonic-gate ret->malloc_stat = UMEM_MALLOC_ENCODE(MEMALIGN_MAGIC,
2060Sstevel@tonic-gate high_size);
2070Sstevel@tonic-gate ret++;
2080Sstevel@tonic-gate #endif
2090Sstevel@tonic-gate
2100Sstevel@tonic-gate ret->malloc_size = low_size;
2110Sstevel@tonic-gate ret->malloc_stat = UMEM_MALLOC_ENCODE(MEMALIGN_MAGIC, low_size);
2120Sstevel@tonic-gate ret++;
2130Sstevel@tonic-gate }
2140Sstevel@tonic-gate
2150Sstevel@tonic-gate ASSERT(P2PHASE((uintptr_t)ret, align) == 0);
2160Sstevel@tonic-gate ASSERT((void *)((uintptr_t)ret - overhead) == buf);
2170Sstevel@tonic-gate
2180Sstevel@tonic-gate return ((void *)ret);
2190Sstevel@tonic-gate }
2200Sstevel@tonic-gate
2210Sstevel@tonic-gate void *
valloc(size_t size)2220Sstevel@tonic-gate valloc(size_t size)
2230Sstevel@tonic-gate {
2240Sstevel@tonic-gate return (memalign(pagesize, size));
2250Sstevel@tonic-gate }
2260Sstevel@tonic-gate
2270Sstevel@tonic-gate /*
2280Sstevel@tonic-gate * process_free:
2290Sstevel@tonic-gate *
2300Sstevel@tonic-gate * Pulls information out of a buffer pointer, and optionally free it.
2310Sstevel@tonic-gate * This is used by free() and realloc() to process buffers.
2320Sstevel@tonic-gate *
2330Sstevel@tonic-gate * On failure, calls umem_err_recoverable() with an appropriate message
2340Sstevel@tonic-gate * On success, returns the data size through *data_size_arg, if (!is_free).
2350Sstevel@tonic-gate *
2360Sstevel@tonic-gate * Preserves errno, since free()'s semantics require it.
2370Sstevel@tonic-gate */
2380Sstevel@tonic-gate
2390Sstevel@tonic-gate static int
process_free(void * buf_arg,int do_free,size_t * data_size_arg)2400Sstevel@tonic-gate process_free(void *buf_arg,
2410Sstevel@tonic-gate int do_free, /* free the buffer, or just get its size? */
2420Sstevel@tonic-gate size_t *data_size_arg) /* output: bytes of data in buf_arg */
2430Sstevel@tonic-gate {
2440Sstevel@tonic-gate malloc_data_t *buf;
2450Sstevel@tonic-gate
2460Sstevel@tonic-gate void *base;
2470Sstevel@tonic-gate size_t size;
2480Sstevel@tonic-gate size_t data_size;
2490Sstevel@tonic-gate
2500Sstevel@tonic-gate const char *message;
2510Sstevel@tonic-gate int old_errno = errno;
2520Sstevel@tonic-gate
2530Sstevel@tonic-gate buf = (malloc_data_t *)buf_arg;
2540Sstevel@tonic-gate
2550Sstevel@tonic-gate buf--;
2560Sstevel@tonic-gate size = buf->malloc_size;
2570Sstevel@tonic-gate
2580Sstevel@tonic-gate switch (UMEM_MALLOC_DECODE(buf->malloc_stat, size)) {
2590Sstevel@tonic-gate
2600Sstevel@tonic-gate case MALLOC_MAGIC:
2610Sstevel@tonic-gate base = (void *)buf;
2620Sstevel@tonic-gate data_size = size - sizeof (malloc_data_t);
2630Sstevel@tonic-gate
2640Sstevel@tonic-gate if (do_free)
2650Sstevel@tonic-gate buf->malloc_stat = UMEM_FREE_PATTERN_32;
2660Sstevel@tonic-gate
2670Sstevel@tonic-gate goto process_malloc;
2680Sstevel@tonic-gate
2690Sstevel@tonic-gate #ifdef _LP64
