uma_dbg.c revision 103531 
1/*
2 * Copyright (c) 2002, Jeffrey Roberson <jroberson@chesapeake.net>
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 *    notice unmodified, this list of conditions, and the following
10 *    disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 *    notice, this list of conditions and the following disclaimer in the
13 *    documentation and/or other materials provided with the distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
18 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25 *
26 * $FreeBSD: head/sys/vm/uma_dbg.c 103531 2002-09-18 08:26:30Z jeff $
27 *
28 */
29
30/*
31 * uma_dbg.c	Debugging features for UMA users
32 *
33 */
34
35
36#include <sys/param.h>
37#include <sys/systm.h>
38#include <sys/kernel.h>
39#include <sys/types.h>
40#include <sys/queue.h>
41#include <sys/lock.h>
42#include <sys/mutex.h>
43#include <sys/malloc.h>
44
45#include <vm/vm.h>
46#include <vm/vm_object.h>
47#include <vm/vm_page.h>
48#include <vm/uma.h>
49#include <vm/uma_int.h>
50#include <vm/uma_dbg.h>
51
52static const u_int32_t uma_junk = 0xdeadc0de;
53
54/*
55 * Checks an item to make sure it hasn't been overwritten since freed.
56 *
57 * Complies with standard ctor arg/return
58 *
59 */
60void
61trash_ctor(void *mem, int size, void *arg)
62{
63	int cnt;
64	u_int32_t *p;
65
66	cnt = size / sizeof(uma_junk);
67
68	for (p = mem; cnt > 0; cnt--, p++)
69		if (*p != uma_junk)
70			panic("Memory modified after free %p(%d)\n",
71			    mem, size);
72}
73
74/*
75 * Fills an item with predictable garbage
76 *
77 * Complies with standard dtor arg/return
78 *
79 */
80void
81trash_dtor(void *mem, int size, void *arg)
82{
83	int cnt;
84	u_int32_t *p;
85
86	cnt = size / sizeof(uma_junk);
87
88	for (p = mem; cnt > 0; cnt--, p++)
89		*p = uma_junk;
90}
91
92/*
93 * Fills an item with predictable garbage
94 *
95 * Complies with standard init arg/return
96 *
97 */
98void
99trash_init(void *mem, int size)
100{
101	trash_dtor(mem, size, NULL);
102}
103
104/*
105 * Checks an item to make sure it hasn't been overwritten since it was freed.
106 *
107 * Complies with standard fini arg/return
108 *
109 */
110void
111trash_fini(void *mem, int size)
112{
113	trash_ctor(mem, size, NULL);
114}
115
116/*
117 * Checks an item to make sure it hasn't been overwritten since freed.
118 *
119 * Complies with standard ctor arg/return
120 *
121 */
122void
123mtrash_ctor(void *mem, int size, void *arg)
124{
125	struct malloc_type **ksp;
126	u_int32_t *p = mem;
127	int cnt;
128
129	size -= sizeof(struct malloc_type *);
130	ksp = (struct malloc_type **)mem;
131	ksp += size / sizeof(struct malloc_type *);
132	cnt = size / sizeof(uma_junk);
133
134	for (p = mem; cnt > 0; cnt--, p++)
135		if (*p != uma_junk) {
136			printf("Memory modified after free %p(%d)\n",
137			    mem, size);
138			panic("Most recently used by %s\n", (*ksp == NULL)?
