1 /*
2 * Generic infrastructure for lifetime debugging of objects.
3 *
4 * Started by Thomas Gleixner
5 *
6 * Copyright (C) 2008, Thomas Gleixner <tglx@linutronix.de>
7 *
8 * For licencing details see kernel-base/COPYING
9 */
10 #include <linux/debugobjects.h>
11 #include <linux/interrupt.h>
12 #include <linux/sched.h>
13 #include <linux/seq_file.h>
14 #include <linux/debugfs.h>
15 #include <linux/slab.h>
16 #include <linux/hash.h>
17
18 #define ODEBUG_HASH_BITS 14
19 #define ODEBUG_HASH_SIZE (1 << ODEBUG_HASH_BITS)
20
21 #define ODEBUG_POOL_SIZE 512
22 #define ODEBUG_POOL_MIN_LEVEL 256
23
24 #define ODEBUG_CHUNK_SHIFT PAGE_SHIFT
25 #define ODEBUG_CHUNK_SIZE (1 << ODEBUG_CHUNK_SHIFT)
26 #define ODEBUG_CHUNK_MASK (~(ODEBUG_CHUNK_SIZE - 1))
27
28 struct debug_bucket {
29 struct hlist_head list;
30 raw_spinlock_t lock;
31 };
32
33 static struct debug_bucket obj_hash[ODEBUG_HASH_SIZE];
34
35 static struct debug_obj obj_static_pool[ODEBUG_POOL_SIZE] __initdata;
36
37 static DEFINE_RAW_SPINLOCK(pool_lock);
38
39 static HLIST_HEAD(obj_pool);
40
41 static int obj_pool_min_free = ODEBUG_POOL_SIZE;
42 static int obj_pool_free = ODEBUG_POOL_SIZE;
43 static int obj_pool_used;
44 static int obj_pool_max_used;
45 static struct kmem_cache *obj_cache;
46
47 static int debug_objects_maxchain __read_mostly;
48 static int debug_objects_fixups __read_mostly;
49 static int debug_objects_warnings __read_mostly;
50 static int debug_objects_enabled __read_mostly
51 = CONFIG_DEBUG_OBJECTS_ENABLE_DEFAULT;
52
53 static struct debug_obj_descr *descr_test __read_mostly;
54
55 static void free_obj_work(struct work_struct *work);
56 static DECLARE_WORK(debug_obj_work, free_obj_work);
57
enable_object_debug(char * str)58 static int __init enable_object_debug(char *str)
59 {
60 debug_objects_enabled = 1;
61 return 0;
62 }
63
disable_object_debug(char * str)64 static int __init disable_object_debug(char *str)
65 {
66 debug_objects_enabled = 0;
67 return 0;
68 }
69
70 early_param("debug_objects", enable_object_debug);
71 early_param("no_debug_objects", disable_object_debug);
72
73 static const char *obj_states[ODEBUG_STATE_MAX] = {
74 [ODEBUG_STATE_NONE] = "none",
75 [ODEBUG_STATE_INIT] = "initialized",
76 [ODEBUG_STATE_INACTIVE] = "inactive",
77 [ODEBUG_STATE_ACTIVE] = "active",
78 [ODEBUG_STATE_DESTROYED] = "destroyed",
79 [ODEBUG_STATE_NOTAVAILABLE] = "not available",
80 };
81
fill_pool(void)82 static void fill_pool(void)
83 {
84 gfp_t gfp = GFP_ATOMIC | __GFP_NORETRY | __GFP_NOWARN;
85 struct debug_obj *new;
86 unsigned long flags;
87
88 if (likely(obj_pool_free >= ODEBUG_POOL_MIN_LEVEL))
89 return;
90
91 if (unlikely(!obj_cache))
92 return;
93
94 while (obj_pool_free < ODEBUG_POOL_MIN_LEVEL) {
95
96 new = kmem_cache_zalloc(obj_cache, gfp);
97 if (!new)
98 return;
99
100 raw_spin_lock_irqsave(&pool_lock, flags);
101 hlist_add_head(&new->node, &obj_pool);
102 obj_pool_free++;
103 raw_spin_unlock_irqrestore(&pool_lock, flags);
104 }
105 }
106
107 /*
108 * Lookup an object in the hash bucket.
109 */
lookup_object(void * addr,struct debug_bucket * b)110 static struct debug_obj *lookup_object(void *addr, struct debug_bucket *b)
111 {
112 struct debug_obj *obj;
113 int cnt = 0;
114
115 hlist_for_each_entry(obj, &b->list, node) {
116 cnt++;
117 if (obj->object == addr)
118 return obj;
119 }
120 if (cnt > debug_objects_maxchain)
121 debug_objects_maxchain = cnt;
122
123 return NULL;
124 }
125
126 /*
127 * Allocate a new object. If the pool is empty, switch off the debugger.
128 * Must be called with interrupts disabled.
