1 /* 2 * Copyright (c) 1987, 1991, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. All advertising materials mentioning features or use of this software 14 * must display the following acknowledgement: 15 * This product includes software developed by the University of 16 * California, Berkeley and its contributors. 17 * 4. Neither the name of the University nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * 33 * @(#)kern_malloc.c 8.3 (Berkeley) 1/4/94 34 * $FreeBSD$ 35 */ 36 37 #include "opt_vm.h" 38 39 #include <sys/param.h> 40 #include <sys/systm.h> 41 #include <sys/kernel.h> 42 #include <sys/malloc.h> 43 #include <sys/mbuf.h> 44 #include <sys/vmmeter.h> 45 #include <sys/lock.h> 46 47 #include <vm/vm.h> 48 #include <vm/vm_param.h> 49 #include <vm/vm_kern.h> 50 #include <vm/vm_extern.h> 51 #include <vm/pmap.h> 52 #include <vm/vm_map.h> 53 54 #if defined(INVARIANTS) && defined(__i386__) 55 #include <machine/cpu.h> 56 #endif 57 58 MALLOC_DEFINE(M_CACHE, "cache", "Various Dynamically allocated caches"); 59 MALLOC_DEFINE(M_DEVBUF, "devbuf", "device driver memory"); 60 MALLOC_DEFINE(M_TEMP, "temp", "misc temporary data buffers"); 61 62 MALLOC_DEFINE(M_IP6OPT, "ip6opt", "IPv6 options"); 63 MALLOC_DEFINE(M_IP6NDP, "ip6ndp", "IPv6 Neighbor Discovery"); 64 65 static void kmeminit __P((void *)); 66 SYSINIT(kmem, SI_SUB_KMEM, SI_ORDER_FIRST, kmeminit, NULL) 67 68 static MALLOC_DEFINE(M_FREE, "free", "should be on free list"); 69 70 static struct malloc_type *kmemstatistics; 71 static struct kmembuckets bucket[MINBUCKET + 16]; 72 static struct kmemusage *kmemusage; 73 static char *kmembase; 74 static char *kmemlimit; 75 76 u_int vm_kmem_size; 77 78 #ifdef INVARIANTS 79 /* 80 * This structure provides a set of masks to catch unaligned frees. 81 */ 82 static long addrmask[] = { 0, 83 0x00000001, 0x00000003, 0x00000007, 0x0000000f, 84 0x0000001f, 0x0000003f, 0x0000007f, 0x000000ff, 85 0x000001ff, 0x000003ff, 0x000007ff, 0x00000fff, 86 0x00001fff, 0x00003fff, 0x00007fff, 0x0000ffff, 87 }; 88 89 /* 90 * The WEIRD_ADDR is used as known text to copy into free objects so 91 * that modifications after frees can be detected. 92 */ 93 #define WEIRD_ADDR 0xdeadc0de 94 #define MAX_COPY 64 95 96 /* 97 * Normally the first word of the structure is used to hold the list 98 * pointer for free objects. However, when running with diagnostics, 99 * we use the third and fourth fields, so as to catch modifications 100 * in the most commonly trashed first two words. 101 */ 102 struct freelist { 103 long spare0; 104 struct malloc_type *type; 105 long spare1; 106 caddr_t next; 107 }; 108 #else /* !INVARIANTS */ 109 struct freelist { 110 caddr_t next; 111 }; 112 #endif /* INVARIANTS */ 113 114 /* 115 * malloc: 116 * 117 * Allocate a block of memory. 118 * 119 * If M_NOWAIT is set, this routine will not block and return NULL if 120 * the allocation fails. 