xref: /freebsd/sys/vm/uma_dbg.c (revision c4f6a2a9e1b1879b618c436ab4f56ff75c73a0f5) 
1 /*
2  * Copyright (c) 2002, Jeffrey Roberson <jroberson@chesapeake.net>
3  * All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  * 1. Redistributions of source code must retain the above copyright
9  *    notice unmodified, this list of conditions, and the following
10  *    disclaimer.
11  * 2. Redistributions in binary form must reproduce the above copyright
12  *    notice, this list of conditions and the following disclaimer in the
13  *    documentation and/or other materials provided with the distribution.
14  *
15  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
18  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
19  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25  *
26  * $FreeBSD$
27  *
28  */
29 
30 /*
31  * uma_dbg.c	Debugging features for UMA users
32  *
33  */
34 
35 
36 #include <sys/param.h>
37 #include <sys/systm.h>
38 #include <sys/kernel.h>
39 #include <sys/types.h>
40 #include <sys/queue.h>
41 #include <sys/lock.h>
42 #include <sys/mutex.h>
43 #include <sys/malloc.h>
44 
45 #include <vm/uma.h>
46 #include <vm/uma_int.h>
47 #include <vm/uma_dbg.h>
48 
49 static const u_int32_t uma_junk = 0xdeadc0de;
50 
51 /*
52  * Checks an item to make sure it hasn't been overwritten since freed.
53  *
54  * Complies with standard ctor arg/return
55  *
56  */
57 void
58 trash_ctor(void *mem, int size, void *arg)
59 {
60 	int cnt;
61 	u_int32_t *p;
62 
63 	cnt = size / sizeof(uma_junk);
64 
65 	for (p = mem; cnt > 0; cnt--, p++)
66 		if (*p != uma_junk)
67 			panic("Memory modified after free %p(%d)\n",
68 			    mem, size);
69 }
70 
71 /*
72  * Fills an item with predictable garbage
73  *
74  * Complies with standard dtor arg/return
75  *
76  */
77 void
78 trash_dtor(void *mem, int size, void *arg)
79 {
80 	int cnt;
81 	u_int32_t *p;
82 
83 	cnt = size / sizeof(uma_junk);
84 
85 	for (p = mem; cnt > 0; cnt--, p++)
86 		*p = uma_junk;
87 }
88 
89 /*
90  * Fills an item with predictable garbage
91  *
92  * Complies with standard init arg/return
93  *
94  */
95 void
96 trash_init(void *mem, int size)
97 {
98 	trash_dtor(mem, size, NULL);
99 }
100 
101 /*
102  * Checks an item to make sure it hasn't been overwritten since it was freed.
103  *
104  * Complies with standard fini arg/return
105  *
106  */
107 void
108 trash_fini(void *mem, int size)
109 {
110 	trash_ctor(mem, size, NULL);
111 }
112 
113 /*
114  * Checks an item to make sure it hasn't been overwritten since freed.
115  *
116  * Complies with standard ctor arg/return
117  *
118  */
119 void
120 mtrash_ctor(void *mem, int size, void *arg)
121 {
122 	struct malloc_type **ksp;
123 	u_int32_t *p = mem;
124 	int cnt;
125 
126 	size -= sizeof(struct malloc_type *);
127 	ksp = (struct malloc_type **)mem;
128 	ksp += size / sizeof(struct malloc_type *);
129 	cnt = size / sizeof(uma_junk);
130 
131 	for (p = mem; cnt > 0; cnt--, p++)
132 		if (*p != uma_junk) {
133 			printf("Memory modified after free %p(%d)\n",
134 			    mem, size);
135 			panic("Most recently used by %s\n", (*ksp == NULL)?
136 			    "none" : (*ksp)->ks_shortdesc);
137 		}
138 }
139 
140 /*
141  * Fills an item with predictable garbage
142  *
143  * Complies with standard dtor arg/return
144  *
145  */
146 void
147 mtrash_dtor(void *mem, int size, void *arg)
148 {
149 	int cnt;
150 	u_int32_t *p;
151 
152 	size -= sizeof(struct malloc_type *);
153 	cnt = size / sizeof(uma_junk);
154 
155 	for (p = mem; cnt > 0; cnt--, p++)
156 		*p = uma_junk;
157 }
158 
159 /*
160  * Fills an item with predictable garbage
161  *
162  * Complies with standard init arg/return
163  *
164  */
165 void
166 mtrash_init(void *mem, int size)
167 {
168 	struct malloc_type **ksp;
169 
170 	mtrash_dtor(mem, size, NULL);
171 
172 	ksp = (struct malloc_type **)mem;
173 	ksp += (size / sizeof(struct malloc_type *)) - 1;
174 	*ksp = NULL;
175 }
176 
177 /*
178  * Checks an item to make sure it hasn't been overwritten since it was freed.