129 */
130 static struct debug_obj *
alloc_object(void * addr,struct debug_bucket * b,struct debug_obj_descr * descr)131 alloc_object(void *addr, struct debug_bucket *b, struct debug_obj_descr *descr)
132 {
133 struct debug_obj *obj = NULL;
134
135 raw_spin_lock(&pool_lock);
136 if (obj_pool.first) {
137 obj = hlist_entry(obj_pool.first, typeof(*obj), node);
138
139 obj->object = addr;
140 obj->descr = descr;
141 obj->state = ODEBUG_STATE_NONE;
142 obj->astate = 0;
143 hlist_del(&obj->node);
144
145 hlist_add_head(&obj->node, &b->list);
146
147 obj_pool_used++;
148 if (obj_pool_used > obj_pool_max_used)
149 obj_pool_max_used = obj_pool_used;
150
151 obj_pool_free--;
152 if (obj_pool_free < obj_pool_min_free)
153 obj_pool_min_free = obj_pool_free;
154 }
155 raw_spin_unlock(&pool_lock);
156
157 return obj;
158 }
159
160 /*
161 * workqueue function to free objects.
162 */
free_obj_work(struct work_struct * work)163 static void free_obj_work(struct work_struct *work)
164 {
165 struct debug_obj *obj;
166 unsigned long flags;
167
168 raw_spin_lock_irqsave(&pool_lock, flags);
169 while (obj_pool_free > ODEBUG_POOL_SIZE) {
170 obj = hlist_entry(obj_pool.first, typeof(*obj), node);
171 hlist_del(&obj->node);
172 obj_pool_free--;
173 /*
174 * We release pool_lock across kmem_cache_free() to
175 * avoid contention on pool_lock.
176 */
177 raw_spin_unlock_irqrestore(&pool_lock, flags);
178 kmem_cache_free(obj_cache, obj);
179 raw_spin_lock_irqsave(&pool_lock, flags);
180 }
181 raw_spin_unlock_irqrestore(&pool_lock, flags);
182 }
183
184 /*
185 * Put the object back into the pool and schedule work to free objects
186 * if necessary.
187 */
free_object(struct debug_obj * obj)188 static void free_object(struct debug_obj *obj)
189 {
190 unsigned long flags;
191 int sched = 0;
192
193 raw_spin_lock_irqsave(&pool_lock, flags);
194 /*
195 * schedule work when the pool is filled and the cache is
196 * initialized:
197 */
198 if (obj_pool_free > ODEBUG_POOL_SIZE && obj_cache)
199 sched = keventd_up() && !work_pending(&debug_obj_work);
200 hlist_add_head(&obj->node, &obj_pool);
201 obj_pool_free++;
202 obj_pool_used--;
203 raw_spin_unlock_irqrestore(&pool_lock, flags);
204 if (sched)
205 schedule_work(&debug_obj_work);
206 }
207
208 /*
209 * We run out of memory. That means we probably have tons of objects
210 * allocated.
211 */
debug_objects_oom(void)212 static void debug_objects_oom(void)
213 {
214 struct debug_bucket *db = obj_hash;
215 struct hlist_node *tmp;
216 HLIST_HEAD(freelist);
217 struct debug_obj *obj;
218 unsigned long flags;
219 int i;
220
221 printk(KERN_WARNING "ODEBUG: Out of memory. ODEBUG disabled\n");
222
223 for (i = 0; i < ODEBUG_HASH_SIZE; i++, db++) {
224 raw_spin_lock_irqsave(&db->lock, flags);
225 hlist_move_list(&db->list, &freelist);
226 raw_spin_unlock_irqrestore(&db->lock, flags);
227
228 /* Now free them */
229 hlist_for_each_entry_safe(obj, tmp, &freelist, node) {
230 hlist_del(&obj->node);
231 free_object(obj);
232 }
233 }
234 }
235
236 /*
237 * We use the pfn of the address for the hash. That way we can check
238 * for freed objects simply by checking the affected bucket.
239 */
get_bucket(unsigned long addr)240 static struct debug_bucket *get_bucket(unsigned long addr)
241 {
242 unsigned long hash;
243
244 hash = hash_long((addr >> ODEBUG_CHUNK_SHIFT), ODEBUG_HASH_BITS);
245 return &obj_hash[hash];
246 }
247
debug_print_object(struct debug_obj * obj,char * msg)248 static void debug_print_object(struct debug_obj *obj, char *msg)
249 {
250 struct debug_obj_descr *descr = obj->descr;
251 static int limit;
252
253 if (limit < 5 && descr != descr_test) {
254 void *hint = descr->debug_hint ?
255 descr->debug_hint(obj->object) : NULL;
256 limit++;
257 WARN(1, KERN_ERR "ODEBUG: %s %s (active state %u) "
258 "object type: %s hint: %pS\n",
259 msg, obj_states[obj->state], obj->astate,
260 descr->name, hint);
261 }
262 debug_objects_warnings++;
263 }
264
265 /*
266 * Try to repair the damage, so we have a better chance to get useful
267 * debug output.