121 * 122 * If M_ASLEEP is set (M_NOWAIT must also be set), this routine 123 * will have the side effect of calling asleep() if it returns NULL, 124 * allowing the parent to await() at some future time. 125 */ 126 void * 127 malloc(size, type, flags) 128 unsigned long size; 129 struct malloc_type *type; 130 int flags; 131 { 132 register struct kmembuckets *kbp; 133 register struct kmemusage *kup; 134 register struct freelist *freep; 135 long indx, npg, allocsize; 136 int s; 137 caddr_t va, cp, savedlist; 138 #ifdef INVARIANTS 139 long *end, *lp; 140 int copysize; 141 const char *savedtype; 142 #endif 143 register struct malloc_type *ksp = type; 144 145 #if defined(INVARIANTS) && defined(__i386__) 146 if (flags == M_WAITOK) 147 KASSERT(intr_nesting_level == 0, 148 ("malloc(M_WAITOK) in interrupt context")); 149 #endif 150 /* 151 * Must be at splmem() prior to initializing segment to handle 152 * potential initialization race. 153 */ 154 155 s = splmem(); 156 157 if (type->ks_limit == 0) 158 malloc_init(type); 159 160 indx = BUCKETINDX(size); 161 kbp = &bucket[indx]; 162 163 while (ksp->ks_memuse >= ksp->ks_limit) { 164 if (flags & M_ASLEEP) { 165 if (ksp->ks_limblocks < 65535) 166 ksp->ks_limblocks++; 167 asleep((caddr_t)ksp, PSWP+2, type->ks_shortdesc, 0); 168 } 169 if (flags & M_NOWAIT) { 170 splx(s); 171 return ((void *) NULL); 172 } 173 if (ksp->ks_limblocks < 65535) 174 ksp->ks_limblocks++; 175 tsleep((caddr_t)ksp, PSWP+2, type->ks_shortdesc, 0); 176 } 177 ksp->ks_size |= 1 << indx; 178 #ifdef INVARIANTS 179 copysize = 1 << indx < MAX_COPY ? 1 << indx : MAX_COPY; 180 #endif 181 if (kbp->kb_next == NULL) { 182 kbp->kb_last = NULL; 183 if (size > MAXALLOCSAVE) 184 allocsize = roundup(size, PAGE_SIZE); 185 else 186 allocsize = 1 << indx; 187 npg = btoc(allocsize); 188 va = (caddr_t) kmem_malloc(kmem_map, (vm_size_t)ctob(npg), flags); 189 if (va == NULL) { 190 splx(s); 191 return ((void *) NULL); 192 } 193 kbp->kb_total += kbp->kb_elmpercl; 194 kup = btokup(va); 195 kup->ku_indx = indx; 196 if (allocsize > MAXALLOCSAVE) { 197 if (npg > 65535) 198 panic("malloc: allocation too large"); 199 kup->ku_pagecnt = npg; 200 ksp->ks_memuse += allocsize; 201 goto out; 202 } 203 kup->ku_freecnt = kbp->kb_elmpercl; 204 kbp->kb_totalfree += kbp->kb_elmpercl; 205 /* 206 * Just in case we blocked while allocating memory, 207 * and someone else also allocated memory for this 208 * bucket, don't assume the list is still empty. 209 */ 210 savedlist = kbp->kb_next; 211 kbp->kb_next = cp = va + (npg * PAGE_SIZE) - allocsize; 212 for (;;) { 213 freep = (struct freelist *)cp; 214 #ifdef INVARIANTS 215 /* 216 * Copy in known text to detect modification 217 * after freeing. 