1/* 2 * Copyright (c) 1987, 1991, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. All advertising materials mentioning features or use of this software 14 * must display the following acknowledgement: 15 * This product includes software developed by the University of 16 * California, Berkeley and its contributors. 17 * 4. Neither the name of the University nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * 33 * @(#)kern_malloc.c 8.3 (Berkeley) 1/4/94
|
63 0x00000001, 0x00000003, 0x00000007, 0x0000000f, 64 0x0000001f, 0x0000003f, 0x0000007f, 0x000000ff, 65 0x000001ff, 0x000003ff, 0x000007ff, 0x00000fff, 66 0x00001fff, 0x00003fff, 0x00007fff, 0x0000ffff, 67}; 68 69/* 70 * The WEIRD_ADDR is used as known text to copy into free objects so 71 * that modifications after frees can be detected. 72 */ 73#define WEIRD_ADDR 0xdeadc0de 74#define MAX_COPY 64 75 76/* 77 * Normally the first word of the structure is used to hold the list 78 * pointer for free objects. However, when running with diagnostics, 79 * we use the third and fourth fields, so as to catch modifications 80 * in the most commonly trashed first two words. 81 */ 82struct freelist { 83 long spare0; 84 short type; 85 long spare1; 86 caddr_t next; 87}; 88#else /* !DIAGNOSTIC */ 89struct freelist { 90 caddr_t next; 91}; 92#endif /* DIAGNOSTIC */ 93 94/* 95 * Allocate a block of memory 96 */ 97void * 98malloc(size, type, flags) 99 unsigned long size; 100 int type, flags; 101{ 102 register struct kmembuckets *kbp; 103 register struct kmemusage *kup; 104 register struct freelist *freep; 105 long indx, npg, allocsize; 106 int s; 107 caddr_t va, cp, savedlist; 108#ifdef DIAGNOSTIC 109 long *end, *lp; 110 int copysize; 111 char *savedtype; 112#endif 113#ifdef KMEMSTATS 114 register struct kmemstats *ksp = &kmemstats[type]; 115 116 if (((unsigned long)type) > M_LAST) 117 panic("malloc - bogus type"); 118#endif 119 indx = BUCKETINDX(size); 120 kbp = &bucket[indx]; 121 s = splhigh(); 122#ifdef KMEMSTATS 123 while (ksp->ks_memuse >= ksp->ks_limit) { 124 if (flags & M_NOWAIT) { 125 splx(s); 126 return ((void *) NULL); 127 } 128 if (ksp->ks_limblocks < 65535) 129 ksp->ks_limblocks++; 130 tsleep((caddr_t)ksp, PSWP+2, memname[type], 0); 131 } 132 ksp->ks_size |= 1 << indx; 133#endif 134#ifdef DIAGNOSTIC 135 copysize = 1 << indx < MAX_COPY ? 1 << indx : MAX_COPY; 136#endif 137 if (kbp->kb_next == NULL) { 138 kbp->kb_last = NULL; 139 if (size > MAXALLOCSAVE) 140 allocsize = roundup(size, CLBYTES); 141 else 142 allocsize = 1 << indx; 143 npg = clrnd(btoc(allocsize)); 144 va = (caddr_t) kmem_malloc(kmem_map, (vm_size_t)ctob(npg), flags); 145 if (va == NULL) { 146 splx(s); 147 return ((void *) NULL); 148 } 149#ifdef KMEMSTATS 150 kbp->kb_total += kbp->kb_elmpercl; 151#endif 152 kup = btokup(va); 153 kup->ku_indx = indx; 154 if (allocsize > MAXALLOCSAVE) { 155 if (npg > 65535) 156 panic("malloc: allocation too large"); 157 kup->ku_pagecnt = npg; 158#ifdef KMEMSTATS 159 ksp->ks_memuse += allocsize; 160#endif 161 goto out; 162 } 163#ifdef KMEMSTATS 164 kup->ku_freecnt = kbp->kb_elmpercl; 165 kbp->kb_totalfree += kbp->kb_elmpercl; 166#endif 167 /* 168 * Just in case we blocked while allocating memory, 169 * and someone else also allocated memory for this 170 * bucket, don't assume the list is still empty. 