139			    "none" : (*ksp)->ks_shortdesc);
140		}
141}
142
143/*
144 * Fills an item with predictable garbage
145 *
146 * Complies with standard dtor arg/return
147 *
148 */
149void
150mtrash_dtor(void *mem, int size, void *arg)
151{
152	int cnt;
153	u_int32_t *p;
154
155	size -= sizeof(struct malloc_type *);
156	cnt = size / sizeof(uma_junk);
157
158	for (p = mem; cnt > 0; cnt--, p++)
159		*p = uma_junk;
160}
161
162/*
163 * Fills an item with predictable garbage
164 *
165 * Complies with standard init arg/return
166 *
167 */
168void
169mtrash_init(void *mem, int size)
170{
171	struct malloc_type **ksp;
172
173	mtrash_dtor(mem, size, NULL);
174
175	ksp = (struct malloc_type **)mem;
176	ksp += (size / sizeof(struct malloc_type *)) - 1;
177	*ksp = NULL;
178}
179
180/*
181 * Checks an item to make sure it hasn't been overwritten since it was freed.
182 *
183 * Complies with standard fini arg/return
184 *
185 */
186void
187mtrash_fini(void *mem, int size)
188{
189	mtrash_ctor(mem, size, NULL);
190}
191
192static uma_slab_t
193uma_dbg_getslab(uma_zone_t zone, void *item)
194{
195	uma_slab_t slab;
196	u_int8_t *mem;
197
198	mem = (u_int8_t *)((unsigned long)item & (~UMA_SLAB_MASK));
199	if (zone->uz_flags & UMA_ZFLAG_MALLOC) {
200		slab = vtoslab((vm_offset_t)mem);
201	} else if (zone->uz_flags & UMA_ZFLAG_HASH) {
202		ZONE_LOCK(zone);
203		slab = hash_sfind(&zone->uz_hash, mem);
204		ZONE_UNLOCK(zone);
205	} else {
206		mem += zone->uz_pgoff;
207		slab = (uma_slab_t)mem;
208	}
209
210	return (slab);
211}
212
213/*
214 * Set up the slab's freei data such that uma_dbg_free can function.
215 *
216 */
217
218void
219uma_dbg_alloc(uma_zone_t zone, uma_slab_t slab, void *item)
220{
221	int freei;
222
223	if (slab == NULL) {
224		slab = uma_dbg_getslab(zone, item);
225		if (slab == NULL)
226			panic("uma: item %p did not belong to zone %s\n",
227			    item, zone->uz_name);
228	}
229
230	freei = ((unsigned long)item - (unsigned long)slab->us_data)
231	    / zone->uz_rsize;
232
233	slab->us_freelist[freei] = 255;
234
235	return;
236}
237
238/*
239 * Verifies freed addresses.  Checks for alignment, valid slab membership
240 * and duplicate frees.
241 *
242 */
243
244void
245uma_dbg_free(uma_zone_t zone, uma_slab_t slab, void *item)
246{
247	int freei;
248
249	if (slab == NULL) {
250		slab = uma_dbg_getslab(zone, item);
251		if (slab == NULL)
252			panic("uma: Freed item %p did not belong to zone %s\n",
253			    item, zone->uz_name);
254	}
255
256	freei = ((unsigned long)item - (unsigned long)slab->us_data)
257	    / zone->uz_rsize;
258
259	if (freei >= zone->uz_ipers)
260		panic("zone: %s(%p) slab %p freelist %d out of range 0-%d\n",
261		    zone->uz_name, zone, slab, freei, zone->uz_ipers-1);
262
263	if (((freei * zone->uz_rsize) + slab->us_data) != item) {
264		printf("zone: %s(%p) slab %p freed address %p unaligned.\n",
265		    zone->uz_name, zone, slab, item);
266		panic("should be %p\n",
267		    (freei * zone->uz_rsize) + slab->us_data);
268	}
269
270	if (slab->us_freelist[freei] != 255) {
271		printf("Slab at %p, freei %d = %d.\n",
272		    slab, freei, slab->us_freelist[freei]);
273		panic("Duplicate free of item %p from zone %p(%s)\n",
274		    item, zone, zone->uz_name);
275	}
276
277	/*
278	 * When this is actually linked into the slab this will change.
279	 * Until then the count of valid slabs will make sure we don't
280	 * accidentally follow this and assume it's a valid index.
281	 */
282	slab->us_freelist[freei] = 0;
283}
284