Back to home page

LXR

 
 

    


0001 /*
0002  * Generic infrastructure for lifetime debugging of objects.
0003  *
0004  * Started by Thomas Gleixner
0005  *
0006  * Copyright (C) 2008, Thomas Gleixner <tglx@linutronix.de>
0007  *
0008  * For licencing details see kernel-base/COPYING
0009  */
0010 
0011 #define pr_fmt(fmt) "ODEBUG: " fmt
0012 
0013 #include <linux/debugobjects.h>
0014 #include <linux/interrupt.h>
0015 #include <linux/sched.h>
0016 #include <linux/seq_file.h>
0017 #include <linux/debugfs.h>
0018 #include <linux/slab.h>
0019 #include <linux/hash.h>
0020 
0021 #define ODEBUG_HASH_BITS    14
0022 #define ODEBUG_HASH_SIZE    (1 << ODEBUG_HASH_BITS)
0023 
0024 #define ODEBUG_POOL_SIZE    1024
0025 #define ODEBUG_POOL_MIN_LEVEL   256
0026 
0027 #define ODEBUG_CHUNK_SHIFT  PAGE_SHIFT
0028 #define ODEBUG_CHUNK_SIZE   (1 << ODEBUG_CHUNK_SHIFT)
0029 #define ODEBUG_CHUNK_MASK   (~(ODEBUG_CHUNK_SIZE - 1))
0030 
0031 struct debug_bucket {
0032     struct hlist_head   list;
0033     raw_spinlock_t      lock;
0034 };
0035 
0036 static struct debug_bucket  obj_hash[ODEBUG_HASH_SIZE];
0037 
0038 static struct debug_obj     obj_static_pool[ODEBUG_POOL_SIZE] __initdata;
0039 
0040 static DEFINE_RAW_SPINLOCK(pool_lock);
0041 
0042 static HLIST_HEAD(obj_pool);
0043 
0044 static int          obj_pool_min_free = ODEBUG_POOL_SIZE;
0045 static int          obj_pool_free = ODEBUG_POOL_SIZE;
0046 static int          obj_pool_used;
0047 static int          obj_pool_max_used;
0048 static struct kmem_cache    *obj_cache;
0049 
0050 static int          debug_objects_maxchain __read_mostly;
0051 static int          debug_objects_fixups __read_mostly;
0052 static int          debug_objects_warnings __read_mostly;
0053 static int          debug_objects_enabled __read_mostly
0054                 = CONFIG_DEBUG_OBJECTS_ENABLE_DEFAULT;
0055 
0056 static struct debug_obj_descr   *descr_test  __read_mostly;
0057 
0058 static void free_obj_work(struct work_struct *work);
0059 static DECLARE_WORK(debug_obj_work, free_obj_work);
0060 
0061 static int __init enable_object_debug(char *str)
0062 {
0063     debug_objects_enabled = 1;
0064     return 0;
0065 }
0066 
0067 static int __init disable_object_debug(char *str)
0068 {
0069     debug_objects_enabled = 0;
0070     return 0;
0071 }
0072 
0073 early_param("debug_objects", enable_object_debug);
0074 early_param("no_debug_objects", disable_object_debug);
0075 
0076 static const char *obj_states[ODEBUG_STATE_MAX] = {
0077     [ODEBUG_STATE_NONE]     = "none",
0078     [ODEBUG_STATE_INIT]     = "initialized",
0079     [ODEBUG_STATE_INACTIVE]     = "inactive",
0080     [ODEBUG_STATE_ACTIVE]       = "active",
0081     [ODEBUG_STATE_DESTROYED]    = "destroyed",
0082     [ODEBUG_STATE_NOTAVAILABLE] = "not available",
0083 };
0084 
0085 static void fill_pool(void)
0086 {
0087     gfp_t gfp = GFP_ATOMIC | __GFP_NORETRY | __GFP_NOWARN;
0088     struct debug_obj *new;
0089     unsigned long flags;
0090 
0091     if (likely(obj_pool_free >= ODEBUG_POOL_MIN_LEVEL))
0092         return;
0093 
0094     if (unlikely(!obj_cache))
0095         return;
0096 
0097     while (obj_pool_free < ODEBUG_POOL_MIN_LEVEL) {
0098 
0099         new = kmem_cache_zalloc(obj_cache, gfp);
0100         if (!new)
0101             return;
0102 
0103         raw_spin_lock_irqsave(&pool_lock, flags);
0104         hlist_add_head(&new->node, &obj_pool);
0105         obj_pool_free++;
0106         raw_spin_unlock_irqrestore(&pool_lock, flags);
0107     }
0108 }
0109 
0110 /*
0111  * Lookup an object in the hash bucket.
0112  */
0113 static struct debug_obj *lookup_object(void *addr, struct debug_bucket *b)
0114 {
0115     struct debug_obj *obj;
0116     int cnt = 0;
0117 
0118     hlist_for_each_entry(obj, &b->list, node) {
0119         cnt++;
0120         if (obj->object == addr)
0121             return obj;
0122     }
0123     if (cnt > debug_objects_maxchain)
0124         debug_objects_maxchain = cnt;
0125 
0126     return NULL;
0127 }
0128 
0129 /*
0130  * Allocate a new object. If the pool is empty, switch off the debugger.
