1/*
2 * Copyright (c) 2002, Jeffrey Roberson <jroberson@chesapeake.net>
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice unmodified, this list of conditions, and the following
10 * disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
18 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25 *
26 * $FreeBSD: head/sys/vm/uma_dbg.c 99424 2002-07-05 05:16:19Z jeff $
27 *
28 */
29
30/*
31 * uma_dbg.c Debugging features for UMA users
32 *
33 */
34
35
36#include <sys/param.h>
37#include <sys/systm.h>
38#include <sys/kernel.h>
39#include <sys/types.h>
40#include <sys/queue.h>
41#include <sys/lock.h>
42#include <sys/mutex.h>
43#include <sys/malloc.h>
44
45#include <vm/uma.h>
46#include <vm/uma_int.h>
47#include <vm/uma_dbg.h>
48
49static const u_int32_t uma_junk = 0xdeadc0de;
50
51/*
52 * Checks an item to make sure it hasn't been overwritten since freed.
53 *
54 * Complies with standard ctor arg/return
55 *
56 */
57void
58trash_ctor(void *mem, int size, void *arg)
59{
60 int cnt;
61 u_int32_t *p;
62
63 cnt = size / sizeof(uma_junk);
64
65 for (p = mem; cnt > 0; cnt--, p++)
66 if (*p != uma_junk)
67 panic("Memory modified after free %p(%d)\n",
68 mem, size);
69}
70
71/*
72 * Fills an item with predictable garbage
73 *
74 * Complies with standard dtor arg/return
75 *
76 */
77void
78trash_dtor(void *mem, int size, void *arg)
79{
80 int cnt;
81 u_int32_t *p;
82
83 cnt = size / sizeof(uma_junk);
84
85 for (p = mem; cnt > 0; cnt--, p++)
86 *p = uma_junk;
87}
88
89/*
90 * Fills an item with predictable garbage
91 *
92 * Complies with standard init arg/return
93 *
94 */
95void
96trash_init(void *mem, int size)
97{
98 trash_dtor(mem, size, NULL);
99}
100
101/*
102 * Checks an item to make sure it hasn't been overwritten since it was freed.
103 *
104 * Complies with standard fini arg/return
105 *
106 */
107void
108trash_fini(void *mem, int size)
109{
110 trash_ctor(mem, size, NULL);
111}
112
113/*
114 * Checks an item to make sure it hasn't been overwritten since freed.
115 *
116 * Complies with standard ctor arg/return
117 *
118 */
119void
120mtrash_ctor(void *mem, int size, void *arg)
121{
122 struct malloc_type **ksp;
123 u_int32_t *p = mem;
124 int cnt;
125
126 size -= sizeof(struct malloc_type *);
127 ksp = (struct malloc_type **)mem;
128 ksp += size / sizeof(struct malloc_type *);
129 cnt = size / sizeof(uma_junk);
130
131 for (p = mem; cnt > 0; cnt--, p++)
132 if (*p != uma_junk) {
133 printf("Memory modified after free %p(%d)\n",
134 mem, size);
135 panic("Most recently used by %s\n", (*ksp == NULL)?
136 "none" : (*ksp)->ks_shortdesc);
137 }
138}
139
140/*
141 * Fills an item with predictable garbage
142 *
143 * Complies with standard dtor arg/return
144 *
145 */
146void
147mtrash_dtor(void *mem, int size, void *arg)
148{
149 int cnt;
150 u_int32_t *p;
151
152 size -= sizeof(struct malloc_type *);
153 cnt = size / sizeof(uma_junk);
154
155 for (p = mem; cnt > 0; cnt--, p++)
156 *p = uma_junk;
157}
158
159/*
160 * Fills an item with predictable garbage
161 *
162 * Complies with standard init arg/return
163 *
164 */
165void
166mtrash_init(void *mem, int size)
167{
168 struct malloc_type **ksp;
169
170 mtrash_dtor(mem, size, NULL);
171
172 ksp = (struct malloc_type **)mem;
173 ksp += (size / sizeof(struct malloc_type *)) - 1;
174 *ksp = NULL;
175}
176
177/*
178 * Checks an item to make sure it hasn't been overwritten since it was freed.
179 *
180 * Complies with standard fini arg/return
181 *
182 */
183void
184mtrash_fini(void *mem, int size)
185{
186 mtrash_ctor(mem, size, NULL);
187}
188
189static uma_slab_t
190uma_dbg_getslab(uma_zone_t zone, void *item)
191{
192 uma_slab_t slab;
193 u_int8_t *mem;
194
195 mem = (u_int8_t *)((unsigned long)item & (~UMA_SLAB_MASK));
196 if (zone->uz_flags & UMA_ZFLAG_MALLOC) {
197 mtx_lock(&malloc_mtx);
198 slab = hash_sfind(mallochash, mem);
199 mtx_unlock(&malloc_mtx);
200 } else if (zone->uz_flags & UMA_ZFLAG_OFFPAGE) {
201 ZONE_LOCK(zone);
202 slab = hash_sfind(&zone->uz_hash, mem);
203 ZONE_UNLOCK(zone);
204 } else {
205 mem += zone->uz_pgoff;
206 slab = (uma_slab_t)mem;
207 }
208
209 return (slab);
210}
211
212/*
213 * Set up the slab's freei data such that uma_dbg_free can function.
