2 * Generic infrastructure for lifetime debugging of objects.
4 * Started by Thomas Gleixner
6 * Copyright (C) 2008, Thomas Gleixner <tglx@linutronix.de>
8 * For licencing details see kernel-base/COPYING
10 #include <linux/debugobjects.h>
11 #include <linux/interrupt.h>
12 #include <linux/seq_file.h>
13 #include <linux/debugfs.h>
14 #include <linux/hash.h>
16 #define ODEBUG_HASH_BITS 14
17 #define ODEBUG_HASH_SIZE (1 << ODEBUG_HASH_BITS)
19 #define ODEBUG_POOL_SIZE 512
20 #define ODEBUG_POOL_MIN_LEVEL 256
22 #define ODEBUG_CHUNK_SHIFT PAGE_SHIFT
23 #define ODEBUG_CHUNK_SIZE (1 << ODEBUG_CHUNK_SHIFT)
24 #define ODEBUG_CHUNK_MASK (~(ODEBUG_CHUNK_SIZE - 1))
27 struct hlist_head list;
31 static struct debug_bucket obj_hash[ODEBUG_HASH_SIZE];
33 static struct debug_obj obj_static_pool[ODEBUG_POOL_SIZE];
35 static DEFINE_SPINLOCK(pool_lock);
37 static HLIST_HEAD(obj_pool);
39 static int obj_pool_min_free = ODEBUG_POOL_SIZE;
40 static int obj_pool_free = ODEBUG_POOL_SIZE;
41 static int obj_pool_used;
42 static int obj_pool_max_used;
43 static struct kmem_cache *obj_cache;
45 static int debug_objects_maxchain __read_mostly;
46 static int debug_objects_fixups __read_mostly;
47 static int debug_objects_warnings __read_mostly;
48 static int debug_objects_enabled __read_mostly;
49 static struct debug_obj_descr *descr_test __read_mostly;
51 static int __init enable_object_debug(char *str)
53 debug_objects_enabled = 1;
56 early_param("debug_objects", enable_object_debug);
58 static const char *obj_states[ODEBUG_STATE_MAX] = {
59 [ODEBUG_STATE_NONE] = "none",
60 [ODEBUG_STATE_INIT] = "initialized",
61 [ODEBUG_STATE_INACTIVE] = "inactive",
62 [ODEBUG_STATE_ACTIVE] = "active",
63 [ODEBUG_STATE_DESTROYED] = "destroyed",
64 [ODEBUG_STATE_NOTAVAILABLE] = "not available",
67 static int fill_pool(void)
69 gfp_t gfp = GFP_ATOMIC | __GFP_NORETRY | __GFP_NOWARN;
70 struct debug_obj *new;
72 if (likely(obj_pool_free >= ODEBUG_POOL_MIN_LEVEL))
75 if (unlikely(!obj_cache))
78 while (obj_pool_free < ODEBUG_POOL_MIN_LEVEL) {
80 new = kmem_cache_zalloc(obj_cache, gfp);
84 spin_lock(&pool_lock);
85 hlist_add_head(&new->node, &obj_pool);
87 spin_unlock(&pool_lock);
93 * Lookup an object in the hash bucket.
95 static struct debug_obj *lookup_object(void *addr, struct debug_bucket *b)
97 struct hlist_node *node;
98 struct debug_obj *obj;
101 hlist_for_each_entry(obj, node, &b->list, node) {
103 if (obj->object == addr)
106 if (cnt > debug_objects_maxchain)
107 debug_objects_maxchain = cnt;
113 * Allocate a new object. If the pool is empty and no refill possible,
114 * switch off the debugger.
