1/*
2 * Copyright (c) 2002, Jeffrey Roberson <jroberson@chesapeake.net>
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice unmodified, this list of conditions, and the following
10 * disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
18 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25 *
26 * $FreeBSD: head/sys/vm/uma_dbg.c 103531 2002-09-18 08:26:30Z jeff $
27 *
28 */
29
30/*
31 * uma_dbg.c Debugging features for UMA users
32 *
33 */
34
35
36#include <sys/param.h>
37#include <sys/systm.h>
38#include <sys/kernel.h>
39#include <sys/types.h>
40#include <sys/queue.h>
41#include <sys/lock.h>
42#include <sys/mutex.h>
43#include <sys/malloc.h>
44
45#include <vm/vm.h>
46#include <vm/vm_object.h>
47#include <vm/vm_page.h>
48#include <vm/uma.h>
49#include <vm/uma_int.h>
50#include <vm/uma_dbg.h>
51
52static const u_int32_t uma_junk = 0xdeadc0de;
53
54/*
55 * Checks an item to make sure it hasn't been overwritten since freed.
56 *
57 * Complies with standard ctor arg/return
58 *
59 */
60void
61trash_ctor(void *mem, int size, void *arg)
62{
63 int cnt;
64 u_int32_t *p;
65
66 cnt = size / sizeof(uma_junk);
67
68 for (p = mem; cnt > 0; cnt--, p++)
69 if (*p != uma_junk)
70 panic("Memory modified after free %p(%d)\n",
71 mem, size);
72}
73
74/*
75 * Fills an item with predictable garbage
76 *
77 * Complies with standard dtor arg/return
78 *
79 */
80void
81trash_dtor(void *mem, int size, void *arg)
82{
83 int cnt;
84 u_int32_t *p;
85
86 cnt = size / sizeof(uma_junk);
87
88 for (p = mem; cnt > 0; cnt--, p++)
89 *p = uma_junk;
90}
91
92/*
93 * Fills an item with predictable garbage
94 *
95 * Complies with standard init arg/return
96 *
97 */
98void
99trash_init(void *mem, int size)
100{
101 trash_dtor(mem, size, NULL);
102}
103
104/*
105 * Checks an item to make sure it hasn't been overwritten since it was freed.
106 *
107 * Complies with standard fini arg/return
108 *
109 */
110void
111trash_fini(void *mem, int size)
112{
113 trash_ctor(mem, size, NULL);
114}
115
116/*
117 * Checks an item to make sure it hasn't been overwritten since freed.
118 *
119 * Complies with standard ctor arg/return
120 *
121 */
122void
123mtrash_ctor(void *mem, int size, void *arg)
124{
125 struct malloc_type **ksp;
126 u_int32_t *p = mem;
127 int cnt;
128
129 size -= sizeof(struct malloc_type *);
130 ksp = (struct malloc_type **)mem;
131 ksp += size / sizeof(struct malloc_type *);
132 cnt = size / sizeof(uma_junk);
133
134 for (p = mem; cnt > 0; cnt--, p++)
135 if (*p != uma_junk) {
136 printf("Memory modified after free %p(%d)\n",
137 mem, size);
138 panic("Most recently used by %s\n", (*ksp == NULL)?
139 "none" : (*ksp)->ks_shortdesc);
140 }
141}
142
143/*
144 * Fills an item with predictable garbage
145 *
146 * Complies with standard dtor arg/return
147 *
148 */
149void
150mtrash_dtor(void *mem, int size, void *arg)
151{
152 int cnt;
153 u_int32_t *p;
154
155 size -= sizeof(struct malloc_type *);
156 cnt = size / sizeof(uma_junk);
157
158 for (p = mem; cnt > 0; cnt--, p++)
159 *p = uma_junk;
160}
161
162/*
163 * Fills an item with predictable garbage
164 *
165 * Complies with standard init arg/return
166 *
167 */
168void
169mtrash_init(void *mem, int size)
170{
171 struct malloc_type **ksp;
172
173 mtrash_dtor(mem, size, NULL);
174
175 ksp = (struct malloc_type **)mem;
176 ksp += (size / sizeof(struct malloc_type *)) - 1;
177 *ksp = NULL;
178}
179
180/*
181 * Checks an item to make sure it hasn't been overwritten since it was freed.
182 *
183 * Complies with standard fini arg/return
184 *
185 */
186void
187mtrash_fini(void *mem, int size)
188{
189 mtrash_ctor(mem, size, NULL);
190}
191
192static uma_slab_t
193uma_dbg_getslab(uma_zone_t zone, void *item)
194{
195 uma_slab_t slab;
196 u_int8_t *mem;
197
198 mem = (u_int8_t *)((unsigned long)item & (~UMA_SLAB_MASK));
199 if (zone->uz_flags & UMA_ZFLAG_MALLOC) {
200 slab = vtoslab((vm_offset_t)mem);
201 } else if (zone->uz_flags & UMA_ZFLAG_HASH) {
202 ZONE_LOCK(zone);
203 slab = hash_sfind(&zone->uz_hash, mem);
204 ZONE_UNLOCK(zone);
205 } else {
206 mem += zone->uz_pgoff;
207 slab = (uma_slab_t)mem;
208 }
209
210 return (slab);
211}
212
213/*
214 * Set up the slab's freei data such that uma_dbg_free can function.