214 *
215 */
216
217void
218uma_dbg_alloc(uma_zone_t zone, uma_slab_t slab, void *item)
219{
220 int freei;
221
222 if (slab == NULL) {
223 slab = uma_dbg_getslab(zone, item);
224 if (slab == NULL)
225 panic("uma: item %p did not belong to zone %s\n",
226 item, zone->uz_name);
227 }
228
229 freei = ((unsigned long)item - (unsigned long)slab->us_data)
230 / zone->uz_rsize;
231
232 slab->us_freelist[freei] = 255;
233
234 return;
235}
236
237/*
238 * Verifies freed addresses. Checks for alignment, valid slab membership
239 * and duplicate frees.
240 *
241 */
242
243void
244uma_dbg_free(uma_zone_t zone, uma_slab_t slab, void *item)
245{
246 int freei;
247
248 if (slab == NULL) {
249 slab = uma_dbg_getslab(zone, item);
250 if (slab == NULL)
251 panic("uma: Freed item %p did not belong to zone %s\n",
252 item, zone->uz_name);
253 }
254
255 freei = ((unsigned long)item - (unsigned long)slab->us_data)
256 / zone->uz_rsize;
257
258 if (freei >= zone->uz_ipers)
259 panic("zone: %s(%p) slab %p freelist %d out of range 0-%d\n",
260 zone->uz_name, zone, slab, freei, zone->uz_ipers-1);
261
262 if (((freei * zone->uz_rsize) + slab->us_data) != item) {
263 printf("zone: %s(%p) slab %p freed address %p unaligned.\n",
264 zone->uz_name, zone, slab, item);
265 panic("should be %p\n",
266 (freei * zone->uz_rsize) + slab->us_data);
267 }
268
269 if (slab->us_freelist[freei] != 255) {
270 printf("Slab at %p, freei %d = %d.\n",
271 slab, freei, slab->us_freelist[freei]);
272 panic("Duplicate free of item %p from zone %p(%s)\n",
273 item, zone, zone->uz_name);
274 }
275
276 /*
277 * When this is actually linked into the slab this will change.
278 * Until then the count of valid slabs will make sure we don't
279 * accidentally follow this and assume it's a valid index.
280 */
281 slab->us_freelist[freei] = 0;
282}
2 * Copyright (c) 2002, Jeffrey Roberson <jroberson@chesapeake.net>
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice unmodified, this list of conditions, and the following
10 * disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
18 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25 *
26 * $FreeBSD: head/sys/vm/uma_dbg.c 99424 2002-07-05 05:16:19Z jeff $
27 *
28 */
29
30/*
31 * uma_dbg.c Debugging features for UMA users
32 *
33 */
34
35
36#include <sys/param.h>
37#include <sys/systm.h>
38#include <sys/kernel.h>
39#include <sys/types.h>
40#include <sys/queue.h>
41#include <sys/lock.h>
42#include <sys/mutex.h>
43#include <sys/malloc.h>
44
45#include <vm/uma.h>
46#include <vm/uma_int.h>
47#include <vm/uma_dbg.h>
48
49static const u_int32_t uma_junk = 0xdeadc0de;
50
51/*
52 * Checks an item to make sure it hasn't been overwritten since freed.
53 *
54 * Complies with standard ctor arg/return
55 *
56 */
57void
58trash_ctor(void *mem, int size, void *arg)
59{
60 int cnt;
61 u_int32_t *p;
62
63 cnt = size / sizeof(uma_junk);
64
65 for (p = mem; cnt > 0; cnt--, p++)
66 if (*p != uma_junk)
67 panic("Memory modified after free %p(%d)\n",
68 mem, size);
69}
70
71/*
72 * Fills an item with predictable garbage
73 *
74 * Complies with standard dtor arg/return
75 *
76 */
77void
78trash_dtor(void *mem, int size, void *arg)
79{
80 int cnt;
81 u_int32_t *p;
82
83 cnt = size / sizeof(uma_junk);
84
85 for (p = mem; cnt > 0; cnt--, p++)
86 *p = uma_junk;
87}
88
89/*
90 * Fills an item with predictable garbage
91 *
92 * Complies with standard init arg/return
93 *
94 */
95void
96trash_init(void *mem, int size)
97{
98 trash_dtor(mem, size, NULL);
99}
100
101/*
102 * Checks an item to make sure it hasn't been overwritten since it was freed.
103 *
104 * Complies with standard fini arg/return
105 *
106 */
107void
108trash_fini(void *mem, int size)
109{
110 trash_ctor(mem, size, NULL);
111}
112
113/*
114 * Checks an item to make sure it hasn't been overwritten since freed.