268 */
269 static int
debug_object_fixup(int (* fixup)(void * addr,enum debug_obj_state state),void * addr,enum debug_obj_state state)270 debug_object_fixup(int (*fixup)(void *addr, enum debug_obj_state state),
271 void * addr, enum debug_obj_state state)
272 {
273 int fixed = 0;
274
275 if (fixup)
276 fixed = fixup(addr, state);
277 debug_objects_fixups += fixed;
278 return fixed;
279 }
280
debug_object_is_on_stack(void * addr,int onstack)281 static void debug_object_is_on_stack(void *addr, int onstack)
282 {
283 int is_on_stack;
284 static int limit;
285
286 if (limit > 4)
287 return;
288
289 is_on_stack = object_is_on_stack(addr);
290 if (is_on_stack == onstack)
291 return;
292
293 limit++;
294 if (is_on_stack)
295 printk(KERN_WARNING
296 "ODEBUG: object is on stack, but not annotated\n");
297 else
298 printk(KERN_WARNING
299 "ODEBUG: object is not on stack, but annotated\n");
300 WARN_ON(1);
301 }
302
303 static void
__debug_object_init(void * addr,struct debug_obj_descr * descr,int onstack)304 __debug_object_init(void *addr, struct debug_obj_descr *descr, int onstack)
305 {
306 enum debug_obj_state state;
307 struct debug_bucket *db;
308 struct debug_obj *obj;
309 unsigned long flags;
310
311 fill_pool();
312
313 db = get_bucket((unsigned long) addr);
314
315 raw_spin_lock_irqsave(&db->lock, flags);
316
317 obj = lookup_object(addr, db);
318 if (!obj) {
319 obj = alloc_object(addr, db, descr);
320 if (!obj) {
321 debug_objects_enabled = 0;
322 raw_spin_unlock_irqrestore(&db->lock, flags);
323 debug_objects_oom();
324 return;
325 }
326 debug_object_is_on_stack(addr, onstack);
327 }
328
329 switch (obj->state) {
330 case ODEBUG_STATE_NONE:
331 case ODEBUG_STATE_INIT:
332 case ODEBUG_STATE_INACTIVE:
333 obj->state = ODEBUG_STATE_INIT;
334 break;
335
336 case ODEBUG_STATE_ACTIVE:
337 debug_print_object(obj, "init");
338 state = obj->state;
339 raw_spin_unlock_irqrestore(&db->lock, flags);
340 debug_object_fixup(descr->fixup_init, addr, state);
341 return;
342
343 case ODEBUG_STATE_DESTROYED:
344 debug_print_object(obj, "init");
345 break;
346 default:
347 break;
348 }
349
350 raw_spin_unlock_irqrestore(&db->lock, flags);
351 }
352
353 /**
354 * debug_object_init - debug checks when an object is initialized
355 * @addr: address of the object
356 * @descr: pointer to an object specific debug description structure
357 */
debug_object_init(void * addr,struct debug_obj_descr * descr)358 void debug_object_init(void *addr, struct debug_obj_descr *descr)
359 {
360 if (!debug_objects_enabled)
361 return;
362
363 __debug_object_init(addr, descr, 0);
364 }
365
366 /**
367 * debug_object_init_on_stack - debug checks when an object on stack is
368 * initialized
369 * @addr: address of the object
370 * @descr: pointer to an object specific debug description structure
371 */
debug_object_init_on_stack(void * addr,struct debug_obj_descr * descr)372 void debug_object_init_on_stack(void *addr, struct debug_obj_descr *descr)
373 {
374 if (!debug_objects_enabled)
375 return;
376
377 __debug_object_init(addr, descr, 1);
378 }
379
380 /**
381 * debug_object_activate - debug checks when an object is activated
382 * @addr: address of the object
383 * @descr: pointer to an object specific debug description structure
384 */
debug_object_activate(void * addr,struct debug_obj_descr * descr)385 void debug_object_activate(void *addr, struct debug_obj_descr *descr)
386 {
387 enum debug_obj_state state;
388 struct debug_bucket *db;
389 struct debug_obj *obj;
390 unsigned long flags;
391 struct debug_obj o = { .object = addr,
392 .state = ODEBUG_STATE_NOTAVAILABLE,
393 .descr = descr };
394
395 if (!debug_objects_enabled)
396 return;
397
398 db = get_bucket((unsigned long) addr);
399
400 raw_spin_lock_irqsave(&db->lock, flags);
401
402 obj = lookup_object(addr, db);
403 if (obj) {
404 switch (obj->state) {
405 case ODEBUG_STATE_INIT:
406 case ODEBUG_STATE_INACTIVE:
407 obj->state = ODEBUG_STATE_ACTIVE;
408 break;
409
410 case ODEBUG_STATE_ACTIVE:
411 debug_print_object(obj, "activate");
412 state = obj->state;
413 raw_spin_unlock_irqrestore(&db->lock, flags);
414 debug_object_fixup(descr->fixup_activate, addr, state);
415 return;
416
417 case ODEBUG_STATE_DESTROYED:
418 debug_print_object(obj, "activate");
419 break;
420 default:
421 break;
422 }
423 raw_spin_unlock_irqrestore(&db->lock, flags);
424 return;
425 }
426
427 raw_spin_unlock_irqrestore(&db->lock, flags);
428 /*
429 * This happens when a static object is activated. We
430 * let the type specific code decide whether this is
431 * true or not.