171 */ 172 savedlist = kbp->kb_next; 173 kbp->kb_next = cp = va + (npg * NBPG) - allocsize; 174 for (;;) { 175 freep = (struct freelist *)cp; 176#ifdef DIAGNOSTIC 177 /* 178 * Copy in known text to detect modification 179 * after freeing. 180 */ 181 end = (long *)&cp[copysize]; 182 for (lp = (long *)cp; lp < end; lp++) 183 *lp = WEIRD_ADDR; 184 freep->type = M_FREE; 185#endif /* DIAGNOSTIC */ 186 if (cp <= va) 187 break; 188 cp -= allocsize; 189 freep->next = cp; 190 } 191 freep->next = savedlist; 192 if (kbp->kb_last == NULL) 193 kbp->kb_last = (caddr_t)freep; 194 } 195 va = kbp->kb_next; 196 kbp->kb_next = ((struct freelist *)va)->next; 197#ifdef DIAGNOSTIC 198 freep = (struct freelist *)va; 199 savedtype = (unsigned)freep->type < M_LAST ? 200 memname[freep->type] : "???"; 201 if (kbp->kb_next && 202 !kernacc(kbp->kb_next, sizeof(struct freelist), 0)) { 203 printf("%s of object %p size %ld %s %s (invalid addr %p)\n", 204 "Data modified on freelist: word 2.5", va, size, 205 "previous type", savedtype, kbp->kb_next); 206 kbp->kb_next = NULL; 207 } 208#if BYTE_ORDER == BIG_ENDIAN 209 freep->type = WEIRD_ADDR >> 16; 210#endif 211#if BYTE_ORDER == LITTLE_ENDIAN 212 freep->type = (short)WEIRD_ADDR; 213#endif 214 if (((long)(&freep->next)) & 0x2) 215 freep->next = (caddr_t)((WEIRD_ADDR >> 16)|(WEIRD_ADDR << 16)); 216 else 217 freep->next = (caddr_t)WEIRD_ADDR; 218 end = (long *)&va[copysize]; 219 for (lp = (long *)va; lp < end; lp++) { 220 if (*lp == WEIRD_ADDR) 221 continue; 222 printf("%s %d of object %p size %ld %s %s (0x%lx != 0x%x)\n", 223 "Data modified on freelist: word", lp - (long *)va, 224 va, size, "previous type", savedtype, *lp, WEIRD_ADDR); 225 break; 226 } 227 freep->spare0 = 0; 228#endif /* DIAGNOSTIC */ 229#ifdef KMEMSTATS 230 kup = btokup(va); 231 if (kup->ku_indx != indx) 232 panic("malloc: wrong bucket"); 233 if (kup->ku_freecnt == 0) 234 panic("malloc: lost data"); 235 kup->ku_freecnt--; 236 kbp->kb_totalfree--; 237 ksp->ks_memuse += 1 << indx; 238out: 239 kbp->kb_calls++; 240 ksp->ks_inuse++; 241 ksp->ks_calls++; 242 if (ksp->ks_memuse > ksp->ks_maxused) 243 ksp->ks_maxused = ksp->ks_memuse; 244#else 245out: 246#endif 247 splx(s); 248 return ((void *) va); 249} 250 251/* 252 * Free a block of memory allocated by malloc. 253 */ 254void 255free(addr, type) 256 void *addr; 257 int type; 258{ 259 register struct kmembuckets *kbp; 260 register struct kmemusage *kup; 261 register struct freelist *freep; 262 long size; 263 int s; 264#ifdef DIAGNOSTIC 265 caddr_t cp; 266 long *end, *lp, alloc, copysize; 267#endif 268#ifdef KMEMSTATS 269 register struct kmemstats *ksp = &kmemstats[type]; 270#endif 271 272#ifdef DIAGNOSTIC 273 if ((char *)addr < kmembase || (char *)addr >= kmemlimit) { 274 panic("free: address 0x%x out of range", addr); 275 } 276 if ((u_long)type > M_LAST) { 277 panic("free: type %d out of range", type); 278 } 279#endif 280 kup = btokup(addr); 281 size = 1 << kup->ku_indx; 282 kbp = &bucket[kup->ku_indx]; 283 s = splhigh(); 284#ifdef DIAGNOSTIC 285 /* 286 * Check for returns of data that do not point to the 287 * beginning of the allocation. 