0131  * Must be called with interrupts disabled.
0132  */
0133 static struct debug_obj *
0134 alloc_object(void *addr, struct debug_bucket *b, struct debug_obj_descr *descr)
0135 {
0136     struct debug_obj *obj = NULL;
0137 
0138     raw_spin_lock(&pool_lock);
0139     if (obj_pool.first) {
0140         obj     = hlist_entry(obj_pool.first, typeof(*obj), node);
0141 
0142         obj->object = addr;
0143         obj->descr  = descr;
0144         obj->state  = ODEBUG_STATE_NONE;
0145         obj->astate = 0;
0146         hlist_del(&obj->node);
0147 
0148         hlist_add_head(&obj->node, &b->list);
0149 
0150         obj_pool_used++;
0151         if (obj_pool_used > obj_pool_max_used)
0152             obj_pool_max_used = obj_pool_used;
0153 
0154         obj_pool_free--;
0155         if (obj_pool_free < obj_pool_min_free)
0156             obj_pool_min_free = obj_pool_free;
0157     }
0158     raw_spin_unlock(&pool_lock);
0159 
0160     return obj;
0161 }
0162 
0163 /*
0164  * workqueue function to free objects.
0165  */
0166 static void free_obj_work(struct work_struct *work)
0167 {
0168     struct debug_obj *obj;
0169     unsigned long flags;
0170 
0171     raw_spin_lock_irqsave(&pool_lock, flags);
0172     while (obj_pool_free > ODEBUG_POOL_SIZE) {
0173         obj = hlist_entry(obj_pool.first, typeof(*obj), node);
0174         hlist_del(&obj->node);
0175         obj_pool_free--;
0176         /*
0177          * We release pool_lock across kmem_cache_free() to
0178          * avoid contention on pool_lock.
0179          */
0180         raw_spin_unlock_irqrestore(&pool_lock, flags);
0181         kmem_cache_free(obj_cache, obj);
0182         raw_spin_lock_irqsave(&pool_lock, flags);
0183     }
0184     raw_spin_unlock_irqrestore(&pool_lock, flags);
0185 }
0186 
0187 /*
0188  * Put the object back into the pool and schedule work to free objects
0189  * if necessary.
0190  */
0191 static void free_object(struct debug_obj *obj)
0192 {
0193     unsigned long flags;
0194     int sched = 0;
0195 
0196     raw_spin_lock_irqsave(&pool_lock, flags);
0197     /*
0198      * schedule work when the pool is filled and the cache is
0199      * initialized:
0200      */
0201     if (obj_pool_free > ODEBUG_POOL_SIZE && obj_cache)
0202         sched = 1;
0203     hlist_add_head(&obj->node, &obj_pool);
0204     obj_pool_free++;
0205     obj_pool_used--;
0206     raw_spin_unlock_irqrestore(&pool_lock, flags);
0207     if (sched)
0208         schedule_work(&debug_obj_work);
0209 }
0210 
0211 /*
0212  * We run out of memory. That means we probably have tons of objects
0213  * allocated.
0214  */
0215 static void debug_objects_oom(void)
0216 {
0217     struct debug_bucket *db = obj_hash;
0218     struct hlist_node *tmp;
0219     HLIST_HEAD(freelist);
0220     struct debug_obj *obj;
0221     unsigned long flags;
0222     int i;
0223 
0224     pr_warn("Out of memory. ODEBUG disabled\n");
0225 
0226     for (i = 0; i < ODEBUG_HASH_SIZE; i++, db++) {
0227         raw_spin_lock_irqsave(&db->lock, flags);
0228         hlist_move_list(&db->list, &freelist);
0229         raw_spin_unlock_irqrestore(&db->lock, flags);
0230 
0231         /* Now free them */
0232         hlist_for_each_entry_safe(obj, tmp, &freelist, node) {
0233             hlist_del(&obj->node);
0234             free_object(obj);
0235         }
0236     }
0237 }
0238 
0239 /*
0240  * We use the pfn of the address for the hash. That way we can check
0241  * for freed objects simply by checking the affected bucket.
0242  */
0243 static struct debug_bucket *get_bucket(unsigned long addr)
0244 {
0245     unsigned long hash;
0246 
0247     hash = hash_long((addr >> ODEBUG_CHUNK_SHIFT), ODEBUG_HASH_BITS);
0248     return &obj_hash[hash];
0249 }
0250 
0251 static void debug_print_object(struct debug_obj *obj, char *msg)
0252 {
0253     struct debug_obj_descr *descr = obj->descr;
0254     static int limit;
0255 
0256     if (limit < 5 && descr != descr_test) {
0257         void *hint = descr->debug_hint ?
0258             descr->debug_hint(obj->object) : NULL;
0259         limit++;
0260         WARN(1, KERN_ERR "ODEBUG: %s %s (active state %u) "
0261                  "object type: %s hint: %pS\n",
0262             msg, obj_states[obj->state], obj->astate,
0263             descr->name, hint);
0264     }
0265     debug_objects_warnings++;
0266 }
0267 
0268 /*
0269  * Try to repair the damage, so we have a better chance to get useful
0270  * debug output.
