uma_dbg.c revision 99424 
1/*
2 * Copyright (c) 2002, Jeffrey Roberson <jroberson@chesapeake.net>
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 *    notice unmodified, this list of conditions, and the following
10 *    disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 *    notice, this list of conditions and the following disclaimer in the
13 *    documentation and/or other materials provided with the distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
18 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25 *
26 * $FreeBSD: head/sys/vm/uma_dbg.c 99424 2002-07-05 05:16:19Z jeff $
27 *
28 */
29
30/*
31 * uma_dbg.c	Debugging features for UMA users
32 *
33 */
34
35
36#include <sys/param.h>
37#include <sys/systm.h>
38#include <sys/kernel.h>
39#include <sys/types.h>
40#include <sys/queue.h>
41#include <sys/lock.h>
42#include <sys/mutex.h>
43#include <sys/malloc.h>
44
45#include <vm/uma.h>
46#include <vm/uma_int.h>
47#include <vm/uma_dbg.h>
48
49static const u_int32_t uma_junk = 0xdeadc0de;
50
51/*
52 * Checks an item to make sure it hasn't been overwritten since freed.
53 *
54 * Complies with standard ctor arg/return
55 *
56 */
57void
58trash_ctor(void *mem, int size, void *arg)
59{
60	int cnt;
61	u_int32_t *p;
62
63	cnt = size / sizeof(uma_junk);
64
65	for (p = mem; cnt > 0; cnt--, p++)
66		if (*p != uma_junk)
67			panic("Memory modified after free %p(%d)\n",
68			    mem, size);
69}
70
71/*
72 * Fills an item with predictable garbage
73 *
74 * Complies with standard dtor arg/return
75 *
76 */
77void
78trash_dtor(void *mem, int size, void *arg)
79{
80	int cnt;
81	u_int32_t *p;
82
83	cnt = size / sizeof(uma_junk);
84
85	for (p = mem; cnt > 0; cnt--, p++)
86		*p = uma_junk;
87}
88
89/*
90 * Fills an item with predictable garbage
91 *
92 * Complies with standard init arg/return
93 *
94 */
95void
96trash_init(void *mem, int size)
97{
98	trash_dtor(mem, size, NULL);
99}
100
101/*
102 * Checks an item to make sure it hasn't been overwritten since it was freed.
103 *
104 * Complies with standard fini arg/return
105 *
106 */
107void
108trash_fini(void *mem, int size)
109{
110	trash_ctor(mem, size, NULL);
111}
112
113/*
114 * Checks an item to make sure it hasn't been overwritten since freed.
115 *
116 * Complies with standard ctor arg/return
117 *
118 */
119void
120mtrash_ctor(void *mem, int size, void *arg)
121{
122	struct malloc_type **ksp;
123	u_int32_t *p = mem;
124	int cnt;
125
126	size -= sizeof(struct malloc_type *);
127	ksp = (struct malloc_type **)mem;
128	ksp += size / sizeof(struct malloc_type *);
129	cnt = size / sizeof(uma_junk);
130
131	for (p = mem; cnt > 0; cnt--, p++)
132		if (*p != uma_junk) {
133			printf("Memory modified after free %p(%d)\n",
134			    mem, size);
135			panic("Most recently used by %s\n", (*ksp == NULL)?
136			    "none" : (*ksp)->ks_shortdesc);
137		}
138}
139
140/*
141 * Fills an item with predictable garbage
142 *
143 * Complies with standard dtor arg/return
144 *
145 */
146void
147mtrash_dtor(void *mem, int size, void *arg)
148{
149	int cnt;
150	u_int32_t *p;
151
152	size -= sizeof(struct malloc_type *);
153	cnt = size / sizeof(uma_junk);
154
155	for (p = mem; cnt > 0; cnt--, p++)
156		*p = uma_junk;
157}
158
159/*
160 * Fills an item with predictable garbage
161 *
162 * Complies with standard init arg/return
163 *
164 */
165void
166mtrash_init(void *mem, int size)
167{
168	struct malloc_type **ksp;
169
170	mtrash_dtor(mem, size, NULL);
171
172	ksp = (struct malloc_type **)mem;
173	ksp += (size / sizeof(struct malloc_type *)) - 1;
174	*ksp = NULL;
175}
176
177/*
178 * Checks an item to make sure it hasn't been overwritten since it was freed.