2700Sstevel@tonic-gate case MALLOC_SECOND_MAGIC:
2710Sstevel@tonic-gate base = (void *)(buf - 1);
2720Sstevel@tonic-gate data_size = size - 2 * sizeof (malloc_data_t);
2730Sstevel@tonic-gate
2740Sstevel@tonic-gate if (do_free)
2750Sstevel@tonic-gate buf->malloc_stat = UMEM_FREE_PATTERN_32;
2760Sstevel@tonic-gate
2770Sstevel@tonic-gate goto process_malloc;
2780Sstevel@tonic-gate
2790Sstevel@tonic-gate case MALLOC_OVERSIZE_MAGIC: {
2800Sstevel@tonic-gate size_t high_size;
2810Sstevel@tonic-gate
2820Sstevel@tonic-gate buf--;
2830Sstevel@tonic-gate high_size = buf->malloc_size;
2840Sstevel@tonic-gate
2850Sstevel@tonic-gate if (UMEM_MALLOC_DECODE(buf->malloc_stat, high_size) !=
2860Sstevel@tonic-gate MALLOC_MAGIC) {
2870Sstevel@tonic-gate message = "invalid or corrupted buffer";
2880Sstevel@tonic-gate break;
2890Sstevel@tonic-gate }
2900Sstevel@tonic-gate
2910Sstevel@tonic-gate size += high_size << 32;
2920Sstevel@tonic-gate
2930Sstevel@tonic-gate base = (void *)buf;
2940Sstevel@tonic-gate data_size = size - 2 * sizeof (malloc_data_t);
2950Sstevel@tonic-gate
2960Sstevel@tonic-gate if (do_free) {
2970Sstevel@tonic-gate buf->malloc_stat = UMEM_FREE_PATTERN_32;
2980Sstevel@tonic-gate (buf + 1)->malloc_stat = UMEM_FREE_PATTERN_32;
2990Sstevel@tonic-gate }
3000Sstevel@tonic-gate
3010Sstevel@tonic-gate goto process_malloc;
3020Sstevel@tonic-gate }
3030Sstevel@tonic-gate #endif
3040Sstevel@tonic-gate
3050Sstevel@tonic-gate case MEMALIGN_MAGIC: {
3060Sstevel@tonic-gate size_t overhead = sizeof (malloc_data_t);
3070Sstevel@tonic-gate
3080Sstevel@tonic-gate #ifdef _LP64
3090Sstevel@tonic-gate size_t high_size;
3100Sstevel@tonic-gate
3110Sstevel@tonic-gate overhead += sizeof (malloc_data_t);
3120Sstevel@tonic-gate
3130Sstevel@tonic-gate buf--;
3140Sstevel@tonic-gate high_size = buf->malloc_size;
3150Sstevel@tonic-gate
3160Sstevel@tonic-gate if (UMEM_MALLOC_DECODE(buf->malloc_stat, high_size) !=
3170Sstevel@tonic-gate MEMALIGN_MAGIC) {
3180Sstevel@tonic-gate message = "invalid or corrupted buffer";
3190Sstevel@tonic-gate break;
3200Sstevel@tonic-gate }
3210Sstevel@tonic-gate size += high_size << 32;
3220Sstevel@tonic-gate
3230Sstevel@tonic-gate /*
3240Sstevel@tonic-gate * destroy the main tag's malloc_stat
3250Sstevel@tonic-gate */
3260Sstevel@tonic-gate if (do_free)
3270Sstevel@tonic-gate (buf + 1)->malloc_stat = UMEM_FREE_PATTERN_32;
3280Sstevel@tonic-gate #endif
3290Sstevel@tonic-gate
3300Sstevel@tonic-gate base = (void *)buf;
3310Sstevel@tonic-gate data_size = size - overhead;
3320Sstevel@tonic-gate
3330Sstevel@tonic-gate if (do_free)
3340Sstevel@tonic-gate buf->malloc_stat = UMEM_FREE_PATTERN_32;
3350Sstevel@tonic-gate
3360Sstevel@tonic-gate goto process_memalign;
3370Sstevel@tonic-gate }
3380Sstevel@tonic-gate default:
3390Sstevel@tonic-gate if (buf->malloc_stat == UMEM_FREE_PATTERN_32)
3400Sstevel@tonic-gate message = "double-free or invalid buffer";