179  *
180  * Complies with standard fini arg/return
181  *
182  */
183 void
184 mtrash_fini(void *mem, int size)
185 {
186 	mtrash_ctor(mem, size, NULL);
187 }
188 
189 static uma_slab_t
190 uma_dbg_getslab(uma_zone_t zone, void *item)
191 {
192 	uma_slab_t slab;
193 	u_int8_t *mem;
194 
195 	mem = (u_int8_t *)((unsigned long)item & (~UMA_SLAB_MASK));
196 	if (zone->uz_flags & UMA_ZFLAG_MALLOC) {
197 		mtx_lock(&malloc_mtx);
198 		slab = hash_sfind(mallochash, mem);
199 		mtx_unlock(&malloc_mtx);
200 	} else if (zone->uz_flags & UMA_ZFLAG_OFFPAGE) {
201 		ZONE_LOCK(zone);
202 		slab = hash_sfind(&zone->uz_hash, mem);
203 		ZONE_UNLOCK(zone);
204 	} else {
205 		mem += zone->uz_pgoff;
206 		slab = (uma_slab_t)mem;
207 	}
208 
209 	return (slab);
210 }
211 
212 /*
213  * Set up the slab's freei data such that uma_dbg_free can function.
214  *
215  */
216 
217 void
218 uma_dbg_alloc(uma_zone_t zone, uma_slab_t slab, void *item)
219 {
220 	int freei;
221 
222 	if (slab == NULL) {
223 		slab = uma_dbg_getslab(zone, item);
224 		if (slab == NULL)
225 			panic("uma: item %p did not belong to zone %s\n",
226 			    item, zone->uz_name);
227 	}
228 
229 	freei = ((unsigned long)item - (unsigned long)slab->us_data)
230 	    / zone->uz_rsize;
231 
232 	slab->us_freelist[freei] = 255;
233 
234 	return;
235 }
236 
237 /*
238  * Verifies freed addresses.  Checks for alignment, valid slab membership
239  * and duplicate frees.
240  *
241  */
242 
243 void
244 uma_dbg_free(uma_zone_t zone, uma_slab_t slab, void *item)
245 {
246 	int freei;
247 
248 	if (slab == NULL) {
249 		slab = uma_dbg_getslab(zone, item);
250 		if (slab == NULL)
251 			panic("uma: Freed item %p did not belong to zone %s\n",
252 			    item, zone->uz_name);
253 	}
254 
255 	freei = ((unsigned long)item - (unsigned long)slab->us_data)
256 	    / zone->uz_rsize;
257 
258 	if (freei >= zone->uz_ipers)
259 		panic("zone: %s(%p) slab %p freelist %d out of range 0-%d\n",
260 		    zone->uz_name, zone, slab, freei, zone->uz_ipers-1);
261 
262 	if (((freei * zone->uz_rsize) + slab->us_data) != item) {
263 		printf("zone: %s(%p) slab %p freed address %p unaligned.\n",
264 		    zone->uz_name, zone, slab, item);
265 		panic("should be %p\n",
266 		    (freei * zone->uz_rsize) + slab->us_data);
267 	}
268 
269 	if (slab->us_freelist[freei] != 255) {
270 		printf("Slab at %p, freei %d = %d.\n",
271 		    slab, freei, slab->us_freelist[freei]);
272 		panic("Duplicate free of item %p from zone %p(%s)\n",
273 		    item, zone, zone->uz_name);
274 	}
275 
276 	/*
277 	 * When this is actually linked into the slab this will change.
278 	 * Until then the count of valid slabs will make sure we don't
279 	 * accidentally follow this and assume it's a valid index.
280 	 */
281 	slab->us_freelist[freei] = 0;
282 }
283