Add a new UMA debugging facility. This will overwrite freed memory with

0xdeadc0de and then check for it just before memory is handed off as part
of a new request.  This will catch any post free/pre alloc modification of
memory, as well as introduce errors for anything that tries to dereference
it as a pointer.

This code takes the form of special init, fini, ctor and dtor routines that
are specificly used by malloc.  It is in a seperate file because additional
debugging aids will want to live here as well.
This commit is contained in:
Jeff Roberson 2002-04-30 07:54:25 +00:00
parent cecd70a0a2
commit 8efc4eff00
4 changed files with 168 additions and 2 deletions

View File

@ -1371,4 +1371,5 @@ vm/vm_pager.c standard
vm/vm_swap.c standard
vm/vm_unix.c standard
vm/uma_core.c standard
vm/uma_dbg.c standard
vm/vnode_pager.c standard

View File

@ -55,6 +55,7 @@
#include <vm/vm_map.h>
#include <vm/uma.h>
#include <vm/uma_int.h>
#include <vm/uma_dbg.h>
#if defined(INVARIANTS) && defined(__i386__)
#include <machine/cpu.h>
@ -386,8 +387,13 @@ kmeminit(dummy)
int size = kmemzones[indx].kz_size;
char *name = kmemzones[indx].kz_name;
kmemzones[indx].kz_zone = uma_zcreate(name, size, NULL, NULL,
NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_MALLOC);
kmemzones[indx].kz_zone = uma_zcreate(name, size,
#ifdef INVARIANTS
trash_ctor, trash_dtor, trash_init, trash_fini,
#else
NULL, NULL, NULL, NULL,
#endif
UMA_ALIGN_PTR, UMA_ZONE_MALLOC);
for (;i <= size; i+= KMEM_ZBASE)
kmemsize[i >> KMEM_ZSHIFT] = indx;

112
sys/vm/uma_dbg.c Normal file
View File

@ -0,0 +1,112 @@
/*
* Copyright (c) 2002, Jeffrey Roberson <jroberson@chesapeake.net>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice unmodified, this list of conditions, and the following
* disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
* $FreeBSD$
*
*/
/*
* uma_dbg.c Debugging features for UMA users
*
*/
#include <sys/param.h>
#include <sys/systm.h>
#include <sys/kernel.h>
#include <sys/types.h>
#include <sys/queue.h>
#include <sys/lock.h>
#include <sys/mutex.h>
#include <machine/types.h>
#include <vm/uma.h>
#include <vm/uma_int.h>
#include <vm/uma_dbg.h>
static const u_int32_t uma_junk = 0xdeadc0de;
/*
* Checks an item to make sure it hasn't been overwritten since freed.
*
* Complies with standard ctor arg/return
*
*/
void
trash_ctor(void *mem, int size, void *arg)
{
int cnt;
u_int32_t *p;
cnt = size / sizeof(uma_junk);
for (p = mem; cnt > 0; cnt--, p++)
if (*p != uma_junk)
panic("Memory modified after free %p(%d)\n",
mem, size);
}
/*
* Fills an item with predictable garbage
*
* Complies with standard dtor arg/return
*
*/
void
trash_dtor(void *mem, int size, void *arg)
{
int cnt;
u_int32_t *p;
cnt = size / sizeof(uma_junk);
for (p = mem; cnt > 0; cnt--, p++)
*p = uma_junk;
}
/*
* Fills an item with predictable garbage
*
* Complies with standard init arg/return
*
*/
void
trash_init(void *mem, int size)
{
trash_dtor(mem, size, NULL);
}
/*
* Checks an item to make sure it hasn't been overwritten since it was freed.
*
* Complies with standard fini arg/return
*
*/
void
trash_fini(void *mem, int size)
{
trash_ctor(mem, size, NULL);
}

47
sys/vm/uma_dbg.h Normal file
View File

@ -0,0 +1,47 @@
/*
* Copyright (c) 2002, Jeffrey Roberson <jroberson@chesapeake.net>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice unmodified, this list of conditions, and the following
* disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
* $FreeBSD$
*
*/
/*
*
* Jeff Roberson <jroberson@chesapeake.net>
*
* This file includes definitions, structures, prototypes, and inlines used
* when debugging users of the UMA interface.
*
*/
#ifndef VM_UMA_DBG_H
#define VM_UMA_DBG_H
void trash_ctor(void *mem, int size, void *arg);
void trash_dtor(void *mem, int size, void *arg);
void trash_init(void *mem, int size);
void trash_fini(void *mem, int size);
#endif /* VM_UMA_DBG_H */