LadybirdBrowser/ladybird
1
1
Fork 0
mirror of https://github.com/LadybirdBrowser/ladybird.git synced 2025-01-09 04:37:52 +03:00
Code Issues Packages Projects Releases Wiki Activity
3bd0106755
ladybird/Kernel/Heap/kmalloc.h

89 lines
3.8 KiB
C
Raw Normal View History

Meta: Add license header to source files As suggested by Joshua, this commit adds the 2-clause BSD license as a comment block to the top of every source file. For the first pass, I've just added myself for simplicity. I encourage everyone to add themselves as copyright holders of any file they've added or modified in some significant way. If I've added myself in error somewhere, feel free to replace it with the appropriate copyright holder instead. Going forward, all new source files should include a license header.
2020-01-18 11:38:21 +03:00
/*
* Copyright (c) 2018-2020, Andreas Kling <kling@serenityos.org>
*
Everything: Move to SPDX license identifiers in all files. SPDX License Identifiers are a more compact / standardized way of representing file license information. See: https://spdx.dev/resources/use/#identifiers This was done with the `ambr` search and replace tool. ambr --no-parent-ignore --key-from-file --rep-from-file key.txt rep.txt *
2021-04-22 11:24:48 +03:00
* SPDX-License-Identifier: BSD-2-Clause
Meta: Add license header to source files As suggested by Joshua, this commit adds the 2-clause BSD license as a comment block to the top of every source file. For the first pass, I've just added myself for simplicity. I encourage everyone to add themselves as copyright holders of any file they've added or modified in some significant way. If I've added myself in error somewhere, feel free to replace it with the appropriate copyright holder instead. Going forward, all new source files should include a license header.
2020-01-18 11:38:21 +03:00
*/
Import the "gerbert" kernel I worked on earlier this year. It's a lot crappier than I remembered it. It's gonna need a lot of work.
2018-10-16 12:01:38 +03:00
#pragma once
Use modern C++ attributes instead of __attribute__ voodoo. This is quite nice, although I wish [[gnu::always_inline]] implied inline. Also "gnu::" is kind of a wart, but whatcha gonna do.
2019-02-15 14:30:48 +03:00
#include <AK/Types.h>
Meta: Split debug defines into multiple headers. The following script was used to make these changes: #!/bin/bash set -e tmp=$(mktemp -d) echo "tmp=$tmp" find Kernel \( -name '*.cpp' -o -name '*.h' \) | sort > $tmp/Kernel.files find . \( -path ./Toolchain -prune -o -path ./Build -prune -o -path ./Kernel -prune \) -o \( -name '*.cpp' -o -name '*.h' \) -print | sort > $tmp/EverythingExceptKernel.files cat $tmp/Kernel.files | xargs grep -Eho '[A-Z0-9_]+_DEBUG' | sort | uniq > $tmp/Kernel.macros cat $tmp/EverythingExceptKernel.files | xargs grep -Eho '[A-Z0-9_]+_DEBUG' | sort | uniq > $tmp/EverythingExceptKernel.macros comm -23 $tmp/Kernel.macros $tmp/EverythingExceptKernel.macros > $tmp/Kernel.unique comm -1 $tmp/Kernel.macros $tmp/EverythingExceptKernel.macros > $tmp/EverythingExceptKernel.unique cat $tmp/Kernel.unique | awk '{ print "#cmakedefine01 "$1 }' > $tmp/Kernel.header cat $tmp/EverythingExceptKernel.unique | awk '{ print "#cmakedefine01 "$1 }' > $tmp/EverythingExceptKernel.header for macro in $(cat $tmp/Kernel.unique) do cat $tmp/Kernel.files | xargs grep -l $macro >> $tmp/Kernel.new-includes ||: done cat $tmp/Kernel.new-includes | sort > $tmp/Kernel.new-includes.sorted for macro in $(cat $tmp/EverythingExceptKernel.unique) do cat $tmp/Kernel.files | xargs grep -l $macro >> $tmp/Kernel.old-includes ||: done cat $tmp/Kernel.old-includes | sort > $tmp/Kernel.old-includes.sorted comm -23 $tmp/Kernel.new-includes.sorted $tmp/Kernel.old-includes.sorted > $tmp/Kernel.includes.new comm -13 $tmp/Kernel.new-includes.sorted $tmp/Kernel.old-includes.sorted > $tmp/Kernel.includes.old comm -12 $tmp/Kernel.new-includes.sorted $tmp/Kernel.old-includes.sorted > $tmp/Kernel.includes.mixed for file in $(cat $tmp/Kernel.includes.new) do sed -i -E 's/#include <AK\/Debug\.h>/#include <Kernel\/Debug\.h>/' $file done for file in $(cat $tmp/Kernel.includes.mixed) do echo "mixed include in $file, requires manual editing." done
2021-01-25 18:07:10 +03:00
#include <Kernel/Debug.h>
Kernel: Remove PAGE_SIZE from CPU.h We have that information in LibC, lets use that instead
2021-06-22 18:16:38 +03:00
#include <LibC/limits.h>
Use modern C++ attributes instead of __attribute__ voodoo. This is quite nice, although I wish [[gnu::always_inline]] implied inline. Also "gnu::" is kind of a wart, but whatcha gonna do.
