1 /* 2 * Copyright (c) 1987, 1991, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. All advertising materials mentioning features or use of this software 14 * must display the following acknowledgement: 15 * This product includes software developed by the University of 16 * California, Berkeley and its contributors. 17 * 4. Neither the name of the University nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * 33 * @(#)kern_malloc.c 8.3 (Berkeley) 1/4/94 34 * $FreeBSD$ 35 */ 36 37 #include "opt_vm.h" 38 39 #include <sys/param.h> 40 #include <sys/systm.h> 41 #include <sys/kernel.h> 42 #include <sys/malloc.h> 43 #include <sys/mbuf.h> 44 #include <sys/vmmeter.h> 45 #include <sys/lock.h> 46 47 #include <vm/vm.h> 48 #include <vm/vm_param.h> 49 #include <vm/vm_kern.h> 50 #include <vm/vm_extern.h> 51 #include <vm/pmap.h> 52 #include <vm/vm_map.h> 53 54 MALLOC_DEFINE(M_CACHE, "namecache", "Dynamically allocated cache entries"); 55 MALLOC_DEFINE(M_DEVBUF, "devbuf", "device driver memory"); 56 MALLOC_DEFINE(M_TEMP, "temp", "misc temporary data buffers"); 57 58 static void kmeminit __P((void *)); 59 SYSINIT(kmem, SI_SUB_KMEM, SI_ORDER_FIRST, kmeminit, NULL) 60 61 static MALLOC_DEFINE(M_FREE, "free", "should be on free list"); 62 63 static struct malloc_type *kmemstatistics; 64 static struct kmembuckets bucket[MINBUCKET + 16]; 65 static struct kmemusage *kmemusage; 66 static char *kmembase; 67 static char *kmemlimit; 68 static int vm_kmem_size; 69 70 #ifdef INVARIANTS 71 /* 72 * This structure provides a set of masks to catch unaligned frees. 73 */ 74 static long addrmask[] = { 0, 75 0x00000001, 0x00000003, 0x00000007, 0x0000000f, 76 0x0000001f, 0x0000003f, 0x0000007f, 0x000000ff, 77 0x000001ff, 0x000003ff, 0x000007ff, 0x00000fff, 78 0x00001fff, 0x00003fff, 0x00007fff, 0x0000ffff, 79 }; 80 81 /* 82 * The WEIRD_ADDR is used as known text to copy into free objects so 83 * that modifications after frees can be detected. 84 */ 85 #define WEIRD_ADDR 0xdeadc0de 86 #define MAX_COPY 64 87 88 /* 89 * Normally the first word of the structure is used to hold the list 90 * pointer for free objects. However, when running with diagnostics, 91 * we use the third and fourth fields, so as to catch modifications 92 * in the most commonly trashed first two words. 93 */ 94 struct freelist { 95 long spare0; 96 struct malloc_type *type; 97 long spare1; 98 caddr_t next; 99 }; 100 #else /* !INVARIANTS */ 101 struct freelist { 102 caddr_t next; 103 }; 104 #endif /* INVARIANTS */ 105 106 /* 107 * malloc: 108 * 109 * Allocate a block of memory. 110 * 111 * If M_NOWAIT is set, this routine will not block and return NULL if 112 * the allocation fails. 113 * 114 * If M_ASLEEP is set (M_NOWAIT must also be set), this routine 115 * will have the side effect of calling asleep() if it returns NULL, 116 * allowing the parent to await() at some future time. 117 */ 118 void * 119 malloc(size, type, flags) 120 unsigned long size; 121 struct malloc_type *type; 122 int flags; 123 { 124 register struct kmembuckets *kbp; 125 register struct kmemusage *kup; 126 register struct freelist *freep; 127 long indx, npg, allocsize; 128 int s; 129 caddr_t va, cp, savedlist; 130 #ifdef INVARIANTS 131 long *end, *lp; 132 int copysize; 133 const char *savedtype; 134 #endif 135 register struct malloc_type *ksp = type; 136 137 /* 138 * Must be at splmem() prior to initializing segment to handle 139 * potential initialization race. 140 */ 141 142 s = splmem(); 143 144 if (type->ks_limit == 0) 145 malloc_init(type); 146 147 indx = BUCKETINDX(size); 148 kbp = &bucket[indx]; 149 150 while (ksp->ks_memuse >= ksp->ks_limit) { 151 if (flags & M_ASLEEP) { 152 if (ksp->ks_limblocks < 65535) 153 ksp->ks_limblocks++; 154 asleep((caddr_t)ksp, PSWP+2, type->ks_shortdesc, 0); 155 } 156 if (flags & M_NOWAIT) { 157 splx(s); 158 return ((void *) NULL); 159 } 160 if (ksp->ks_limblocks < 65535) 161 ksp->ks_limblocks++; 162 tsleep((caddr_t)ksp, PSWP+2, type->ks_shortdesc, 0); 163 } 164 ksp->ks_size |= 1 << indx; 165 #ifdef INVARIANTS 166 copysize = 1 << indx < MAX_COPY ? 1 << indx : MAX_COPY; 167 #endif 168 if (kbp->kb_next == NULL) { 169 kbp->kb_last = NULL; 170 if (size > MAXALLOCSAVE) 171 allocsize = roundup(size, PAGE_SIZE); 172 else 173 allocsize = 1 << indx; 174 npg = btoc(allocsize); 175 va = (caddr_t) kmem_malloc(kmem_map, (vm_size_t)ctob(npg), flags); 176 if (va == NULL) { 177 splx(s); 178 return ((void *) NULL); 179 } 180 kbp->kb_total += kbp->kb_elmpercl; 181 kup = btokup(va); 182 kup->ku_indx = indx; 183 if (allocsize > MAXALLOCSAVE) { 184 if (npg > 65535) 185 panic("malloc: allocation too large"); 186 kup->ku_pagecnt = npg; 187 ksp->ks_memuse += allocsize; 188 goto out; 189 } 190 kup->ku_freecnt = kbp->kb_elmpercl; 191 kbp->kb_totalfree += kbp->kb_elmpercl; 192 /* 193 * Just in case we blocked while allocating memory, 194 * and someone else also allocated memory for this 195 * bucket, don't assume the list is still empty. 196 */ 197 savedlist = kbp->kb_next; 198 kbp->kb_next = cp = va + (npg * PAGE_SIZE) - allocsize; 199 for (;;) { 200 freep = (struct freelist *)cp; 201 #ifdef INVARIANTS 202 /* 203 * Copy in known text to detect modification 204 * after freeing. 205 */ 206 end = (long *)&cp[copysize]; 207 for (lp = (long *)cp; lp < end; lp++) 208 *lp = WEIRD_ADDR; 209 freep->type = M_FREE; 210 #endif /* INVARIANTS */ 211 if (cp <= va) 212 break; 213 cp -= allocsize; 214 freep->next = cp; 215 } 216 freep->next = savedlist; 217 if (kbp->kb_last == NULL) 218 kbp->kb_last = (caddr_t)freep; 219 } 220 va = kbp->kb_next; 221 kbp->kb_next = ((struct freelist *)va)->next; 222 #ifdef INVARIANTS 223 freep = (struct freelist *)va; 224 savedtype = (const char *) type->ks_shortdesc; 225 #if BYTE_ORDER == BIG_ENDIAN 226 freep->type = (struct malloc_type *)WEIRD_ADDR >> 16; 227 #endif 228 #if BYTE_ORDER == LITTLE_ENDIAN 229 freep->type = (struct malloc_type *)WEIRD_ADDR; 230 #endif 231 if ((intptr_t)(void *)&freep->next & 0x2) 232 freep->next = (caddr_t)((WEIRD_ADDR >> 16)|(WEIRD_ADDR << 16)); 233 else 234 freep->next = (caddr_t)WEIRD_ADDR; 235 end = (long *)&va[copysize]; 236 for (lp = (long *)va; lp < end; lp++) { 237 if (*lp == WEIRD_ADDR) 238 continue; 239 printf("%s %ld of object %p size %lu %s %s (0x%lx != 0x%lx)\n", 240 "Data modified on freelist: word", 241 (long)(lp - (long *)va), (void *)va, size, 242 "previous type", savedtype, *lp, (u_long)WEIRD_ADDR); 243 break; 244 } 245 freep->spare0 = 0; 246 #endif /* INVARIANTS */ 247 kup = btokup(va); 248 if (kup->ku_indx != indx) 249 panic("malloc: wrong bucket"); 250 if (kup->ku_freecnt == 0) 251 panic("malloc: lost data"); 252 kup->ku_freecnt--; 253 kbp->kb_totalfree--; 254 ksp->ks_memuse += 1 << indx; 255 out: 256 kbp->kb_calls++; 257 ksp->ks_inuse++; 258 ksp->ks_calls++; 259 if (ksp->ks_memuse > ksp->ks_maxused) 260 ksp->ks_maxused = ksp->ks_memuse; 261 splx(s); 262 return ((void *) va); 263 } 264 265 /* 266 * free: 267 * 268 * Free a block of memory allocated by malloc. 269 * 270 * This routine may not block. 