116 static struct debug_obj *
117 alloc_object(void *addr, struct debug_bucket *b, struct debug_obj_descr *descr)
119 struct debug_obj *obj = NULL;
123 spin_lock(&pool_lock);
124 if (obj_pool.first) {
125 obj = hlist_entry(obj_pool.first, typeof(*obj), node);
129 obj->state = ODEBUG_STATE_NONE;
130 hlist_del(&obj->node);
132 hlist_add_head(&obj->node, &b->list);
135 if (obj_pool_used > obj_pool_max_used)
136 obj_pool_max_used = obj_pool_used;
139 if (obj_pool_free < obj_pool_min_free)
140 obj_pool_min_free = obj_pool_free;
142 spin_unlock(&pool_lock);
144 if (fill_pool() && !obj && !retry++)
151 * Put the object back into the pool or give it back to kmem_cache:
153 static void free_object(struct debug_obj *obj)
155 unsigned long idx = (unsigned long)(obj - obj_static_pool);
157 if (obj_pool_free < ODEBUG_POOL_SIZE || idx < ODEBUG_POOL_SIZE) {
158 spin_lock(&pool_lock);
159 hlist_add_head(&obj->node, &obj_pool);
162 spin_unlock(&pool_lock);
164 spin_lock(&pool_lock);
166 spin_unlock(&pool_lock);
167 kmem_cache_free(obj_cache, obj);
172 * We run out of memory. That means we probably have tons of objects
175 static void debug_objects_oom(void)
177 struct debug_bucket *db = obj_hash;
178 struct hlist_node *node, *tmp;
179 struct debug_obj *obj;
183 printk(KERN_WARNING "ODEBUG: Out of memory. ODEBUG disabled\n");
185 for (i = 0; i < ODEBUG_HASH_SIZE; i++, db++) {
186 spin_lock_irqsave(&db->lock, flags);
187 hlist_for_each_entry_safe(obj, node, tmp, &db->list, node) {
188 hlist_del(&obj->node);
191 spin_unlock_irqrestore(&db->lock, flags);
196 * We use the pfn of the address for the hash. That way we can check
197 * for freed objects simply by checking the affected bucket.
199 static struct debug_bucket *get_bucket(unsigned long addr)
203 hash = hash_long((addr >> ODEBUG_CHUNK_SHIFT), ODEBUG_HASH_BITS);
204 return &obj_hash[hash];
207 static void debug_print_object(struct debug_obj *obj, char *msg)
211 if (limit < 5 && obj->descr != descr_test) {
213 printk(KERN_ERR "ODEBUG: %s %s object type: %s\n", msg,
214 obj_states[obj->state], obj->descr->name);
217 debug_objects_warnings++;
221 * Try to repair the damage, so we have a better chance to get useful
225 debug_object_fixup(int (*fixup)(void *addr, enum debug_obj_state state),
226 void * addr, enum debug_obj_state state)
229 debug_objects_fixups += fixup(addr, state);
232 static void debug_object_is_on_stack(void *addr, int onstack)
234 void *stack = current->stack;
241 is_on_stack = (addr >= stack && addr < (stack + THREAD_SIZE));
243 if (is_on_stack == onstack)
249 "ODEBUG: object is on stack, but not annotated\n");
252 "ODEBUG: object is not on stack, but annotated\n");
257 __debug_object_init(void *addr, struct debug_obj_descr *descr, int onstack)
259 enum debug_obj_state state;
260 struct debug_bucket *db;
261 struct debug_obj *obj;
264 db = get_bucket((unsigned long) addr);
266 spin_lock_irqsave(&db->lock, flags);
268 obj = lookup_object(addr, db);
270 obj = alloc_object(addr, db, descr);
272 debug_objects_enabled = 0;
273 spin_unlock_irqrestore(&db->lock, flags);
277 debug_object_is_on_stack(addr, onstack);
280 switch (obj->state) {
281 case ODEBUG_STATE_NONE:
282 case ODEBUG_STATE_INIT:
283 case ODEBUG_STATE_INACTIVE:
284 obj->state = ODEBUG_STATE_INIT;
287 case ODEBUG_STATE_ACTIVE:
288 debug_print_object(obj, "init");