2019-02-15 14:30:48 +03:00
Kernel: Add crash logging heuristic for uninitialized kmalloc()/kfree() Since we scrub both kmalloc() and kfree() with predictable values, we can log a helpful message when hitting a crash that looks like it might be a dereference of such scrubbed data.
2020-02-01 12:26:05 +03:00
#define KMALLOC_SCRUB_BYTE 0xbb
#define KFREE_SCRUB_BYTE 0xaa
AK+Kernel: Make fallible allocations compiler-agnostic In standard C++, operators `new` and `new[]` are guaranteed to return a valid (non-null) pointer and throw an exception if the allocation couldn't be performed. Based on this, compilers did not check the returned pointer before attempting to use them for object construction. To avoid this, the allocator operators were changed to be `noexcept` in PR #7026, which made GCC emit the desired null checks. Unfortunately, this is a non-standard feature which meant that Clang would not accept these function definitions, as it did not match its expected declaration. To make compiling using Clang possible, the special "nothrow" versions of `new` are implemented in this commit. These take a tag type of `std::nothrow_t` (used for disambiguating from placement new/etc.), and are allowed by the standard to return null. There is a global variable, `std::nothrow`, declared with this type, which is also exported into the global namespace. To perform fallible allocations, the following syntax should be used: ```cpp auto ptr = new (nothrow) T; ``` As we don't support exceptions in the kernel, the only way of uphold the "throwing" new's guarantee is to abort if the allocation couldn't be performed. Once we have proper OOM handling in the kernel, this should only be used for critical allocations, where we wouldn't be able to recover from allocation failures anyway.
2021-06-20 10:39:20 +03:00
#define MAKE_ALIGNED_ALLOCATED(type, alignment) \
public: \
[[nodiscard]] void* operator new(size_t) \
{ \
Kernel: Consolidate kmalloc_aligned() and use kfree_sized() within This patch does two things: - Combines kmalloc_aligned() and kmalloc_aligned_cxx(). Templatizing the alignment parameter doesn't seem like a valuable enough optimization to justify having two almost-identical implementations. - Stores the real allocation size of an aligned allocation along with the other alignment metadata, and uses it to call kfree_sized() instead of kfree().
2021-12-26 20:08:55 +03:00
void* ptr = kmalloc_aligned(sizeof(type), alignment); \
AK+Kernel: Make fallible allocations compiler-agnostic In standard C++, operators `new` and `new[]` are guaranteed to return a valid (non-null) pointer and throw an exception if the allocation couldn't be performed. Based on this, compilers did not check the returned pointer before attempting to use them for object construction. To avoid this, the allocator operators were changed to be `noexcept` in PR #7026, which made GCC emit the desired null checks. Unfortunately, this is a non-standard feature which meant that Clang would not accept these function definitions, as it did not match its expected declaration. To make compiling using Clang possible, the special "nothrow" versions of `new` are implemented in this commit. These take a tag type of `std::nothrow_t` (used for disambiguating from placement new/etc.), and are allowed by the standard to return null. There is a global variable, `std::nothrow`, declared with this type, which is also exported into the global namespace. To perform fallible allocations, the following syntax should be used: ```cpp auto ptr = new (nothrow) T; ``` As we don't support exceptions in the kernel, the only way of uphold the "throwing" new's guarantee is to abort if the allocation couldn't be performed. Once we have proper OOM handling in the kernel, this should only be used for critical allocations, where we wouldn't be able to recover from allocation failures anyway.