432 */
433 if (debug_object_fixup(descr->fixup_activate, addr,
434 ODEBUG_STATE_NOTAVAILABLE))
435 debug_print_object(&o, "activate");
436 }
437
438 /**
439 * debug_object_deactivate - debug checks when an object is deactivated
440 * @addr: address of the object
441 * @descr: pointer to an object specific debug description structure
442 */
debug_object_deactivate(void * addr,struct debug_obj_descr * descr)443 void debug_object_deactivate(void *addr, struct debug_obj_descr *descr)
444 {
445 struct debug_bucket *db;
446 struct debug_obj *obj;
447 unsigned long flags;
448
449 if (!debug_objects_enabled)
450 return;
451
452 db = get_bucket((unsigned long) addr);
453
454 raw_spin_lock_irqsave(&db->lock, flags);
455
456 obj = lookup_object(addr, db);
457 if (obj) {
458 switch (obj->state) {
459 case ODEBUG_STATE_INIT:
460 case ODEBUG_STATE_INACTIVE:
461 case ODEBUG_STATE_ACTIVE:
462 if (!obj->astate)
463 obj->state = ODEBUG_STATE_INACTIVE;
464 else
465 debug_print_object(obj, "deactivate");
466 break;
467
468 case ODEBUG_STATE_DESTROYED:
469 debug_print_object(obj, "deactivate");
470 break;
471 default:
472 break;
473 }
474 } else {
475 struct debug_obj o = { .object = addr,
476 .state = ODEBUG_STATE_NOTAVAILABLE,
477 .descr = descr };
478
479 debug_print_object(&o, "deactivate");
480 }
481
482 raw_spin_unlock_irqrestore(&db->lock, flags);
483 }
484
485 /**
486 * debug_object_destroy - debug checks when an object is destroyed
487 * @addr: address of the object
488 * @descr: pointer to an object specific debug description structure
489 */
debug_object_destroy(void * addr,struct debug_obj_descr * descr)490 void debug_object_destroy(void *addr, struct debug_obj_descr *descr)
491 {
492 enum debug_obj_state state;
493 struct debug_bucket *db;
494 struct debug_obj *obj;
495 unsigned long flags;
496
497 if (!debug_objects_enabled)
498 return;
499
500 db = get_bucket((unsigned long) addr);
501
502 raw_spin_lock_irqsave(&db->lock, flags);
503
504 obj = lookup_object(addr, db);
505 if (!obj)
506 goto out_unlock;
507
508 switch (obj->state) {
509 case ODEBUG_STATE_NONE:
510 case ODEBUG_STATE_INIT:
511 case ODEBUG_STATE_INACTIVE:
512 obj->state = ODEBUG_STATE_DESTROYED;
513 break;
514 case ODEBUG_STATE_ACTIVE:
515 debug_print_object(obj, "destroy");
516 state = obj->state;
517 raw_spin_unlock_irqrestore(&db->lock, flags);
518 debug_object_fixup(descr->fixup_destroy, addr, state);
519 return;
520
521 case ODEBUG_STATE_DESTROYED:
522 debug_print_object(obj, "destroy");
523 break;
524 default:
525 break;
526 }
527 out_unlock:
528 raw_spin_unlock_irqrestore(&db->lock, flags);
529 }
530
531 /**
532 * debug_object_free - debug checks when an object is freed
533 * @addr: address of the object
534 * @descr: pointer to an object specific debug description structure
535 */
debug_object_free(void * addr,struct debug_obj_descr * descr)536 void debug_object_free(void *addr, struct debug_obj_descr *descr)
537 {
538 enum debug_obj_state state;
539 struct debug_bucket *db;
540 struct debug_obj *obj;
541 unsigned long flags;
542
543 if (!debug_objects_enabled)
544 return;
545
546 db = get_bucket((unsigned long) addr);
547
548 raw_spin_lock_irqsave(&db->lock, flags);
549
550 obj = lookup_object(addr, db);
551 if (!obj)
552 goto out_unlock;
553
554 switch (obj->state) {
555 case ODEBUG_STATE_ACTIVE:
556 debug_print_object(obj, "free");
557 state = obj->state;
558 raw_spin_unlock_irqrestore(&db->lock, flags);
559 debug_object_fixup(descr->fixup_free, addr, state);
560 return;
561 default:
562 hlist_del(&obj->node);
563 raw_spin_unlock_irqrestore(&db->lock, flags);
564 free_object(obj);
565 return;
566 }
567 out_unlock:
568 raw_spin_unlock_irqrestore(&db->lock, flags);
569 }
570
571 /**
572 * debug_object_assert_init - debug checks when object should be init-ed
573 * @addr: address of the object
574 * @descr: pointer to an object specific debug description structure
575 */
debug_object_assert_init(void * addr,struct debug_obj_descr * descr)576 void debug_object_assert_init(void *addr, struct debug_obj_descr *descr)
577 {
578 struct debug_bucket *db;
579 struct debug_obj *obj;
580 unsigned long flags;
581
582 if (!debug_objects_enabled)
583 return;
584
585 db = get_bucket((unsigned long) addr);
586
587 raw_spin_lock_irqsave(&db->lock, flags);
588
589 obj = lookup_object(addr, db);
590 if (!obj) {
591 struct debug_obj o = { .object = addr,
592 .state = ODEBUG_STATE_NOTAVAILABLE,
593 .descr = descr };
594
595 raw_spin_unlock_irqrestore(&db->lock, flags);
596 /*
597 * Maybe the object is static. Let the type specific
598 * code decide what to do.