3410Sstevel@tonic-gate else
3420Sstevel@tonic-gate message = "invalid or corrupted buffer";
3430Sstevel@tonic-gate break;
3440Sstevel@tonic-gate }
3450Sstevel@tonic-gate
3460Sstevel@tonic-gate umem_err_recoverable("%s(%p): %s\n",
3470Sstevel@tonic-gate do_free? "free" : "realloc", buf_arg, message);
3480Sstevel@tonic-gate
3490Sstevel@tonic-gate errno = old_errno;
3500Sstevel@tonic-gate return (0);
3510Sstevel@tonic-gate
3520Sstevel@tonic-gate process_malloc:
3530Sstevel@tonic-gate if (do_free)
3540Sstevel@tonic-gate _umem_free(base, size);
3550Sstevel@tonic-gate else
3560Sstevel@tonic-gate *data_size_arg = data_size;
3570Sstevel@tonic-gate
3580Sstevel@tonic-gate errno = old_errno;
3590Sstevel@tonic-gate return (1);
3600Sstevel@tonic-gate
3610Sstevel@tonic-gate process_memalign:
3620Sstevel@tonic-gate if (do_free)
3630Sstevel@tonic-gate vmem_xfree(umem_memalign_arena, base, size);
3640Sstevel@tonic-gate else
3650Sstevel@tonic-gate *data_size_arg = data_size;
3660Sstevel@tonic-gate
3670Sstevel@tonic-gate errno = old_errno;
3680Sstevel@tonic-gate return (1);
3690Sstevel@tonic-gate }
3700Sstevel@tonic-gate
3710Sstevel@tonic-gate void
free(void * buf)3720Sstevel@tonic-gate free(void *buf)
3730Sstevel@tonic-gate {
3740Sstevel@tonic-gate if (buf == NULL)
3750Sstevel@tonic-gate return;
3760Sstevel@tonic-gate
3770Sstevel@tonic-gate /*
3780Sstevel@tonic-gate * Process buf, freeing it if it is not corrupt.
3790Sstevel@tonic-gate */
3800Sstevel@tonic-gate (void) process_free(buf, 1, NULL);
3810Sstevel@tonic-gate }
3820Sstevel@tonic-gate
3830Sstevel@tonic-gate void *
realloc(void * buf_arg,size_t newsize)3840Sstevel@tonic-gate realloc(void *buf_arg, size_t newsize)
3850Sstevel@tonic-gate {
3860Sstevel@tonic-gate size_t oldsize;
3870Sstevel@tonic-gate void *buf;
3880Sstevel@tonic-gate
3890Sstevel@tonic-gate if (buf_arg == NULL)
3900Sstevel@tonic-gate return (malloc(newsize));
3910Sstevel@tonic-gate
392776Sjwadams if (newsize == 0) {
393776Sjwadams free(buf_arg);
394776Sjwadams return (NULL);
395776Sjwadams }
396776Sjwadams
3970Sstevel@tonic-gate /*
3980Sstevel@tonic-gate * get the old data size without freeing the buffer
3990Sstevel@tonic-gate */
4000Sstevel@tonic-gate if (process_free(buf_arg, 0, &oldsize) == 0) {
4010Sstevel@tonic-gate errno = EINVAL;
4020Sstevel@tonic-gate return (NULL);
4030Sstevel@tonic-gate }
4040Sstevel@tonic-gate
4050Sstevel@tonic-gate if (newsize == oldsize) /* size didn't change */
4060Sstevel@tonic-gate return (buf_arg);
4070Sstevel@tonic-gate
4080Sstevel@tonic-gate buf = malloc(newsize);
4090Sstevel@tonic-gate if (buf == NULL)
4100Sstevel@tonic-gate return (NULL);
4110Sstevel@tonic-gate
4120Sstevel@tonic-gate (void) memcpy(buf, buf_arg, MIN(newsize, oldsize));
4130Sstevel@tonic-gate free(buf_arg);
4140Sstevel@tonic-gate return (buf);
4150Sstevel@tonic-gate }
416