218 */ 219 end = (long *)&cp[copysize]; 220 for (lp = (long *)cp; lp < end; lp++) 221 *lp = WEIRD_ADDR; 222 freep->type = M_FREE; 223 #endif /* INVARIANTS */ 224 if (cp <= va) 225 break; 226 cp -= allocsize; 227 freep->next = cp; 228 } 229 freep->next = savedlist; 230 if (kbp->kb_last == NULL) 231 kbp->kb_last = (caddr_t)freep; 232 } 233 va = kbp->kb_next; 234 kbp->kb_next = ((struct freelist *)va)->next; 235 #ifdef INVARIANTS 236 freep = (struct freelist *)va; 237 savedtype = (const char *) type->ks_shortdesc; 238 #if BYTE_ORDER == BIG_ENDIAN 239 freep->type = (struct malloc_type *)WEIRD_ADDR >> 16; 240 #endif 241 #if BYTE_ORDER == LITTLE_ENDIAN 242 freep->type = (struct malloc_type *)WEIRD_ADDR; 243 #endif 244 if ((intptr_t)(void *)&freep->next & 0x2) 245 freep->next = (caddr_t)((WEIRD_ADDR >> 16)|(WEIRD_ADDR << 16)); 246 else 247 freep->next = (caddr_t)WEIRD_ADDR; 248 end = (long *)&va[copysize]; 249 for (lp = (long *)va; lp < end; lp++) { 250 if (*lp == WEIRD_ADDR) 251 continue; 252 printf("%s %ld of object %p size %lu %s %s (0x%lx != 0x%lx)\n", 253 "Data modified on freelist: word", 254 (long)(lp - (long *)va), (void *)va, size, 255 "previous type", savedtype, *lp, (u_long)WEIRD_ADDR); 256 break; 257 } 258 freep->spare0 = 0; 259 #endif /* INVARIANTS */ 260 kup = btokup(va); 261 if (kup->ku_indx != indx) 262 panic("malloc: wrong bucket"); 263 if (kup->ku_freecnt == 0) 264 panic("malloc: lost data"); 265 kup->ku_freecnt--; 266 kbp->kb_totalfree--; 267 ksp->ks_memuse += 1 << indx; 268 out: 269 kbp->kb_calls++; 270 ksp->ks_inuse++; 271 ksp->ks_calls++; 272 if (ksp->ks_memuse > ksp->ks_maxused) 273 ksp->ks_maxused = ksp->ks_memuse; 274 splx(s); 275 return ((void *) va); 276 } 277 278 /* 279 * free: 280 * 281 * Free a block of memory allocated by malloc. 282 * 283 * This routine may not block. 284 */ 285 void 286 free(addr, type) 287 void *addr; 288 struct malloc_type *type; 289 { 290 register struct kmembuckets *kbp; 291 register struct kmemusage *kup; 292 register struct freelist *freep; 293 long size; 294 int s; 295 #ifdef INVARIANTS 296 struct freelist *fp; 297 long *end, *lp, alloc, copysize; 298 #endif 299 register struct malloc_type *ksp = type; 300 301 if (type->ks_limit == 0) 302 panic("freeing with unknown type (%s)", type->ks_shortdesc); 303 304 KASSERT(kmembase <= (char *)addr && (char *)addr < kmemlimit, 305 ("free: address %p out of range", (void *)addr)); 306 kup = btokup(addr); 307 size = 1 << kup->ku_indx; 308 kbp = &bucket[kup->ku_indx]; 309 s = splmem(); 310 #ifdef INVARIANTS 311 /* 312 * Check for returns of data that do not point to the 313 * beginning of the allocation. 314 */ 315 if (size > PAGE_SIZE) 316 alloc = addrmask[BUCKETINDX(PAGE_SIZE)]; 317 else 318 alloc = addrmask[kup->ku_indx]; 319 if (((uintptr_t)(void *)addr & alloc) != 0) 320 panic("free: unaligned addr %p, size %ld, type %s, mask %ld", 321 (void *)addr, size, type->ks_shortdesc, alloc); 322 #endif /* INVARIANTS */ 323 if (size > MAXALLOCSAVE) { 324 kmem_free(kmem_map, (vm_offset_t)addr, ctob(kup->ku_pagecnt)); 325 size = kup->ku_pagecnt << PAGE_SHIFT; 326 ksp->ks_memuse -= size; 327 kup->ku_indx = 0; 328 kup->ku_pagecnt = 0; 329 if (ksp->ks_memuse + size >= ksp->ks_limit && 330 ksp->ks_memuse < ksp->ks_limit) 331 wakeup((caddr_t)ksp); 332 ksp->ks_inuse--; 333 kbp->kb_total -= 1; 334 splx(s); 335 return; 336 } 337 freep = (struct freelist *)addr; 338 #ifdef INVARIANTS 339 /* 340 * Check for multiple frees. Use a quick check to see if 341 * it looks free before laboriously searching the freelist. 