599 */
600 if (debug_object_fixup(descr->fixup_assert_init, addr,
601 ODEBUG_STATE_NOTAVAILABLE))
602 debug_print_object(&o, "assert_init");
603 return;
604 }
605
606 raw_spin_unlock_irqrestore(&db->lock, flags);
607 }
608
609 /**
610 * debug_object_active_state - debug checks object usage state machine
611 * @addr: address of the object
612 * @descr: pointer to an object specific debug description structure
613 * @expect: expected state
614 * @next: state to move to if expected state is found
615 */
616 void
debug_object_active_state(void * addr,struct debug_obj_descr * descr,unsigned int expect,unsigned int next)617 debug_object_active_state(void *addr, struct debug_obj_descr *descr,
618 unsigned int expect, unsigned int next)
619 {
620 struct debug_bucket *db;
621 struct debug_obj *obj;
622 unsigned long flags;
623
624 if (!debug_objects_enabled)
625 return;
626
627 db = get_bucket((unsigned long) addr);
628
629 raw_spin_lock_irqsave(&db->lock, flags);
630
631 obj = lookup_object(addr, db);
632 if (obj) {
633 switch (obj->state) {
634 case ODEBUG_STATE_ACTIVE:
635 if (obj->astate == expect)
636 obj->astate = next;
637 else
638 debug_print_object(obj, "active_state");
639 break;
640
641 default:
642 debug_print_object(obj, "active_state");
643 break;
644 }
645 } else {
646 struct debug_obj o = { .object = addr,
647 .state = ODEBUG_STATE_NOTAVAILABLE,
648 .descr = descr };
649
650 debug_print_object(&o, "active_state");
651 }
652
653 raw_spin_unlock_irqrestore(&db->lock, flags);
654 }
655
656 #ifdef CONFIG_DEBUG_OBJECTS_FREE
__debug_check_no_obj_freed(const void * address,unsigned long size)657 static void __debug_check_no_obj_freed(const void *address, unsigned long size)
658 {
659 unsigned long flags, oaddr, saddr, eaddr, paddr, chunks;
660 struct hlist_node *tmp;
661 HLIST_HEAD(freelist);
662 struct debug_obj_descr *descr;
663 enum debug_obj_state state;
664 struct debug_bucket *db;
665 struct debug_obj *obj;
666 int cnt;
667
668 saddr = (unsigned long) address;
669 eaddr = saddr + size;
670 paddr = saddr & ODEBUG_CHUNK_MASK;
671 chunks = ((eaddr - paddr) + (ODEBUG_CHUNK_SIZE - 1));
672 chunks >>= ODEBUG_CHUNK_SHIFT;
673
674 for (;chunks > 0; chunks--, paddr += ODEBUG_CHUNK_SIZE) {
675 db = get_bucket(paddr);
676
677 repeat:
678 cnt = 0;
679 raw_spin_lock_irqsave(&db->lock, flags);
680 hlist_for_each_entry_safe(obj, tmp, &db->list, node) {
681 cnt++;
682 oaddr = (unsigned long) obj->object;
683 if (oaddr < saddr || oaddr >= eaddr)
684 continue;
685
686 switch (obj->state) {
687 case ODEBUG_STATE_ACTIVE:
688 debug_print_object(obj, "free");
689 descr = obj->descr;
690 state = obj->state;
691 raw_spin_unlock_irqrestore(&db->lock, flags);
692 debug_object_fixup(descr->fixup_free,
693 (void *) oaddr, state);
694 goto repeat;
695 default:
696 hlist_del(&obj->node);
697 hlist_add_head(&obj->node, &freelist);
698 break;
699 }
700 }
701 raw_spin_unlock_irqrestore(&db->lock, flags);
702
703 /* Now free them */
704 hlist_for_each_entry_safe(obj, tmp, &freelist, node) {
705 hlist_del(&obj->node);
706 free_object(obj);
707 }
708
709 if (cnt > debug_objects_maxchain)
710 debug_objects_maxchain = cnt;
711 }
712 }
713
debug_check_no_obj_freed(const void * address,unsigned long size)714 void debug_check_no_obj_freed(const void *address, unsigned long size)
715 {
716 if (debug_objects_enabled)
717 __debug_check_no_obj_freed(address, size);
718 }
719 #endif
720
721 #ifdef CONFIG_DEBUG_FS
722
debug_stats_show(struct seq_file * m,void * v)723 static int debug_stats_show(struct seq_file *m, void *v)
724 {
725 seq_printf(m, "max_chain :%d\n", debug_objects_maxchain);
726 seq_printf(m, "warnings :%d\n", debug_objects_warnings);
727 seq_printf(m, "fixups :%d\n", debug_objects_fixups);
728 seq_printf(m, "pool_free :%d\n", obj_pool_free);
729 seq_printf(m, "pool_min_free :%d\n", obj_pool_min_free);
730 seq_printf(m, "pool_used :%d\n", obj_pool_used);
731 seq_printf(m, "pool_max_used :%d\n", obj_pool_max_used);