290 spin_unlock_irqrestore(&db->lock, flags);
291 debug_object_fixup(descr->fixup_init, addr, state);
294 case ODEBUG_STATE_DESTROYED:
295 debug_print_object(obj, "init");
301 spin_unlock_irqrestore(&db->lock, flags);
305 * debug_object_init - debug checks when an object is initialized
306 * @addr: address of the object
307 * @descr: pointer to an object specific debug description structure
309 void debug_object_init(void *addr, struct debug_obj_descr *descr)
311 if (!debug_objects_enabled)
314 __debug_object_init(addr, descr, 0);
318 * debug_object_init_on_stack - debug checks when an object on stack is
320 * @addr: address of the object
321 * @descr: pointer to an object specific debug description structure
323 void debug_object_init_on_stack(void *addr, struct debug_obj_descr *descr)
325 if (!debug_objects_enabled)
328 __debug_object_init(addr, descr, 1);
332 * debug_object_activate - debug checks when an object is activated
333 * @addr: address of the object
334 * @descr: pointer to an object specific debug description structure
336 void debug_object_activate(void *addr, struct debug_obj_descr *descr)
338 enum debug_obj_state state;
339 struct debug_bucket *db;
340 struct debug_obj *obj;
343 if (!debug_objects_enabled)
346 db = get_bucket((unsigned long) addr);
348 spin_lock_irqsave(&db->lock, flags);
350 obj = lookup_object(addr, db);
352 switch (obj->state) {
353 case ODEBUG_STATE_INIT:
354 case ODEBUG_STATE_INACTIVE:
355 obj->state = ODEBUG_STATE_ACTIVE;
358 case ODEBUG_STATE_ACTIVE:
359 debug_print_object(obj, "activate");
361 spin_unlock_irqrestore(&db->lock, flags);
362 debug_object_fixup(descr->fixup_activate, addr, state);
365 case ODEBUG_STATE_DESTROYED:
366 debug_print_object(obj, "activate");
371 spin_unlock_irqrestore(&db->lock, flags);
375 spin_unlock_irqrestore(&db->lock, flags);
377 * This happens when a static object is activated. We
378 * let the type specific code decide whether this is
381 debug_object_fixup(descr->fixup_activate, addr,
382 ODEBUG_STATE_NOTAVAILABLE);
386 * debug_object_deactivate - debug checks when an object is deactivated
387 * @addr: address of the object
388 * @descr: pointer to an object specific debug description structure
390 void debug_object_deactivate(void *addr, struct debug_obj_descr *descr)
392 struct debug_bucket *db;
393 struct debug_obj *obj;
396 if (!debug_objects_enabled)
399 db = get_bucket((unsigned long) addr);
401 spin_lock_irqsave(&db->lock, flags);
403 obj = lookup_object(addr, db);
405 switch (obj->state) {
406 case ODEBUG_STATE_INIT:
407 case ODEBUG_STATE_INACTIVE:
408 case ODEBUG_STATE_ACTIVE:
409 obj->state = ODEBUG_STATE_INACTIVE;
412 case ODEBUG_STATE_DESTROYED:
413 debug_print_object(obj, "deactivate");
419 struct debug_obj o = { .object = addr,
420 .state = ODEBUG_STATE_NOTAVAILABLE,
423 debug_print_object(&o, "deactivate");
426 spin_unlock_irqrestore(&db->lock, flags);
430 * debug_object_destroy - debug checks when an object is destroyed
431 * @addr: address of the object
432 * @descr: pointer to an object specific debug description structure
434 void debug_object_destroy(void *addr, struct debug_obj_descr *descr)
436 enum debug_obj_state state;
437 struct debug_bucket *db;
438 struct debug_obj *obj;
441 if (!debug_objects_enabled)
444 db = get_bucket((unsigned long) addr);
446 spin_lock_irqsave(&db->lock, flags);
