Print this page
patch sccs-keywords
patch fix-mdb
Split |
Close |
Expand all |
Collapse all |
--- old/usr/src/cmd/mdb/common/modules/genunix/leaky_subr.c
+++ new/usr/src/cmd/mdb/common/modules/genunix/leaky_subr.c
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License, Version 1.0 only
6 6 * (the "License"). You may not use this file except in compliance
7 7 * with the License.
8 8 *
9 9 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10 10 * or http://www.opensolaris.org/os/licensing.
11 11 * See the License for the specific language governing permissions
12 12 * and limitations under the License.
13 13 *
14 14 * When distributing Covered Code, include this CDDL HEADER in each
15 15 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16 16 * If applicable, add the following below this CDDL HEADER, with the
↓ open down ↓ |
16 lines elided |
↑ open up ↑ |
17 17 * fields enclosed by brackets "[]" replaced with your own identifying
18 18 * information: Portions Copyright [yyyy] [name of copyright owner]
19 19 *
20 20 * CDDL HEADER END
21 21 */
22 22 /*
23 23 * Copyright 2006 Sun Microsystems, Inc. All rights reserved.
24 24 * Use is subject to license terms.
25 25 */
26 26
27 -#pragma ident "%Z%%M% %I% %E% SMI"
28 -
29 27 #include <mdb/mdb_param.h>
30 28 #include <mdb/mdb_modapi.h>
31 29
32 30 #include <sys/fs/ufs_inode.h>
33 31 #include <sys/kmem_impl.h>
34 32 #include <sys/vmem_impl.h>
35 33 #include <sys/modctl.h>
36 34 #include <sys/kobj.h>
37 35 #include <sys/kobj_impl.h>
38 36 #include <vm/seg_vn.h>
39 37 #include <vm/as.h>
40 38 #include <vm/seg_map.h>
41 39 #include <mdb/mdb_ctf.h>
42 40
43 41 #include "kmem.h"
44 42 #include "leaky_impl.h"
45 43
46 44 /*
47 45 * This file defines the genunix target for leaky.c. There are three types
48 46 * of buffers in the kernel's heap: TYPE_VMEM, for kmem_oversize allocations,
49 47 * TYPE_KMEM, for kmem_cache_alloc() allocations bufctl_audit_ts, and
50 48 * TYPE_CACHE, for kmem_cache_alloc() allocation without bufctl_audit_ts.
51 49 *
52 50 * See "leaky_impl.h" for the target interface definition.
53 51 */
54 52
55 53 #define TYPE_VMEM 0 /* lkb_data is the vmem_seg's size */
56 54 #define TYPE_CACHE 1 /* lkb_cid is the bufctl's cache */
57 55 #define TYPE_KMEM 2 /* lkb_cid is the bufctl's cache */
58 56
59 57 #define LKM_CTL_BUFCTL 0 /* normal allocation, PTR is bufctl */
60 58 #define LKM_CTL_VMSEG 1 /* oversize allocation, PTR is vmem_seg_t */
61 59 #define LKM_CTL_CACHE 2 /* normal alloc, non-debug, PTR is cache */
62 60 #define LKM_CTL_MASK 3L
63 61
64 62 #define LKM_CTL(ptr, type) (LKM_CTLPTR(ptr) | (type))
65 63 #define LKM_CTLPTR(ctl) ((uintptr_t)(ctl) & ~(LKM_CTL_MASK))
66 64 #define LKM_CTLTYPE(ctl) ((uintptr_t)(ctl) & (LKM_CTL_MASK))
67 65
68 66 static int kmem_lite_count = 0; /* cache of the kernel's version */
69 67
70 68 /*ARGSUSED*/
71 69 static int
72 70 leaky_mtab(uintptr_t addr, const kmem_bufctl_audit_t *bcp, leak_mtab_t **lmp)
73 71 {
74 72 leak_mtab_t *lm = (*lmp)++;
75 73
76 74 lm->lkm_base = (uintptr_t)bcp->bc_addr;
77 75 lm->lkm_bufctl = LKM_CTL(addr, LKM_CTL_BUFCTL);
78 76
79 77 return (WALK_NEXT);
80 78 }
81 79
82 80 /*ARGSUSED*/
83 81 static int
84 82 leaky_mtab_addr(uintptr_t addr, void *ignored, leak_mtab_t **lmp)
85 83 {
86 84 leak_mtab_t *lm = (*lmp)++;
87 85
88 86 lm->lkm_base = addr;
89 87
90 88 return (WALK_NEXT);
91 89 }
92 90
93 91 static int
94 92 leaky_seg(uintptr_t addr, const vmem_seg_t *seg, leak_mtab_t **lmp)
95 93 {
96 94 leak_mtab_t *lm = (*lmp)++;
97 95
98 96 lm->lkm_base = seg->vs_start;
99 97 lm->lkm_limit = seg->vs_end;
