1 /* 2 * Copyright (c) 1987, 1991, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. All advertising materials mentioning features or use of this software 14 * must display the following acknowledgement: 15 * This product includes software developed by the University of 16 * California, Berkeley and its contributors. 17 * 4. Neither the name of the University nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * 33 * @(#)kern_malloc.c 8.3 (Berkeley) 1/4/94 34 * $Id: kern_malloc.c,v 1.55 1999/05/06 18:12:42 peter Exp $ 35 */ 36 37 #include "opt_vm.h" 38 39 #include <sys/param.h> 40 #include <sys/systm.h> 41 #include <sys/kernel.h> 42 #define MALLOC_INSTANTIATE 43 #include <sys/malloc.h> 44 #include <sys/mbuf.h> 45 #include <sys/vmmeter.h> 46 #include <sys/lock.h> 47 48 #include <vm/vm.h> 49 #include <vm/vm_param.h> 50 #include <vm/vm_kern.h> 51 #include <vm/vm_extern.h> 52 #include <vm/pmap.h> 53 #include <vm/vm_map.h> 54 55 static void kmeminit __P((void *)); 56 SYSINIT(kmem, SI_SUB_KMEM, SI_ORDER_FIRST, kmeminit, NULL) 57 58 static MALLOC_DEFINE(M_FREE, "free", "should be on free list"); 59 60 static struct malloc_type *kmemstatistics; 61 static struct kmembuckets bucket[MINBUCKET + 16]; 62 static struct kmemusage *kmemusage; 63 static char *kmembase; 64 static char *kmemlimit; 65 static int vm_kmem_size; 66 67 #ifdef INVARIANTS 68 /* 69 * This structure provides a set of masks to catch unaligned frees. 70 */ 71 static long addrmask[] = { 0, 72 0x00000001, 0x00000003, 0x00000007, 0x0000000f, 73 0x0000001f, 0x0000003f, 0x0000007f, 0x000000ff, 74 0x000001ff, 0x000003ff, 0x000007ff, 0x00000fff, 75 0x00001fff, 0x00003fff, 0x00007fff, 0x0000ffff, 76 }; 77 78 /* 79 * The WEIRD_ADDR is used as known text to copy into free objects so 80 * that modifications after frees can be detected. 81 */ 82 #define WEIRD_ADDR 0xdeadc0de 83 #define MAX_COPY 64 84 85 /* 86 * Normally the first word of the structure is used to hold the list 87 * pointer for free objects. However, when running with diagnostics, 88 * we use the third and fourth fields, so as to catch modifications 89 * in the most commonly trashed first two words. 90 */ 91 struct freelist { 92 long spare0; 93 struct malloc_type *type; 94 long spare1; 95 caddr_t next; 96 }; 97 #else /* !INVARIANTS */ 98 struct freelist { 99 caddr_t next; 100 }; 101 #endif /* INVARIANTS */ 102 103 /* 104 * malloc: 105 * 106 * Allocate a block of memory. 107 * 108 * If M_NOWAIT is set, this routine will not block and return NULL if 109 * the allocation fails. 110 * 111 * If M_ASLEEP is set (M_NOWAIT must also be set), this routine 112 * will have the side effect of calling asleep() if it returns NULL, 113 * allowing the parent to await() at some future time. 114 */ 115 void * 116 malloc(size, type, flags) 117 unsigned long size; 118 struct malloc_type *type; 119 int flags; 120 { 121 register struct kmembuckets *kbp; 122 register struct kmemusage *kup; 123 register struct freelist *freep; 124 long indx, npg, allocsize; 125 int s; 126 caddr_t va, cp, savedlist; 127 #ifdef INVARIANTS 128 long *end, *lp; 129 int copysize; 130 const char *savedtype; 131 #endif 132 register struct malloc_type *ksp = type; 133 134 /* 135 * Must be at splmem() prior to initializing segment to handle 136 * potential initialization race. 137 */ 138 139 s = splmem(); 140 141 if (type->ks_limit == 0) 142 malloc_init(type); 143 144 indx = BUCKETINDX(size); 145 kbp = &bucket[indx]; 146 147 while (ksp->ks_memuse >= ksp->ks_limit) { 148 if (flags & M_ASLEEP) { 149 if (ksp->ks_limblocks < 65535) 150 ksp->ks_limblocks++; 151 asleep((caddr_t)ksp, PSWP+2, type->ks_shortdesc, 0); 152 } 153 if (flags & M_NOWAIT) { 154 splx(s); 155 return ((void *) NULL); 156 } 157 if (ksp->ks_limblocks < 65535) 158 ksp->ks_limblocks++; 159 tsleep((caddr_t)ksp, PSWP+2, type->ks_shortdesc, 0); 160 } 161 ksp->ks_size |= 1 << indx; 162 #ifdef INVARIANTS 163 copysize = 1 << indx < MAX_COPY ? 