215 *
216 */
217
218void
219uma_dbg_alloc(uma_zone_t zone, uma_slab_t slab, void *item)
220{
221 int freei;
222
223 if (slab == NULL) {
224 slab = uma_dbg_getslab(zone, item);
225 if (slab == NULL)
226 panic("uma: item %p did not belong to zone %s\n",
227 item, zone->uz_name);
228 }
229
230 freei = ((unsigned long)item - (unsigned long)slab->us_data)
231 / zone->uz_rsize;
232
233 slab->us_freelist[freei] = 255;
234
235 return;
236}
237
238/*
239 * Verifies freed addresses. Checks for alignment, valid slab membership
240 * and duplicate frees.
241 *
242 */
243
244void
245uma_dbg_free(uma_zone_t zone, uma_slab_t slab, void *item)
246{
247 int freei;
248
249 if (slab == NULL) {
250 slab = uma_dbg_getslab(zone, item);
251 if (slab == NULL)
252 panic("uma: Freed item %p did not belong to zone %s\n",
253 item, zone->uz_name);
254 }
255
256 freei = ((unsigned long)item - (unsigned long)slab->us_data)
257 / zone->uz_rsize;
258
259 if (freei >= zone->uz_ipers)
260 panic("zone: %s(%p) slab %p freelist %d out of range 0-%d\n",
261 zone->uz_name, zone, slab, freei, zone->uz_ipers-1);
262
263 if (((freei * zone->uz_rsize) + slab->us_data) != item) {
264 printf("zone: %s(%p) slab %p freed address %p unaligned.\n",
265 zone->uz_name, zone, slab, item);
266 panic("should be %p\n",
267 (freei * zone->uz_rsize) + slab->us_data);
268 }
269
270 if (slab->us_freelist[freei] != 255) {
271 printf("Slab at %p, freei %d = %d.\n",
272 slab, freei, slab->us_freelist[freei]);
273 panic("Duplicate free of item %p from zone %p(%s)\n",
274 item, zone, zone->uz_name);
275 }
276
277 /*
278 * When this is actually linked into the slab this will change.
279 * Until then the count of valid slabs will make sure we don't
280 * accidentally follow this and assume it's a valid index.
281 */
282 slab->us_freelist[freei] = 0;
283}
2 * Copyright (c) 2002, Jeffrey Roberson <jroberson@chesapeake.net>
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice unmodified, this list of conditions, and the following
10 * disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
18 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25 *
26 * $FreeBSD: head/sys/vm/uma_dbg.c 103531 2002-09-18 08:26:30Z jeff $
27 *
28 */
29
30/*
31 * uma_dbg.c Debugging features for UMA users
32 *
33 */
34
35
36#include <sys/param.h>
37#include <sys/systm.h>
38#include <sys/kernel.h>
39#include <sys/types.h>
40#include <sys/queue.h>
41#include <sys/lock.h>
42#include <sys/mutex.h>
43#include <sys/malloc.h>
44
45#include <vm/vm.h>
46#include <vm/vm_object.h>
47#include <vm/vm_page.h>
48#include <vm/uma.h>
49#include <vm/uma_int.h>
50#include <vm/uma_dbg.h>
51
52static const u_int32_t uma_junk = 0xdeadc0de;
53
54/*
55 * Checks an item to make sure it hasn't been overwritten since freed.
56 *
57 * Complies with standard ctor arg/return
58 *
59 */
60void
61trash_ctor(void *mem, int size, void *arg)
62{
63 int cnt;
64 u_int32_t *p;
65
66 cnt = size / sizeof(uma_junk);
67
68 for (p = mem; cnt > 0; cnt--, p++)
69 if (*p != uma_junk)
70 panic("Memory modified after free %p(%d)\n",
71 mem, size);
72}
73
74/*
75 * Fills an item with predictable garbage
76 *
77 * Complies with standard dtor arg/return
78 *
79 */
80void
81trash_dtor(void *mem, int size, void *arg)
82{
83 int cnt;
84 u_int32_t *p;
85
86 cnt = size / sizeof(uma_junk);
87
88 for (p = mem; cnt > 0; cnt--, p++)
89 *p = uma_junk;
90}
91
92/*
93 * Fills an item with predictable garbage
94 *
95 * Complies with standard init arg/return
96 *
97 */
98void
99trash_init(void *mem, int size)
100{
101 trash_dtor(mem, size, NULL);
102}
103
104/*
105 * Checks an item to make sure it hasn't been overwritten since it was freed.
106 *
107 * Complies with standard fini arg/return
108 *
109 */
110void
111trash_fini(void *mem, int size)
112{
113 trash_ctor(mem, size, NULL);
114}
115
116/*
117 * Checks an item to make sure it hasn't been overwritten since freed.