448 obj = lookup_object(addr, db);
452 switch (obj->state) {
453 case ODEBUG_STATE_NONE:
454 case ODEBUG_STATE_INIT:
455 case ODEBUG_STATE_INACTIVE:
456 obj->state = ODEBUG_STATE_DESTROYED;
458 case ODEBUG_STATE_ACTIVE:
459 debug_print_object(obj, "destroy");
461 spin_unlock_irqrestore(&db->lock, flags);
462 debug_object_fixup(descr->fixup_destroy, addr, state);
465 case ODEBUG_STATE_DESTROYED:
466 debug_print_object(obj, "destroy");
472 spin_unlock_irqrestore(&db->lock, flags);
476 * debug_object_free - debug checks when an object is freed
477 * @addr: address of the object
478 * @descr: pointer to an object specific debug description structure
480 void debug_object_free(void *addr, struct debug_obj_descr *descr)
482 enum debug_obj_state state;
483 struct debug_bucket *db;
484 struct debug_obj *obj;
487 if (!debug_objects_enabled)
490 db = get_bucket((unsigned long) addr);
492 spin_lock_irqsave(&db->lock, flags);
494 obj = lookup_object(addr, db);
498 switch (obj->state) {
499 case ODEBUG_STATE_ACTIVE:
500 debug_print_object(obj, "free");
502 spin_unlock_irqrestore(&db->lock, flags);
503 debug_object_fixup(descr->fixup_free, addr, state);
506 hlist_del(&obj->node);
511 spin_unlock_irqrestore(&db->lock, flags);
514 #ifdef CONFIG_DEBUG_OBJECTS_FREE
515 static void __debug_check_no_obj_freed(const void *address, unsigned long size)
517 unsigned long flags, oaddr, saddr, eaddr, paddr, chunks;
518 struct hlist_node *node, *tmp;
519 struct debug_obj_descr *descr;
520 enum debug_obj_state state;
521 struct debug_bucket *db;
522 struct debug_obj *obj;
525 saddr = (unsigned long) address;
526 eaddr = saddr + size;
527 paddr = saddr & ODEBUG_CHUNK_MASK;
528 chunks = ((eaddr - paddr) + (ODEBUG_CHUNK_SIZE - 1));
529 chunks >>= ODEBUG_CHUNK_SHIFT;
531 for (;chunks > 0; chunks--, paddr += ODEBUG_CHUNK_SIZE) {
532 db = get_bucket(paddr);
536 spin_lock_irqsave(&db->lock, flags);
537 hlist_for_each_entry_safe(obj, node, tmp, &db->list, node) {
539 oaddr = (unsigned long) obj->object;
540 if (oaddr < saddr || oaddr >= eaddr)
543 switch (obj->state) {
544 case ODEBUG_STATE_ACTIVE:
545 debug_print_object(obj, "free");
548 spin_unlock_irqrestore(&db->lock, flags);
549 debug_object_fixup(descr->fixup_free,
550 (void *) oaddr, state);
553 hlist_del(&obj->node);
558 spin_unlock_irqrestore(&db->lock, flags);
559 if (cnt > debug_objects_maxchain)
560 debug_objects_maxchain = cnt;
564 void debug_check_no_obj_freed(const void *address, unsigned long size)
566 if (debug_objects_enabled)
567 __debug_check_no_obj_freed(address, size);
571 #ifdef CONFIG_DEBUG_FS
573 static int debug_stats_show(struct seq_file *m, void *v)
575 seq_printf(m, "max_chain :%d\n", debug_objects_maxchain);
576 seq_printf(m, "warnings :%d\n", debug_objects_warnings);
577 seq_printf(m, "fixups :%d\n", debug_objects_fixups);
578 seq_printf(m, "pool_free :%d\n", obj_pool_free);
579 seq_printf(m, "pool_min_free :%d\n", obj_pool_min_free);
580 seq_printf(m, "pool_used :%d\n", obj_pool_used);
581 seq_printf(m, "pool_max_used :%d\n", obj_pool_max_used);
585 static int debug_stats_open(struct inode *inode, struct file *filp)
587 return single_open(filp, debug_stats_show, NULL);
590 static const struct file_operations debug_stats_fops = {
591 .open = debug_stats_open,
594 .release = single_release,