2021-06-20 10:39:20 +03:00
VERIFY(ptr); \
return ptr; \
} \
Everywhere: Run clang-format
2022-04-01 20:58:27 +03:00
[[nodiscard]] void* operator new(size_t, std::nothrow_t const&) noexcept { return kmalloc_aligned(sizeof(type), alignment); } \
AK+Kernel: Make fallible allocations compiler-agnostic In standard C++, operators `new` and `new[]` are guaranteed to return a valid (non-null) pointer and throw an exception if the allocation couldn't be performed. Based on this, compilers did not check the returned pointer before attempting to use them for object construction. To avoid this, the allocator operators were changed to be `noexcept` in PR #7026, which made GCC emit the desired null checks. Unfortunately, this is a non-standard feature which meant that Clang would not accept these function definitions, as it did not match its expected declaration. To make compiling using Clang possible, the special "nothrow" versions of `new` are implemented in this commit. These take a tag type of `std::nothrow_t` (used for disambiguating from placement new/etc.), and are allowed by the standard to return null. There is a global variable, `std::nothrow`, declared with this type, which is also exported into the global namespace. To perform fallible allocations, the following syntax should be used: ```cpp auto ptr = new (nothrow) T; ``` As we don't support exceptions in the kernel, the only way of uphold the "throwing" new's guarantee is to abort if the allocation couldn't be performed. Once we have proper OOM handling in the kernel, this should only be used for critical allocations, where we wouldn't be able to recover from allocation failures anyway.
2021-06-20 10:39:20 +03:00
void operator delete(void* ptr) noexcept { kfree_aligned(ptr); } \
\
Kernel: Add MAKE_ALIGNED_ALLOCATED helper macro This macro inserts operator new/delete into a class, allowing you to very easily specify a specific heap alignment.
2021-03-11 15:11:59 +03:00
private:
AK+Kernel: Make fallible allocations compiler-agnostic In standard C++, operators `new` and `new[]` are guaranteed to return a valid (non-null) pointer and throw an exception if the allocation couldn't be performed. Based on this, compilers did not check the returned pointer before attempting to use them for object construction. To avoid this, the allocator operators were changed to be `noexcept` in PR #7026, which made GCC emit the desired null checks. Unfortunately, this is a non-standard feature which meant that Clang would not accept these function definitions, as it did not match its expected declaration. To make compiling using Clang possible, the special "nothrow" versions of `new` are implemented in this commit. These take a tag type of `std::nothrow_t` (used for disambiguating from placement new/etc.), and are allowed by the standard to return null. There is a global variable, `std::nothrow`, declared with this type, which is also exported into the global namespace. To perform fallible allocations, the following syntax should be used: ```cpp auto ptr = new (nothrow) T; ``` As we don't support exceptions in the kernel, the only way of uphold the "throwing" new's guarantee is to abort if the allocation couldn't be performed. Once we have proper OOM handling in the kernel, this should only be used for critical allocations, where we wouldn't be able to recover from allocation failures anyway.
2021-06-20 10:39:20 +03:00
// The C++ standard specifies that the nothrow allocation tag should live in the std namespace.
// Otherwise, `new (std::nothrow)` calls wouldn't get resolved.
AK+Kernel: Suppress clang-tidy warnings from the cert-* category cert-dcl50-cpp: No variadic functions, suppressed in RefCounted and ThreadSafeRefCounted for implementing the magic one_ref_left and will_be_destroyed functions. cert-dcl58-cpp: No opening ::std, suppressed in the places we put names in ::std to aid tools (move, forward, nullptr_t, align_val_t, etc).
2021-11-06 20:55:32 +03:00
namespace std { // NOLINT(cert-dcl58-cpp) These declarations must be in ::std and we are not using <new>
AK+Kernel: Make fallible allocations compiler-agnostic In standard C++, operators `new` and `new[]` are guaranteed to return a valid (non-null) pointer and throw an exception if the allocation couldn't be performed. Based on this, compilers did not check the returned pointer before attempting to use them for object construction. To avoid this, the allocator operators were changed to be `noexcept` in PR #7026, which made GCC emit the desired null checks. Unfortunately, this is a non-standard feature which meant that Clang would not accept these function definitions, as it did not match its expected declaration. To make compiling using Clang possible, the special "nothrow" versions of `new` are implemented in this commit. These take a tag type of `std::nothrow_t` (used for disambiguating from placement new/etc.), and are allowed by the standard to return null. There is a global variable, `std::nothrow`, declared with this type, which is also exported into the global namespace. To perform fallible allocations, the following syntax should be used: ```cpp auto ptr = new (nothrow) T; ``` As we don't support exceptions in the kernel, the only way of uphold the "throwing" new's guarantee is to abort if the allocation couldn't be performed. Once we have proper OOM handling in the kernel, this should only be used for critical allocations, where we wouldn't be able to recover from allocation failures anyway.