100 98 lm->lkm_bufctl = LKM_CTL(addr, LKM_CTL_VMSEG);
101 99
102 100 return (WALK_NEXT);
103 101 }
104 102
105 103 static int
106 104 leaky_vmem_interested(const vmem_t *vmem)
107 105 {
108 106 if (strcmp(vmem->vm_name, "kmem_oversize") != 0 &&
109 107 strcmp(vmem->vm_name, "static_alloc") != 0)
110 108 return (0);
111 109 return (1);
112 110 }
113 111
114 112 static int
115 113 leaky_vmem(uintptr_t addr, const vmem_t *vmem, leak_mtab_t **lmp)
116 114 {
117 115 if (!leaky_vmem_interested(vmem))
118 116 return (WALK_NEXT);
119 117
120 118 if (mdb_pwalk("vmem_alloc", (mdb_walk_cb_t)leaky_seg, lmp, addr) == -1)
121 119 mdb_warn("can't walk vmem_alloc for kmem_oversize (%p)", addr);
122 120
123 121 return (WALK_NEXT);
124 122 }
125 123
126 124 /*ARGSUSED*/
127 125 static int
128 126 leaky_estimate_vmem(uintptr_t addr, const vmem_t *vmem, size_t *est)
129 127 {
130 128 if (!leaky_vmem_interested(vmem))
131 129 return (WALK_NEXT);
132 130
133 131 *est += (int)(vmem->vm_kstat.vk_alloc.value.ui64 -
134 132 vmem->vm_kstat.vk_free.value.ui64);
135 133
136 134 return (WALK_NEXT);
137 135 }
138 136
139 137 static int
140 138 leaky_interested(const kmem_cache_t *c)
141 139 {
142 140 vmem_t vmem;
143 141
144 142 /*
145 143 * ignore HAT-related caches that happen to derive from kmem_default
146 144 */
147 145 if (strcmp(c->cache_name, "sfmmu1_cache") == 0 ||
148 146 strcmp(c->cache_name, "sf_hment_cache") == 0 ||
149 147 strcmp(c->cache_name, "pa_hment_cache") == 0)
150 148 return (0);
151 149
152 150 if (mdb_vread(&vmem, sizeof (vmem), (uintptr_t)c->cache_arena) == -1) {
153 151 mdb_warn("cannot read arena %p for cache '%s'",
154 152 (uintptr_t)c->cache_arena, c->cache_name);
155 153 return (0);
156 154 }
157 155
158 156 /*
159 157 * If this cache isn't allocating from the kmem_default,
160 158 * kmem_firewall, or static vmem arenas, we're not interested.
161 159 */
162 160 if (strcmp(vmem.vm_name, "kmem_default") != 0 &&
163 161 strcmp(vmem.vm_name, "kmem_firewall") != 0 &&
164 162 strcmp(vmem.vm_name, "static") != 0)
165 163 return (0);
166 164
167 165 return (1);
168 166 }
169 167
170 168 static int
171 169 leaky_estimate(uintptr_t addr, const kmem_cache_t *c, size_t *est)
172 170 {
173 171 if (!leaky_interested(c))
174 172 return (WALK_NEXT);
175 173
176 174 *est += kmem_estimate_allocated(addr, c);
177 175
178 176 return (WALK_NEXT);
179 177 }
180 178
181 179 /*ARGSUSED*/
182 180 static int
183 181 leaky_cache(uintptr_t addr, const kmem_cache_t *c, leak_mtab_t **lmp)
184 182 {
185 183 leak_mtab_t *lm = *lmp;
186 184 mdb_walk_cb_t cb;
187 185 const char *walk;
188 186 int audit = (c->cache_flags & KMF_AUDIT);
189 187
190 188 if (!leaky_interested(c))
191 189 return (WALK_NEXT);
192 190
193 191 if (audit) {
194 192 walk = "bufctl";
195 193 cb = (mdb_walk_cb_t)leaky_mtab;
196 194 } else {
197 195 walk = "kmem";
198 196 cb = (mdb_walk_cb_t)leaky_mtab_addr;
199 197 }
200 198 if (mdb_pwalk(walk, cb, lmp, addr) == -1) {
201 199 mdb_warn("can't walk kmem for cache %p (%s)", addr,
202 200 c->cache_name);
203 201 return (WALK_DONE);
204 202 }
205 203
206 204 for (; lm < *lmp; lm++) {
207 205 lm->lkm_limit = lm->lkm_base + c->cache_bufsize;
208 206 if (!audit)
209 207 lm->lkm_bufctl = LKM_CTL(addr, LKM_CTL_CACHE);
210 208 }
211 209
212 210 return (WALK_NEXT);
213 211 }
214 212
215 213 /*ARGSUSED*/
216 214 static int
217 215 leaky_scan_buffer(uintptr_t addr, const void *ignored, const kmem_cache_t *c)
218 216 {
219 217 leaky_grep(addr, c->cache_bufsize);
220 218
221 219 /*
222 220 * free, constructed KMF_LITE buffers keep their first uint64_t in
223 221 * their buftag's redzone.