0271  */
0272 static bool
0273 debug_object_fixup(bool (*fixup)(void *addr, enum debug_obj_state state),
0274            void * addr, enum debug_obj_state state)
0275 {
0276     if (fixup && fixup(addr, state)) {
0277         debug_objects_fixups++;
0278         return true;
0279     }
0280     return false;
0281 }
0282 
0283 static void debug_object_is_on_stack(void *addr, int onstack)
0284 {
0285     int is_on_stack;
0286     static int limit;
0287 
0288     if (limit > 4)
0289         return;
0290 
0291     is_on_stack = object_is_on_stack(addr);
0292     if (is_on_stack == onstack)
0293         return;
0294 
0295     limit++;
0296     if (is_on_stack)
0297         pr_warn("object is on stack, but not annotated\n");
0298     else
0299         pr_warn("object is not on stack, but annotated\n");
0300     WARN_ON(1);
0301 }
0302 
0303 static void
0304 __debug_object_init(void *addr, struct debug_obj_descr *descr, int onstack)
0305 {
0306     enum debug_obj_state state;
0307     struct debug_bucket *db;
0308     struct debug_obj *obj;
0309     unsigned long flags;
0310 
0311     fill_pool();
0312 
0313     db = get_bucket((unsigned long) addr);
0314 
0315     raw_spin_lock_irqsave(&db->lock, flags);
0316 
0317     obj = lookup_object(addr, db);
0318     if (!obj) {
0319         obj = alloc_object(addr, db, descr);
0320         if (!obj) {
0321             debug_objects_enabled = 0;
0322             raw_spin_unlock_irqrestore(&db->lock, flags);
0323             debug_objects_oom();
0324             return;
0325         }
0326         debug_object_is_on_stack(addr, onstack);
0327     }
0328 
0329     switch (obj->state) {
0330     case ODEBUG_STATE_NONE:
0331     case ODEBUG_STATE_INIT:
0332     case ODEBUG_STATE_INACTIVE:
0333         obj->state = ODEBUG_STATE_INIT;
0334         break;
0335 
0336     case ODEBUG_STATE_ACTIVE:
0337         debug_print_object(obj, "init");
0338         state = obj->state;
0339         raw_spin_unlock_irqrestore(&db->lock, flags);
0340         debug_object_fixup(descr->fixup_init, addr, state);
0341         return;
0342 
0343     case ODEBUG_STATE_DESTROYED:
0344         debug_print_object(obj, "init");
0345         break;
0346     default:
0347         break;
0348     }
0349 
0350     raw_spin_unlock_irqrestore(&db->lock, flags);
0351 }
0352 
0353 /**
0354  * debug_object_init - debug checks when an object is initialized
0355  * @addr:   address of the object
0356  * @descr:  pointer to an object specific debug description structure
0357  */
0358 void debug_object_init(void *addr, struct debug_obj_descr *descr)
0359 {
0360     if (!debug_objects_enabled)
0361         return;
0362 
0363     __debug_object_init(addr, descr, 0);
0364 }
0365 EXPORT_SYMBOL_GPL(debug_object_init);
0366 
0367 /**
0368  * debug_object_init_on_stack - debug checks when an object on stack is
0369  *              initialized
0370  * @addr:   address of the object
0371  * @descr:  pointer to an object specific debug description structure
0372  */
0373 void debug_object_init_on_stack(void *addr, struct debug_obj_descr *descr)
0374 {
0375     if (!debug_objects_enabled)
0376         return;
0377 
0378     __debug_object_init(addr, descr, 1);
0379 }
0380 EXPORT_SYMBOL_GPL(debug_object_init_on_stack);
0381 
0382 /**
0383  * debug_object_activate - debug checks when an object is activated
0384  * @addr:   address of the object
0385  * @descr:  pointer to an object specific debug description structure
0386  * Returns 0 for success, -EINVAL for check failed.
0387  */
0388 int debug_object_activate(void *addr, struct debug_obj_descr *descr)
0389 {
0390     enum debug_obj_state state;
0391     struct debug_bucket *db;
0392     struct debug_obj *obj;
0393     unsigned long flags;
0394     int ret;
0395     struct debug_obj o = { .object = addr,
0396                    .state = ODEBUG_STATE_NOTAVAILABLE,
0397                    .descr = descr };
0398 
0399     if (!debug_objects_enabled)
0400         return 0;
0401 
0402     db = get_bucket((unsigned long) addr);
0403 
0404     raw_spin_lock_irqsave(&db->lock, flags);
0405 
0406     obj = lookup_object(addr, db);
0407     if (obj) {
0408         switch (obj->state) {
0409         case ODEBUG_STATE_INIT:
0410         case ODEBUG_STATE_INACTIVE:
0411             obj->state = ODEBUG_STATE_ACTIVE;
0412             ret = 0;
0413             break;
0414 
0415         case ODEBUG_STATE_ACTIVE:
0416             debug_print_object(obj, "activate");
0417             state = obj->state;
0418             raw_spin_unlock_irqrestore(&db->lock, flags);
0419             ret = debug_object_fixup(descr->fixup_activate, addr, state);
0420             return ret ? 0 : -EINVAL;
0421 
0422         case ODEBUG_STATE_DESTROYED:
0423             debug_print_object(obj, "activate");
0424             ret = -EINVAL;
0425             break;
0426         default:
0427             ret = 0;
0428             break;
0429         }
0430         raw_spin_unlock_irqrestore(&db->lock, flags);
0431         return ret;
0432     }
0433 
0434     raw_spin_unlock_irqrestore(&db->lock, flags);
0435     /*
0436      * We are here when a static object is activated. We
0437      * let the type specific code confirm whether this is
0438      * true or not. if true, we just make sure that the
0439      * static object is tracked in the object tracker. If
0440      * not, this must be a bug, so we try to fix it up.