288 */ 289 if (size > NBPG * CLSIZE) 290 alloc = addrmask[BUCKETINDX(NBPG * CLSIZE)]; 291 else 292 alloc = addrmask[kup->ku_indx]; 293 if (((u_long)addr & alloc) != 0) 294 panic("free: unaligned addr 0x%x, size %d, type %s, mask %d", 295 addr, size, memname[type], alloc); 296#endif /* DIAGNOSTIC */ 297 if (size > MAXALLOCSAVE) { 298 kmem_free(kmem_map, (vm_offset_t)addr, ctob(kup->ku_pagecnt)); 299#ifdef KMEMSTATS 300 size = kup->ku_pagecnt << PGSHIFT; 301 ksp->ks_memuse -= size; 302 kup->ku_indx = 0; 303 kup->ku_pagecnt = 0; 304 if (ksp->ks_memuse + size >= ksp->ks_limit && 305 ksp->ks_memuse < ksp->ks_limit) 306 wakeup((caddr_t)ksp); 307 ksp->ks_inuse--; 308 kbp->kb_total -= 1; 309#endif 310 splx(s); 311 return; 312 } 313 freep = (struct freelist *)addr; 314#ifdef DIAGNOSTIC 315 /* 316 * Check for multiple frees. Use a quick check to see if 317 * it looks free before laboriously searching the freelist. 318 */ 319 if (freep->spare0 == WEIRD_ADDR) { 320 for (cp = kbp->kb_next; cp; cp = *(caddr_t *)cp) { 321 if (addr != cp) 322 continue; 323 printf("multiply freed item %p\n", addr); 324 panic("free: duplicated free"); 325 } 326 } 327 /* 328 * Copy in known text to detect modification after freeing 329 * and to make it look free. Also, save the type being freed 330 * so we can list likely culprit if modification is detected 331 * when the object is reallocated. 332 */ 333 copysize = size < MAX_COPY ? size : MAX_COPY; 334 end = (long *)&((caddr_t)addr)[copysize]; 335 for (lp = (long *)addr; lp < end; lp++) 336 *lp = WEIRD_ADDR; 337 freep->type = type; 338#endif /* DIAGNOSTIC */ 339#ifdef KMEMSTATS 340 kup->ku_freecnt++; 341 if (kup->ku_freecnt >= kbp->kb_elmpercl) 342 if (kup->ku_freecnt > kbp->kb_elmpercl) 343 panic("free: multiple frees"); 344 else if (kbp->kb_totalfree > kbp->kb_highwat) 345 kbp->kb_couldfree++; 346 kbp->kb_totalfree++; 347 ksp->ks_memuse -= size; 348 if (ksp->ks_memuse + size >= ksp->ks_limit && 349 ksp->ks_memuse < ksp->ks_limit) 350 wakeup((caddr_t)ksp); 351 ksp->ks_inuse--; 352#endif 353 if (kbp->kb_next == NULL) 354 kbp->kb_next = addr; 355 else 356 ((struct freelist *)kbp->kb_last)->next = addr; 357 freep->next = NULL; 358 kbp->kb_last = addr; 359 splx(s); 360} 361 362/* 363 * Initialize the kernel memory allocator 364 */ 365/* ARGSUSED*/ 366static void 367kmeminit(dummy) 368 void *dummy; 369{ 370 register long indx; 371 int npg; 372 373#if ((MAXALLOCSAVE & (MAXALLOCSAVE - 1)) != 0) 374 ERROR!_kmeminit:_MAXALLOCSAVE_not_power_of_2 375#endif 376#if (MAXALLOCSAVE > MINALLOCSIZE * 32768) 377 ERROR!_kmeminit:_MAXALLOCSAVE_too_big 378#endif 379#if (MAXALLOCSAVE < CLBYTES) 380 ERROR!_kmeminit:_MAXALLOCSAVE_too_small 381#endif 382 npg = VM_KMEM_SIZE/ NBPG; 383 if( npg > cnt.v_page_count) 384 npg = cnt.v_page_count; 385 386 kmemusage = (struct kmemusage *) kmem_alloc(kernel_map, 387 (vm_size_t)(npg * sizeof(struct kmemusage))); 388 kmem_map = kmem_suballoc(kernel_map, (vm_offset_t *)&kmembase, 389 (vm_offset_t *)&kmemlimit, (vm_size_t)(npg * NBPG), FALSE); 390#ifdef KMEMSTATS 391 for (indx = 0; indx < MINBUCKET + 16; indx++) { 392 if (1 << indx >= CLBYTES) 393 bucket[indx].kb_elmpercl = 1; 394 else 395 bucket[indx].kb_elmpercl = CLBYTES / (1 << indx); 396 bucket[indx].kb_highwat = 5 * bucket[indx].kb_elmpercl; 397 } 398 for (indx = 0; indx < M_LAST; indx++) 399 kmemstats[indx].ks_limit = npg * NBPG * 6 / 10; 400#endif 401}
|