271 */ 272 void 273 free(addr, type) 274 void *addr; 275 struct malloc_type *type; 276 { 277 register struct kmembuckets *kbp; 278 register struct kmemusage *kup; 279 register struct freelist *freep; 280 long size; 281 int s; 282 #ifdef INVARIANTS 283 struct freelist *fp; 284 long *end, *lp, alloc, copysize; 285 #endif 286 register struct malloc_type *ksp = type; 287 288 if (type->ks_limit == 0) 289 panic("freeing with unknown type (%s)", type->ks_shortdesc); 290 291 KASSERT(kmembase <= (char *)addr && (char *)addr < kmemlimit, 292 ("free: address %p out of range", (void *)addr)); 293 kup = btokup(addr); 294 size = 1 << kup->ku_indx; 295 kbp = &bucket[kup->ku_indx]; 296 s = splmem(); 297 #ifdef INVARIANTS 298 /* 299 * Check for returns of data that do not point to the 300 * beginning of the allocation. 301 */ 302 if (size > PAGE_SIZE) 303 alloc = addrmask[BUCKETINDX(PAGE_SIZE)]; 304 else 305 alloc = addrmask[kup->ku_indx]; 306 if (((uintptr_t)(void *)addr & alloc) != 0) 307 panic("free: unaligned addr %p, size %ld, type %s, mask %ld", 308 (void *)addr, size, type->ks_shortdesc, alloc); 309 #endif /* INVARIANTS */ 310 if (size > MAXALLOCSAVE) { 311 kmem_free(kmem_map, (vm_offset_t)addr, ctob(kup->ku_pagecnt)); 312 size = kup->ku_pagecnt << PAGE_SHIFT; 313 ksp->ks_memuse -= size; 314 kup->ku_indx = 0; 315 kup->ku_pagecnt = 0; 316 if (ksp->ks_memuse + size >= ksp->ks_limit && 317 ksp->ks_memuse < ksp->ks_limit) 318 wakeup((caddr_t)ksp); 319 ksp->ks_inuse--; 320 kbp->kb_total -= 1; 321 splx(s); 322 return; 323 } 324 freep = (struct freelist *)addr; 325 #ifdef INVARIANTS 326 /* 327 * Check for multiple frees. Use a quick check to see if 328 * it looks free before laboriously searching the freelist. 329 */ 330 if (freep->spare0 == WEIRD_ADDR) { 331 fp = (struct freelist *)kbp->kb_next; 332 while (fp) { 333 if (fp->spare0 != WEIRD_ADDR) 334 panic("free: free item %p modified", fp); 335 else if (addr == (caddr_t)fp) 336 panic("free: multiple freed item %p", addr); 337 fp = (struct freelist *)fp->next; 338 } 339 } 340 /* 341 * Copy in known text to detect modification after freeing 342 * and to make it look free. Also, save the type being freed 343 * so we can list likely culprit if modification is detected 344 * when the object is reallocated. 345 */ 346 copysize = size < MAX_COPY ? size : MAX_COPY; 347 end = (long *)&((caddr_t)addr)[copysize]; 348 for (lp = (long *)addr; lp < end; lp++) 349 *lp = WEIRD_ADDR; 350 freep->type = type; 351 #endif /* INVARIANTS */ 352 kup->ku_freecnt++; 353 if (kup->ku_freecnt >= kbp->kb_elmpercl) { 354 if (kup->ku_freecnt > kbp->kb_elmpercl) 355 panic("free: multiple frees"); 356 else if (kbp->kb_totalfree > kbp->kb_highwat) 357 kbp->kb_couldfree++; 358 } 359 kbp->kb_totalfree++; 360 ksp->ks_memuse -= size; 361 if (ksp->ks_memuse + size >= ksp->ks_limit && 362 ksp->ks_memuse < ksp->ks_limit) 363 wakeup((caddr_t)ksp); 364 ksp->ks_inuse--; 365 #ifdef OLD_MALLOC_MEMORY_POLICY 366 if (kbp->kb_next == NULL) 367 kbp->kb_next = addr; 368 else 369 ((struct freelist *)kbp->kb_last)->next = addr; 370 freep->next = NULL; 371 kbp->kb_last = addr; 372 #else 373 /* 374 * Return memory to the head of the queue for quick reuse. This 375 * can improve performance by improving the probability of the 376 * item being in the cache when it is reused. 