0441      */
0442     if (descr->is_static_object && descr->is_static_object(addr)) {
0443         /* track this static object */
0444         debug_object_init(addr, descr);
0445         debug_object_activate(addr, descr);
0446     } else {
0447         debug_print_object(&o, "activate");
0448         ret = debug_object_fixup(descr->fixup_activate, addr,
0449                     ODEBUG_STATE_NOTAVAILABLE);
0450         return ret ? 0 : -EINVAL;
0451     }
0452     return 0;
0453 }
0454 EXPORT_SYMBOL_GPL(debug_object_activate);
0455 
0456 /**
0457  * debug_object_deactivate - debug checks when an object is deactivated
0458  * @addr:   address of the object
0459  * @descr:  pointer to an object specific debug description structure
0460  */
0461 void debug_object_deactivate(void *addr, struct debug_obj_descr *descr)
0462 {
0463     struct debug_bucket *db;
0464     struct debug_obj *obj;
0465     unsigned long flags;
0466 
0467     if (!debug_objects_enabled)
0468         return;
0469 
0470     db = get_bucket((unsigned long) addr);
0471 
0472     raw_spin_lock_irqsave(&db->lock, flags);
0473 
0474     obj = lookup_object(addr, db);
0475     if (obj) {
0476         switch (obj->state) {
0477         case ODEBUG_STATE_INIT:
0478         case ODEBUG_STATE_INACTIVE:
0479         case ODEBUG_STATE_ACTIVE:
0480             if (!obj->astate)
0481                 obj->state = ODEBUG_STATE_INACTIVE;
0482             else
0483                 debug_print_object(obj, "deactivate");
0484             break;
0485 
0486         case ODEBUG_STATE_DESTROYED:
0487             debug_print_object(obj, "deactivate");
0488             break;
0489         default:
0490             break;
0491         }
0492     } else {
0493         struct debug_obj o = { .object = addr,
0494                        .state = ODEBUG_STATE_NOTAVAILABLE,
0495                        .descr = descr };
0496 
0497         debug_print_object(&o, "deactivate");
0498     }
0499 
0500     raw_spin_unlock_irqrestore(&db->lock, flags);
0501 }
0502 EXPORT_SYMBOL_GPL(debug_object_deactivate);
0503 
0504 /**
0505  * debug_object_destroy - debug checks when an object is destroyed
0506  * @addr:   address of the object
0507  * @descr:  pointer to an object specific debug description structure
0508  */
0509 void debug_object_destroy(void *addr, struct debug_obj_descr *descr)
0510 {
0511     enum debug_obj_state state;
0512     struct debug_bucket *db;
0513     struct debug_obj *obj;
0514     unsigned long flags;
0515 
0516     if (!debug_objects_enabled)
0517         return;
0518 
0519     db = get_bucket((unsigned long) addr);
0520 
0521     raw_spin_lock_irqsave(&db->lock, flags);
0522 
0523     obj = lookup_object(addr, db);
0524     if (!obj)
0525         goto out_unlock;
0526 
0527     switch (obj->state) {
0528     case ODEBUG_STATE_NONE:
0529     case ODEBUG_STATE_INIT:
0530     case ODEBUG_STATE_INACTIVE:
0531         obj->state = ODEBUG_STATE_DESTROYED;
0532         break;
0533     case ODEBUG_STATE_ACTIVE:
0534         debug_print_object(obj, "destroy");
0535         state = obj->state;
0536         raw_spin_unlock_irqrestore(&db->lock, flags);
0537         debug_object_fixup(descr->fixup_destroy, addr, state);
0538         return;
0539 
0540     case ODEBUG_STATE_DESTROYED:
0541         debug_print_object(obj, "destroy");
0542         break;
0543     default:
0544         break;
0545     }
0546 out_unlock:
0547     raw_spin_unlock_irqrestore(&db->lock, flags);
0548 }
0549 EXPORT_SYMBOL_GPL(debug_object_destroy);
0550 
0551 /**
0552  * debug_object_free - debug checks when an object is freed
0553  * @addr:   address of the object
0554  * @descr:  pointer to an object specific debug description structure
0555  */
0556 void debug_object_free(void *addr, struct debug_obj_descr *descr)
0557 {
0558     enum debug_obj_state state;
0559     struct debug_bucket *db;
0560     struct debug_obj *obj;
0561     unsigned long flags;
0562 
0563     if (!debug_objects_enabled)
0564         return;
0565 
0566     db = get_bucket((unsigned long) addr);
0567 
0568     raw_spin_lock_irqsave(&db->lock, flags);
0569 
0570     obj = lookup_object(addr, db);
0571     if (!obj)
0572         goto out_unlock;
0573 
0574     switch (obj->state) {
0575     case ODEBUG_STATE_ACTIVE:
0576         debug_print_object(obj, "free");
0577         state = obj->state;
0578         raw_spin_unlock_irqrestore(&db->lock, flags);
0579         debug_object_fixup(descr->fixup_free, addr, state);
0580         return;
0581     default:
0582         hlist_del(&obj->node);
0583         raw_spin_unlock_irqrestore(&db->lock, flags);
0584         free_object(obj);
0585         return;
0586     }
0587 out_unlock:
0588     raw_spin_unlock_irqrestore(&db->lock, flags);
0589 }
0590 EXPORT_SYMBOL_GPL(debug_object_free);
0591 
0592 /**
0593  * debug_object_assert_init - debug checks when object should be init-ed
0594  * @addr:   address of the object
0595  * @descr:  pointer to an object specific debug description structure
0596  */
0597 void debug_object_assert_init(void *addr, struct debug_obj_descr *descr)
0598 {
0599     struct debug_bucket *db;
0600     struct debug_obj *obj;
0601     unsigned long flags;
0602 
0603     if (!debug_objects_enabled)
0604         return;
0605 
0606     db = get_bucket((unsigned long) addr);
0607 
0608     raw_spin_lock_irqsave(&db->lock, flags);
0609 
0610     obj = lookup_object(addr, db);
0611     if (!obj) {
0612         struct debug_obj o = { .object = addr,
0613                        .state = ODEBUG_STATE_NOTAVAILABLE,
0614                        .descr = descr };
0615 
0616         raw_spin_unlock_irqrestore(&db->lock, flags);
0617         /*
0618          * Maybe the object is static, and we let the type specific
0619          * code confirm. Track this static object if true, else invoke
0620          * fixup.
0621          */
0622         if (descr->is_static_object && descr->is_static_object(addr)) {
0623             /* Track this static object */
0624             debug_object_init(addr, descr);
0625         } else {
0626             debug_print_object(&o, "assert_init");
0627             debug_object_fixup(descr->fixup_assert_init, addr,
0628                        ODEBUG_STATE_NOTAVAILABLE);
0629         }
0630         return;
0631     }
0632 
0633     raw_spin_unlock_irqrestore(&db->lock, flags);
0634 }
0635 EXPORT_SYMBOL_GPL(debug_object_assert_init);
0636 
0637 /**
0638  * debug_object_active_state - debug checks object usage state machine
0639  * @addr:   address of the object
0640  * @descr:  pointer to an object specific debug description structure
0641  * @expect: expected state
0642  * @next:   state to move to if expected state is found
0643  */
0644 void
0645 debug_object_active_state(void *addr, struct debug_obj_descr *descr,
0646               unsigned int expect, unsigned int next)
0647 {
0648     struct debug_bucket *db;
0649     struct debug_obj *obj;
0650     unsigned long flags;
0651 
0652     if (!debug_objects_enabled)
0653         return;
0654 
0655     db = get_bucket((unsigned long) addr);
0656 
0657     raw_spin_lock_irqsave(&db->lock, flags);
0658 
0659     obj = lookup_object(addr, db);
0660     if (obj) {
0661         switch (obj->state) {
0662         case ODEBUG_STATE_ACTIVE:
0663             if (obj->astate == expect)
0664                 obj->astate = next;
0665             else
0666                 debug_print_object(obj, "active_state");
0667             break;
0668 
0669         default:
0670             debug_print_object(obj, "active_state");
0671             break;
0672         }
0673     } else {
0674         struct debug_obj o = { .object = addr,
0675                        .state = ODEBUG_STATE_NOTAVAILABLE,
0676                        .descr = descr };
0677 
0678         debug_print_object(&o, "active_state");
0679     }
0680 
0681     raw_spin_unlock_irqrestore(&db->lock, flags);
0682 }
0683 EXPORT_SYMBOL_GPL(debug_object_active_state);
0684 
0685 #ifdef CONFIG_DEBUG_OBJECTS_FREE
0686 static void __debug_check_no_obj_freed(const void *address, unsigned long size)
0687 {
0688     unsigned long flags, oaddr, saddr, eaddr, paddr, chunks;
0689     struct hlist_node *tmp;
0690     HLIST_HEAD(freelist);
0691     struct debug_obj_descr *descr;
0692     enum debug_obj_state state;
0693     struct debug_bucket *db;
0694     struct debug_obj *obj;
0695     int cnt;
0696 
0697     saddr = (unsigned long) address;
0698     eaddr = saddr + size;
0699     paddr = saddr & ODEBUG_CHUNK_MASK;
0700     chunks = ((eaddr - paddr) + (ODEBUG_CHUNK_SIZE - 1));
0701     chunks >>= ODEBUG_CHUNK_SHIFT;
0702 
0703     for (;chunks > 0; chunks--, paddr += ODEBUG_CHUNK_SIZE) {
0704         db = get_bucket(paddr);
0705 
0706 repeat:
0707         cnt = 0;
0708         raw_spin_lock_irqsave(&db->lock, flags);
0709         hlist_for_each_entry_safe(obj, tmp, &db->list, node) {
0710             cnt++;
0711             oaddr = (unsigned long) obj->object;
0712             if (oaddr < saddr || oaddr >= eaddr)
0713                 continue;
0714 