2021-06-20 10:39:20 +03:00
struct nothrow_t {
explicit nothrow_t() = default;
};
extern const nothrow_t nothrow;
Kernel: Implement aligned `operator new` and use it The compiler will use these to allocate objects that have alignment requirements greater than that of our normal `operator new` (4/8 byte aligned). This means we can now use smart pointers for over-aligned types. Fixes a FIXME.
2021-07-15 13:08:35 +03:00
enum class align_val_t : size_t {};
AK+Kernel: Make fallible allocations compiler-agnostic In standard C++, operators `new` and `new[]` are guaranteed to return a valid (non-null) pointer and throw an exception if the allocation couldn't be performed. Based on this, compilers did not check the returned pointer before attempting to use them for object construction. To avoid this, the allocator operators were changed to be `noexcept` in PR #7026, which made GCC emit the desired null checks. Unfortunately, this is a non-standard feature which meant that Clang would not accept these function definitions, as it did not match its expected declaration. To make compiling using Clang possible, the special "nothrow" versions of `new` are implemented in this commit. These take a tag type of `std::nothrow_t` (used for disambiguating from placement new/etc.), and are allowed by the standard to return null. There is a global variable, `std::nothrow`, declared with this type, which is also exported into the global namespace. To perform fallible allocations, the following syntax should be used: ```cpp auto ptr = new (nothrow) T; ``` As we don't support exceptions in the kernel, the only way of uphold the "throwing" new's guarantee is to abort if the allocation couldn't be performed. Once we have proper OOM handling in the kernel, this should only be used for critical allocations, where we wouldn't be able to recover from allocation failures anyway.
2021-06-20 10:39:20 +03:00
};
Import the "gerbert" kernel I worked on earlier this year. It's a lot crappier than I remembered it. It's gonna need a lot of work.
2018-10-16 12:01:38 +03:00
void kmalloc_init();
Kernel: Make Heap implementation reusable, and make kmalloc expandable Add an ExpandableHeap and switch kmalloc to use it, which allows for the kmalloc heap to grow as needed. In order to make heap expansion to work, we keep around a 1 MiB backup memory region, because creating a region would require space in the same heap. This means, the heap will grow as soon as the reported utilization is less than 1 MiB. It will also return memory if an entire subheap is no longer needed, although that is rarely possible.
2020-08-30 01:41:30 +03:00
Kernel: Add kfree_sized(), kfree() with a known allocation size C++14 gave us sized operator delete, but we haven't been taking advantage of it. Let's get to a point where it can help us by adding kfree_sized(void*, size_t).
2021-07-11 14:19:33 +03:00
void kfree_sized(void*, size_t);
Import the "gerbert" kernel I worked on earlier this year. It's a lot crappier than I remembered it. It's gonna need a lot of work.
2018-10-16 12:01:38 +03:00
Kernel: Make Heap implementation reusable, and make kmalloc expandable Add an ExpandableHeap and switch kmalloc to use it, which allows for the kmalloc heap to grow as needed. In order to make heap expansion to work, we keep around a 1 MiB backup memory region, because creating a region would require space in the same heap. This means, the heap will grow as soon as the reported utilization is less than 1 MiB. It will also return memory if an entire subheap is no longer needed, although that is rarely possible.
2020-08-30 01:41:30 +03:00
struct kmalloc_stats {
size_t bytes_allocated;
size_t bytes_free;
size_t kmalloc_call_count;
size_t kfree_call_count;
};
void get_kmalloc_stats(kmalloc_stats&);
Kernel: Make it possible to have kmalloc() dump call stacks. This can be enabled at any time using a sysctl: sysctl kmalloc_stacks=1 The stacks will go to the debugger output only.
2019-04-16 00:58:48 +03:00
extern bool g_dump_kmalloc_stacks;
Import the "gerbert" kernel I worked on earlier this year. It's a lot crappier than I remembered it. It's gonna need a lot of work.