732 return 0;
733 }
734
debug_stats_open(struct inode * inode,struct file * filp)735 static int debug_stats_open(struct inode *inode, struct file *filp)
736 {
737 return single_open(filp, debug_stats_show, NULL);
738 }
739
740 static const struct file_operations debug_stats_fops = {
741 .open = debug_stats_open,
742 .read = seq_read,
743 .llseek = seq_lseek,
744 .release = single_release,
745 };
746
debug_objects_init_debugfs(void)747 static int __init debug_objects_init_debugfs(void)
748 {
749 struct dentry *dbgdir, *dbgstats;
750
751 if (!debug_objects_enabled)
752 return 0;
753
754 dbgdir = debugfs_create_dir("debug_objects", NULL);
755 if (!dbgdir)
756 return -ENOMEM;
757
758 dbgstats = debugfs_create_file("stats", 0444, dbgdir, NULL,
759 &debug_stats_fops);
760 if (!dbgstats)
761 goto err;
762
763 return 0;
764
765 err:
766 debugfs_remove(dbgdir);
767
768 return -ENOMEM;
769 }
770 __initcall(debug_objects_init_debugfs);
771
772 #else
debug_objects_init_debugfs(void)773 static inline void debug_objects_init_debugfs(void) { }
774 #endif
775
776 #ifdef CONFIG_DEBUG_OBJECTS_SELFTEST
777
778 /* Random data structure for the self test */
779 struct self_test {
780 unsigned long dummy1[6];
781 int static_init;
782 unsigned long dummy2[3];
783 };
784
785 static __initdata struct debug_obj_descr descr_type_test;
786
787 /*
788 * fixup_init is called when:
789 * - an active object is initialized
790 */
fixup_init(void * addr,enum debug_obj_state state)791 static int __init fixup_init(void *addr, enum debug_obj_state state)
792 {
793 struct self_test *obj = addr;
794
795 switch (state) {
796 case ODEBUG_STATE_ACTIVE:
797 debug_object_deactivate(obj, &descr_type_test);
798 debug_object_init(obj, &descr_type_test);
799 return 1;
800 default:
801 return 0;
802 }
803 }
804
805 /*
806 * fixup_activate is called when:
807 * - an active object is activated
808 * - an unknown object is activated (might be a statically initialized object)
809 */
fixup_activate(void * addr,enum debug_obj_state state)810 static int __init fixup_activate(void *addr, enum debug_obj_state state)
811 {
812 struct self_test *obj = addr;
813
814 switch (state) {
815 case ODEBUG_STATE_NOTAVAILABLE:
816 if (obj->static_init == 1) {
817 debug_object_init(obj, &descr_type_test);
818 debug_object_activate(obj, &descr_type_test);
819 return 0;
820 }
821 return 1;
822
823 case ODEBUG_STATE_ACTIVE:
824 debug_object_deactivate(obj, &descr_type_test);
825 debug_object_activate(obj, &descr_type_test);
826 return 1;
827
828 default:
829 return 0;
830 }
831 }
832
833 /*
834 * fixup_destroy is called when:
835 * - an active object is destroyed
836 */
fixup_destroy(void * addr,enum debug_obj_state state)837 static int __init fixup_destroy(void *addr, enum debug_obj_state state)
838 {
839 struct self_test *obj = addr;
840
841 switch (state) {
842 case ODEBUG_STATE_ACTIVE:
843 debug_object_deactivate(obj, &descr_type_test);
844 debug_object_destroy(obj, &descr_type_test);
845 return 1;
846 default:
847 return 0;
848 }
849 }
850
851 /*
852 * fixup_free is called when:
853 * - an active object is freed
854 */
fixup_free(void * addr,enum debug_obj_state state)855 static int __init fixup_free(void *addr, enum debug_obj_state state)
856 {
857 struct self_test *obj = addr;
858
859 switch (state) {
860 case ODEBUG_STATE_ACTIVE:
861 debug_object_deactivate(obj, &descr_type_test);
862 debug_object_free(obj, &descr_type_test);
863 return 1;
864 default:
865 return 0;
866 }
867 }
868
869 static int __init
check_results(void * addr,enum debug_obj_state state,int fixups,int warnings)870 check_results(void *addr, enum debug_obj_state state, int fixups, int warnings)
871 {
872 struct debug_bucket *db;
873 struct debug_obj *obj;
874 unsigned long flags;
875 int res = -EINVAL;
876
877 db = get_bucket((unsigned long) addr);
878
879 raw_spin_lock_irqsave(&db->lock, flags);
880
881 obj = lookup_object(addr, db);
882 if (!obj && state != ODEBUG_STATE_NONE) {