342 */ 343 if (freep->spare0 == WEIRD_ADDR) { 344 fp = (struct freelist *)kbp->kb_next; 345 while (fp) { 346 if (fp->spare0 != WEIRD_ADDR) 347 panic("free: free item %p modified", fp); 348 else if (addr == (caddr_t)fp) 349 panic("free: multiple freed item %p", addr); 350 fp = (struct freelist *)fp->next; 351 } 352 } 353 /* 354 * Copy in known text to detect modification after freeing 355 * and to make it look free. Also, save the type being freed 356 * so we can list likely culprit if modification is detected 357 * when the object is reallocated. 358 */ 359 copysize = size < MAX_COPY ? size : MAX_COPY; 360 end = (long *)&((caddr_t)addr)[copysize]; 361 for (lp = (long *)addr; lp < end; lp++) 362 *lp = WEIRD_ADDR; 363 freep->type = type; 364 #endif /* INVARIANTS */ 365 kup->ku_freecnt++; 366 if (kup->ku_freecnt >= kbp->kb_elmpercl) { 367 if (kup->ku_freecnt > kbp->kb_elmpercl) 368 panic("free: multiple frees"); 369 else if (kbp->kb_totalfree > kbp->kb_highwat) 370 kbp->kb_couldfree++; 371 } 372 kbp->kb_totalfree++; 373 ksp->ks_memuse -= size; 374 if (ksp->ks_memuse + size >= ksp->ks_limit && 375 ksp->ks_memuse < ksp->ks_limit) 376 wakeup((caddr_t)ksp); 377 ksp->ks_inuse--; 378 #ifdef OLD_MALLOC_MEMORY_POLICY 379 if (kbp->kb_next == NULL) 380 kbp->kb_next = addr; 381 else 382 ((struct freelist *)kbp->kb_last)->next = addr; 383 freep->next = NULL; 384 kbp->kb_last = addr; 385 #else 386 /* 387 * Return memory to the head of the queue for quick reuse. This 388 * can improve performance by improving the probability of the 389 * item being in the cache when it is reused. 390 */ 391 if (kbp->kb_next == NULL) { 392 kbp->kb_next = addr; 393 kbp->kb_last = addr; 394 freep->next = NULL; 395 } else { 396 freep->next = kbp->kb_next; 397 kbp->kb_next = addr; 398 } 399 #endif 400 splx(s); 401 } 402 403 /* 404 * Initialize the kernel memory allocator 405 */ 406 /* ARGSUSED*/ 407 static void 408 kmeminit(dummy) 409 void *dummy; 410 { 411 register long indx; 412 u_long npg; 413 u_long mem_size; 414 u_long xvm_kmem_size; 415 416 #if ((MAXALLOCSAVE & (MAXALLOCSAVE - 1)) != 0) 417 #error "kmeminit: MAXALLOCSAVE not power of 2" 418 #endif 419 #if (MAXALLOCSAVE > MINALLOCSIZE * 32768) 420 #error "kmeminit: MAXALLOCSAVE too big" 421 #endif 422 #if (MAXALLOCSAVE < PAGE_SIZE) 423 #error "kmeminit: MAXALLOCSAVE too small" 424 #endif 425 426 /* 427 * Try to auto-tune the kernel memory size, so that it is 428 * more applicable for a wider range of machine sizes. 429 * On an X86, a VM_KMEM_SIZE_SCALE value of 4 is good, while 430 * a VM_KMEM_SIZE of 12MB is a fair compromise. The 431 * VM_KMEM_SIZE_MAX is dependent on the maximum KVA space 432 * available, and on an X86 with a total KVA space of 256MB, 433 * try to keep VM_KMEM_SIZE_MAX at 80MB or below. 