597 static int __init debug_objects_init_debugfs(void)
599 struct dentry *dbgdir, *dbgstats;
601 if (!debug_objects_enabled)
604 dbgdir = debugfs_create_dir("debug_objects", NULL);
608 dbgstats = debugfs_create_file("stats", 0444, dbgdir, NULL,
616 debugfs_remove(dbgdir);
620 __initcall(debug_objects_init_debugfs);
623 static inline void debug_objects_init_debugfs(void) { }
626 #ifdef CONFIG_DEBUG_OBJECTS_SELFTEST
628 /* Random data structure for the self test */
630 unsigned long dummy1[6];
632 unsigned long dummy2[3];
635 static __initdata struct debug_obj_descr descr_type_test;
638 * fixup_init is called when:
639 * - an active object is initialized
641 static int __init fixup_init(void *addr, enum debug_obj_state state)
643 struct self_test *obj = addr;
646 case ODEBUG_STATE_ACTIVE:
647 debug_object_deactivate(obj, &descr_type_test);
648 debug_object_init(obj, &descr_type_test);
656 * fixup_activate is called when:
657 * - an active object is activated
658 * - an unknown object is activated (might be a statically initialized object)
660 static int __init fixup_activate(void *addr, enum debug_obj_state state)
662 struct self_test *obj = addr;
665 case ODEBUG_STATE_NOTAVAILABLE:
666 if (obj->static_init == 1) {
667 debug_object_init(obj, &descr_type_test);
668 debug_object_activate(obj, &descr_type_test);
670 * Real code should return 0 here ! This is
671 * not a fixup of some bad behaviour. We
672 * merily call the debug_init function to keep
673 * track of the object.
677 /* Real code needs to emit a warning here */
681 case ODEBUG_STATE_ACTIVE:
682 debug_object_deactivate(obj, &descr_type_test);
683 debug_object_activate(obj, &descr_type_test);
692 * fixup_destroy is called when:
693 * - an active object is destroyed
695 static int __init fixup_destroy(void *addr, enum debug_obj_state state)
697 struct self_test *obj = addr;
700 case ODEBUG_STATE_ACTIVE:
701 debug_object_deactivate(obj, &descr_type_test);
702 debug_object_destroy(obj, &descr_type_test);
710 * fixup_free is called when:
711 * - an active object is freed
713 static int __init fixup_free(void *addr, enum debug_obj_state state)
715 struct self_test *obj = addr;
718 case ODEBUG_STATE_ACTIVE:
719 debug_object_deactivate(obj, &descr_type_test);
720 debug_object_free(obj, &descr_type_test);
728 check_results(void *addr, enum debug_obj_state state, int fixups, int warnings)
730 struct debug_bucket *db;
731 struct debug_obj *obj;
735 db = get_bucket((unsigned long) addr);
737 spin_lock_irqsave(&db->lock, flags);
739 obj = lookup_object(addr, db);
740 if (!obj && state != ODEBUG_STATE_NONE) {
741 printk(KERN_ERR "ODEBUG: selftest object not found\n");
745 if (obj && obj->state != state) {
746 printk(KERN_ERR "ODEBUG: selftest wrong state: %d != %d\n",
751 if (fixups != debug_objects_fixups) {
752 printk(KERN_ERR "ODEBUG: selftest fixups failed %d != %d\n",
753 fixups, debug_objects_fixups);
757 if (warnings != debug_objects_warnings) {
758 printk(KERN_ERR "ODEBUG: selftest warnings failed %d != %d\n",
759 warnings, debug_objects_warnings);
765 spin_unlock_irqrestore(&db->lock, flags);
767 debug_objects_enabled = 0;
771 static __initdata struct debug_obj_descr descr_type_test = {
773 .fixup_init = fixup_init,
774 .fixup_activate = fixup_activate,
775 .fixup_destroy = fixup_destroy,
776 .fixup_free = fixup_free,