115 *
116 * Complies with standard ctor arg/return
117 *
118 */
119void
120mtrash_ctor(void *mem, int size, void *arg)
121{
122 struct malloc_type **ksp;
123 u_int32_t *p = mem;
124 int cnt;
125
126 size -= sizeof(struct malloc_type *);
127 ksp = (struct malloc_type **)mem;
128 ksp += size / sizeof(struct malloc_type *);
129 cnt = size / sizeof(uma_junk);
130
131 for (p = mem; cnt > 0; cnt--, p++)
132 if (*p != uma_junk) {
133 printf("Memory modified after free %p(%d)\n",
134 mem, size);
135 panic("Most recently used by %s\n", (*ksp == NULL)?
136 "none" : (*ksp)->ks_shortdesc);
137 }
138}
139
140/*
141 * Fills an item with predictable garbage
142 *
143 * Complies with standard dtor arg/return
144 *
145 */
146void
147mtrash_dtor(void *mem, int size, void *arg)
148{
149 int cnt;
150 u_int32_t *p;
151
152 size -= sizeof(struct malloc_type *);
153 cnt = size / sizeof(uma_junk);
154
155 for (p = mem; cnt > 0; cnt--, p++)
156 *p = uma_junk;
157}
158
159/*
160 * Fills an item with predictable garbage
161 *
162 * Complies with standard init arg/return
163 *
164 */
165void
166mtrash_init(void *mem, int size)
167{
168 struct malloc_type **ksp;
169
170 mtrash_dtor(mem, size, NULL);
171
172 ksp = (struct malloc_type **)mem;
173 ksp += (size / sizeof(struct malloc_type *)) - 1;
174 *ksp = NULL;
175}
176
177/*
178 * Checks an item to make sure it hasn't been overwritten since it was freed.
179 *
180 * Complies with standard fini arg/return
181 *
182 */
183void
184mtrash_fini(void *mem, int size)
185{
186 mtrash_ctor(mem, size, NULL);
187}
188
189static uma_slab_t
190uma_dbg_getslab(uma_zone_t zone, void *item)
191{
192 uma_slab_t slab;
193 u_int8_t *mem;
194
195 mem = (u_int8_t *)((unsigned long)item & (~UMA_SLAB_MASK));
196 if (zone->uz_flags & UMA_ZFLAG_MALLOC) {
197 mtx_lock(&malloc_mtx);
198 slab = hash_sfind(mallochash, mem);
199 mtx_unlock(&malloc_mtx);
200 } else if (zone->uz_flags & UMA_ZFLAG_OFFPAGE) {
201 ZONE_LOCK(zone);
202 slab = hash_sfind(&zone->uz_hash, mem);
203 ZONE_UNLOCK(zone);
204 } else {
205 mem += zone->uz_pgoff;
206 slab = (uma_slab_t)mem;
207 }
208
209 return (slab);
210}
211
212/*
213 * Set up the slab's freei data such that uma_dbg_free can function.
214 *
215 */
216
217void
218uma_dbg_alloc(uma_zone_t zone, uma_slab_t slab, void *item)
219{
220 int freei;
221
222 if (slab == NULL) {
223 slab = uma_dbg_getslab(zone, item);
224 if (slab == NULL)
225 panic("uma: item %p did not belong to zone %s\n",
226 item, zone->uz_name);
227 }
228
229 freei = ((unsigned long)item - (unsigned long)slab->us_data)
230 / zone->uz_rsize;
231
232 slab->us_freelist[freei] = 255;
233
234 return;
235}
236
237/*
238 * Verifies freed addresses. Checks for alignment, valid slab membership
239 * and duplicate frees.
240 *
241 */
242
243void
244uma_dbg_free(uma_zone_t zone, uma_slab_t slab, void *item)
245{
246 int freei;
247
248 if (slab == NULL) {
249 slab = uma_dbg_getslab(zone, item);
250 if (slab == NULL)
251 panic("uma: Freed item %p did not belong to zone %s\n",
252 item, zone->uz_name);
253 }
254
255 freei = ((unsigned long)item - (unsigned long)slab->us_data)
256 / zone->uz_rsize;
257
258 if (freei >= zone->uz_ipers)
259 panic("zone: %s(%p) slab %p freelist %d out of range 0-%d\n",
260 zone->uz_name, zone, slab, freei, zone->uz_ipers-1);
261
262 if (((freei * zone->uz_rsize) + slab->us_data) != item) {
263 printf("zone: %s(%p) slab %p freed address %p unaligned.\n",
264 zone->uz_name, zone, slab, item);
265 panic("should be %p\n",
266 (freei * zone->uz_rsize) + slab->us_data);
267 }
268
269 if (slab->us_freelist[freei] != 255) {
270 printf("Slab at %p, freei %d = %d.\n",
271 slab, freei, slab->us_freelist[freei]);
272 panic("Duplicate free of item %p from zone %p(%s)\n",
273 item, zone, zone->uz_name);
274 }
275
276 /*
277 * When this is actually linked into the slab this will change.
278 * Until then the count of valid slabs will make sure we don't
279 * accidentally follow this and assume it's a valid index.
280 */
281 slab->us_freelist[freei] = 0;
282}