1 << indx : MAX_COPY; 164 #endif 165 if (kbp->kb_next == NULL) { 166 kbp->kb_last = NULL; 167 if (size > MAXALLOCSAVE) 168 allocsize = roundup(size, PAGE_SIZE); 169 else 170 allocsize = 1 << indx; 171 npg = btoc(allocsize); 172 va = (caddr_t) kmem_malloc(kmem_map, (vm_size_t)ctob(npg), flags); 173 if (va == NULL) { 174 splx(s); 175 return ((void *) NULL); 176 } 177 kbp->kb_total += kbp->kb_elmpercl; 178 kup = btokup(va); 179 kup->ku_indx = indx; 180 if (allocsize > MAXALLOCSAVE) { 181 if (npg > 65535) 182 panic("malloc: allocation too large"); 183 kup->ku_pagecnt = npg; 184 ksp->ks_memuse += allocsize; 185 goto out; 186 } 187 kup->ku_freecnt = kbp->kb_elmpercl; 188 kbp->kb_totalfree += kbp->kb_elmpercl; 189 /* 190 * Just in case we blocked while allocating memory, 191 * and someone else also allocated memory for this 192 * bucket, don't assume the list is still empty. 193 */ 194 savedlist = kbp->kb_next; 195 kbp->kb_next = cp = va + (npg * PAGE_SIZE) - allocsize; 196 for (;;) { 197 freep = (struct freelist *)cp; 198 #ifdef INVARIANTS 199 /* 200 * Copy in known text to detect modification 201 * after freeing. 202 */ 203 end = (long *)&cp[copysize]; 204 for (lp = (long *)cp; lp < end; lp++) 205 *lp = WEIRD_ADDR; 206 freep->type = M_FREE; 207 #endif /* INVARIANTS */ 208 if (cp <= va) 209 break; 210 cp -= allocsize; 211 freep->next = cp; 212 } 213 freep->next = savedlist; 214 if (kbp->kb_last == NULL) 215 kbp->kb_last = (caddr_t)freep; 216 } 217 va = kbp->kb_next; 218 kbp->kb_next = ((struct freelist *)va)->next; 219 #ifdef INVARIANTS 220 freep = (struct freelist *)va; 221 savedtype = (const char *) type->ks_shortdesc; 222 #if BYTE_ORDER == BIG_ENDIAN 223 freep->type = (struct malloc_type *)WEIRD_ADDR >> 16; 224 #endif 225 #if BYTE_ORDER == LITTLE_ENDIAN 226 freep->type = (struct malloc_type *)WEIRD_ADDR; 227 #endif 228 if ((intptr_t)(void *)&freep->next & 0x2) 229 freep->next = (caddr_t)((WEIRD_ADDR >> 16)|(WEIRD_ADDR << 16)); 230 else 231 freep->next = (caddr_t)WEIRD_ADDR; 232 end = (long *)&va[copysize]; 233 for (lp = (long *)va; lp < end; lp++) { 234 if (*lp == WEIRD_ADDR) 235 continue; 236 printf("%s %ld of object %p size %lu %s %s (0x%lx != 0x%lx)\n", 237 "Data modified on freelist: word", 238 (long)(lp - (long *)va), (void *)va, size, 239 "previous type", savedtype, *lp, (u_long)WEIRD_ADDR); 240 break; 241 } 242 freep->spare0 = 0; 243 #endif /* INVARIANTS */ 244 kup = btokup(va); 245 if (kup->ku_indx != indx) 246 panic("malloc: wrong bucket"); 247 if (kup->ku_freecnt == 0) 248 panic("malloc: lost data"); 249 kup->ku_freecnt--; 250 kbp->kb_totalfree--; 251 ksp->ks_memuse += 1 << indx; 252 out: 253 kbp->kb_calls++; 254 ksp->ks_inuse++; 255 ksp->ks_calls++; 256 if (ksp->ks_memuse > ksp->ks_maxused) 257 ksp->ks_maxused = ksp->ks_memuse; 258 splx(s); 259 return ((void *) va); 260 } 261 262 /* 263 * free: 264 * 265 * Free a block of memory allocated by malloc. 266 * 267 * This routine may not block. 