224 222 */
225 223 if (c->cache_flags & KMF_LITE) {
226 224 /* LINTED alignment */
227 225 kmem_buftag_t *btp = KMEM_BUFTAG(c, addr);
228 226 leaky_grep((uintptr_t)&btp->bt_redzone,
229 227 sizeof (btp->bt_redzone));
230 228 }
231 229
232 230 return (WALK_NEXT);
233 231 }
234 232
235 233 /*ARGSUSED*/
236 234 static int
237 235 leaky_scan_cache(uintptr_t addr, const kmem_cache_t *c, void *ignored)
238 236 {
239 237 if (!leaky_interested(c))
240 238 return (WALK_NEXT);
241 239
242 240 /*
243 241 * Scan all of the free, constructed buffers, since they may have
244 242 * pointers to allocated objects.
245 243 */
246 244 if (mdb_pwalk("freemem_constructed",
247 245 (mdb_walk_cb_t)leaky_scan_buffer, (void *)c, addr) == -1) {
248 246 mdb_warn("can't walk freemem_constructed for cache %p (%s)",
249 247 addr, c->cache_name);
250 248 return (WALK_DONE);
251 249 }
252 250
253 251 return (WALK_NEXT);
254 252 }
255 253
256 254 /*ARGSUSED*/
257 255 static int
258 256 leaky_modctl(uintptr_t addr, const struct modctl *m, int *ignored)
259 257 {
260 258 struct module mod;
261 259 char name[MODMAXNAMELEN];
262 260
263 261 if (m->mod_mp == NULL)
264 262 return (WALK_NEXT);
265 263
266 264 if (mdb_vread(&mod, sizeof (mod), (uintptr_t)m->mod_mp) == -1) {
267 265 mdb_warn("couldn't read modctl %p's module", addr);
268 266 return (WALK_NEXT);
269 267 }
270 268
271 269 if (mdb_readstr(name, sizeof (name), (uintptr_t)m->mod_modname) == -1)
272 270 (void) mdb_snprintf(name, sizeof (name), "0x%p", addr);
273 271
274 272 leaky_grep((uintptr_t)m->mod_mp, sizeof (struct module));
275 273 leaky_grep((uintptr_t)mod.data, mod.data_size);
276 274 leaky_grep((uintptr_t)mod.bss, mod.bss_size);
↓ open down ↓ |
238 lines elided |
↑ open up ↑ |
277 275
278 276 return (WALK_NEXT);
279 277 }
280 278
281 279 static int
282 280 leaky_thread(uintptr_t addr, const kthread_t *t, unsigned long *pagesize)
283 281 {
284 282 uintptr_t size, base = (uintptr_t)t->t_stkbase;
285 283 uintptr_t stk = (uintptr_t)t->t_stk;
286 284
287 - /*
288 - * If this thread isn't in memory, we can't look at its stack. This
289 - * may result in false positives, so we print a warning.
290 - */
291 - if (!(t->t_schedflag & TS_LOAD)) {
292 - mdb_printf("findleaks: thread %p's stack swapped out; "
293 - "false positives possible\n", addr);
294 - return (WALK_NEXT);
295 - }
296 -
297 285 if (t->t_state != TS_FREE)
298 286 leaky_grep(base, stk - base);
299 287
300 288 /*
301 289 * There is always gunk hanging out between t_stk and the page
302 290 * boundary. If this thread structure wasn't kmem allocated,
303 291 * this will include the thread structure itself. If the thread
304 292 * _is_ kmem allocated, we'll be able to get to it via allthreads.
305 293 */
306 294 size = *pagesize - (stk & (*pagesize - 1));
307 295
308 296 leaky_grep(stk, size);
309 297
310 298 return (WALK_NEXT);
311 299 }
312 300
313 301 /*ARGSUSED*/
314 302 static int
315 303 leaky_kstat(uintptr_t addr, vmem_seg_t *seg, void *ignored)
316 304 {
317 305 leaky_grep(seg->vs_start, seg->vs_end - seg->vs_start);
318 306
319 307 return (WALK_NEXT);
320 308 }
321 309
322 310 static void
323 311 leaky_kludge(void)
324 312 {
325 313 GElf_Sym sym;
326 314 mdb_ctf_id_t id, rid;
327 315
328 316 int max_mem_nodes;
329 317 uintptr_t *counters;
330 318 size_t ncounters;
331 319 ssize_t hwpm_size;
332 320 int idx;
333 321
334 322 /*
335 323 * Because of DR, the page counters (which live in the kmem64 segment)
336 324 * can point into kmem_alloc()ed memory. The "page_counters" array
337 325 * is multi-dimensional, and each entry points to an array of
338 326 * "hw_page_map_t"s which is "max_mem_nodes" in length.