779 static __initdata struct self_test obj = { .static_init = 0 };
781 static void __init debug_objects_selftest(void)
783 int fixups, oldfixups, warnings, oldwarnings;
786 local_irq_save(flags);
788 fixups = oldfixups = debug_objects_fixups;
789 warnings = oldwarnings = debug_objects_warnings;
790 descr_test = &descr_type_test;
792 debug_object_init(&obj, &descr_type_test);
793 if (check_results(&obj, ODEBUG_STATE_INIT, fixups, warnings))
795 debug_object_activate(&obj, &descr_type_test);
796 if (check_results(&obj, ODEBUG_STATE_ACTIVE, fixups, warnings))
798 debug_object_activate(&obj, &descr_type_test);
799 if (check_results(&obj, ODEBUG_STATE_ACTIVE, ++fixups, ++warnings))
801 debug_object_deactivate(&obj, &descr_type_test);
802 if (check_results(&obj, ODEBUG_STATE_INACTIVE, fixups, warnings))
804 debug_object_destroy(&obj, &descr_type_test);
805 if (check_results(&obj, ODEBUG_STATE_DESTROYED, fixups, warnings))
807 debug_object_init(&obj, &descr_type_test);
808 if (check_results(&obj, ODEBUG_STATE_DESTROYED, fixups, ++warnings))
810 debug_object_activate(&obj, &descr_type_test);
811 if (check_results(&obj, ODEBUG_STATE_DESTROYED, fixups, ++warnings))
813 debug_object_deactivate(&obj, &descr_type_test);
814 if (check_results(&obj, ODEBUG_STATE_DESTROYED, fixups, ++warnings))
816 debug_object_free(&obj, &descr_type_test);
817 if (check_results(&obj, ODEBUG_STATE_NONE, fixups, warnings))
821 debug_object_activate(&obj, &descr_type_test);
822 if (check_results(&obj, ODEBUG_STATE_ACTIVE, ++fixups, warnings))
824 debug_object_init(&obj, &descr_type_test);
825 if (check_results(&obj, ODEBUG_STATE_INIT, ++fixups, ++warnings))
827 debug_object_free(&obj, &descr_type_test);
828 if (check_results(&obj, ODEBUG_STATE_NONE, fixups, warnings))
831 #ifdef CONFIG_DEBUG_OBJECTS_FREE
832 debug_object_init(&obj, &descr_type_test);
833 if (check_results(&obj, ODEBUG_STATE_INIT, fixups, warnings))
835 debug_object_activate(&obj, &descr_type_test);
836 if (check_results(&obj, ODEBUG_STATE_ACTIVE, fixups, warnings))
838 __debug_check_no_obj_freed(&obj, sizeof(obj));
839 if (check_results(&obj, ODEBUG_STATE_NONE, ++fixups, ++warnings))
842 printk(KERN_INFO "ODEBUG: selftest passed\n");
845 debug_objects_fixups = oldfixups;
846 debug_objects_warnings = oldwarnings;
849 local_irq_restore(flags);
852 static inline void debug_objects_selftest(void) { }
856 * Called during early boot to initialize the hash buckets and link
857 * the static object pool objects into the poll list. After this call
858 * the object tracker is fully operational.
860 void __init debug_objects_early_init(void)
864 for (i = 0; i < ODEBUG_HASH_SIZE; i++)
865 spin_lock_init(&obj_hash[i].lock);
867 for (i = 0; i < ODEBUG_POOL_SIZE; i++)
868 hlist_add_head(&obj_static_pool[i].node, &obj_pool);
872 * Called after the kmem_caches are functional to setup a dedicated
873 * cache pool, which has the SLAB_DEBUG_OBJECTS flag set. This flag
874 * prevents that the debug code is called on kmem_cache_free() for the
875 * debug tracker objects to avoid recursive calls.
877 void __init debug_objects_mem_init(void)
879 if (!debug_objects_enabled)
882 obj_cache = kmem_cache_create("debug_objects_cache",
883 sizeof (struct debug_obj), 0,
884 SLAB_DEBUG_OBJECTS, NULL);
887 debug_objects_enabled = 0;
889 debug_objects_selftest();
projects / linux-2.6 / blob