2018-10-16 12:01:38 +03:00
inline void* operator new(size_t, void* p) { return p; }
inline void* operator new[](size_t, void* p) { return p; }
Paper over a race in DoubleBuffer. I'm still somewhat okay throwing InterruptDisabler at races as they screw me. Eventually I'm gonna have to devise a different strategy though.
2019-01-13 01:23:35 +03:00
AK+Kernel: Make fallible allocations compiler-agnostic In standard C++, operators `new` and `new[]` are guaranteed to return a valid (non-null) pointer and throw an exception if the allocation couldn't be performed. Based on this, compilers did not check the returned pointer before attempting to use them for object construction. To avoid this, the allocator operators were changed to be `noexcept` in PR #7026, which made GCC emit the desired null checks. Unfortunately, this is a non-standard feature which meant that Clang would not accept these function definitions, as it did not match its expected declaration. To make compiling using Clang possible, the special "nothrow" versions of `new` are implemented in this commit. These take a tag type of `std::nothrow_t` (used for disambiguating from placement new/etc.), and are allowed by the standard to return null. There is a global variable, `std::nothrow`, declared with this type, which is also exported into the global namespace. To perform fallible allocations, the following syntax should be used: ```cpp auto ptr = new (nothrow) T; ``` As we don't support exceptions in the kernel, the only way of uphold the "throwing" new's guarantee is to abort if the allocation couldn't be performed. Once we have proper OOM handling in the kernel, this should only be used for critical allocations, where we wouldn't be able to recover from allocation failures anyway.
2021-06-20 10:39:20 +03:00
[[nodiscard]] void* operator new(size_t size);
Everywhere: Run clang-format
2022-04-01 20:58:27 +03:00
[[nodiscard]] void* operator new(size_t size, std::nothrow_t const&) noexcept;
Kernel: Implement aligned `operator new` and use it The compiler will use these to allocate objects that have alignment requirements greater than that of our normal `operator new` (4/8 byte aligned). This means we can now use smart pointers for over-aligned types. Fixes a FIXME.
2021-07-15 13:08:35 +03:00
[[nodiscard]] void* operator new(size_t size, std::align_val_t);
Everywhere: Run clang-format
2022-04-01 20:58:27 +03:00
[[nodiscard]] void* operator new(size_t size, std::align_val_t, std::nothrow_t const&) noexcept;
Kernel: Implement aligned `operator new` and use it The compiler will use these to allocate objects that have alignment requirements greater than that of our normal `operator new` (4/8 byte aligned). This means we can now use smart pointers for over-aligned types. Fixes a FIXME.
2021-07-15 13:08:35 +03:00
Kernel+AK: Generate compile-time error for non-sized `delete` This is a much more ergonomic option than getting a `VERIFY_NOT_REACHED()` failure at run-time. I encountered this issue with Clang, where sized deallocation is not the default due to ABI breakage concerns. Note that we can't simply just not declare these functions, because the C++ standard states: > If this function with size parameter is defined, the program shall > also define the version without the size parameter.
2021-07-15 14:50:55 +03:00
void operator delete(void* ptr) noexcept DISALLOW("All deletes in the kernel should have a known size.");
Kernel: Declare operator new/delete as noexcept for the Kernel For Kernel OOM hardening to work correctly, we need to be able to call a "nothrow" version of operator new. Unfortunately the default "throwing" version of operator new assumes that the allocation will never return on failure and will always throw an exception. This isn't true in the Kernel, as we don't have exceptions. So if we call the normal/throwing new and kmalloc returns NULL, the generated code will happily go and dereference that NULL pointer by invoking the constructor before we have a chance to handle the failure. To fix this we declare operator new as noexcept in the Kernel headers, which will allow the caller to actually handle allocation failure. The delete implementations need to match the prototype of the new which allocated them, so we need define delete as noexcept as well. GCC then errors out declaring that you should implement sized delete as well, so this change provides those stubs in order to compile cleanly. Finally the new operator definitions have been standardized as being declared with [[nodiscard]] to avoid potential memory leaks. So lets declares the kernel versions that way as well.
2021-05-11 11:17:04 +03:00
void operator delete(void* ptr, size_t) noexcept;
Kernel+AK: Generate compile-time error for non-sized `delete` This is a much more ergonomic option than getting a `VERIFY_NOT_REACHED()` failure at run-time. I encountered this issue with Clang, where sized deallocation is not the default due to ABI breakage concerns. Note that we can't simply just not declare these functions, because the C++ standard states: > If this function with size parameter is defined, the program shall > also define the version without the size parameter.