339 327 *
340 328 * To keep this from having too much grotty knowledge of internals,
341 329 * we use CTF data to get the size of the structure. For simplicity,
342 330 * we treat the page_counters array as a flat array of pointers, and
343 331 * use its size to determine how much to scan. Unused entries will
344 332 * be NULL.
345 333 */
346 334 if (mdb_lookup_by_name("page_counters", &sym) == -1) {
347 335 mdb_warn("unable to lookup page_counters");
348 336 return;
349 337 }
350 338
351 339 if (mdb_readvar(&max_mem_nodes, "max_mem_nodes") == -1) {
352 340 mdb_warn("unable to read max_mem_nodes");
353 341 return;
354 342 }
355 343
356 344 if (mdb_ctf_lookup_by_name("unix`hw_page_map_t", &id) == -1 ||
357 345 mdb_ctf_type_resolve(id, &rid) == -1 ||
358 346 (hwpm_size = mdb_ctf_type_size(rid)) < 0) {
359 347 mdb_warn("unable to lookup unix`hw_page_map_t");
360 348 return;
361 349 }
362 350
363 351 counters = mdb_alloc(sym.st_size, UM_SLEEP | UM_GC);
364 352
365 353 if (mdb_vread(counters, sym.st_size, (uintptr_t)sym.st_value) == -1) {
366 354 mdb_warn("unable to read page_counters");
367 355 return;
368 356 }
369 357
370 358 ncounters = sym.st_size / sizeof (counters);
371 359
372 360 for (idx = 0; idx < ncounters; idx++) {
373 361 uintptr_t addr = counters[idx];
374 362 if (addr != 0)
375 363 leaky_grep(addr, hwpm_size * max_mem_nodes);
376 364 }
377 365 }
378 366
379 367 int
380 368 leaky_subr_estimate(size_t *estp)
381 369 {
382 370 uintptr_t panicstr;
383 371 int state;
384 372
385 373 if ((state = mdb_get_state()) == MDB_STATE_RUNNING) {
386 374 mdb_warn("findleaks: can only be run on a system "
387 375 "dump or under kmdb; see dumpadm(1M)\n");
388 376 return (DCMD_ERR);
389 377 }
390 378
391 379 if (mdb_readvar(&panicstr, "panicstr") == -1) {
392 380 mdb_warn("can't read variable 'panicstr'");
393 381 return (DCMD_ERR);
394 382 }
395 383
396 384 if (state != MDB_STATE_STOPPED && panicstr == NULL) {
397 385 mdb_warn("findleaks: cannot be run on a live dump.\n");
398 386 return (DCMD_ERR);
399 387 }
400 388
401 389 if (mdb_walk("kmem_cache", (mdb_walk_cb_t)leaky_estimate, estp) == -1) {
402 390 mdb_warn("couldn't walk 'kmem_cache'");
403 391 return (DCMD_ERR);
404 392 }
405 393
406 394 if (*estp == 0) {
407 395 mdb_warn("findleaks: no buffers found\n");
408 396 return (DCMD_ERR);
409 397 }
410 398
411 399 if (mdb_walk("vmem", (mdb_walk_cb_t)leaky_estimate_vmem, estp) == -1) {
412 400 mdb_warn("couldn't walk 'vmem'");
413 401 return (DCMD_ERR);
414 402 }
415 403
416 404 return (DCMD_OK);
417 405 }
418 406
419 407 int
420 408 leaky_subr_fill(leak_mtab_t **lmpp)
421 409 {
422 410 if (mdb_walk("vmem", (mdb_walk_cb_t)leaky_vmem, lmpp) == -1) {
423 411 mdb_warn("couldn't walk 'vmem'");
424 412 return (DCMD_ERR);
425 413 }
426 414
427 415 if (mdb_walk("kmem_cache", (mdb_walk_cb_t)leaky_cache, lmpp) == -1) {
428 416 mdb_warn("couldn't walk 'kmem_cache'");
429 417 return (DCMD_ERR);
430 418 }
431 419
432 420 if (mdb_readvar(&kmem_lite_count, "kmem_lite_count") == -1) {
433 421 mdb_warn("couldn't read 'kmem_lite_count'");
434 422 kmem_lite_count = 0;
435 423 } else if (kmem_lite_count > 16) {
436 424 mdb_warn("kmem_lite_count nonsensical, ignored\n");
437 425 kmem_lite_count = 0;
438 426 }
439 427
440 428 return (DCMD_OK);
441 429 }
442 430
443 431 int
444 432 leaky_subr_run(void)
445 433 {
446 434 unsigned long ps = PAGESIZE;
447 435 uintptr_t kstat_arena;
448 436 uintptr_t dmods;
449 437
450 438 leaky_kludge();
451 439
452 440 if (mdb_walk("kmem_cache", (mdb_walk_cb_t)leaky_scan_cache,
453 441 NULL) == -1) {
454 442 mdb_warn("couldn't walk 'kmem_cache'");
455 443 return (DCMD_ERR);
456 444 }
457 445
458 446 if (mdb_walk("modctl", (mdb_walk_cb_t)leaky_modctl, NULL) == -1) {
459 447 mdb_warn("couldn't walk 'modctl'");
460 448 return (DCMD_ERR);
461 449 }
462 450
463 451 /*
464 452 * If kmdb is loaded, we need to walk it's module list, since kmdb
465 453 * modctl structures can reference kmem allocations.