118 *
119 * Complies with standard ctor arg/return
120 *
121 */
122void
123mtrash_ctor(void *mem, int size, void *arg)
124{
125 struct malloc_type **ksp;
126 u_int32_t *p = mem;
127 int cnt;
128
129 size -= sizeof(struct malloc_type *);
130 ksp = (struct malloc_type **)mem;
131 ksp += size / sizeof(struct malloc_type *);
132 cnt = size / sizeof(uma_junk);
133
134 for (p = mem; cnt > 0; cnt--, p++)
135 if (*p != uma_junk) {
136 printf("Memory modified after free %p(%d)\n",
137 mem, size);
138 panic("Most recently used by %s\n", (*ksp == NULL)?
139 "none" : (*ksp)->ks_shortdesc);
140 }
141}
142
143/*
144 * Fills an item with predictable garbage
145 *
146 * Complies with standard dtor arg/return
147 *
148 */
149void
150mtrash_dtor(void *mem, int size, void *arg)
151{
152 int cnt;
153 u_int32_t *p;
154
155 size -= sizeof(struct malloc_type *);
156 cnt = size / sizeof(uma_junk);
157
158 for (p = mem; cnt > 0; cnt--, p++)
159 *p = uma_junk;
160}
161
162/*
163 * Fills an item with predictable garbage
164 *
165 * Complies with standard init arg/return
166 *
167 */
168void
169mtrash_init(void *mem, int size)
170{
171 struct malloc_type **ksp;
172
173 mtrash_dtor(mem, size, NULL);
174
175 ksp = (struct malloc_type **)mem;
176 ksp += (size / sizeof(struct malloc_type *)) - 1;
177 *ksp = NULL;
178}
179
180/*
181 * Checks an item to make sure it hasn't been overwritten since it was freed.
182 *
183 * Complies with standard fini arg/return
184 *
185 */
186void
187mtrash_fini(void *mem, int size)
188{
189 mtrash_ctor(mem, size, NULL);
190}
191
192static uma_slab_t
193uma_dbg_getslab(uma_zone_t zone, void *item)
194{
195 uma_slab_t slab;
196 u_int8_t *mem;
197
198 mem = (u_int8_t *)((unsigned long)item & (~UMA_SLAB_MASK));
199 if (zone->uz_flags & UMA_ZFLAG_MALLOC) {
200 slab = vtoslab((vm_offset_t)mem);
201 } else if (zone->uz_flags & UMA_ZFLAG_HASH) {
202 ZONE_LOCK(zone);
203 slab = hash_sfind(&zone->uz_hash, mem);
204 ZONE_UNLOCK(zone);
205 } else {
206 mem += zone->uz_pgoff;
207 slab = (uma_slab_t)mem;
208 }
209
210 return (slab);
211}
212
213/*
214 * Set up the slab's freei data such that uma_dbg_free can function.
215 *
216 */
217
218void
219uma_dbg_alloc(uma_zone_t zone, uma_slab_t slab, void *item)
220{
221 int freei;
222
223 if (slab == NULL) {
224 slab = uma_dbg_getslab(zone, item);
225 if (slab == NULL)
226 panic("uma: item %p did not belong to zone %s\n",
227 item, zone->uz_name);
228 }
229
230 freei = ((unsigned long)item - (unsigned long)slab->us_data)
231 / zone->uz_rsize;
232
233 slab->us_freelist[freei] = 255;
234
235 return;
236}
237
238/*
239 * Verifies freed addresses. Checks for alignment, valid slab membership
240 * and duplicate frees.
241 *
242 */
243
244void
245uma_dbg_free(uma_zone_t zone, uma_slab_t slab, void *item)
246{
247 int freei;
248
249 if (slab == NULL) {
250 slab = uma_dbg_getslab(zone, item);
251 if (slab == NULL)
252 panic("uma: Freed item %p did not belong to zone %s\n",
253 item, zone->uz_name);
254 }
255
256 freei = ((unsigned long)item - (unsigned long)slab->us_data)
257 / zone->uz_rsize;
258
259 if (freei >= zone->uz_ipers)
260 panic("zone: %s(%p) slab %p freelist %d out of range 0-%d\n",
261 zone->uz_name, zone, slab, freei, zone->uz_ipers-1);
262
263 if (((freei * zone->uz_rsize) + slab->us_data) != item) {
264 printf("zone: %s(%p) slab %p freed address %p unaligned.\n",
265 zone->uz_name, zone, slab, item);
266 panic("should be %p\n",
267 (freei * zone->uz_rsize) + slab->us_data);
268 }
269
270 if (slab->us_freelist[freei] != 255) {
271 printf("Slab at %p, freei %d = %d.\n",
272 slab, freei, slab->us_freelist[freei]);
273 panic("Duplicate free of item %p from zone %p(%s)\n",
274 item, zone, zone->uz_name);
275 }
276
277 /*
278 * When this is actually linked into the slab this will change.
279 * Until then the count of valid slabs will make sure we don't
280 * accidentally follow this and assume it's a valid index.
281 */
282 slab->us_freelist[freei] = 0;
283}