2021-07-15 14:50:55 +03:00
void operator delete(void* ptr, std::align_val_t) noexcept DISALLOW("All deletes in the kernel should have a known size.");
Kernel: Implement aligned `operator new` and use it The compiler will use these to allocate objects that have alignment requirements greater than that of our normal `operator new` (4/8 byte aligned). This means we can now use smart pointers for over-aligned types. Fixes a FIXME.
2021-07-15 13:08:35 +03:00
void operator delete(void* ptr, size_t, std::align_val_t) noexcept;
AK+Kernel: Make fallible allocations compiler-agnostic In standard C++, operators `new` and `new[]` are guaranteed to return a valid (non-null) pointer and throw an exception if the allocation couldn't be performed. Based on this, compilers did not check the returned pointer before attempting to use them for object construction. To avoid this, the allocator operators were changed to be `noexcept` in PR #7026, which made GCC emit the desired null checks. Unfortunately, this is a non-standard feature which meant that Clang would not accept these function definitions, as it did not match its expected declaration. To make compiling using Clang possible, the special "nothrow" versions of `new` are implemented in this commit. These take a tag type of `std::nothrow_t` (used for disambiguating from placement new/etc.), and are allowed by the standard to return null. There is a global variable, `std::nothrow`, declared with this type, which is also exported into the global namespace. To perform fallible allocations, the following syntax should be used: ```cpp auto ptr = new (nothrow) T; ``` As we don't support exceptions in the kernel, the only way of uphold the "throwing" new's guarantee is to abort if the allocation couldn't be performed. Once we have proper OOM handling in the kernel, this should only be used for critical allocations, where we wouldn't be able to recover from allocation failures anyway.
2021-06-20 10:39:20 +03:00
[[nodiscard]] void* operator new[](size_t size);
Everywhere: Run clang-format
2022-04-01 20:58:27 +03:00
[[nodiscard]] void* operator new[](size_t size, std::nothrow_t const&) noexcept;
Kernel: Implement aligned `operator new` and use it The compiler will use these to allocate objects that have alignment requirements greater than that of our normal `operator new` (4/8 byte aligned). This means we can now use smart pointers for over-aligned types. Fixes a FIXME.
2021-07-15 13:08:35 +03:00
Kernel+AK: Generate compile-time error for non-sized `delete` This is a much more ergonomic option than getting a `VERIFY_NOT_REACHED()` failure at run-time. I encountered this issue with Clang, where sized deallocation is not the default due to ABI breakage concerns. Note that we can't simply just not declare these functions, because the C++ standard states: > If this function with size parameter is defined, the program shall > also define the version without the size parameter.
2021-07-15 14:50:55 +03:00
void operator delete[](void* ptrs) noexcept DISALLOW("All deletes in the kernel should have a known size.");
Kernel: Declare operator new/delete as noexcept for the Kernel For Kernel OOM hardening to work correctly, we need to be able to call a "nothrow" version of operator new. Unfortunately the default "throwing" version of operator new assumes that the allocation will never return on failure and will always throw an exception. This isn't true in the Kernel, as we don't have exceptions. So if we call the normal/throwing new and kmalloc returns NULL, the generated code will happily go and dereference that NULL pointer by invoking the constructor before we have a chance to handle the failure. To fix this we declare operator new as noexcept in the Kernel headers, which will allow the caller to actually handle allocation failure. The delete implementations need to match the prototype of the new which allocated them, so we need define delete as noexcept as well. GCC then errors out declaring that you should implement sized delete as well, so this change provides those stubs in order to compile cleanly. Finally the new operator definitions have been standardized as being declared with [[nodiscard]] to avoid potential memory leaks. So lets declares the kernel versions that way as well.
2021-05-11 11:17:04 +03:00
void operator delete[](void* ptr, size_t) noexcept;
Kernel: Allow kmalloc(..) / kmalloc_aligned(..) to return nullptr Now that we have a significant amount of code paths handling OOM, lets enable kmalloc and friends to actually return nullptr. This way we can start stressing these paths and validating all of they work as expected.
2021-08-13 11:32:48 +03:00
[[gnu::malloc, gnu::alloc_size(1)]] void* kmalloc(size_t);
AK+Kernel: Avoid double memory clearing of HashTable buckets Since the allocated memory is going to be zeroed immediately anyway, let's avoid redundantly scrubbing it with MALLOC_SCRUB_BYTE just before that. The latest versions of gcc and Clang can automatically do this malloc + memset -> calloc optimization, but I've seen a couple of places where it failed to be done. This commit also adds a naive kcalloc function to the kernel that doesn't (yet) eliminate the redundancy like the userland does.
2022-03-15 01:59:16 +03:00
[[gnu::malloc, gnu::alloc_size(1, 2)]] void* kcalloc(size_t, size_t);
Kernel: Fix kmalloc memory corruption Rather than hardcoding where the kmalloc pool should be, place it at the end of the kernel image instead. This avoids corrupting global variables or other parts of the kernel as it grows. Fixes #3257
2020-08-25 01:38:20 +03:00
Kernel: Consolidate kmalloc_aligned() and use kfree_sized() within This patch does two things: - Combines kmalloc_aligned() and kmalloc_aligned_cxx(). Templatizing the alignment parameter doesn't seem like a valuable enough optimization to justify having two almost-identical implementations. - Stores the real allocation size of an aligned allocation along with the other alignment metadata, and uses it to call kfree_sized() instead of kfree().
2021-12-26 20:08:55 +03:00
[[gnu::malloc, gnu::alloc_size(1), gnu::alloc_align(2)]] void* kmalloc_aligned(size_t size, size_t alignment);
Kernel: Make Heap implementation reusable, and make kmalloc expandable Add an ExpandableHeap and switch kmalloc to use it, which allows for the kmalloc heap to grow as needed. In order to make heap expansion to work, we keep around a 1 MiB backup memory region, because creating a region would require space in the same heap. This means, the heap will grow as soon as the reported utilization is less than 1 MiB. It will also return memory if an entire subheap is no longer needed, although that is rarely possible.
2020-08-30 01:41:30 +03:00
inline void kfree_aligned(void* ptr)
{
Kernel: Allow `kfree_aligned` to be called on null pointers The C++ standard specifies that `free` and `operator delete` should be callable with nullptr. The non-aligned `kfree` already handles this, but because of the pointer arithmetic to obtain the allocation start pointer, the aligned version would produce undefined behavior.
2021-08-13 13:42:02 +03:00
if (ptr == nullptr)
return;
Kernel: Consolidate kmalloc_aligned() and use kfree_sized() within This patch does two things: - Combines kmalloc_aligned() and kmalloc_aligned_cxx(). Templatizing the alignment parameter doesn't seem like a valuable enough optimization to justify having two almost-identical implementations. - Stores the real allocation size of an aligned allocation along with the other alignment metadata, and uses it to call kfree_sized() instead of kfree().
2021-12-26 20:08:55 +03:00
kfree_sized((u8*)ptr - ((ptrdiff_t const*)ptr)[-1], ((size_t const*)ptr)[-2]);
Kernel: Make Heap implementation reusable, and make kmalloc expandable Add an ExpandableHeap and switch kmalloc to use it, which allows for the kmalloc heap to grow as needed. In order to make heap expansion to work, we keep around a 1 MiB backup memory region, because creating a region would require space in the same heap. This means, the heap will grow as soon as the reported utilization is less than 1 MiB. It will also return memory if an entire subheap is no longer needed, although that is rarely possible.
2020-08-30 01:41:30 +03:00
}
AK+LibC: Implement malloc_good_size() and use it for Vector/HashTable This implements the macOS API malloc_good_size() which returns the true allocation size for a given requested allocation size. This allows us to make use of all the available memory in a malloc chunk. For example, for a malloc request of 35 bytes our malloc would internally use a chunk of size 64, however the remaining 29 bytes would be unused. Knowing the true allocation size allows us to request more usable memory that would otherwise be wasted and make that available for Vector, HashTable and potentially other callers in the future.
2021-05-15 11:06:41 +03:00
size_t kmalloc_good_size(size_t);
Kernel: Make Heap implementation reusable, and make kmalloc expandable Add an ExpandableHeap and switch kmalloc to use it, which allows for the kmalloc heap to grow as needed. In order to make heap expansion to work, we keep around a 1 MiB backup memory region, because creating a region would require space in the same heap. This means, the heap will grow as soon as the reported utilization is less than 1 MiB. It will also return memory if an entire subheap is no longer needed, although that is rarely possible.
2020-08-30 01:41:30 +03:00
void kmalloc_enable_expand();
Reference in New Issue Copy Permalink