466 454 */
467 455 if ((mdb_readvar(&dmods, "kdi_dmods") != -1) && (dmods != NULL))
468 456 (void) mdb_pwalk("modctl", (mdb_walk_cb_t)leaky_modctl,
469 457 NULL, dmods);
470 458
471 459 if (mdb_walk("thread", (mdb_walk_cb_t)leaky_thread, &ps) == -1) {
472 460 mdb_warn("couldn't walk 'thread'");
473 461 return (DCMD_ERR);
474 462 }
475 463
476 464 if (mdb_walk("deathrow", (mdb_walk_cb_t)leaky_thread, &ps) == -1) {
477 465 mdb_warn("couldn't walk 'deathrow'");
478 466 return (DCMD_ERR);
479 467 }
480 468
481 469 if (mdb_readvar(&kstat_arena, "kstat_arena") == -1) {
482 470 mdb_warn("couldn't read 'kstat_arena'");
483 471 return (DCMD_ERR);
484 472 }
485 473
486 474 if (mdb_pwalk("vmem_alloc", (mdb_walk_cb_t)leaky_kstat,
487 475 NULL, kstat_arena) == -1) {
488 476 mdb_warn("couldn't walk kstat vmem arena");
489 477 return (DCMD_ERR);
490 478 }
491 479
492 480 return (DCMD_OK);
493 481 }
494 482
495 483 void
496 484 leaky_subr_add_leak(leak_mtab_t *lmp)
497 485 {
498 486 uintptr_t addr = LKM_CTLPTR(lmp->lkm_bufctl);
499 487 size_t depth;
500 488
501 489 switch (LKM_CTLTYPE(lmp->lkm_bufctl)) {
502 490 case LKM_CTL_VMSEG: {
503 491 vmem_seg_t vs;
504 492
505 493 if (mdb_vread(&vs, sizeof (vs), addr) == -1) {
506 494 mdb_warn("couldn't read leaked vmem_seg at addr %p",
507 495 addr);
508 496 return;
509 497 }
510 498 depth = MIN(vs.vs_depth, VMEM_STACK_DEPTH);
511 499
512 500 leaky_add_leak(TYPE_VMEM, addr, vs.vs_start, vs.vs_timestamp,
513 501 vs.vs_stack, depth, 0, (vs.vs_end - vs.vs_start));
514 502 break;
515 503 }
516 504 case LKM_CTL_BUFCTL: {
517 505 kmem_bufctl_audit_t bc;
518 506
519 507 if (mdb_vread(&bc, sizeof (bc), addr) == -1) {
520 508 mdb_warn("couldn't read leaked bufctl at addr %p",
521 509 addr);
522 510 return;
523 511 }
524 512
525 513 depth = MIN(bc.bc_depth, KMEM_STACK_DEPTH);
526 514
527 515 /*
528 516 * The top of the stack will be kmem_cache_alloc+offset.
529 517 * Since the offset in kmem_cache_alloc() isn't interesting
530 518 * we skip that frame for the purposes of uniquifying stacks.
531 519 *
532 520 * We also use the cache pointer as the leaks's cid, to
533 521 * prevent the coalescing of leaks from different caches.
534 522 */
535 523 if (depth > 0)
536 524 depth--;
537 525 leaky_add_leak(TYPE_KMEM, addr, (uintptr_t)bc.bc_addr,
538 526 bc.bc_timestamp, bc.bc_stack + 1, depth,
539 527 (uintptr_t)bc.bc_cache, 0);
540 528 break;
541 529 }
542 530 case LKM_CTL_CACHE: {
543 531 kmem_cache_t cache;
544 532 kmem_buftag_lite_t bt;
545 533 pc_t caller;
546 534 int depth = 0;
547 535
548 536 /*
549 537 * For KMF_LITE caches, we can get the allocation PC
550 538 * out of the buftag structure.