179 *
180 * Complies with standard fini arg/return
181 *
182 */
183void
184mtrash_fini(void *mem, int size)
185{
186	mtrash_ctor(mem, size, NULL);
187}
188
189static uma_slab_t
190uma_dbg_getslab(uma_zone_t zone, void *item)
191{
192	uma_slab_t slab;
193	u_int8_t *mem;
194
195	mem = (u_int8_t *)((unsigned long)item & (~UMA_SLAB_MASK));
196	if (zone->uz_flags & UMA_ZFLAG_MALLOC) {
197		mtx_lock(&malloc_mtx);
198		slab = hash_sfind(mallochash, mem);
199		mtx_unlock(&malloc_mtx);
200	} else if (zone->uz_flags & UMA_ZFLAG_OFFPAGE) {
201		ZONE_LOCK(zone);
202		slab = hash_sfind(&zone->uz_hash, mem);
203		ZONE_UNLOCK(zone);
204	} else {
205		mem += zone->uz_pgoff;
206		slab = (uma_slab_t)mem;
207	}
208
209	return (slab);
210}
211
212/*
213 * Set up the slab's freei data such that uma_dbg_free can function.
214 *
215 */
216
217void
218uma_dbg_alloc(uma_zone_t zone, uma_slab_t slab, void *item)
219{
220	int freei;
221
222	if (slab == NULL) {
223		slab = uma_dbg_getslab(zone, item);
224		if (slab == NULL)
225			panic("uma: item %p did not belong to zone %s\n",
226			    item, zone->uz_name);
227	}
228
229	freei = ((unsigned long)item - (unsigned long)slab->us_data)
230	    / zone->uz_rsize;
231
232	slab->us_freelist[freei] = 255;
233
234	return;
235}
236
237/*
238 * Verifies freed addresses.  Checks for alignment, valid slab membership
239 * and duplicate frees.
240 *
241 */
242
243void
244uma_dbg_free(uma_zone_t zone, uma_slab_t slab, void *item)
245{
246	int freei;
247
248	if (slab == NULL) {
249		slab = uma_dbg_getslab(zone, item);
250		if (slab == NULL)
251			panic("uma: Freed item %p did not belong to zone %s\n",
252			    item, zone->uz_name);
253	}
254
255	freei = ((unsigned long)item - (unsigned long)slab->us_data)
256	    / zone->uz_rsize;
257
258	if (freei >= zone->uz_ipers)
259		panic("zone: %s(%p) slab %p freelist %d out of range 0-%d\n",
260		    zone->uz_name, zone, slab, freei, zone->uz_ipers-1);
261
262	if (((freei * zone->uz_rsize) + slab->us_data) != item) {
263		printf("zone: %s(%p) slab %p freed address %p unaligned.\n",
264		    zone->uz_name, zone, slab, item);
265		panic("should be %p\n",
266		    (freei * zone->uz_rsize) + slab->us_data);
267	}
268
269	if (slab->us_freelist[freei] != 255) {
270		printf("Slab at %p, freei %d = %d.\n",
271		    slab, freei, slab->us_freelist[freei]);
272		panic("Duplicate free of item %p from zone %p(%s)\n",
273		    item, zone, zone->uz_name);
274	}
275
276	/*
277	 * When this is actually linked into the slab this will change.
278	 * Until then the count of valid slabs will make sure we don't
279	 * accidentally follow this and assume it's a valid index.
280	 */
281	slab->us_freelist[freei] = 0;
282}
283