268 */ 269 void 270 free(addr, type) 271 void *addr; 272 struct malloc_type *type; 273 { 274 register struct kmembuckets *kbp; 275 register struct kmemusage *kup; 276 register struct freelist *freep; 277 long size; 278 int s; 279 #ifdef INVARIANTS 280 struct freelist *fp; 281 long *end, *lp, alloc, copysize; 282 #endif 283 register struct malloc_type *ksp = type; 284 285 if (type->ks_limit == 0) 286 panic("freeing with unknown type (%s)", type->ks_shortdesc); 287 288 KASSERT(kmembase <= (char *)addr && (char *)addr < kmemlimit, 289 ("free: address %p out of range", (void *)addr)); 290 kup = btokup(addr); 291 size = 1 << kup->ku_indx; 292 kbp = &bucket[kup->ku_indx]; 293 s = splmem(); 294 #ifdef INVARIANTS 295 /* 296 * Check for returns of data that do not point to the 297 * beginning of the allocation. 298 */ 299 if (size > PAGE_SIZE) 300 alloc = addrmask[BUCKETINDX(PAGE_SIZE)]; 301 else 302 alloc = addrmask[kup->ku_indx]; 303 if (((uintptr_t)(void *)addr & alloc) != 0) 304 panic("free: unaligned addr %p, size %ld, type %s, mask %ld", 305 (void *)addr, size, type->ks_shortdesc, alloc); 306 #endif /* INVARIANTS */ 307 if (size > MAXALLOCSAVE) { 308 kmem_free(kmem_map, (vm_offset_t)addr, ctob(kup->ku_pagecnt)); 309 size = kup->ku_pagecnt << PAGE_SHIFT; 310 ksp->ks_memuse -= size; 311 kup->ku_indx = 0; 312 kup->ku_pagecnt = 0; 313 if (ksp->ks_memuse + size >= ksp->ks_limit && 314 ksp->ks_memuse < ksp->ks_limit) 315 wakeup((caddr_t)ksp); 316 ksp->ks_inuse--; 317 kbp->kb_total -= 1; 318 splx(s); 319 return; 320 } 321 freep = (struct freelist *)addr; 322 #ifdef INVARIANTS 323 /* 324 * Check for multiple frees. Use a quick check to see if 325 * it looks free before laboriously searching the freelist. 326 */ 327 if (freep->spare0 == WEIRD_ADDR) { 328 fp = (struct freelist *)kbp->kb_next; 329 while (fp) { 330 if (fp->spare0 != WEIRD_ADDR) 331 panic("free: free item %p modified", fp); 332 else if (addr == (caddr_t)fp) 333 panic("free: multiple freed item %p", addr); 334 fp = (struct freelist *)fp->next; 335 } 336 } 337 /* 338 * Copy in known text to detect modification after freeing 339 * and to make it look free. Also, save the type being freed 340 * so we can list likely culprit if modification is detected 341 * when the object is reallocated. 342 */ 343 copysize = size < MAX_COPY ? size : MAX_COPY; 344 end = (long *)&((caddr_t)addr)[copysize]; 345 for (lp = (long *)addr; lp < end; lp++) 346 *lp = WEIRD_ADDR; 347 freep->type = type; 348 #endif /* INVARIANTS */ 349 kup->ku_freecnt++; 350 if (kup->ku_freecnt >= kbp->kb_elmpercl) { 351 if (kup->ku_freecnt > kbp->kb_elmpercl) 352 panic("free: multiple frees"); 353 else if (kbp->kb_totalfree > kbp->kb_highwat) 354 kbp->kb_couldfree++; 355 } 356 kbp->kb_totalfree++; 357 ksp->ks_memuse -= size; 358 if (ksp->ks_memuse + size >= ksp->ks_limit && 359 ksp->ks_memuse < ksp->ks_limit) 360 wakeup((caddr_t)ksp); 361 ksp->ks_inuse--; 362 #ifdef OLD_MALLOC_MEMORY_POLICY 363 if (kbp->kb_next == NULL) 364 kbp->kb_next = addr; 365 else 366 ((struct freelist *)kbp->kb_last)->next = addr; 367 freep->next = NULL; 368 kbp->kb_last = addr; 369 #else 370 /* 371 * Return memory to the head of the queue for quick reuse. This 372 * can improve performance by improving the probability of the 373 * item being in the cache when it is reused. 