883 WARN(1, KERN_ERR "ODEBUG: selftest object not found\n");
884 goto out;
885 }
886 if (obj && obj->state != state) {
887 WARN(1, KERN_ERR "ODEBUG: selftest wrong state: %d != %d\n",
888 obj->state, state);
889 goto out;
890 }
891 if (fixups != debug_objects_fixups) {
892 WARN(1, KERN_ERR "ODEBUG: selftest fixups failed %d != %d\n",
893 fixups, debug_objects_fixups);
894 goto out;
895 }
896 if (warnings != debug_objects_warnings) {
897 WARN(1, KERN_ERR "ODEBUG: selftest warnings failed %d != %d\n",
898 warnings, debug_objects_warnings);
899 goto out;
900 }
901 res = 0;
902 out:
903 raw_spin_unlock_irqrestore(&db->lock, flags);
904 if (res)
905 debug_objects_enabled = 0;
906 return res;
907 }
908
909 static __initdata struct debug_obj_descr descr_type_test = {
910 .name = "selftest",
911 .fixup_init = fixup_init,
912 .fixup_activate = fixup_activate,
913 .fixup_destroy = fixup_destroy,
914 .fixup_free = fixup_free,
915 };
916
917 static __initdata struct self_test obj = { .static_init = 0 };
918
debug_objects_selftest(void)919 static void __init debug_objects_selftest(void)
920 {
921 int fixups, oldfixups, warnings, oldwarnings;
922 unsigned long flags;
923
924 local_irq_save(flags);
925
926 fixups = oldfixups = debug_objects_fixups;
927 warnings = oldwarnings = debug_objects_warnings;
928 descr_test = &descr_type_test;
929
930 debug_object_init(&obj, &descr_type_test);
931 if (check_results(&obj, ODEBUG_STATE_INIT, fixups, warnings))
932 goto out;
933 debug_object_activate(&obj, &descr_type_test);
934 if (check_results(&obj, ODEBUG_STATE_ACTIVE, fixups, warnings))
935 goto out;
936 debug_object_activate(&obj, &descr_type_test);
937 if (check_results(&obj, ODEBUG_STATE_ACTIVE, ++fixups, ++warnings))
938 goto out;
939 debug_object_deactivate(&obj, &descr_type_test);
940 if (check_results(&obj, ODEBUG_STATE_INACTIVE, fixups, warnings))
941 goto out;
942 debug_object_destroy(&obj, &descr_type_test);
943 if (check_results(&obj, ODEBUG_STATE_DESTROYED, fixups, warnings))
944 goto out;
945 debug_object_init(&obj, &descr_type_test);
946 if (check_results(&obj, ODEBUG_STATE_DESTROYED, fixups, ++warnings))
947 goto out;
948 debug_object_activate(&obj, &descr_type_test);
949 if (check_results(&obj, ODEBUG_STATE_DESTROYED, fixups, ++warnings))
950 goto out;
951 debug_object_deactivate(&obj, &descr_type_test);
952 if (check_results(&obj, ODEBUG_STATE_DESTROYED, fixups, ++warnings))
953 goto out;
954 debug_object_free(&obj, &descr_type_test);
955 if (check_results(&obj, ODEBUG_STATE_NONE, fixups, warnings))
956 goto out;
957
958 obj.static_init = 1;
959 debug_object_activate(&obj, &descr_type_test);
960 if (check_results(&obj, ODEBUG_STATE_ACTIVE, fixups, warnings))
961 goto out;
962 debug_object_init(&obj, &descr_type_test);
963 if (check_results(&obj, ODEBUG_STATE_INIT, ++fixups, ++warnings))
964 goto out;
965 debug_object_free(&obj, &descr_type_test);
966 if (check_results(&obj, ODEBUG_STATE_NONE, fixups, warnings))
967 goto out;
968
969 #ifdef CONFIG_DEBUG_OBJECTS_FREE
970 debug_object_init(&obj, &descr_type_test);
971 if (check_results(&obj, ODEBUG_STATE_INIT, fixups, warnings))
972 goto out;
973 debug_object_activate(&obj, &descr_type_test);
974 if (check_results(&obj, ODEBUG_STATE_ACTIVE, fixups, warnings))
975 goto out;
976 __debug_check_no_obj_freed(&obj, sizeof(obj));
977 if (check_results(&obj, ODEBUG_STATE_NONE, ++fixups, ++warnings))
978 goto out;
979 #endif
980 printk(KERN_INFO "ODEBUG: selftest passed\n");
981
982 out:
983 debug_objects_fixups = oldfixups;
984 debug_objects_warnings = oldwarnings;
985 descr_test = NULL;
986
987 local_irq_restore(flags);
988 }
989 #else
debug_objects_selftest(void)990 static inline void debug_objects_selftest(void) { }
991 #endif
992
993 /*
994 * Called during early boot to initialize the hash buckets and link
995 * the static object pool objects into the poll list. After this call
996 * the object tracker is fully operational.