434 * 435 * Note that the kmem_map is also used by the zone allocator, 436 * so make sure that there is enough space. 437 */ 438 xvm_kmem_size = VM_KMEM_SIZE; 439 mem_size = cnt.v_page_count * PAGE_SIZE; 440 441 #if defined(VM_KMEM_SIZE_SCALE) 442 if ((mem_size / VM_KMEM_SIZE_SCALE) > xvm_kmem_size) 443 xvm_kmem_size = mem_size / VM_KMEM_SIZE_SCALE; 444 #endif 445 446 #if defined(VM_KMEM_SIZE_MAX) 447 if (xvm_kmem_size >= VM_KMEM_SIZE_MAX) 448 xvm_kmem_size = VM_KMEM_SIZE_MAX; 449 #endif 450 451 /* Allow final override from the kernel environment */ 452 TUNABLE_INT_FETCH("kern.vm.kmem.size", xvm_kmem_size, vm_kmem_size); 453 454 /* 455 * Limit kmem virtual size to twice the physical memory. 456 * This allows for kmem map sparseness, but limits the size 457 * to something sane. Be careful to not overflow the 32bit 458 * ints while doing the check. 459 */ 460 if ((vm_kmem_size / 2) > (cnt.v_page_count * PAGE_SIZE)) 461 vm_kmem_size = 2 * cnt.v_page_count * PAGE_SIZE; 462 463 npg = (nmbufs * MSIZE + nmbclusters * MCLBYTES + vm_kmem_size) 464 / PAGE_SIZE; 465 466 kmemusage = (struct kmemusage *) kmem_alloc(kernel_map, 467 (vm_size_t)(npg * sizeof(struct kmemusage))); 468 kmem_map = kmem_suballoc(kernel_map, (vm_offset_t *)&kmembase, 469 (vm_offset_t *)&kmemlimit, (vm_size_t)(npg * PAGE_SIZE)); 470 kmem_map->system_map = 1; 471 for (indx = 0; indx < MINBUCKET + 16; indx++) { 472 if (1 << indx >= PAGE_SIZE) 473 bucket[indx].kb_elmpercl = 1; 474 else 475 bucket[indx].kb_elmpercl = PAGE_SIZE / (1 << indx); 476 bucket[indx].kb_highwat = 5 * bucket[indx].kb_elmpercl; 477 } 478 } 479 480 void 481 malloc_init(data) 482 void *data; 483 { 484 struct malloc_type *type = (struct malloc_type *)data; 485 486 if (type->ks_magic != M_MAGIC) 487 panic("malloc type lacks magic"); 488 489 if (type->ks_limit != 0) 490 return; 491 492 if (cnt.v_page_count == 0) 493 panic("malloc_init not allowed before vm init"); 494 495 /* 496 * The default limits for each malloc region is 1/2 of the 497 * malloc portion of the kmem map size. 498 */ 499 type->ks_limit = vm_kmem_size / 2; 500 type->ks_next = kmemstatistics; 501 kmemstatistics = type; 502 } 503 504 void 505 malloc_uninit(data) 506 void *data; 507 { 508 struct malloc_type *type = (struct malloc_type *)data; 509 struct malloc_type *t; 510 511 if (type->ks_magic != M_MAGIC) 512 panic("malloc type lacks magic"); 513 514 if (cnt.v_page_count == 0) 515 panic("malloc_uninit not allowed before vm init"); 516 517 if (type->ks_limit == 0) 518 panic("malloc_uninit on uninitialized type"); 519 520 if (type == kmemstatistics) 521 kmemstatistics = type->ks_next; 522 else { 523 for (t = kmemstatistics; t->ks_next != NULL; t = t->ks_next) { 524 if (t->ks_next == type) { 525 t->ks_next = type->ks_next; 526 break; 527 } 528 } 529 } 530 type->ks_next = NULL; 531 type->ks_limit = 0; 532 } 533