377 */ 378 if (kbp->kb_next == NULL) { 379 kbp->kb_next = addr; 380 kbp->kb_last = addr; 381 freep->next = NULL; 382 } else { 383 freep->next = kbp->kb_next; 384 kbp->kb_next = addr; 385 } 386 #endif 387 splx(s); 388 } 389 390 /* 391 * Initialize the kernel memory allocator 392 */ 393 /* ARGSUSED*/ 394 static void 395 kmeminit(dummy) 396 void *dummy; 397 { 398 register long indx; 399 int npg; 400 int mem_size; 401 int xvm_kmem_size; 402 403 #if ((MAXALLOCSAVE & (MAXALLOCSAVE - 1)) != 0) 404 #error "kmeminit: MAXALLOCSAVE not power of 2" 405 #endif 406 #if (MAXALLOCSAVE > MINALLOCSIZE * 32768) 407 #error "kmeminit: MAXALLOCSAVE too big" 408 #endif 409 #if (MAXALLOCSAVE < PAGE_SIZE) 410 #error "kmeminit: MAXALLOCSAVE too small" 411 #endif 412 413 /* 414 * Try to auto-tune the kernel memory size, so that it is 415 * more applicable for a wider range of machine sizes. 416 * On an X86, a VM_KMEM_SIZE_SCALE value of 4 is good, while 417 * a VM_KMEM_SIZE of 12MB is a fair compromise. The 418 * VM_KMEM_SIZE_MAX is dependent on the maximum KVA space 419 * available, and on an X86 with a total KVA space of 256MB, 420 * try to keep VM_KMEM_SIZE_MAX at 80MB or below. 421 * 422 * Note that the kmem_map is also used by the zone allocator, 423 * so make sure that there is enough space. 424 */ 425 xvm_kmem_size = VM_KMEM_SIZE; 426 mem_size = cnt.v_page_count * PAGE_SIZE; 427 428 #if defined(VM_KMEM_SIZE_SCALE) 429 if ((mem_size / VM_KMEM_SIZE_SCALE) > xvm_kmem_size) 430 xvm_kmem_size = mem_size / VM_KMEM_SIZE_SCALE; 431 #endif 432 433 #if defined(VM_KMEM_SIZE_MAX) 434 if (xvm_kmem_size >= VM_KMEM_SIZE_MAX) 435 xvm_kmem_size = VM_KMEM_SIZE_MAX; 436 #endif 437 438 /* Allow final override from the kernel environment */ 439 TUNABLE_INT_FETCH("kern.vm.kmem.size", xvm_kmem_size, vm_kmem_size); 440 441 if (vm_kmem_size > 2 * (cnt.v_page_count * PAGE_SIZE)) 442 vm_kmem_size = 2 * (cnt.v_page_count * PAGE_SIZE); 443 444 npg = (nmbufs * MSIZE + nmbclusters * MCLBYTES + vm_kmem_size) 445 / PAGE_SIZE; 446 447 kmemusage = (struct kmemusage *) kmem_alloc(kernel_map, 448 (vm_size_t)(npg * sizeof(struct kmemusage))); 449 kmem_map = kmem_suballoc(kernel_map, (vm_offset_t *)&kmembase, 450 (vm_offset_t *)&kmemlimit, (vm_size_t)(npg * PAGE_SIZE)); 451 kmem_map->system_map = 1; 452 for (indx = 0; indx < MINBUCKET + 16; indx++) { 453 if (1 << indx >= PAGE_SIZE) 454 bucket[indx].kb_elmpercl = 1; 455 else 456 bucket[indx].kb_elmpercl = PAGE_SIZE / (1 << indx); 457 bucket[indx].kb_highwat = 5 * bucket[indx].kb_elmpercl; 458 } 459 } 460 461 void 462 malloc_init(data) 463 void *data; 464 { 465 struct malloc_type *type = (struct malloc_type *)data; 466 467 if (type->ks_magic != M_MAGIC) 468 panic("malloc type lacks magic"); 469 470 if (type->ks_limit != 0) 471 return; 472 473 if (cnt.v_page_count == 0) 474 panic("malloc_init not allowed before vm init"); 475 476 /* 477 * The default limits for each malloc region is 1/2 of the 478 * malloc portion of the kmem map size. 479 */ 480 type->ks_limit = vm_kmem_size / 2; 481 type->ks_next = kmemstatistics; 482 kmemstatistics = type; 483 } 484 485 void 486 malloc_uninit(data) 487 void *data; 488 { 489 struct malloc_type *type = (struct malloc_type *)data; 490 struct malloc_type *t; 491 492 if (type->ks_magic != M_MAGIC) 493 panic("malloc type lacks magic"); 494 495 if (cnt.v_page_count == 0) 496 panic("malloc_uninit not allowed before vm init"); 497 498 if (type->ks_limit == 0) 499 panic("malloc_uninit on uninitialized type"); 500 501 if (type == kmemstatistics) 502 kmemstatistics = type->ks_next; 503 else { 504 for (t = kmemstatistics; t->ks_next != NULL; t = t->ks_next) { 505 if (t->ks_next == type) { 506 t->ks_next = type->ks_next; 507 break; 508 } 509 } 510 } 511 type->ks_next = NULL; 512 type->ks_limit = 0; 513 } 514