0715             switch (obj->state) {
0716             case ODEBUG_STATE_ACTIVE:
0717                 debug_print_object(obj, "free");
0718                 descr = obj->descr;
0719                 state = obj->state;
0720                 raw_spin_unlock_irqrestore(&db->lock, flags);
0721                 debug_object_fixup(descr->fixup_free,
0722                            (void *) oaddr, state);
0723                 goto repeat;
0724             default:
0725                 hlist_del(&obj->node);
0726                 hlist_add_head(&obj->node, &freelist);
0727                 break;
0728             }
0729         }
0730         raw_spin_unlock_irqrestore(&db->lock, flags);
0731 
0732         /* Now free them */
0733         hlist_for_each_entry_safe(obj, tmp, &freelist, node) {
0734             hlist_del(&obj->node);
0735             free_object(obj);
0736         }
0737 
0738         if (cnt > debug_objects_maxchain)
0739             debug_objects_maxchain = cnt;
0740     }
0741 }
0742 
0743 void debug_check_no_obj_freed(const void *address, unsigned long size)
0744 {
0745     if (debug_objects_enabled)
0746         __debug_check_no_obj_freed(address, size);
0747 }
0748 #endif
0749 
0750 #ifdef CONFIG_DEBUG_FS
0751 
0752 static int debug_stats_show(struct seq_file *m, void *v)
0753 {
0754     seq_printf(m, "max_chain     :%d\n", debug_objects_maxchain);
0755     seq_printf(m, "warnings      :%d\n", debug_objects_warnings);
0756     seq_printf(m, "fixups        :%d\n", debug_objects_fixups);
0757     seq_printf(m, "pool_free     :%d\n", obj_pool_free);
0758     seq_printf(m, "pool_min_free :%d\n", obj_pool_min_free);
0759     seq_printf(m, "pool_used     :%d\n", obj_pool_used);
0760     seq_printf(m, "pool_max_used :%d\n", obj_pool_max_used);
0761     return 0;
0762 }
0763 
0764 static int debug_stats_open(struct inode *inode, struct file *filp)
0765 {
0766     return single_open(filp, debug_stats_show, NULL);
0767 }
0768 
0769 static const struct file_operations debug_stats_fops = {
0770     .open       = debug_stats_open,
0771     .read       = seq_read,
0772     .llseek     = seq_lseek,
0773     .release    = single_release,
0774 };
0775 
0776 static int __init debug_objects_init_debugfs(void)
0777 {
0778     struct dentry *dbgdir, *dbgstats;
0779 
0780     if (!debug_objects_enabled)
0781         return 0;
0782 
0783     dbgdir = debugfs_create_dir("debug_objects", NULL);
0784     if (!dbgdir)
0785         return -ENOMEM;
0786 
0787     dbgstats = debugfs_create_file("stats", 0444, dbgdir, NULL,
0788                        &debug_stats_fops);
0789     if (!dbgstats)
0790         goto err;
0791 
0792     return 0;
0793 
0794 err:
0795     debugfs_remove(dbgdir);
0796 
0797     return -ENOMEM;
0798 }
0799 __initcall(debug_objects_init_debugfs);
0800 
0801 #else
0802 static inline void debug_objects_init_debugfs(void) { }
0803 #endif
0804 
0805 #ifdef CONFIG_DEBUG_OBJECTS_SELFTEST
0806 
0807 /* Random data structure for the self test */
0808 struct self_test {
0809     unsigned long   dummy1[6];
0810     int     static_init;
0811     unsigned long   dummy2[3];
0812 };
0813 
0814 static __initdata struct debug_obj_descr descr_type_test;
0815 
0816 static bool __init is_static_object(void *addr)
0817 {
0818     struct self_test *obj = addr;
0819 
0820     return obj->static_init;
0821 }
0822 
0823 /*
0824  * fixup_init is called when:
0825  * - an active object is initialized
0826  */
0827 static bool __init fixup_init(void *addr, enum debug_obj_state state)
0828 {
0829     struct self_test *obj = addr;
0830 
0831     switch (state) {
0832     case ODEBUG_STATE_ACTIVE:
0833         debug_object_deactivate(obj, &descr_type_test);
0834         debug_object_init(obj, &descr_type_test);
0835         return true;
0836     default:
0837         return false;
0838     }
0839 }
0840 
0841 /*
0842  * fixup_activate is called when:
0843  * - an active object is activated
0844  * - an unknown non-static object is activated
0845  */
0846 static bool __init fixup_activate(void *addr, enum debug_obj_state state)
0847 {
0848     struct self_test *obj = addr;
0849 
0850     switch (state) {
0851     case ODEBUG_STATE_NOTAVAILABLE:
0852         return true;
0853     case ODEBUG_STATE_ACTIVE:
0854         debug_object_deactivate(obj, &descr_type_test);
0855         debug_object_activate(obj, &descr_type_test);
0856         return true;
0857 
0858     default:
0859         return false;
0860     }
0861 }
0862 
0863 /*
0864  * fixup_destroy is called when:
0865  * - an active object is destroyed
0866  */
0867 static bool __init fixup_destroy(void *addr, enum debug_obj_state state)
0868 {
0869     struct self_test *obj = addr;
0870 
0871     switch (state) {
0872     case ODEBUG_STATE_ACTIVE:
0873         debug_object_deactivate(obj, &descr_type_test);
0874         debug_object_destroy(obj, &descr_type_test);
0875         return true;
0876     default:
0877         return false;
0878     }
0879 }
0880 
0881 /*
0882  * fixup_free is called when:
0883  * - an active object is freed
0884  */
0885 static bool __init fixup_free(void *addr, enum debug_obj_state state)
0886 {
0887     struct self_test *obj = addr;
0888 
0889     switch (state) {
0890     case ODEBUG_STATE_ACTIVE:
0891         debug_object_deactivate(obj, &descr_type_test);
0892         debug_object_free(obj, &descr_type_test);
0893         return true;
0894     default:
0895         return false;
0896     }
0897 }
0898 
0899 static int __init
0900 check_results(void *addr, enum debug_obj_state state, int fixups, int warnings)
0901 {
0902     struct debug_bucket *db;
0903     struct debug_obj *obj;
0904     unsigned long flags;
0905     int res = -EINVAL;
0906 
0907     db = get_bucket((unsigned long) addr);
0908 
0909     raw_spin_lock_irqsave(&db->lock, flags);
0910 
0911     obj = lookup_object(addr, db);
0912     if (!obj && state != ODEBUG_STATE_NONE) {
0913         WARN(1, KERN_ERR "ODEBUG: selftest object not found\n");
0914         goto out;
0915     }
0916     if (obj && obj->state != state) {
0917         WARN(1, KERN_ERR "ODEBUG: selftest wrong state: %d != %d\n",
0918                obj->state, state);
0919         goto out;
0920     }
0921     if (fixups != debug_objects_fixups) {
0922         WARN(1, KERN_ERR "ODEBUG: selftest fixups failed %d != %d\n",
0923                fixups, debug_objects_fixups);
0924         goto out;
0925     }
0926     if (warnings != debug_objects_warnings) {
0927         WARN(1, KERN_ERR "ODEBUG: selftest warnings failed %d != %d\n",
0928                warnings, debug_objects_warnings);
0929         goto out;
0930     }
0931     res = 0;
0932 out:
0933     raw_spin_unlock_irqrestore(&db->lock, flags);
0934     if (res)
0935         debug_objects_enabled = 0;
0936     return res;
0937 }
0938 
0939 static __initdata struct debug_obj_descr descr_type_test = {
0940     .name           = "selftest",
0941     .is_static_object   = is_static_object,
0942     .fixup_init     = fixup_init,
0943     .fixup_activate     = fixup_activate,
0944     .fixup_destroy      = fixup_destroy,
0945     .fixup_free     = fixup_free,
0946 };
0947 
0948 static __initdata struct self_test obj = { .static_init = 0 };
0949 
0950 static void __init debug_objects_selftest(void)
0951 {
0952     int fixups, oldfixups, warnings, oldwarnings;
0953     unsigned long flags;
0954 
0955     local_irq_save(flags);
0956 
0957     fixups = oldfixups = debug_objects_fixups;
0958     warnings = oldwarnings = debug_objects_warnings;
0959     descr_test = &descr_type_test;
0960 
0961     debug_object_init(&obj, &descr_type_test);
0962     if (check_results(&obj, ODEBUG_STATE_INIT, fixups, warnings))
0963         goto out;
0964     debug_object_activate(&obj, &descr_type_test);
0965     if (check_results(&obj, ODEBUG_STATE_ACTIVE, fixups, warnings))
0966         goto out;
0967     debug_object_activate(&obj, &descr_type_test);
0968     if (check_results(&obj, ODEBUG_STATE_ACTIVE, ++fixups, ++warnings))
0969         goto out;
0970     debug_object_deactivate(&obj, &descr_type_test);
0971     if (check_results(&obj, ODEBUG_STATE_INACTIVE, fixups, warnings))
0972         goto out;
0973     debug_object_destroy(&obj, &descr_type_test);
0974     if (check_results(&obj, ODEBUG_STATE_DESTROYED, fixups, warnings))
0975         goto out;
0976     debug_object_init(&obj, &descr_type_test);
0977     if (check_results(&obj, ODEBUG_STATE_DESTROYED, fixups, ++warnings))
0978         goto out;
0979     debug_object_activate(&obj, &descr_type_test);
0980     if (check_results(&obj, ODEBUG_STATE_DESTROYED, fixups, ++warnings))
0981         goto out;
0982     debug_object_deactivate(&obj, &descr_type_test);
0983     if (check_results(&obj, ODEBUG_STATE_DESTROYED, fixups, ++warnings))
0984         goto out;
0985     debug_object_free(&obj, &descr_type_test);
0986     if (check_results(&obj, ODEBUG_STATE_NONE, fixups, warnings))
0987         goto out;
0988 
0989     obj.static_init = 1;
0990     debug_object_activate(&obj, &descr_type_test);