551 539 */
552 540 if (mdb_vread(&cache, sizeof (cache), addr) != -1 &&
553 541 (cache.cache_flags & KMF_LITE) &&
554 542 kmem_lite_count > 0 &&
555 543 mdb_vread(&bt, sizeof (bt),
556 544 /* LINTED alignment */
557 545 (uintptr_t)KMEM_BUFTAG(&cache, lmp->lkm_base)) != -1) {
558 546 caller = bt.bt_history[0];
559 547 depth = 1;
560 548 }
561 549 leaky_add_leak(TYPE_CACHE, lmp->lkm_base, lmp->lkm_base, 0,
562 550 &caller, depth, addr, addr);
563 551 break;
564 552 }
565 553 default:
566 554 mdb_warn("internal error: invalid leak_bufctl_t\n");
567 555 break;
568 556 }
569 557 }
570 558
571 559 static void
572 560 leaky_subr_caller(const pc_t *stack, uint_t depth, char *buf, uintptr_t *pcp)
573 561 {
574 562 int i;
575 563 GElf_Sym sym;
576 564 uintptr_t pc = 0;
577 565
578 566 buf[0] = 0;
579 567
580 568 for (i = 0; i < depth; i++) {
581 569 pc = stack[i];
582 570
583 571 if (mdb_lookup_by_addr(pc,
584 572 MDB_SYM_FUZZY, buf, MDB_SYM_NAMLEN, &sym) == -1)
585 573 continue;
586 574 if (strncmp(buf, "kmem_", 5) == 0)
587 575 continue;
588 576 if (strncmp(buf, "vmem_", 5) == 0)
589 577 continue;
590 578 *pcp = pc;
591 579
592 580 return;
593 581 }
594 582
595 583 /*
596 584 * We're only here if the entire call chain begins with "kmem_";
597 585 * this shouldn't happen, but we'll just use the last caller.
598 586 */
599 587 *pcp = pc;
600 588 }
601 589
602 590 int
603 591 leaky_subr_bufctl_cmp(const leak_bufctl_t *lhs, const leak_bufctl_t *rhs)
604 592 {
605 593 char lbuf[MDB_SYM_NAMLEN], rbuf[MDB_SYM_NAMLEN];
606 594 uintptr_t lcaller, rcaller;
607 595 int rval;
608 596
609 597 leaky_subr_caller(lhs->lkb_stack, lhs->lkb_depth, lbuf, &lcaller);
610 598 leaky_subr_caller(rhs->lkb_stack, lhs->lkb_depth, rbuf, &rcaller);
611 599
612 600 if (rval = strcmp(lbuf, rbuf))
613 601 return (rval);
614 602
615 603 if (lcaller < rcaller)
616 604 return (-1);
617 605
618 606 if (lcaller > rcaller)
619 607 return (1);
620 608
621 609 if (lhs->lkb_data < rhs->lkb_data)
622 610 return (-1);
623 611
624 612 if (lhs->lkb_data > rhs->lkb_data)
625 613 return (1);
626 614
627 615 return (0);
628 616 }
629 617
630 618 /*
631 619 * Global state variables used by the leaky_subr_dump_* routines. Note that
632 620 * they are carefully cleared before use.
633 621 */
634 622 static int lk_vmem_seen;
635 623 static int lk_cache_seen;
636 624 static int lk_kmem_seen;
637 625 static size_t lk_ttl;
638 626 static size_t lk_bytes;
639 627
640 628 void
641 629 leaky_subr_dump_start(int type)
642 630 {
643 631 switch (type) {
644 632 case TYPE_VMEM:
645 633 lk_vmem_seen = 0;
646 634 break;
647 635 case TYPE_CACHE:
648 636 lk_cache_seen = 0;
649 637 break;
650 638 case TYPE_KMEM:
651 639 lk_kmem_seen = 0;
652 640 break;
653 641 default:
654 642 break;
655 643 }
656 644
657 645 lk_ttl = 0;
658 646 lk_bytes = 0;
659 647 }
660 648
661 649 void
662 650 leaky_subr_dump(const leak_bufctl_t *lkb, int verbose)
663 651 {
664 652 const leak_bufctl_t *cur;
665 653 kmem_cache_t cache;
666 654 size_t min, max, size;
667 655 char sz[30];
668 656 char c[MDB_SYM_NAMLEN];
669 657 uintptr_t caller;
670 658
671 659 if (verbose) {
672 660 lk_ttl = 0;
673 661 lk_bytes = 0;
674 662 }
675 663
676 664 switch (lkb->lkb_type) {
677 665 case TYPE_VMEM:
678 666 if (!verbose && !lk_vmem_seen) {
679 667 lk_vmem_seen = 1;
680 668 mdb_printf("%-16s %7s %?s %s\n",
681 669 "BYTES", "LEAKED", "VMEM_SEG", "CALLER");
682 670 }
683 671
684 672 min = max = lkb->lkb_data;
685 673