997 */
debug_objects_early_init(void)998 void __init debug_objects_early_init(void)
999 {
1000 int i;
1001
1002 for (i = 0; i < ODEBUG_HASH_SIZE; i++)
1003 raw_spin_lock_init(&obj_hash[i].lock);
1004
1005 for (i = 0; i < ODEBUG_POOL_SIZE; i++)
1006 hlist_add_head(&obj_static_pool[i].node, &obj_pool);
1007 }
1008
1009 /*
1010 * Convert the statically allocated objects to dynamic ones:
1011 */
debug_objects_replace_static_objects(void)1012 static int __init debug_objects_replace_static_objects(void)
1013 {
1014 struct debug_bucket *db = obj_hash;
1015 struct hlist_node *tmp;
1016 struct debug_obj *obj, *new;
1017 HLIST_HEAD(objects);
1018 int i, cnt = 0;
1019
1020 for (i = 0; i < ODEBUG_POOL_SIZE; i++) {
1021 obj = kmem_cache_zalloc(obj_cache, GFP_KERNEL);
1022 if (!obj)
1023 goto free;
1024 hlist_add_head(&obj->node, &objects);
1025 }
1026
1027 /*
1028 * When debug_objects_mem_init() is called we know that only
1029 * one CPU is up, so disabling interrupts is enough
1030 * protection. This avoids the lockdep hell of lock ordering.
1031 */
1032 local_irq_disable();
1033
1034 /* Remove the statically allocated objects from the pool */
1035 hlist_for_each_entry_safe(obj, tmp, &obj_pool, node)
1036 hlist_del(&obj->node);
1037 /* Move the allocated objects to the pool */
1038 hlist_move_list(&objects, &obj_pool);
1039
1040 /* Replace the active object references */
1041 for (i = 0; i < ODEBUG_HASH_SIZE; i++, db++) {
1042 hlist_move_list(&db->list, &objects);
1043
1044 hlist_for_each_entry(obj, &objects, node) {
1045 new = hlist_entry(obj_pool.first, typeof(*obj), node);
1046 hlist_del(&new->node);
1047 /* copy object data */
1048 *new = *obj;
1049 hlist_add_head(&new->node, &db->list);
1050 cnt++;
1051 }
1052 }
1053 local_irq_enable();
1054
1055 printk(KERN_DEBUG "ODEBUG: %d of %d active objects replaced\n", cnt,
1056 obj_pool_used);
1057 return 0;
1058 free:
1059 hlist_for_each_entry_safe(obj, tmp, &objects, node) {
1060 hlist_del(&obj->node);
1061 kmem_cache_free(obj_cache, obj);
1062 }
1063 return -ENOMEM;
1064 }
1065
1066 /*
1067 * Called after the kmem_caches are functional to setup a dedicated
1068 * cache pool, which has the SLAB_DEBUG_OBJECTS flag set. This flag
1069 * prevents that the debug code is called on kmem_cache_free() for the
1070 * debug tracker objects to avoid recursive calls.
1071 */
debug_objects_mem_init(void)1072 void __init debug_objects_mem_init(void)
1073 {
1074 if (!debug_objects_enabled)
1075 return;
1076
1077 obj_cache = kmem_cache_create("debug_objects_cache",
1078 sizeof (struct debug_obj), 0,
1079 SLAB_DEBUG_OBJECTS, NULL);
1080
1081 if (!obj_cache || debug_objects_replace_static_objects()) {
1082 debug_objects_enabled = 0;
1083 if (obj_cache)
1084 kmem_cache_destroy(obj_cache);
1085 printk(KERN_WARNING "ODEBUG: out of memory.\n");
1086 } else
1087 debug_objects_selftest();
1088 }
1089