uma_dbg.c revision 106773 
1/*
2 * Copyright (c) 2002, Jeffrey Roberson <jeff@freebsd.org>
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 *    notice unmodified, this list of conditions, and the following
10 *    disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 *    notice, this list of conditions and the following disclaimer in the
13 *    documentation and/or other materials provided with the distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
18 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25 *
26 * $FreeBSD: head/sys/vm/uma_dbg.c 106773 2002-11-11 11:50:03Z mjacob $
27 *
28 */
29
30/*
31 * uma_dbg.c	Debugging features for UMA users
32 *
33 */
34
35
36#include <sys/param.h>
37#include <sys/systm.h>
38#include <sys/kernel.h>
39#include <sys/types.h>
40#include <sys/queue.h>
41#include <sys/lock.h>
42#include <sys/mutex.h>
43#include <sys/malloc.h>
44
45#include <vm/vm.h>
46#include <vm/vm_object.h>
47#include <vm/vm_page.h>
48#include <vm/uma.h>
49#include <vm/uma_int.h>
50#include <vm/uma_dbg.h>
51
52static const u_int32_t uma_junk = 0xdeadc0de;
53
54/*
55 * Checks an item to make sure it hasn't been overwritten since freed.
56 *
57 * Complies with standard ctor arg/return
58 *
59 */
60void
61trash_ctor(void *mem, int size, void *arg)
62{
63	int cnt;
64	u_int32_t *p;
65
66	cnt = size / sizeof(uma_junk);
67
68	for (p = mem; cnt > 0; cnt--, p++)
69		if (*p != uma_junk)
70			panic("Memory modified after free %p(%d)\n",
71			    mem, size);
72}
73
74/*
75 * Fills an item with predictable garbage
76 *
77 * Complies with standard dtor arg/return
78 *
79 */
80void
81trash_dtor(void *mem, int size, void *arg)
82{
83	int cnt;
84	u_int32_t *p;
85
86	cnt = size / sizeof(uma_junk);
87
88	for (p = mem; cnt > 0; cnt--, p++)
89		*p = uma_junk;
90}
91
92/*
93 * Fills an item with predictable garbage
94 *
95 * Complies with standard init arg/return
96 *
97 */
98void
99trash_init(void *mem, int size)
100{
101	trash_dtor(mem, size, NULL);
102}
103
104/*
105 * Checks an item to make sure it hasn't been overwritten since it was freed.
106 *
107 * Complies with standard fini arg/return
108 *
109 */
110void
111trash_fini(void *mem, int size)
112{
113	trash_ctor(mem, size, NULL);
114}
115
116/*
117 * Checks an item to make sure it hasn't been overwritten since freed.
118 *
119 * Complies with standard ctor arg/return
120 *
121 */
122void
123mtrash_ctor(void *mem, int size, void *arg)
124{
125	struct malloc_type **ksp;
126	u_int32_t *p = mem;
127	int cnt;
128
129	size -= sizeof(struct malloc_type *);
130	ksp = (struct malloc_type **)mem;
131	ksp += size / sizeof(struct malloc_type *);
132	cnt = size / sizeof(uma_junk);
133
134	for (p = mem; cnt > 0; cnt--, p++)
135		if (*p != uma_junk) {
136			printf("Memory modified after free %p(%d)\n",
137			    mem, size);
138			panic("Most recently used by %s\n", (*ksp == NULL)?
139			    "none" : (*ksp)->ks_shortdesc);
140		}
141}
142
143/*
144 * Fills an item with predictable garbage
145 *
146 * Complies with standard dtor arg/return
147 *
148 */
149void
150mtrash_dtor(void *mem, int size, void *arg)
151{
152	int cnt;
153	u_int32_t *p;
154
155	size -= sizeof(struct malloc_type *);
156	cnt = size / sizeof(uma_junk);
157
158	for (p = mem; cnt > 0; cnt--, p++)
159		*p = uma_junk;
160}
161
162/*
163 * Fills an item with predictable garbage
164 *
165 * Complies with standard init arg/return
166 *
167 */
168void
169mtrash_init(void *mem, int size)
170{
171	struct malloc_type **ksp;
172
173	mtrash_dtor(mem, size, NULL);
174
175	ksp = (struct malloc_type **)mem;
176	ksp += (size / sizeof(struct malloc_type *)) - 1;
177	*ksp = NULL;
178}
179
180/*
181 * Checks an item to make sure it hasn't been overwritten since it was freed.
182 *
183 * Complies with standard fini arg/return
184 *
185 */
186void
187mtrash_fini(void *mem, int size)
188{
189	mtrash_ctor(mem, size, NULL);
190}
191
192static uma_slab_t
193uma_dbg_getslab(uma_zone_t zone, void *item)
194{
195	uma_slab_t slab;
196	u_int8_t *mem;
197
198	mem = (u_int8_t *)((unsigned long)item & (~UMA_SLAB_MASK));
199	if (zone->uz_flags & UMA_ZFLAG_MALLOC) {
200		slab = vtoslab((vm_offset_t)mem);
201	} else if (zone->uz_flags & UMA_ZFLAG_HASH) {
202		slab = hash_sfind(&zone->uz_hash, mem);
203	} else {
204		mem += zone->uz_pgoff;
205		slab = (uma_slab_t)mem;
206	}
207
208	return (slab);
209}
210
211/*
212 * Set up the slab's freei data such that uma_dbg_free can function.
213 *
214 */
215
216void
217uma_dbg_alloc(uma_zone_t zone, uma_slab_t slab, void *item)
218{
219	int freei;
220
221	if (slab == NULL) {
222		slab = uma_dbg_getslab(zone, item);
223		if (slab == NULL)
224			panic("uma: item %p did not belong to zone %s\n",
225			    item, zone->uz_name);
226	}
227
228	freei = ((unsigned long)item - (unsigned long)slab->us_data)
229	    / zone->uz_rsize;
230
231	slab->us_freelist[freei] = 255;
232
233	return;
234}
235
236/*
237 * Verifies freed addresses.  Checks for alignment, valid slab membership
238 * and duplicate frees.
239 *
240 */
241
242void
243uma_dbg_free(uma_zone_t zone, uma_slab_t slab, void *item)
244{
245	int freei;
246
247	if (slab == NULL) {
248		slab = uma_dbg_getslab(zone, item);
249		if (slab == NULL)
250			panic("uma: Freed item %p did not belong to zone %s\n",
251			    item, zone->uz_name);
252	}
253
254	freei = ((unsigned long)item - (unsigned long)slab->us_data)
255	    / zone->uz_rsize;
256
257	if (freei >= zone->uz_ipers)
258		panic("zone: %s(%p) slab %p freelist %d out of range 0-%d\n",
259		    zone->uz_name, zone, slab, freei, zone->uz_ipers-1);
260
261	if (((freei * zone->uz_rsize) + slab->us_data) != item) {
262		printf("zone: %s(%p) slab %p freed address %p unaligned.\n",
263		    zone->uz_name, zone, slab, item);
264		panic("should be %p\n",
265		    (freei * zone->uz_rsize) + slab->us_data);
266	}
267
268	if (slab->us_freelist[freei] != 255) {
269		printf("Slab at %p, freei %d = %d.\n",
270		    slab, freei, slab->us_freelist[freei]);
271		panic("Duplicate free of item %p from zone %p(%s)\n",
272		    item, zone, zone->uz_name);
273	}
274
275	/*
276	 * When this is actually linked into the slab this will change.
277	 * Until then the count of valid slabs will make sure we don't
278	 * accidentally follow this and assume it's a valid index.
279	 */
280	slab->us_freelist[freei] = 0;
281}
282