686 674 for (cur = lkb; cur != NULL; cur = cur->lkb_next) {
687 675 size = cur->lkb_data;
688 676
689 677 if (size < min)
690 678 min = size;
691 679 if (size > max)
692 680 max = size;
693 681
694 682 lk_ttl++;
695 683 lk_bytes += size;
696 684 }
697 685
698 686 if (min == max)
699 687 (void) mdb_snprintf(sz, sizeof (sz), "%ld", min);
700 688 else
701 689 (void) mdb_snprintf(sz, sizeof (sz), "%ld-%ld",
702 690 min, max);
703 691
704 692 if (!verbose) {
705 693 leaky_subr_caller(lkb->lkb_stack, lkb->lkb_depth,
706 694 c, &caller);
707 695
708 696 if (caller != 0) {
709 697 (void) mdb_snprintf(c, sizeof (c),
710 698 "%a", caller);
711 699 } else {
712 700 (void) mdb_snprintf(c, sizeof (c),
713 701 "%s", "?");
714 702 }
715 703 mdb_printf("%-16s %7d %?p %s\n", sz, lkb->lkb_dups + 1,
716 704 lkb->lkb_addr, c);
717 705 } else {
718 706 mdb_arg_t v;
719 707
720 708 if (lk_ttl == 1)
721 709 mdb_printf("kmem_oversize leak: 1 vmem_seg, "
722 710 "%ld bytes\n", lk_bytes);
723 711 else
724 712 mdb_printf("kmem_oversize leak: %d vmem_segs, "
725 713 "%s bytes each, %ld bytes total\n",
726 714 lk_ttl, sz, lk_bytes);
727 715
728 716 v.a_type = MDB_TYPE_STRING;
729 717 v.a_un.a_str = "-v";
730 718
731 719 if (mdb_call_dcmd("vmem_seg", lkb->lkb_addr,
732 720 DCMD_ADDRSPEC, 1, &v) == -1) {
733 721 mdb_warn("'%p::vmem_seg -v' failed",
734 722 lkb->lkb_addr);
735 723 }
736 724 }
737 725 return;
738 726
739 727 case TYPE_CACHE:
740 728 if (!verbose && !lk_cache_seen) {
741 729 lk_cache_seen = 1;
742 730 if (lk_vmem_seen)
743 731 mdb_printf("\n");
744 732 mdb_printf("%-?s %7s %?s %s\n",
745 733 "CACHE", "LEAKED", "BUFFER", "CALLER");
746 734 }
747 735
748 736 if (mdb_vread(&cache, sizeof (cache), lkb->lkb_data) == -1) {
749 737 /*
750 738 * This _really_ shouldn't happen; we shouldn't
751 739 * have been able to get this far if this
752 740 * cache wasn't readable.
753 741 */
754 742 mdb_warn("can't read cache %p for leaked "
755 743 "buffer %p", lkb->lkb_data, lkb->lkb_addr);
756 744 return;
757 745 }
758 746
759 747 lk_ttl += lkb->lkb_dups + 1;
760 748 lk_bytes += (lkb->lkb_dups + 1) * cache.cache_bufsize;
761 749
762 750 caller = (lkb->lkb_depth == 0) ? 0 : lkb->lkb_stack[0];
763 751 if (caller != 0) {
764 752 (void) mdb_snprintf(c, sizeof (c), "%a", caller);
765 753 } else {
766 754 (void) mdb_snprintf(c, sizeof (c),
767 755 "%s", (verbose) ? "" : "?");
768 756 }
769 757
770 758 if (!verbose) {
771 759 mdb_printf("%0?p %7d %0?p %s\n", lkb->lkb_cid,
772 760 lkb->lkb_dups + 1, lkb->lkb_addr, c);
773 761 } else {
774 762 if (lk_ttl == 1)
775 763 mdb_printf("%s leak: 1 buffer, %ld bytes,\n",
776 764 cache.cache_name, lk_bytes);
777 765 else
778 766 mdb_printf("%s leak: %d buffers, "
779 767 "%ld bytes each, %ld bytes total,\n",
780 768 cache.cache_name, lk_ttl,
781 769 cache.cache_bufsize, lk_bytes);
782 770
783 771 mdb_printf(" sample addr %p%s%s\n",
784 772 lkb->lkb_addr, (caller == 0) ? "" : ", caller ", c);
785 773 }
786 774 return;
787 775
788 776 case TYPE_KMEM:
789 777 if (!verbose && !lk_kmem_seen) {
790 778 lk_kmem_seen = 1;
791 779 if (lk_vmem_seen || lk_cache_seen)
792 780 mdb_printf("\n");
793 781 mdb_printf("%-?s %7s %?s %s\n",
794 782 "CACHE", "LEAKED", "BUFCTL", "CALLER");
795 783 }
796 784
797 785 if (mdb_vread(&cache, sizeof (cache), lkb->lkb_cid) == -1) {
798 786 /*
799 787 * This _really_ shouldn't happen; we shouldn't
800 788 * have been able to get this far if this
801 789 * cache wasn't readable.