0991     if (check_results(&obj, ODEBUG_STATE_ACTIVE, fixups, warnings))
0992         goto out;
0993     debug_object_init(&obj, &descr_type_test);
0994     if (check_results(&obj, ODEBUG_STATE_INIT, ++fixups, ++warnings))
0995         goto out;
0996     debug_object_free(&obj, &descr_type_test);
0997     if (check_results(&obj, ODEBUG_STATE_NONE, fixups, warnings))
0998         goto out;
0999 
1000 #ifdef CONFIG_DEBUG_OBJECTS_FREE
1001     debug_object_init(&obj, &descr_type_test);
1002     if (check_results(&obj, ODEBUG_STATE_INIT, fixups, warnings))
1003         goto out;
1004     debug_object_activate(&obj, &descr_type_test);
1005     if (check_results(&obj, ODEBUG_STATE_ACTIVE, fixups, warnings))
1006         goto out;
1007     __debug_check_no_obj_freed(&obj, sizeof(obj));
1008     if (check_results(&obj, ODEBUG_STATE_NONE, ++fixups, ++warnings))
1009         goto out;
1010 #endif
1011     pr_info("selftest passed\n");
1012 
1013 out:
1014     debug_objects_fixups = oldfixups;
1015     debug_objects_warnings = oldwarnings;
1016     descr_test = NULL;
1017 
1018     local_irq_restore(flags);
1019 }
1020 #else
1021 static inline void debug_objects_selftest(void) { }
1022 #endif
1023 
1024 /*
1025  * Called during early boot to initialize the hash buckets and link
1026  * the static object pool objects into the poll list. After this call
1027  * the object tracker is fully operational.
1028  */
1029 void __init debug_objects_early_init(void)
1030 {
1031     int i;
1032 
1033     for (i = 0; i < ODEBUG_HASH_SIZE; i++)
1034         raw_spin_lock_init(&obj_hash[i].lock);
1035 
1036     for (i = 0; i < ODEBUG_POOL_SIZE; i++)
1037         hlist_add_head(&obj_static_pool[i].node, &obj_pool);
1038 }
1039 
1040 /*
1041  * Convert the statically allocated objects to dynamic ones:
1042  */
1043 static int __init debug_objects_replace_static_objects(void)
1044 {
1045     struct debug_bucket *db = obj_hash;
1046     struct hlist_node *tmp;
1047     struct debug_obj *obj, *new;
1048     HLIST_HEAD(objects);
1049     int i, cnt = 0;
1050 
1051     for (i = 0; i < ODEBUG_POOL_SIZE; i++) {
1052         obj = kmem_cache_zalloc(obj_cache, GFP_KERNEL);
1053         if (!obj)
1054             goto free;
1055         hlist_add_head(&obj->node, &objects);
1056     }
1057 
1058     /*
1059      * When debug_objects_mem_init() is called we know that only
1060      * one CPU is up, so disabling interrupts is enough
1061      * protection. This avoids the lockdep hell of lock ordering.
1062      */
1063     local_irq_disable();
1064 
1065     /* Remove the statically allocated objects from the pool */
1066     hlist_for_each_entry_safe(obj, tmp, &obj_pool, node)
1067         hlist_del(&obj->node);
1068     /* Move the allocated objects to the pool */
1069     hlist_move_list(&objects, &obj_pool);
1070 
1071     /* Replace the active object references */
1072     for (i = 0; i < ODEBUG_HASH_SIZE; i++, db++) {
1073         hlist_move_list(&db->list, &objects);
1074 
1075         hlist_for_each_entry(obj, &objects, node) {
1076             new = hlist_entry(obj_pool.first, typeof(*obj), node);
1077             hlist_del(&new->node);
1078             /* copy object data */
1079             *new = *obj;
1080             hlist_add_head(&new->node, &db->list);
1081             cnt++;
1082         }
1083     }
1084     local_irq_enable();
1085 
1086     pr_debug("%d of %d active objects replaced\n",
1087          cnt, obj_pool_used);
1088     return 0;
1089 free:
1090     hlist_for_each_entry_safe(obj, tmp, &objects, node) {
1091         hlist_del(&obj->node);
1092         kmem_cache_free(obj_cache, obj);
1093     }
1094     return -ENOMEM;
1095 }
1096 
1097 /*
1098  * Called after the kmem_caches are functional to setup a dedicated
1099  * cache pool, which has the SLAB_DEBUG_OBJECTS flag set. This flag
1100  * prevents that the debug code is called on kmem_cache_free() for the
1101  * debug tracker objects to avoid recursive calls.
1102  */
1103 void __init debug_objects_mem_init(void)
1104 {
1105     if (!debug_objects_enabled)
1106         return;
1107 
1108     obj_cache = kmem_cache_create("debug_objects_cache",
1109                       sizeof (struct debug_obj), 0,
1110                       SLAB_DEBUG_OBJECTS, NULL);
1111 
1112     if (!obj_cache || debug_objects_replace_static_objects()) {
1113         debug_objects_enabled = 0;
1114         if (obj_cache)
1115             kmem_cache_destroy(obj_cache);
1116         pr_warn("out of memory.\n");
1117     } else
1118         debug_objects_selftest();
1119 }