374 */ 375 if (kbp->kb_next == NULL) { 376 kbp->kb_next = addr; 377 kbp->kb_last = addr; 378 freep->next = NULL; 379 } else { 380 freep->next = kbp->kb_next; 381 kbp->kb_next = addr; 382 } 383 #endif 384 splx(s); 385 } 386 387 /* 388 * Initialize the kernel memory allocator 389 */ 390 /* ARGSUSED*/ 391 static void 392 kmeminit(dummy) 393 void *dummy; 394 { 395 register long indx; 396 int npg; 397 int mem_size; 398 int xvm_kmem_size; 399 400 #if ((MAXALLOCSAVE & (MAXALLOCSAVE - 1)) != 0) 401 #error "kmeminit: MAXALLOCSAVE not power of 2" 402 #endif 403 #if (MAXALLOCSAVE > MINALLOCSIZE * 32768) 404 #error "kmeminit: MAXALLOCSAVE too big" 405 #endif 406 #if (MAXALLOCSAVE < PAGE_SIZE) 407 #error "kmeminit: MAXALLOCSAVE too small" 408 #endif 409 410 /* 411 * Try to auto-tune the kernel memory size, so that it is 412 * more applicable for a wider range of machine sizes. 413 * On an X86, a VM_KMEM_SIZE_SCALE value of 4 is good, while 414 * a VM_KMEM_SIZE of 12MB is a fair compromise. The 415 * VM_KMEM_SIZE_MAX is dependent on the maximum KVA space 416 * available, and on an X86 with a total KVA space of 256MB, 417 * try to keep VM_KMEM_SIZE_MAX at 80MB or below. 418 * 419 * Note that the kmem_map is also used by the zone allocator, 420 * so make sure that there is enough space. 421 */ 422 vm_kmem_size = VM_KMEM_SIZE; 423 mem_size = cnt.v_page_count * PAGE_SIZE; 424 425 #if defined(VM_KMEM_SIZE_SCALE) 426 if ((mem_size / VM_KMEM_SIZE_SCALE) > vm_kmem_size) 427 vm_kmem_size = mem_size / VM_KMEM_SIZE_SCALE; 428 #endif 429 430 #if defined(VM_KMEM_SIZE_MAX) 431 if (vm_kmem_size >= VM_KMEM_SIZE_MAX) 432 vm_kmem_size = VM_KMEM_SIZE_MAX; 433 #endif 434 435 /* Allow final override from the kernel environment */ 436 if (getenv_int("kern.vm.kmem.size", &xvm_kmem_size)) 437 vm_kmem_size = xvm_kmem_size; 438 439 if (vm_kmem_size > 2 * (cnt.v_page_count * PAGE_SIZE)) 440 vm_kmem_size = 2 * (cnt.v_page_count * PAGE_SIZE); 441 442 npg = (nmbufs * MSIZE + nmbclusters * MCLBYTES + vm_kmem_size) 443 / PAGE_SIZE; 444 445 kmemusage = (struct kmemusage *) kmem_alloc(kernel_map, 446 (vm_size_t)(npg * sizeof(struct kmemusage))); 447 kmem_map = kmem_suballoc(kernel_map, (vm_offset_t *)&kmembase, 448 (vm_offset_t *)&kmemlimit, (vm_size_t)(npg * PAGE_SIZE)); 449 kmem_map->system_map = 1; 450 for (indx = 0; indx < MINBUCKET + 16; indx++) { 451 if (1 << indx >= PAGE_SIZE) 452 bucket[indx].kb_elmpercl = 1; 453 else 454 bucket[indx].kb_elmpercl = PAGE_SIZE / (1 << indx); 455 bucket[indx].kb_highwat = 5 * bucket[indx].kb_elmpercl; 456 } 457 } 458 459 void 460 malloc_init(data) 461 void *data; 462 { 463 struct malloc_type *type = (struct malloc_type *)data; 464 465 if (type->ks_magic != M_MAGIC) 466 panic("malloc type lacks magic"); 467 468 if (type->ks_limit != 0) 469 return; 470 471 if (cnt.v_page_count == 0) 472 panic("malloc_init not allowed before vm init"); 473 474 /* 475 * The default limits for each malloc region is 1/2 of the 476 * malloc portion of the kmem map size. 477 */ 478 type->ks_limit = vm_kmem_size / 2; 479 type->ks_next = kmemstatistics; 480 kmemstatistics = type; 481 } 482 483 void 484 malloc_uninit(data) 485 void *data; 486 { 487 struct malloc_type *type = (struct malloc_type *)data; 488 struct malloc_type *t; 489 490 if (type->ks_magic != M_MAGIC) 491 panic("malloc type lacks magic"); 492 493 if (cnt.v_page_count == 0) 494 panic("malloc_uninit not allowed before vm init"); 495 496 if (type->ks_limit == 0) 497 panic("malloc_uninit on uninitialized type"); 498 499 if (type == kmemstatistics) 500 kmemstatistics = type->ks_next; 501 else { 502 for (t = kmemstatistics; t->ks_next != NULL; t = t->ks_next) { 503 if (t->ks_next == type) { 504 t->ks_next = type->ks_next; 505 break; 506 } 507 } 508 } 509 type->ks_next = NULL; 510 type->ks_limit = 0; 511 } 512