802 790 */
803 791 mdb_warn("can't read cache %p for leaked "
804 792 "bufctl %p", lkb->lkb_cid, lkb->lkb_addr);
805 793 return;
806 794 }
807 795
808 796 lk_ttl += lkb->lkb_dups + 1;
809 797 lk_bytes += (lkb->lkb_dups + 1) * cache.cache_bufsize;
810 798
811 799 if (!verbose) {
812 800 leaky_subr_caller(lkb->lkb_stack, lkb->lkb_depth,
813 801 c, &caller);
814 802
815 803 if (caller != 0) {
816 804 (void) mdb_snprintf(c, sizeof (c),
817 805 "%a", caller);
818 806 } else {
819 807 (void) mdb_snprintf(c, sizeof (c),
820 808 "%s", "?");
821 809 }
822 810 mdb_printf("%0?p %7d %0?p %s\n", lkb->lkb_cid,
823 811 lkb->lkb_dups + 1, lkb->lkb_addr, c);
824 812 } else {
825 813 mdb_arg_t v;
826 814
827 815 if (lk_ttl == 1)
828 816 mdb_printf("%s leak: 1 buffer, %ld bytes\n",
829 817 cache.cache_name, lk_bytes);
830 818 else
831 819 mdb_printf("%s leak: %d buffers, "
832 820 "%ld bytes each, %ld bytes total\n",
833 821 cache.cache_name, lk_ttl,
834 822 cache.cache_bufsize, lk_bytes);
835 823
836 824 v.a_type = MDB_TYPE_STRING;
837 825 v.a_un.a_str = "-v";
838 826
839 827 if (mdb_call_dcmd("bufctl", lkb->lkb_addr,
840 828 DCMD_ADDRSPEC, 1, &v) == -1) {
841 829 mdb_warn("'%p::bufctl -v' failed",
842 830 lkb->lkb_addr);
843 831 }
844 832 }
845 833 return;
846 834
847 835 default:
848 836 return;
849 837 }
850 838 }
851 839
852 840 void
853 841 leaky_subr_dump_end(int type)
854 842 {
855 843 int i;
856 844 int width;
857 845 const char *leaks;
858 846
859 847 switch (type) {
860 848 case TYPE_VMEM:
861 849 if (!lk_vmem_seen)
862 850 return;
863 851
864 852 width = 16;
865 853 leaks = "kmem_oversize leak";
866 854 break;
867 855
868 856 case TYPE_CACHE:
869 857 if (!lk_cache_seen)
870 858 return;
871 859
872 860 width = sizeof (uintptr_t) * 2;
873 861 leaks = "buffer";
874 862 break;
875 863
876 864 case TYPE_KMEM:
877 865 if (!lk_kmem_seen)
878 866 return;
879 867
880 868 width = sizeof (uintptr_t) * 2;
881 869 leaks = "buffer";
882 870 break;
883 871
884 872 default:
885 873 return;
886 874 }
887 875
888 876 for (i = 0; i < 72; i++)
889 877 mdb_printf("-");
890 878 mdb_printf("\n%*s %7ld %s%s, %ld byte%s\n",
891 879 width, "Total", lk_ttl, leaks, (lk_ttl == 1) ? "" : "s",
892 880 lk_bytes, (lk_bytes == 1) ? "" : "s");
893 881 }
894 882
895 883 int
896 884 leaky_subr_invoke_callback(const leak_bufctl_t *lkb, mdb_walk_cb_t cb,
897 885 void *cbdata)
898 886 {
899 887 kmem_bufctl_audit_t bc;
900 888 vmem_seg_t vs;
901 889
902 890 switch (lkb->lkb_type) {
903 891 case TYPE_VMEM:
904 892 if (mdb_vread(&vs, sizeof (vs), lkb->lkb_addr) == -1) {
905 893 mdb_warn("unable to read vmem_seg at %p",
906 894 lkb->lkb_addr);
907 895 return (WALK_NEXT);
908 896 }
909 897 return (cb(lkb->lkb_addr, &vs, cbdata));
910 898
911 899 case TYPE_CACHE:
912 900 return (cb(lkb->lkb_addr, NULL, cbdata));
913 901
914 902 case TYPE_KMEM:
915 903 if (mdb_vread(&bc, sizeof (bc), lkb->lkb_addr) == -1) {
916 904 mdb_warn("unable to read bufctl at %p",
917 905 lkb->lkb_addr);
918 906 return (WALK_NEXT);
919 907 }
920 908 return (cb(lkb->lkb_addr, &bc, cbdata));
921 909 default:
922 910 return (WALK_NEXT);
923 911 }
924 912 }
↓ open down ↓ |
618 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX