1 /*- 2 * Copyright (c) 1998 Berkeley Software Design, Inc. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. 9 * 2. Redistributions in binary form must reproduce the above copyright 10 * notice, this list of conditions and the following disclaimer in the 11 * documentation and/or other materials provided with the distribution. 12 * 3. Berkeley Software Design Inc's name may not be used to endorse or 13 * promote products derived from this software without specific prior 14 * written permission. 15 * 16 * THIS SOFTWARE IS PROVIDED BY BERKELEY SOFTWARE DESIGN INC ``AS IS'' AND 17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 * ARE DISCLAIMED. IN NO EVENT SHALL BERKELEY SOFTWARE DESIGN INC BE LIABLE 20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 * 28 * from BSDI $Id: mutex_witness.c,v 1.1.2.20 2000/04/27 03:10:27 cp Exp $ 29 * and BSDI $Id: synch_machdep.c,v 2.3.2.39 2000/04/27 03:10:25 cp Exp $ 30 */ 31 32 /* 33 * Implementation of the `witness' lock verifier. Originally implemented for 34 * mutexes in BSD/OS. Extended to handle generic lock objects and lock 35 * classes in FreeBSD. 36 */ 37 38 /* 39 * Main Entry: witness 40 * Pronunciation: 'wit-n&s 41 * Function: noun 42 * Etymology: Middle English witnesse, from Old English witnes knowledge, 43 * testimony, witness, from 2wit 44 * Date: before 12th century 45 * 1 : attestation of a fact or event : TESTIMONY 46 * 2 : one that gives evidence; specifically : one who testifies in 47 * a cause or before a judicial tribunal 48 * 3 : one asked to be present at a transaction so as to be able to 49 * testify to its having taken place 50 * 4 : one who has personal knowledge of something 51 * 5 a : something serving as evidence or proof : SIGN 52 * b : public affirmation by word or example of usually 53 * religious faith or conviction <the heroic witness to divine 54 * life -- Pilot> 55 * 6 capitalized : a member of the Jehovah's Witnesses 56 */ 57 58 /* 59 * Special rules concerning Giant and lock orders: 60 * 61 * 1) Giant must be acquired before any other mutexes. Stated another way, 62 * no other mutex may be held when Giant is acquired. 63 * 64 * 2) Giant must be released when blocking on a sleepable lock. 65 * 66 * This rule is less obvious, but is a result of Giant providing the same 67 * semantics as spl(). Basically, when a thread sleeps, it must release 68 * Giant. When a thread blocks on a sleepable lock, it sleeps. Hence rule 69 * 2). 70 * 71 * 3) Giant may be acquired before or after sleepable locks. 72 * 73 * This rule is also not quite as obvious. Giant may be acquired after 74 * a sleepable lock because it is a non-sleepable lock and non-sleepable 75 * locks may always be acquired while holding a sleepable lock. The second 76 * case, Giant before a sleepable lock, follows from rule 2) above. Suppose 77 * you have two threads T1 and T2 and a sleepable lock X. Suppose that T1 78 * acquires X and blocks on Giant. Then suppose that T2 acquires Giant and 79 * blocks on X. When T2 blocks on X, T2 will release Giant allowing T1 to 80 * execute. Thus, acquiring Giant both before and after a sleepable lock 81 * will not result in a lock order reversal. 82 */ 83 84 #include <sys/cdefs.h> 85 __FBSDID("$FreeBSD$"); 86 87 #include "opt_ddb.h" 88 #include "opt_hwpmc_hooks.h" 89 #include "opt_witness.h" 90 91 #include <sys/param.h> 92 #include <sys/bus.h> 93 #include <sys/kdb.h> 94 #include <sys/kernel.h> 95 #include <sys/ktr.h> 96 #include <sys/lock.h> 97 #include <sys/malloc.h> 98 #include <sys/mutex.h> 99 #include <sys/priv.h> 100 #include <sys/proc.h> 101 #include <sys/sysctl.h> 102 #include <sys/systm.h> 103 104 #include <ddb/ddb.h> 105 106 #include <machine/stdarg.h> 107 108 /* Note that these traces do not work with KTR_ALQ. */ 109 #if 0 110 #define KTR_WITNESS KTR_SUBSYS 111 #else 112 #define KTR_WITNESS 0 113 #endif 114 115 /* Easier to stay with the old names. */ 116 #define lo_list lo_witness_data.lod_list 117 #define lo_witness lo_witness_data.lod_witness 118 119 /* Define this to check for blessed mutexes */ 120 #undef BLESSING 121 122 #define WITNESS_COUNT 1024 123 #define WITNESS_CHILDCOUNT (WITNESS_COUNT * 4) 124 /* 125 * XXX: This is somewhat bogus, as we assume here that at most 1024 threads 126 * will hold LOCK_NCHILDREN * 2 locks. We handle failure ok, and we should 127 * probably be safe for the most part, but it's still a SWAG. 128 */ 129 #define LOCK_CHILDCOUNT (MAXCPU + 1024) * 2 130 131 #define WITNESS_NCHILDREN 6 132 133 struct witness_child_list_entry; 134 135 struct witness { 136 const char *w_name; 137 struct lock_class *w_class; 138 STAILQ_ENTRY(witness) w_list; /* List of all witnesses. */ 139 STAILQ_ENTRY(witness) w_typelist; /* Witnesses of a type. */ 140 struct witness_child_list_entry *w_children; /* Great evilness... */ 141 const char *w_file; 142 int w_line; 143 u_int w_level; 144 u_int w_refcount; 145 u_char w_Giant_squawked:1; 146 u_char w_other_squawked:1; 147 u_char w_same_squawked:1; 148 u_char w_displayed:1; 149 }; 150 151 struct witness_child_list_entry { 152 struct witness_child_list_entry *wcl_next; 153 struct witness *wcl_children[WITNESS_NCHILDREN]; 154 u_int wcl_count; 155 }; 156 157 STAILQ_HEAD(witness_list, witness); 158 159 #ifdef BLESSING 160 struct witness_blessed { 161 const char *b_lock1; 162 const char *b_lock2; 163 }; 164 #endif 165 166 struct witness_order_list_entry { 167 const char *w_name; 168 struct lock_class *w_class; 169 }; 170 171 #ifdef BLESSING 172 static int blessed(struct witness *, struct witness *); 173 #endif 174 static int depart(struct witness *w); 175 static struct witness *enroll(const char *description, 176 struct lock_class *lock_class); 177 static int insertchild(struct witness *parent, struct witness *child); 178 static int isitmychild(struct witness *parent, struct witness *child); 179 static int isitmydescendant(struct witness *parent, struct witness *child); 180 static int itismychild(struct witness *parent, struct witness *child); 181 static void removechild(struct witness *parent, struct witness *child); 182 static int sysctl_debug_witness_watch(SYSCTL_HANDLER_ARGS); 183 static const char *fixup_filename(const char *file); 184 static struct witness *witness_get(void); 185 static void witness_free(struct witness *m); 186 static struct witness_child_list_entry *witness_child_get(void); 187 static void witness_child_free(struct witness_child_list_entry *wcl); 188 static struct lock_list_entry *witness_lock_list_get(void); 189 static void witness_lock_list_free(struct lock_list_entry *lle); 190 static struct lock_instance *find_instance(struct lock_list_entry *lock_list, 191 struct lock_object *lock); 192 static void witness_list_lock(struct lock_instance *instance); 193 #ifdef DDB 194 static void witness_leveldescendents(struct witness *parent, int level); 195 static void witness_levelall(void); 196 static void witness_displaydescendants(void(*)(const char *fmt, ...), 197 struct witness *, int indent); 198 static void witness_display_list(void(*prnt)(const char *fmt, ...), 199 struct witness_list *list); 200 static void witness_display(void(*)(const char *fmt, ...)); 201 static void witness_list(struct thread *td); 202 #endif 203 204 SYSCTL_NODE(_debug, OID_AUTO, witness, CTLFLAG_RW, 0, "Witness Locking"); 205 206 /* 207 * If set to 0, witness is disabled. If set to a non-zero value, witness 208 * performs full lock order checking for all locks. At runtime, this 209 * value may be set to 0 to turn off witness. witness is not allowed be 210 * turned on once it is turned off, however. 211 */ 212 static int witness_watch = 1; 213 TUNABLE_INT("debug.witness.watch", &witness_watch); 214 SYSCTL_PROC(_debug_witness, OID_AUTO, watch, CTLFLAG_RW | CTLTYPE_INT, NULL, 0, 215 sysctl_debug_witness_watch, "I", "witness is watching lock operations"); 216 217 #ifdef KDB 218 /* 219 * When KDB is enabled and witness_kdb is set to 1, it will cause the system 220 * to drop into kdebug() when: 221 * - a lock hierarchy violation occurs 222 * - locks are held when going to sleep. 223 */ 224 #ifdef WITNESS_KDB 225 int witness_kdb = 1; 226 #else 227 int witness_kdb = 0; 228 #endif 229 TUNABLE_INT("debug.witness.kdb", &witness_kdb); 230 SYSCTL_INT(_debug_witness, OID_AUTO, kdb, CTLFLAG_RW, &witness_kdb, 0, ""); 231 232 /* 233 * When KDB is enabled and witness_trace is set to 1, it will cause the system 234 * to print a stack trace: 235 * - a lock hierarchy violation occurs 236 * - locks are held when going to sleep. 237 */ 238 int witness_trace = 1; 239 TUNABLE_INT("debug.witness.trace", &witness_trace); 240 SYSCTL_INT(_debug_witness, OID_AUTO, trace, CTLFLAG_RW, &witness_trace, 0, ""); 241 #endif /* KDB */ 242 243 #ifdef WITNESS_SKIPSPIN 244 int witness_skipspin = 1; 245 #else 246 int witness_skipspin = 0; 247 #endif 248 TUNABLE_INT("debug.witness.skipspin", &witness_skipspin); 249 SYSCTL_INT(_debug_witness, OID_AUTO, skipspin, CTLFLAG_RDTUN, 250 &witness_skipspin, 0, ""); 251 252 static struct mtx w_mtx; 253 static struct witness_list w_free = STAILQ_HEAD_INITIALIZER(w_free); 254 static struct witness_list w_all = STAILQ_HEAD_INITIALIZER(w_all); 255 static struct witness_list w_spin = STAILQ_HEAD_INITIALIZER(w_spin); 256 static struct witness_list w_sleep = STAILQ_HEAD_INITIALIZER(w_sleep); 257 static struct witness_child_list_entry *w_child_free = NULL; 258 static struct lock_list_entry *w_lock_list_free = NULL; 259 260 static int w_free_cnt, w_spin_cnt, w_sleep_cnt, w_child_free_cnt, w_child_cnt; 261 SYSCTL_INT(_debug_witness, OID_AUTO, free_cnt, CTLFLAG_RD, &w_free_cnt, 0, ""); 262 SYSCTL_INT(_debug_witness, OID_AUTO, spin_cnt, CTLFLAG_RD, &w_spin_cnt, 0, ""); 263 SYSCTL_INT(_debug_witness, OID_AUTO, sleep_cnt, CTLFLAG_RD, &w_sleep_cnt, 0, 264 ""); 265 SYSCTL_INT(_debug_witness, OID_AUTO, child_free_cnt, CTLFLAG_RD, 266 &w_child_free_cnt, 0, ""); 267 SYSCTL_INT(_debug_witness, OID_AUTO, child_cnt, CTLFLAG_RD, &w_child_cnt, 0, 268 ""); 269 270 static struct witness w_data[WITNESS_COUNT]; 271 static struct witness_child_list_entry w_childdata[WITNESS_CHILDCOUNT]; 272 static struct lock_list_entry w_locklistdata[LOCK_CHILDCOUNT]; 273 274 static struct witness_order_list_entry order_lists[] = { 275 /* 276 * sx locks 277 */ 278 { "proctree", &lock_class_sx }, 279 { "allproc", &lock_class_sx }, 280 { "allprison", &lock_class_sx }, 281 { NULL, NULL }, 282 /* 283 * Various mutexes 284 */ 285 { "Giant", &lock_class_mtx_sleep }, 286 { "pipe mutex", &lock_class_mtx_sleep }, 287 { "sigio lock", &lock_class_mtx_sleep }, 288 { "process group", &lock_class_mtx_sleep }, 289 { "process lock", &lock_class_mtx_sleep }, 290 { "session", &lock_class_mtx_sleep }, 291 { "uidinfo hash", &lock_class_mtx_sleep }, 292 { "uidinfo struct", &lock_class_mtx_sleep }, 293 #ifdef HWPMC_HOOKS 294 { "pmc-sleep", &lock_class_mtx_sleep }, 295 #endif 296 { NULL, NULL }, 297 /* 298 * Sockets 299 */ 300 { "accept", &lock_class_mtx_sleep }, 301 { "so_snd", &lock_class_mtx_sleep }, 302 { "so_rcv", &lock_class_mtx_sleep }, 303 { "sellck", &lock_class_mtx_sleep }, 304 { NULL, NULL }, 305 /* 306 * Routing 307 */ 308 { "so_rcv", &lock_class_mtx_sleep }, 309 { "radix node head", &lock_class_mtx_sleep }, 310 { "rtentry", &lock_class_mtx_sleep }, 311 { "ifaddr", &lock_class_mtx_sleep }, 312 { NULL, NULL }, 313 /* 314 * Multicast - protocol locks before interface locks, after UDP locks. 315 */ 316 { "udpinp", &lock_class_mtx_sleep }, 317 { "in_multi_mtx", &lock_class_mtx_sleep }, 318 { "igmp_mtx", &lock_class_mtx_sleep }, 319 { "if_addr_mtx", &lock_class_mtx_sleep }, 320 { NULL, NULL }, 321 /* 322 * UNIX Domain Sockets 323 */ 324 { "unp", &lock_class_mtx_sleep }, 325 { "so_snd", &lock_class_mtx_sleep }, 326 { NULL, NULL }, 327 /* 328 * UDP/IP 329 */ 330 { "udp", &lock_class_mtx_sleep }, 331 { "udpinp", &lock_class_mtx_sleep }, 332 { "so_snd", &lock_class_mtx_sleep }, 333 { NULL, NULL }, 334 /* 335 * TCP/IP 336 */ 337 { "tcp", &lock_class_mtx_sleep }, 338 { "tcpinp", &lock_class_mtx_sleep }, 339 { "so_snd", &lock_class_mtx_sleep }, 340 { NULL, NULL }, 341 /* 342 * SLIP 343 */ 344 { "slip_mtx", &lock_class_mtx_sleep }, 345 { "slip sc_mtx", &lock_class_mtx_sleep }, 346 { NULL, NULL }, 347 /* 348 * netatalk 349 */ 350 { "ddp_list_mtx", &lock_class_mtx_sleep }, 351 { "ddp_mtx", &lock_class_mtx_sleep }, 352 { NULL, NULL }, 353 /* 354 * BPF 355 */ 356 { "bpf global lock", &lock_class_mtx_sleep }, 357 { "bpf interface lock", &lock_class_mtx_sleep }, 358 { "bpf cdev lock", &lock_class_mtx_sleep }, 359 { NULL, NULL }, 360 /* 361 * NFS server 362 */ 363 { "nfsd_mtx", &lock_class_mtx_sleep }, 364 { "so_snd", &lock_class_mtx_sleep }, 365 { NULL, NULL }, 366 /* 367 * Netgraph 368 */ 369 { "ng_node", &lock_class_mtx_sleep }, 370 { "ng_worklist", &lock_class_mtx_sleep }, 371 { NULL, NULL }, 372 /* 373 * CDEV 374 */ 375 { "system map", &lock_class_mtx_sleep }, 376 { "vm page queue mutex", &lock_class_mtx_sleep }, 377 { "vnode interlock", &lock_class_mtx_sleep }, 378 { "cdev", &lock_class_mtx_sleep }, 379 { NULL, NULL }, 380 /* 381 * kqueue/VFS interaction 382 */ 383 { "kqueue", &lock_class_mtx_sleep }, 384 { "struct mount mtx", &lock_class_mtx_sleep }, 385 { "vnode interlock", &lock_class_mtx_sleep }, 386 { NULL, NULL }, 387 /* 388 * spin locks 389 */ 390 #ifdef SMP 391 { "ap boot", &lock_class_mtx_spin }, 392 #endif 393 { "rm.mutex_mtx", &lock_class_mtx_spin }, 394 { "sio", &lock_class_mtx_spin }, 395 #ifdef __i386__ 396 { "cy", &lock_class_mtx_spin }, 397 { "descriptor tables", &lock_class_mtx_spin }, 398 #endif 399 { "scc_hwmtx", &lock_class_mtx_spin }, 400 { "uart_hwmtx", &lock_class_mtx_spin }, 401 { "zstty", &lock_class_mtx_spin }, 402 { "fast_taskqueue", &lock_class_mtx_spin }, 403 { "intr table", &lock_class_mtx_spin }, 404 #ifdef HWPMC_HOOKS 405 { "pmc-per-proc", &lock_class_mtx_spin }, 406 #endif 407 { "sleepq chain", &lock_class_mtx_spin }, 408 { "sched lock", &lock_class_mtx_spin }, 409 { "turnstile chain", &lock_class_mtx_spin }, 410 { "td_contested", &lock_class_mtx_spin }, 411 { "callout", &lock_class_mtx_spin }, 412 { "entropy harvest mutex", &lock_class_mtx_spin }, 413 { "syscons video lock", &lock_class_mtx_spin }, 414 { "time lock", &lock_class_mtx_spin }, 415 /* 416 * leaf locks 417 */ 418 { "allpmaps", &lock_class_mtx_spin }, 419 { "icu", &lock_class_mtx_spin }, 420 #ifdef SMP 421 { "smp rendezvous", &lock_class_mtx_spin }, 422 #if defined(__i386__) || defined(__amd64__) 423 { "tlb", &lock_class_mtx_spin }, 424 #endif 425 #ifdef __sparc64__ 426 { "ipi", &lock_class_mtx_spin }, 427 { "rtc_mtx", &lock_class_mtx_spin }, 428 #endif 429 #endif 430 { "clk", &lock_class_mtx_spin }, 431 { "mutex profiling lock", &lock_class_mtx_spin }, 432 { "kse zombie lock", &lock_class_mtx_spin }, 433 { "ALD Queue", &lock_class_mtx_spin }, 434 #ifdef __ia64__ 435 { "MCA spin lock", &lock_class_mtx_spin }, 436 #endif 437 #if defined(__i386__) || defined(__amd64__) 438 { "pcicfg", &lock_class_mtx_spin }, 439 { "NDIS thread lock", &lock_class_mtx_spin }, 440 #endif 441 { "tw_osl_io_lock", &lock_class_mtx_spin }, 442 { "tw_osl_q_lock", &lock_class_mtx_spin }, 443 { "tw_cl_io_lock", &lock_class_mtx_spin }, 444 { "tw_cl_intr_lock", &lock_class_mtx_spin }, 445 { "tw_cl_gen_lock", &lock_class_mtx_spin }, 446 #ifdef HWPMC_HOOKS 447 { "pmc-leaf", &lock_class_mtx_spin }, 448 #endif 449 { NULL, NULL }, 450 { NULL, NULL } 451 }; 452 453 #ifdef BLESSING 454 /* 455 * Pairs of locks which have been blessed 456 * Don't complain about order problems with blessed locks 457 */ 458 static struct witness_blessed blessed_list[] = { 459 }; 460 static int blessed_count = 461 sizeof(blessed_list) / sizeof(struct witness_blessed); 462 #endif 463 464 /* 465 * List of locks initialized prior to witness being initialized whose 466 * enrollment is currently deferred. 467 */ 468 STAILQ_HEAD(, lock_object) pending_locks = 469 STAILQ_HEAD_INITIALIZER(pending_locks); 470 471 /* 472 * This global is set to 0 once it becomes safe to use the witness code. 473 */ 474 static int witness_cold = 1; 475 476 /* 477 * This global is set to 1 once the static lock orders have been enrolled 478 * so that a warning can be issued for any spin locks enrolled later. 479 */ 480 static int witness_spin_warn = 0; 481 482 /* 483 * The WITNESS-enabled diagnostic code. Note that the witness code does 484 * assume that the early boot is single-threaded at least until after this 485 * routine is completed. 486 */ 487 static void 488 witness_initialize(void *dummy __unused) 489 { 490 struct lock_object *lock; 491 struct witness_order_list_entry *order; 492 struct witness *w, *w1; 493 int i; 494 495 /* 496 * We have to release Giant before initializing its witness 497 * structure so that WITNESS doesn't get confused. 498 */ 499 mtx_unlock(&Giant); 500 mtx_assert(&Giant, MA_NOTOWNED); 501 502 CTR1(KTR_WITNESS, "%s: initializing witness", __func__); 503 mtx_init(&w_mtx, "witness lock", NULL, MTX_SPIN | MTX_QUIET | 504 MTX_NOWITNESS | MTX_NOPROFILE); 505 for (i = 0; i < WITNESS_COUNT; i++) 506 witness_free(&w_data[i]); 507 for (i = 0; i < WITNESS_CHILDCOUNT; i++) 508 witness_child_free(&w_childdata[i]); 509 for (i = 0; i < LOCK_CHILDCOUNT; i++) 510 witness_lock_list_free(&w_locklistdata[i]); 511 512 /* First add in all the specified order lists. */ 513 for (order = order_lists; order->w_name != NULL; order++) { 514 w = enroll(order->w_name, order->w_class); 515 if (w == NULL) 516 continue; 517 w->w_file = "order list"; 518 for (order++; order->w_name != NULL; order++) { 519 w1 = enroll(order->w_name, order->w_class); 520 if (w1 == NULL) 521 continue; 522 w1->w_file = "order list"; 523 if (!itismychild(w, w1)) 524 panic("Not enough memory for static orders!"); 525 w = w1; 526 } 527 } 528 witness_spin_warn = 1; 529 530 /* Iterate through all locks and add them to witness. */ 531 while (!STAILQ_EMPTY(&pending_locks)) { 532 lock = STAILQ_FIRST(&pending_locks); 533 STAILQ_REMOVE_HEAD(&pending_locks, lo_list); 534 KASSERT(lock->lo_flags & LO_WITNESS, 535 ("%s: lock %s is on pending list but not LO_WITNESS", 536 __func__, lock->lo_name)); 537 lock->lo_witness = enroll(lock->lo_type, LOCK_CLASS(lock)); 538 } 539 540 /* Mark the witness code as being ready for use. */ 541 witness_cold = 0; 542 543 mtx_lock(&Giant); 544 } 545 SYSINIT(witness_init, SI_SUB_WITNESS, SI_ORDER_FIRST, witness_initialize, NULL) 546 547 static int 548 sysctl_debug_witness_watch(SYSCTL_HANDLER_ARGS) 549 { 550 int error, value; 551 552 value = witness_watch; 553 error = sysctl_handle_int(oidp, &value, 0, req); 554 if (error != 0 || req->newptr == NULL) 555 return (error); 556 if (value == witness_watch) 557 return (0); 558 if (value != 0) 559 return (EINVAL); 560 witness_watch = 0; 561 return (0); 562 } 563 564 void 565 witness_init(struct lock_object *lock) 566 { 567 struct lock_class *class; 568 569 /* Various sanity checks. */ 570 class = LOCK_CLASS(lock); 571 if ((lock->lo_flags & LO_RECURSABLE) != 0 && 572 (class->lc_flags & LC_RECURSABLE) == 0) 573 panic("%s: lock (%s) %s can not be recursable", __func__, 574 class->lc_name, lock->lo_name); 575 if ((lock->lo_flags & LO_SLEEPABLE) != 0 && 576 (class->lc_flags & LC_SLEEPABLE) == 0) 577 panic("%s: lock (%s) %s can not be sleepable", __func__, 578 class->lc_name, lock->lo_name); 579 if ((lock->lo_flags & LO_UPGRADABLE) != 0 && 580 (class->lc_flags & LC_UPGRADABLE) == 0) 581 panic("%s: lock (%s) %s can not be upgradable", __func__, 582 class->lc_name, lock->lo_name); 583 584 /* 585 * If we shouldn't watch this lock, then just clear lo_witness. 586 * Otherwise, if witness_cold is set, then it is too early to 587 * enroll this lock, so defer it to witness_initialize() by adding 588 * it to the pending_locks list. If it is not too early, then enroll 589 * the lock now. 590 */ 591 if (witness_watch == 0 || panicstr != NULL || 592 (lock->lo_flags & LO_WITNESS) == 0) 593 lock->lo_witness = NULL; 594 else if (witness_cold) { 595 STAILQ_INSERT_TAIL(&pending_locks, lock, lo_list); 596 lock->lo_flags |= LO_ENROLLPEND; 597 } else 598 lock->lo_witness = enroll(lock->lo_type, class); 599 } 600 601 void 602 witness_destroy(struct lock_object *lock) 603 { 604 struct lock_class *class; 605 struct witness *w; 606 607 class = LOCK_CLASS(lock); 608 if (witness_cold) 609 panic("lock (%s) %s destroyed while witness_cold", 610 class->lc_name, lock->lo_name); 611 612 /* XXX: need to verify that no one holds the lock */ 613 if ((lock->lo_flags & (LO_WITNESS | LO_ENROLLPEND)) == LO_WITNESS && 614 lock->lo_witness != NULL) { 615 w = lock->lo_witness; 616 mtx_lock_spin(&w_mtx); 617 MPASS(w->w_refcount > 0); 618 w->w_refcount--; 619 620 /* 621 * Lock is already released if we have an allocation failure 622 * and depart() fails. 623 */ 624 if (w->w_refcount != 0 || depart(w)) 625 mtx_unlock_spin(&w_mtx); 626 } 627 628 /* 629 * If this lock is destroyed before witness is up and running, 630 * remove it from the pending list. 631 */ 632 if (lock->lo_flags & LO_ENROLLPEND) { 633 STAILQ_REMOVE(&pending_locks, lock, lock_object, lo_list); 634 lock->lo_flags &= ~LO_ENROLLPEND; 635 } 636 } 637 638 #ifdef DDB 639 static void 640 witness_levelall (void) 641 { 642 struct witness_list *list; 643 struct witness *w, *w1; 644 645 /* 646 * First clear all levels. 647 */ 648 STAILQ_FOREACH(w, &w_all, w_list) { 649 w->w_level = 0; 650 } 651 652 /* 653 * Look for locks with no parent and level all their descendants. 654 */ 655 STAILQ_FOREACH(w, &w_all, w_list) { 656 /* 657 * This is just an optimization, technically we could get 658 * away just walking the all list each time. 659 */ 660 if (w->w_class->lc_flags & LC_SLEEPLOCK) 661 list = &w_sleep; 662 else 663 list = &w_spin; 664 STAILQ_FOREACH(w1, list, w_typelist) { 665 if (isitmychild(w1, w)) 666 goto skip; 667 } 668 witness_leveldescendents(w, 0); 669 skip: 670 ; /* silence GCC 3.x */ 671 } 672 } 673 674 static void 675 witness_leveldescendents(struct witness *parent, int level) 676 { 677 struct witness_child_list_entry *wcl; 678 int i; 679 680 if (parent->w_level < level) 681 parent->w_level = level; 682 level++; 683 for (wcl = parent->w_children; wcl != NULL; wcl = wcl->wcl_next) 684 for (i = 0; i < wcl->wcl_count; i++) 685 witness_leveldescendents(wcl->wcl_children[i], level); 686 } 687 688 static void 689 witness_displaydescendants(void(*prnt)(const char *fmt, ...), 690 struct witness *parent, int indent) 691 { 692 struct witness_child_list_entry *wcl; 693 int i, level; 694 695 level = parent->w_level; 696 prnt("%-2d", level); 697 for (i = 0; i < indent; i++) 698 prnt(" "); 699 if (parent->w_refcount > 0) 700 prnt("%s", parent->w_name); 701 else 702 prnt("(dead)"); 703 if (parent->w_displayed) { 704 prnt(" -- (already displayed)\n"); 705 return; 706 } 707 parent->w_displayed = 1; 708 if (parent->w_refcount > 0) { 709 if (parent->w_file != NULL) 710 prnt(" -- last acquired @ %s:%d", parent->w_file, 711 parent->w_line); 712 } 713 prnt("\n"); 714 for (wcl = parent->w_children; wcl != NULL; wcl = wcl->wcl_next) 715 for (i = 0; i < wcl->wcl_count; i++) 716 witness_displaydescendants(prnt, 717 wcl->wcl_children[i], indent + 1); 718 } 719 720 static void 721 witness_display_list(void(*prnt)(const char *fmt, ...), 722 struct witness_list *list) 723 { 724 struct witness *w; 725 726 STAILQ_FOREACH(w, list, w_typelist) { 727 if (w->w_file == NULL || w->w_level > 0) 728 continue; 729 /* 730 * This lock has no anscestors, display its descendants. 731 */ 732 witness_displaydescendants(prnt, w, 0); 733 } 734 } 735 736 static void 737 witness_display(void(*prnt)(const char *fmt, ...)) 738 { 739 struct witness *w; 740 741 KASSERT(!witness_cold, ("%s: witness_cold", __func__)); 742 witness_levelall(); 743 744 /* Clear all the displayed flags. */ 745 STAILQ_FOREACH(w, &w_all, w_list) { 746 w->w_displayed = 0; 747 } 748 749 /* 750 * First, handle sleep locks which have been acquired at least 751 * once. 752 */ 753 prnt("Sleep locks:\n"); 754 witness_display_list(prnt, &w_sleep); 755 756 /* 757 * Now do spin locks which have been acquired at least once. 758 */ 759 prnt("\nSpin locks:\n"); 760 witness_display_list(prnt, &w_spin); 761 762 /* 763 * Finally, any locks which have not been acquired yet. 764 */ 765 prnt("\nLocks which were never acquired:\n"); 766 STAILQ_FOREACH(w, &w_all, w_list) { 767 if (w->w_file != NULL || w->w_refcount == 0) 768 continue; 769 prnt("%s\n", w->w_name); 770 } 771 } 772 #endif /* DDB */ 773 774 /* Trim useless garbage from filenames. */ 775 static const char * 776 fixup_filename(const char *file) 777 { 778 779 if (file == NULL) 780 return (NULL); 781 while (strncmp(file, "../", 3) == 0) 782 file += 3; 783 return (file); 784 } 785 786 int 787 witness_defineorder(struct lock_object *lock1, struct lock_object *lock2) 788 { 789 790 if (witness_watch == 0 || panicstr != NULL) 791 return (0); 792 793 /* Require locks that witness knows about. */ 794 if (lock1 == NULL || lock1->lo_witness == NULL || lock2 == NULL || 795 lock2->lo_witness == NULL) 796 return (EINVAL); 797 798 MPASS(!mtx_owned(&w_mtx)); 799 mtx_lock_spin(&w_mtx); 800 801 /* 802 * If we already have either an explicit or implied lock order that 803 * is the other way around, then return an error. 804 */ 805 if (isitmydescendant(lock2->lo_witness, lock1->lo_witness)) { 806 mtx_unlock_spin(&w_mtx); 807 return (EDOOFUS); 808 } 809 810 /* Try to add the new order. */ 811 CTR3(KTR_WITNESS, "%s: adding %s as a child of %s", __func__, 812 lock2->lo_type, lock1->lo_type); 813 if (!itismychild(lock1->lo_witness, lock2->lo_witness)) 814 return (ENOMEM); 815 mtx_unlock_spin(&w_mtx); 816 return (0); 817 } 818 819 void 820 witness_checkorder(struct lock_object *lock, int flags, const char *file, 821 int line) 822 { 823 struct lock_list_entry **lock_list, *lle; 824 struct lock_instance *lock1, *lock2; 825 struct lock_class *class; 826 struct witness *w, *w1; 827 struct thread *td; 828 int i, j; 829 830 if (witness_cold || witness_watch == 0 || lock->lo_witness == NULL || 831 panicstr != NULL) 832 return; 833 834 /* 835 * Try locks do not block if they fail to acquire the lock, thus 836 * there is no danger of deadlocks or of switching while holding a 837 * spin lock if we acquire a lock via a try operation. This 838 * function shouldn't even be called for try locks, so panic if 839 * that happens. 840 */ 841 if (flags & LOP_TRYLOCK) 842 panic("%s should not be called for try lock operations", 843 __func__); 844 845 w = lock->lo_witness; 846 class = LOCK_CLASS(lock); 847 td = curthread; 848 file = fixup_filename(file); 849 850 if (class->lc_flags & LC_SLEEPLOCK) { 851 /* 852 * Since spin locks include a critical section, this check 853 * implicitly enforces a lock order of all sleep locks before 854 * all spin locks. 855 */ 856 if (td->td_critnest != 0 && !kdb_active) 857 panic("blockable sleep lock (%s) %s @ %s:%d", 858 class->lc_name, lock->lo_name, file, line); 859 860 /* 861 * If this is the first lock acquired then just return as 862 * no order checking is needed. 863 */ 864 if (td->td_sleeplocks == NULL) 865 return; 866 lock_list = &td->td_sleeplocks; 867 } else { 868 /* 869 * If this is the first lock, just return as no order 870 * checking is needed. We check this in both if clauses 871 * here as unifying the check would require us to use a 872 * critical section to ensure we don't migrate while doing 873 * the check. Note that if this is not the first lock, we 874 * are already in a critical section and are safe for the 875 * rest of the check. 876 */ 877 if (PCPU_GET(spinlocks) == NULL) 878 return; 879 lock_list = PCPU_PTR(spinlocks); 880 } 881 882 /* 883 * Check to see if we are recursing on a lock we already own. If 884 * so, make sure that we don't mismatch exclusive and shared lock 885 * acquires. 886 */ 887 lock1 = find_instance(*lock_list, lock); 888 if (lock1 != NULL) { 889 if ((lock1->li_flags & LI_EXCLUSIVE) != 0 && 890 (flags & LOP_EXCLUSIVE) == 0) { 891 printf("shared lock of (%s) %s @ %s:%d\n", 892 class->lc_name, lock->lo_name, file, line); 893 printf("while exclusively locked from %s:%d\n", 894 lock1->li_file, lock1->li_line); 895 panic("share->excl"); 896 } 897 if ((lock1->li_flags & LI_EXCLUSIVE) == 0 && 898 (flags & LOP_EXCLUSIVE) != 0) { 899 printf("exclusive lock of (%s) %s @ %s:%d\n", 900 class->lc_name, lock->lo_name, file, line); 901 printf("while share locked from %s:%d\n", 902 lock1->li_file, lock1->li_line); 903 panic("excl->share"); 904 } 905 return; 906 } 907 908 /* 909 * Try locks do not block if they fail to acquire the lock, thus 910 * there is no danger of deadlocks or of switching while holding a 911 * spin lock if we acquire a lock via a try operation. 912 */ 913 if (flags & LOP_TRYLOCK) 914 return; 915 916 /* 917 * Check for duplicate locks of the same type. Note that we only 918 * have to check for this on the last lock we just acquired. Any 919 * other cases will be caught as lock order violations. 920 */ 921 lock1 = &(*lock_list)->ll_children[(*lock_list)->ll_count - 1]; 922 w1 = lock1->li_lock->lo_witness; 923 if (w1 == w) { 924 if (w->w_same_squawked || (lock->lo_flags & LO_DUPOK) || 925 (flags & LOP_DUPOK)) 926 return; 927 w->w_same_squawked = 1; 928 printf("acquiring duplicate lock of same type: \"%s\"\n", 929 lock->lo_type); 930 printf(" 1st %s @ %s:%d\n", lock1->li_lock->lo_name, 931 lock1->li_file, lock1->li_line); 932 printf(" 2nd %s @ %s:%d\n", lock->lo_name, file, line); 933 #ifdef KDB 934 goto debugger; 935 #else 936 return; 937 #endif 938 } 939 MPASS(!mtx_owned(&w_mtx)); 940 mtx_lock_spin(&w_mtx); 941 /* 942 * If we know that the the lock we are acquiring comes after 943 * the lock we most recently acquired in the lock order tree, 944 * then there is no need for any further checks. 945 */ 946 if (isitmychild(w1, w)) { 947 mtx_unlock_spin(&w_mtx); 948 return; 949 } 950 for (j = 0, lle = *lock_list; lle != NULL; lle = lle->ll_next) { 951 for (i = lle->ll_count - 1; i >= 0; i--, j++) { 952 953 MPASS(j < WITNESS_COUNT); 954 lock1 = &lle->ll_children[i]; 955 w1 = lock1->li_lock->lo_witness; 956 957 /* 958 * If this lock doesn't undergo witness checking, 959 * then skip it. 960 */ 961 if (w1 == NULL) { 962 KASSERT((lock1->li_lock->lo_flags & LO_WITNESS) == 0, 963 ("lock missing witness structure")); 964 continue; 965 } 966 /* 967 * If we are locking Giant and this is a sleepable 968 * lock, then skip it. 969 */ 970 if ((lock1->li_lock->lo_flags & LO_SLEEPABLE) != 0 && 971 lock == &Giant.lock_object) 972 continue; 973 /* 974 * If we are locking a sleepable lock and this lock 975 * is Giant, then skip it. 976 */ 977 if ((lock->lo_flags & LO_SLEEPABLE) != 0 && 978 lock1->li_lock == &Giant.lock_object) 979 continue; 980 /* 981 * If we are locking a sleepable lock and this lock 982 * isn't sleepable, we want to treat it as a lock 983 * order violation to enfore a general lock order of 984 * sleepable locks before non-sleepable locks. 985 */ 986 if (((lock->lo_flags & LO_SLEEPABLE) != 0 && 987 (lock1->li_lock->lo_flags & LO_SLEEPABLE) == 0)) 988 goto reversal; 989 /* 990 * If we are locking Giant and this is a non-sleepable 991 * lock, then treat it as a reversal. 992 */ 993 if ((lock1->li_lock->lo_flags & LO_SLEEPABLE) == 0 && 994 lock == &Giant.lock_object) 995 goto reversal; 996 /* 997 * Check the lock order hierarchy for a reveresal. 998 */ 999 if (!isitmydescendant(w, w1)) 1000 continue; 1001 reversal: 1002 /* 1003 * We have a lock order violation, check to see if it 1004 * is allowed or has already been yelled about. 1005 */ 1006 mtx_unlock_spin(&w_mtx); 1007 #ifdef BLESSING 1008 /* 1009 * If the lock order is blessed, just bail. We don't 1010 * look for other lock order violations though, which 1011 * may be a bug. 1012 */ 1013 if (blessed(w, w1)) 1014 return; 1015 #endif 1016 if (lock1->li_lock == &Giant.lock_object) { 1017 if (w1->w_Giant_squawked) 1018 return; 1019 else 1020 w1->w_Giant_squawked = 1; 1021 } else { 1022 if (w1->w_other_squawked) 1023 return; 1024 else 1025 w1->w_other_squawked = 1; 1026 } 1027 /* 1028 * Ok, yell about it. 1029 */ 1030 if (((lock->lo_flags & LO_SLEEPABLE) != 0 && 1031 (lock1->li_lock->lo_flags & LO_SLEEPABLE) == 0)) 1032 printf( 1033 "lock order reversal: (sleepable after non-sleepable)\n"); 1034 else if ((lock1->li_lock->lo_flags & LO_SLEEPABLE) == 0 1035 && lock == &Giant.lock_object) 1036 printf( 1037 "lock order reversal: (Giant after non-sleepable)\n"); 1038 else 1039 printf("lock order reversal:\n"); 1040 /* 1041 * Try to locate an earlier lock with 1042 * witness w in our list. 1043 */ 1044 do { 1045 lock2 = &lle->ll_children[i]; 1046 MPASS(lock2->li_lock != NULL); 1047 if (lock2->li_lock->lo_witness == w) 1048 break; 1049 if (i == 0 && lle->ll_next != NULL) { 1050 lle = lle->ll_next; 1051 i = lle->ll_count - 1; 1052 MPASS(i >= 0 && i < LOCK_NCHILDREN); 1053 } else 1054 i--; 1055 } while (i >= 0); 1056 if (i < 0) { 1057 printf(" 1st %p %s (%s) @ %s:%d\n", 1058 lock1->li_lock, lock1->li_lock->lo_name, 1059 lock1->li_lock->lo_type, lock1->li_file, 1060 lock1->li_line); 1061 printf(" 2nd %p %s (%s) @ %s:%d\n", lock, 1062 lock->lo_name, lock->lo_type, file, line); 1063 } else { 1064 printf(" 1st %p %s (%s) @ %s:%d\n", 1065 lock2->li_lock, lock2->li_lock->lo_name, 1066 lock2->li_lock->lo_type, lock2->li_file, 1067 lock2->li_line); 1068 printf(" 2nd %p %s (%s) @ %s:%d\n", 1069 lock1->li_lock, lock1->li_lock->lo_name, 1070 lock1->li_lock->lo_type, lock1->li_file, 1071 lock1->li_line); 1072 printf(" 3rd %p %s (%s) @ %s:%d\n", lock, 1073 lock->lo_name, lock->lo_type, file, line); 1074 } 1075 #ifdef KDB 1076 goto debugger; 1077 #else 1078 return; 1079 #endif 1080 } 1081 } 1082 lock1 = &(*lock_list)->ll_children[(*lock_list)->ll_count - 1]; 1083 /* 1084 * If requested, build a new lock order. However, don't build a new 1085 * relationship between a sleepable lock and Giant if it is in the 1086 * wrong direction. The correct lock order is that sleepable locks 1087 * always come before Giant. 1088 */ 1089 if (flags & LOP_NEWORDER && 1090 !(lock1->li_lock == &Giant.lock_object && 1091 (lock->lo_flags & LO_SLEEPABLE) != 0)) { 1092 CTR3(KTR_WITNESS, "%s: adding %s as a child of %s", __func__, 1093 lock->lo_type, lock1->li_lock->lo_type); 1094 if (!itismychild(lock1->li_lock->lo_witness, w)) 1095 /* Witness is dead. */ 1096 return; 1097 } 1098 mtx_unlock_spin(&w_mtx); 1099 return; 1100 1101 #ifdef KDB 1102 debugger: 1103 if (witness_trace) 1104 kdb_backtrace(); 1105 if (witness_kdb) 1106 kdb_enter(__func__); 1107 #endif 1108 } 1109 1110 void 1111 witness_lock(struct lock_object *lock, int flags, const char *file, int line) 1112 { 1113 struct lock_list_entry **lock_list, *lle; 1114 struct lock_instance *instance; 1115 struct witness *w; 1116 struct thread *td; 1117 1118 if (witness_cold || witness_watch == 0 || lock->lo_witness == NULL || 1119 panicstr != NULL) 1120 return; 1121 w = lock->lo_witness; 1122 td = curthread; 1123 file = fixup_filename(file); 1124 1125 /* Determine lock list for this lock. */ 1126 if (LOCK_CLASS(lock)->lc_flags & LC_SLEEPLOCK) 1127 lock_list = &td->td_sleeplocks; 1128 else 1129 lock_list = PCPU_PTR(spinlocks); 1130 1131 /* Check to see if we are recursing on a lock we already own. */ 1132 instance = find_instance(*lock_list, lock); 1133 if (instance != NULL) { 1134 instance->li_flags++; 1135 CTR4(KTR_WITNESS, "%s: pid %d recursed on %s r=%d", __func__, 1136 td->td_proc->p_pid, lock->lo_name, 1137 instance->li_flags & LI_RECURSEMASK); 1138 instance->li_file = file; 1139 instance->li_line = line; 1140 return; 1141 } 1142 1143 /* Update per-witness last file and line acquire. */ 1144 w->w_file = file; 1145 w->w_line = line; 1146 1147 /* Find the next open lock instance in the list and fill it. */ 1148 lle = *lock_list; 1149 if (lle == NULL || lle->ll_count == LOCK_NCHILDREN) { 1150 lle = witness_lock_list_get(); 1151 if (lle == NULL) 1152 return; 1153 lle->ll_next = *lock_list; 1154 CTR3(KTR_WITNESS, "%s: pid %d added lle %p", __func__, 1155 td->td_proc->p_pid, lle); 1156 *lock_list = lle; 1157 } 1158 instance = &lle->ll_children[lle->ll_count++]; 1159 instance->li_lock = lock; 1160 instance->li_line = line; 1161 instance->li_file = file; 1162 if ((flags & LOP_EXCLUSIVE) != 0) 1163 instance->li_flags = LI_EXCLUSIVE; 1164 else 1165 instance->li_flags = 0; 1166 CTR4(KTR_WITNESS, "%s: pid %d added %s as lle[%d]", __func__, 1167 td->td_proc->p_pid, lock->lo_name, lle->ll_count - 1); 1168 } 1169 1170 void 1171 witness_upgrade(struct lock_object *lock, int flags, const char *file, int line) 1172 { 1173 struct lock_instance *instance; 1174 struct lock_class *class; 1175 1176 KASSERT(!witness_cold, ("%s: witness_cold", __func__)); 1177 if (lock->lo_witness == NULL || witness_watch == 0 || panicstr != NULL) 1178 return; 1179 class = LOCK_CLASS(lock); 1180 file = fixup_filename(file); 1181 if ((lock->lo_flags & LO_UPGRADABLE) == 0) 1182 panic("upgrade of non-upgradable lock (%s) %s @ %s:%d", 1183 class->lc_name, lock->lo_name, file, line); 1184 if ((flags & LOP_TRYLOCK) == 0) 1185 panic("non-try upgrade of lock (%s) %s @ %s:%d", class->lc_name, 1186 lock->lo_name, file, line); 1187 if ((class->lc_flags & LC_SLEEPLOCK) == 0) 1188 panic("upgrade of non-sleep lock (%s) %s @ %s:%d", 1189 class->lc_name, lock->lo_name, file, line); 1190 instance = find_instance(curthread->td_sleeplocks, lock); 1191 if (instance == NULL) 1192 panic("upgrade of unlocked lock (%s) %s @ %s:%d", 1193 class->lc_name, lock->lo_name, file, line); 1194 if ((instance->li_flags & LI_EXCLUSIVE) != 0) 1195 panic("upgrade of exclusive lock (%s) %s @ %s:%d", 1196 class->lc_name, lock->lo_name, file, line); 1197 if ((instance->li_flags & LI_RECURSEMASK) != 0) 1198 panic("upgrade of recursed lock (%s) %s r=%d @ %s:%d", 1199 class->lc_name, lock->lo_name, 1200 instance->li_flags & LI_RECURSEMASK, file, line); 1201 instance->li_flags |= LI_EXCLUSIVE; 1202 } 1203 1204 void 1205 witness_downgrade(struct lock_object *lock, int flags, const char *file, 1206 int line) 1207 { 1208 struct lock_instance *instance; 1209 struct lock_class *class; 1210 1211 KASSERT(!witness_cold, ("%s: witness_cold", __func__)); 1212 if (lock->lo_witness == NULL || witness_watch == 0 || panicstr != NULL) 1213 return; 1214 class = LOCK_CLASS(lock); 1215 file = fixup_filename(file); 1216 if ((lock->lo_flags & LO_UPGRADABLE) == 0) 1217 panic("downgrade of non-upgradable lock (%s) %s @ %s:%d", 1218 class->lc_name, lock->lo_name, file, line); 1219 if ((class->lc_flags & LC_SLEEPLOCK) == 0) 1220 panic("downgrade of non-sleep lock (%s) %s @ %s:%d", 1221 class->lc_name, lock->lo_name, file, line); 1222 instance = find_instance(curthread->td_sleeplocks, lock); 1223 if (instance == NULL) 1224 panic("downgrade of unlocked lock (%s) %s @ %s:%d", 1225 class->lc_name, lock->lo_name, file, line); 1226 if ((instance->li_flags & LI_EXCLUSIVE) == 0) 1227 panic("downgrade of shared lock (%s) %s @ %s:%d", 1228 class->lc_name, lock->lo_name, file, line); 1229 if ((instance->li_flags & LI_RECURSEMASK) != 0) 1230 panic("downgrade of recursed lock (%s) %s r=%d @ %s:%d", 1231 class->lc_name, lock->lo_name, 1232 instance->li_flags & LI_RECURSEMASK, file, line); 1233 instance->li_flags &= ~LI_EXCLUSIVE; 1234 } 1235 1236 void 1237 witness_unlock(struct lock_object *lock, int flags, const char *file, int line) 1238 { 1239 struct lock_list_entry **lock_list, *lle; 1240 struct lock_instance *instance; 1241 struct lock_class *class; 1242 struct thread *td; 1243 register_t s; 1244 int i, j; 1245 1246 if (witness_cold || witness_watch == 0 || lock->lo_witness == NULL || 1247 panicstr != NULL) 1248 return; 1249 td = curthread; 1250 class = LOCK_CLASS(lock); 1251 file = fixup_filename(file); 1252 1253 /* Find lock instance associated with this lock. */ 1254 if (class->lc_flags & LC_SLEEPLOCK) 1255 lock_list = &td->td_sleeplocks; 1256 else 1257 lock_list = PCPU_PTR(spinlocks); 1258 for (; *lock_list != NULL; lock_list = &(*lock_list)->ll_next) 1259 for (i = 0; i < (*lock_list)->ll_count; i++) { 1260 instance = &(*lock_list)->ll_children[i]; 1261 if (instance->li_lock == lock) 1262 goto found; 1263 } 1264 panic("lock (%s) %s not locked @ %s:%d", class->lc_name, lock->lo_name, 1265 file, line); 1266 found: 1267 1268 /* First, check for shared/exclusive mismatches. */ 1269 if ((instance->li_flags & LI_EXCLUSIVE) != 0 && 1270 (flags & LOP_EXCLUSIVE) == 0) { 1271 printf("shared unlock of (%s) %s @ %s:%d\n", class->lc_name, 1272 lock->lo_name, file, line); 1273 printf("while exclusively locked from %s:%d\n", 1274 instance->li_file, instance->li_line); 1275 panic("excl->ushare"); 1276 } 1277 if ((instance->li_flags & LI_EXCLUSIVE) == 0 && 1278 (flags & LOP_EXCLUSIVE) != 0) { 1279 printf("exclusive unlock of (%s) %s @ %s:%d\n", class->lc_name, 1280 lock->lo_name, file, line); 1281 printf("while share locked from %s:%d\n", instance->li_file, 1282 instance->li_line); 1283 panic("share->uexcl"); 1284 } 1285 1286 /* If we are recursed, unrecurse. */ 1287 if ((instance->li_flags & LI_RECURSEMASK) > 0) { 1288 CTR4(KTR_WITNESS, "%s: pid %d unrecursed on %s r=%d", __func__, 1289 td->td_proc->p_pid, instance->li_lock->lo_name, 1290 instance->li_flags); 1291 instance->li_flags--; 1292 return; 1293 } 1294 1295 /* Otherwise, remove this item from the list. */ 1296 s = intr_disable(); 1297 CTR4(KTR_WITNESS, "%s: pid %d removed %s from lle[%d]", __func__, 1298 td->td_proc->p_pid, instance->li_lock->lo_name, 1299 (*lock_list)->ll_count - 1); 1300 for (j = i; j < (*lock_list)->ll_count - 1; j++) 1301 (*lock_list)->ll_children[j] = 1302 (*lock_list)->ll_children[j + 1]; 1303 (*lock_list)->ll_count--; 1304 intr_restore(s); 1305 1306 /* If this lock list entry is now empty, free it. */ 1307 if ((*lock_list)->ll_count == 0) { 1308 lle = *lock_list; 1309 *lock_list = lle->ll_next; 1310 CTR3(KTR_WITNESS, "%s: pid %d removed lle %p", __func__, 1311 td->td_proc->p_pid, lle); 1312 witness_lock_list_free(lle); 1313 } 1314 } 1315 1316 /* 1317 * Warn if any locks other than 'lock' are held. Flags can be passed in to 1318 * exempt Giant and sleepable locks from the checks as well. If any 1319 * non-exempt locks are held, then a supplied message is printed to the 1320 * console along with a list of the offending locks. If indicated in the 1321 * flags then a failure results in a panic as well. 1322 */ 1323 int 1324 witness_warn(int flags, struct lock_object *lock, const char *fmt, ...) 1325 { 1326 struct lock_list_entry *lle; 1327 struct lock_instance *lock1; 1328 struct thread *td; 1329 va_list ap; 1330 int i, n; 1331 1332 if (witness_cold || witness_watch == 0 || panicstr != NULL) 1333 return (0); 1334 n = 0; 1335 td = curthread; 1336 for (lle = td->td_sleeplocks; lle != NULL; lle = lle->ll_next) 1337 for (i = lle->ll_count - 1; i >= 0; i--) { 1338 lock1 = &lle->ll_children[i]; 1339 if (lock1->li_lock == lock) 1340 continue; 1341 if (flags & WARN_GIANTOK && 1342 lock1->li_lock == &Giant.lock_object) 1343 continue; 1344 if (flags & WARN_SLEEPOK && 1345 (lock1->li_lock->lo_flags & LO_SLEEPABLE) != 0) 1346 continue; 1347 if (n == 0) { 1348 va_start(ap, fmt); 1349 vprintf(fmt, ap); 1350 va_end(ap); 1351 printf(" with the following"); 1352 if (flags & WARN_SLEEPOK) 1353 printf(" non-sleepable"); 1354 printf(" locks held:\n"); 1355 } 1356 n++; 1357 witness_list_lock(lock1); 1358 } 1359 if (PCPU_GET(spinlocks) != NULL) { 1360 /* 1361 * Since we already hold a spinlock preemption is 1362 * already blocked. 1363 */ 1364 if (n == 0) { 1365 va_start(ap, fmt); 1366 vprintf(fmt, ap); 1367 va_end(ap); 1368 printf(" with the following"); 1369 if (flags & WARN_SLEEPOK) 1370 printf(" non-sleepable"); 1371 printf(" locks held:\n"); 1372 } 1373 n += witness_list_locks(PCPU_PTR(spinlocks)); 1374 } 1375 if (flags & WARN_PANIC && n) 1376 panic("witness_warn"); 1377 #ifdef KDB 1378 else if (witness_kdb && n) 1379 kdb_enter(__func__); 1380 else if (witness_trace && n) 1381 kdb_backtrace(); 1382 #endif 1383 return (n); 1384 } 1385 1386 const char * 1387 witness_file(struct lock_object *lock) 1388 { 1389 struct witness *w; 1390 1391 if (witness_cold || witness_watch == 0 || lock->lo_witness == NULL) 1392 return ("?"); 1393 w = lock->lo_witness; 1394 return (w->w_file); 1395 } 1396 1397 int 1398 witness_line(struct lock_object *lock) 1399 { 1400 struct witness *w; 1401 1402 if (witness_cold || witness_watch == 0 || lock->lo_witness == NULL) 1403 return (0); 1404 w = lock->lo_witness; 1405 return (w->w_line); 1406 } 1407 1408 static struct witness * 1409 enroll(const char *description, struct lock_class *lock_class) 1410 { 1411 struct witness *w; 1412 1413 if (witness_watch == 0 || panicstr != NULL) 1414 return (NULL); 1415 if ((lock_class->lc_flags & LC_SPINLOCK) && witness_skipspin) 1416 return (NULL); 1417 mtx_lock_spin(&w_mtx); 1418 STAILQ_FOREACH(w, &w_all, w_list) { 1419 if (w->w_name == description || (w->w_refcount > 0 && 1420 strcmp(description, w->w_name) == 0)) { 1421 w->w_refcount++; 1422 mtx_unlock_spin(&w_mtx); 1423 if (lock_class != w->w_class) 1424 panic( 1425 "lock (%s) %s does not match earlier (%s) lock", 1426 description, lock_class->lc_name, 1427 w->w_class->lc_name); 1428 return (w); 1429 } 1430 } 1431 if ((w = witness_get()) == NULL) 1432 goto out; 1433 w->w_name = description; 1434 w->w_class = lock_class; 1435 w->w_refcount = 1; 1436 STAILQ_INSERT_HEAD(&w_all, w, w_list); 1437 if (lock_class->lc_flags & LC_SPINLOCK) { 1438 STAILQ_INSERT_HEAD(&w_spin, w, w_typelist); 1439 w_spin_cnt++; 1440 } else if (lock_class->lc_flags & LC_SLEEPLOCK) { 1441 STAILQ_INSERT_HEAD(&w_sleep, w, w_typelist); 1442 w_sleep_cnt++; 1443 } else { 1444 mtx_unlock_spin(&w_mtx); 1445 panic("lock class %s is not sleep or spin", 1446 lock_class->lc_name); 1447 } 1448 mtx_unlock_spin(&w_mtx); 1449 out: 1450 /* 1451 * We issue a warning for any spin locks not defined in the static 1452 * order list as a way to discourage their use (folks should really 1453 * be using non-spin mutexes most of the time). However, several 1454 * 3rd part device drivers use spin locks because that is all they 1455 * have available on Windows and Linux and they think that normal 1456 * mutexes are insufficient. 1457 */ 1458 if ((lock_class->lc_flags & LC_SPINLOCK) && witness_spin_warn) 1459 printf("WITNESS: spin lock %s not in order list\n", 1460 description); 1461 return (w); 1462 } 1463 1464 /* Don't let the door bang you on the way out... */ 1465 static int 1466 depart(struct witness *w) 1467 { 1468 struct witness_child_list_entry *wcl, *nwcl; 1469 struct witness_list *list; 1470 struct witness *parent; 1471 1472 MPASS(w->w_refcount == 0); 1473 if (w->w_class->lc_flags & LC_SLEEPLOCK) { 1474 list = &w_sleep; 1475 w_sleep_cnt--; 1476 } else { 1477 list = &w_spin; 1478 w_spin_cnt--; 1479 } 1480 /* 1481 * First, we run through the entire tree looking for any 1482 * witnesses that the outgoing witness is a child of. For 1483 * each parent that we find, we reparent all the direct 1484 * children of the outgoing witness to its parent. 1485 */ 1486 STAILQ_FOREACH(parent, list, w_typelist) { 1487 if (!isitmychild(parent, w)) 1488 continue; 1489 removechild(parent, w); 1490 } 1491 1492 /* 1493 * Now we go through and free up the child list of the 1494 * outgoing witness. 1495 */ 1496 for (wcl = w->w_children; wcl != NULL; wcl = nwcl) { 1497 nwcl = wcl->wcl_next; 1498 w_child_cnt--; 1499 witness_child_free(wcl); 1500 } 1501 1502 /* 1503 * Detach from various lists and free. 1504 */ 1505 STAILQ_REMOVE(list, w, witness, w_typelist); 1506 STAILQ_REMOVE(&w_all, w, witness, w_list); 1507 witness_free(w); 1508 1509 return (1); 1510 } 1511 1512 /* 1513 * Add "child" as a direct child of "parent". Returns false if 1514 * we fail due to out of memory. 1515 */ 1516 static int 1517 insertchild(struct witness *parent, struct witness *child) 1518 { 1519 struct witness_child_list_entry **wcl; 1520 1521 MPASS(child != NULL && parent != NULL); 1522 1523 /* 1524 * Insert "child" after "parent" 1525 */ 1526 wcl = &parent->w_children; 1527 while (*wcl != NULL && (*wcl)->wcl_count == WITNESS_NCHILDREN) 1528 wcl = &(*wcl)->wcl_next; 1529 if (*wcl == NULL) { 1530 *wcl = witness_child_get(); 1531 if (*wcl == NULL) 1532 return (0); 1533 w_child_cnt++; 1534 } 1535 (*wcl)->wcl_children[(*wcl)->wcl_count++] = child; 1536 1537 return (1); 1538 } 1539 1540 1541 static int 1542 itismychild(struct witness *parent, struct witness *child) 1543 { 1544 struct witness_list *list; 1545 1546 MPASS(child != NULL && parent != NULL); 1547 if ((parent->w_class->lc_flags & (LC_SLEEPLOCK | LC_SPINLOCK)) != 1548 (child->w_class->lc_flags & (LC_SLEEPLOCK | LC_SPINLOCK))) 1549 panic( 1550 "%s: parent (%s) and child (%s) are not the same lock type", 1551 __func__, parent->w_class->lc_name, 1552 child->w_class->lc_name); 1553 1554 if (!insertchild(parent, child)) 1555 return (0); 1556 1557 if (parent->w_class->lc_flags & LC_SLEEPLOCK) 1558 list = &w_sleep; 1559 else 1560 list = &w_spin; 1561 return (1); 1562 } 1563 1564 static void 1565 removechild(struct witness *parent, struct witness *child) 1566 { 1567 struct witness_child_list_entry **wcl, *wcl1; 1568 int i; 1569 1570 for (wcl = &parent->w_children; *wcl != NULL; wcl = &(*wcl)->wcl_next) 1571 for (i = 0; i < (*wcl)->wcl_count; i++) 1572 if ((*wcl)->wcl_children[i] == child) 1573 goto found; 1574 return; 1575 found: 1576 (*wcl)->wcl_count--; 1577 if ((*wcl)->wcl_count > i) 1578 (*wcl)->wcl_children[i] = 1579 (*wcl)->wcl_children[(*wcl)->wcl_count]; 1580 MPASS((*wcl)->wcl_children[i] != NULL); 1581 if ((*wcl)->wcl_count != 0) 1582 return; 1583 wcl1 = *wcl; 1584 *wcl = wcl1->wcl_next; 1585 w_child_cnt--; 1586 witness_child_free(wcl1); 1587 } 1588 1589 static int 1590 isitmychild(struct witness *parent, struct witness *child) 1591 { 1592 struct witness_child_list_entry *wcl; 1593 int i; 1594 1595 for (wcl = parent->w_children; wcl != NULL; wcl = wcl->wcl_next) { 1596 for (i = 0; i < wcl->wcl_count; i++) { 1597 if (wcl->wcl_children[i] == child) 1598 return (1); 1599 } 1600 } 1601 return (0); 1602 } 1603 1604 static int 1605 isitmydescendant(struct witness *parent, struct witness *child) 1606 { 1607 struct witness_child_list_entry *wcl; 1608 int i, j; 1609 1610 if (isitmychild(parent, child)) 1611 return (1); 1612 j = 0; 1613 for (wcl = parent->w_children; wcl != NULL; wcl = wcl->wcl_next) { 1614 MPASS(j < 1000); 1615 for (i = 0; i < wcl->wcl_count; i++) { 1616 if (isitmydescendant(wcl->wcl_children[i], child)) 1617 return (1); 1618 } 1619 j++; 1620 } 1621 return (0); 1622 } 1623 1624 #ifdef BLESSING 1625 static int 1626 blessed(struct witness *w1, struct witness *w2) 1627 { 1628 int i; 1629 struct witness_blessed *b; 1630 1631 for (i = 0; i < blessed_count; i++) { 1632 b = &blessed_list[i]; 1633 if (strcmp(w1->w_name, b->b_lock1) == 0) { 1634 if (strcmp(w2->w_name, b->b_lock2) == 0) 1635 return (1); 1636 continue; 1637 } 1638 if (strcmp(w1->w_name, b->b_lock2) == 0) 1639 if (strcmp(w2->w_name, b->b_lock1) == 0) 1640 return (1); 1641 } 1642 return (0); 1643 } 1644 #endif 1645 1646 static struct witness * 1647 witness_get(void) 1648 { 1649 struct witness *w; 1650 1651 if (witness_watch == 0) { 1652 mtx_unlock_spin(&w_mtx); 1653 return (NULL); 1654 } 1655 if (STAILQ_EMPTY(&w_free)) { 1656 witness_watch = 0; 1657 mtx_unlock_spin(&w_mtx); 1658 printf("%s: witness exhausted\n", __func__); 1659 return (NULL); 1660 } 1661 w = STAILQ_FIRST(&w_free); 1662 STAILQ_REMOVE_HEAD(&w_free, w_list); 1663 w_free_cnt--; 1664 bzero(w, sizeof(*w)); 1665 return (w); 1666 } 1667 1668 static void 1669 witness_free(struct witness *w) 1670 { 1671 1672 STAILQ_INSERT_HEAD(&w_free, w, w_list); 1673 w_free_cnt++; 1674 } 1675 1676 static struct witness_child_list_entry * 1677 witness_child_get(void) 1678 { 1679 struct witness_child_list_entry *wcl; 1680 1681 if (witness_watch == 0) { 1682 mtx_unlock_spin(&w_mtx); 1683 return (NULL); 1684 } 1685 wcl = w_child_free; 1686 if (wcl == NULL) { 1687 witness_watch = 0; 1688 mtx_unlock_spin(&w_mtx); 1689 printf("%s: witness exhausted\n", __func__); 1690 return (NULL); 1691 } 1692 w_child_free = wcl->wcl_next; 1693 w_child_free_cnt--; 1694 bzero(wcl, sizeof(*wcl)); 1695 return (wcl); 1696 } 1697 1698 static void 1699 witness_child_free(struct witness_child_list_entry *wcl) 1700 { 1701 1702 wcl->wcl_next = w_child_free; 1703 w_child_free = wcl; 1704 w_child_free_cnt++; 1705 } 1706 1707 static struct lock_list_entry * 1708 witness_lock_list_get(void) 1709 { 1710 struct lock_list_entry *lle; 1711 1712 if (witness_watch == 0) 1713 return (NULL); 1714 mtx_lock_spin(&w_mtx); 1715 lle = w_lock_list_free; 1716 if (lle == NULL) { 1717 witness_watch = 0; 1718 mtx_unlock_spin(&w_mtx); 1719 printf("%s: witness exhausted\n", __func__); 1720 return (NULL); 1721 } 1722 w_lock_list_free = lle->ll_next; 1723 mtx_unlock_spin(&w_mtx); 1724 bzero(lle, sizeof(*lle)); 1725 return (lle); 1726 } 1727 1728 static void 1729 witness_lock_list_free(struct lock_list_entry *lle) 1730 { 1731 1732 mtx_lock_spin(&w_mtx); 1733 lle->ll_next = w_lock_list_free; 1734 w_lock_list_free = lle; 1735 mtx_unlock_spin(&w_mtx); 1736 } 1737 1738 static struct lock_instance * 1739 find_instance(struct lock_list_entry *lock_list, struct lock_object *lock) 1740 { 1741 struct lock_list_entry *lle; 1742 struct lock_instance *instance; 1743 int i; 1744 1745 for (lle = lock_list; lle != NULL; lle = lle->ll_next) 1746 for (i = lle->ll_count - 1; i >= 0; i--) { 1747 instance = &lle->ll_children[i]; 1748 if (instance->li_lock == lock) 1749 return (instance); 1750 } 1751 return (NULL); 1752 } 1753 1754 static void 1755 witness_list_lock(struct lock_instance *instance) 1756 { 1757 struct lock_object *lock; 1758 1759 lock = instance->li_lock; 1760 printf("%s %s %s", (instance->li_flags & LI_EXCLUSIVE) != 0 ? 1761 "exclusive" : "shared", LOCK_CLASS(lock)->lc_name, lock->lo_name); 1762 if (lock->lo_type != lock->lo_name) 1763 printf(" (%s)", lock->lo_type); 1764 printf(" r = %d (%p) locked @ %s:%d\n", 1765 instance->li_flags & LI_RECURSEMASK, lock, instance->li_file, 1766 instance->li_line); 1767 } 1768 1769 #ifdef DDB 1770 static int 1771 witness_thread_has_locks(struct thread *td) 1772 { 1773 1774 return (td->td_sleeplocks != NULL); 1775 } 1776 1777 static int 1778 witness_proc_has_locks(struct proc *p) 1779 { 1780 struct thread *td; 1781 1782 FOREACH_THREAD_IN_PROC(p, td) { 1783 if (witness_thread_has_locks(td)) 1784 return (1); 1785 } 1786 return (0); 1787 } 1788 #endif 1789 1790 int 1791 witness_list_locks(struct lock_list_entry **lock_list) 1792 { 1793 struct lock_list_entry *lle; 1794 int i, nheld; 1795 1796 nheld = 0; 1797 for (lle = *lock_list; lle != NULL; lle = lle->ll_next) 1798 for (i = lle->ll_count - 1; i >= 0; i--) { 1799 witness_list_lock(&lle->ll_children[i]); 1800 nheld++; 1801 } 1802 return (nheld); 1803 } 1804 1805 /* 1806 * This is a bit risky at best. We call this function when we have timed 1807 * out acquiring a spin lock, and we assume that the other CPU is stuck 1808 * with this lock held. So, we go groveling around in the other CPU's 1809 * per-cpu data to try to find the lock instance for this spin lock to 1810 * see when it was last acquired. 1811 */ 1812 void 1813 witness_display_spinlock(struct lock_object *lock, struct thread *owner) 1814 { 1815 struct lock_instance *instance; 1816 struct pcpu *pc; 1817 1818 if (owner->td_critnest == 0 || owner->td_oncpu == NOCPU) 1819 return; 1820 pc = pcpu_find(owner->td_oncpu); 1821 instance = find_instance(pc->pc_spinlocks, lock); 1822 if (instance != NULL) 1823 witness_list_lock(instance); 1824 } 1825 1826 void 1827 witness_save(struct lock_object *lock, const char **filep, int *linep) 1828 { 1829 struct lock_list_entry *lock_list; 1830 struct lock_instance *instance; 1831 struct lock_class *class; 1832 1833 KASSERT(!witness_cold, ("%s: witness_cold", __func__)); 1834 if (lock->lo_witness == NULL || witness_watch == 0 || panicstr != NULL) 1835 return; 1836 class = LOCK_CLASS(lock); 1837 if (class->lc_flags & LC_SLEEPLOCK) 1838 lock_list = curthread->td_sleeplocks; 1839 else { 1840 if (witness_skipspin) 1841 return; 1842 lock_list = PCPU_GET(spinlocks); 1843 } 1844 instance = find_instance(lock_list, lock); 1845 if (instance == NULL) 1846 panic("%s: lock (%s) %s not locked", __func__, 1847 class->lc_name, lock->lo_name); 1848 *filep = instance->li_file; 1849 *linep = instance->li_line; 1850 } 1851 1852 void 1853 witness_restore(struct lock_object *lock, const char *file, int line) 1854 { 1855 struct lock_list_entry *lock_list; 1856 struct lock_instance *instance; 1857 struct lock_class *class; 1858 1859 KASSERT(!witness_cold, ("%s: witness_cold", __func__)); 1860 if (lock->lo_witness == NULL || witness_watch == 0 || panicstr != NULL) 1861 return; 1862 class = LOCK_CLASS(lock); 1863 if (class->lc_flags & LC_SLEEPLOCK) 1864 lock_list = curthread->td_sleeplocks; 1865 else { 1866 if (witness_skipspin) 1867 return; 1868 lock_list = PCPU_GET(spinlocks); 1869 } 1870 instance = find_instance(lock_list, lock); 1871 if (instance == NULL) 1872 panic("%s: lock (%s) %s not locked", __func__, 1873 class->lc_name, lock->lo_name); 1874 lock->lo_witness->w_file = file; 1875 lock->lo_witness->w_line = line; 1876 instance->li_file = file; 1877 instance->li_line = line; 1878 } 1879 1880 void 1881 witness_assert(struct lock_object *lock, int flags, const char *file, int line) 1882 { 1883 #ifdef INVARIANT_SUPPORT 1884 struct lock_instance *instance; 1885 struct lock_class *class; 1886 1887 if (lock->lo_witness == NULL || witness_watch == 0 || panicstr != NULL) 1888 return; 1889 class = LOCK_CLASS(lock); 1890 if ((class->lc_flags & LC_SLEEPLOCK) != 0) 1891 instance = find_instance(curthread->td_sleeplocks, lock); 1892 else if ((class->lc_flags & LC_SPINLOCK) != 0) 1893 instance = find_instance(PCPU_GET(spinlocks), lock); 1894 else { 1895 panic("Lock (%s) %s is not sleep or spin!", 1896 class->lc_name, lock->lo_name); 1897 } 1898 file = fixup_filename(file); 1899 switch (flags) { 1900 case LA_UNLOCKED: 1901 if (instance != NULL) 1902 panic("Lock (%s) %s locked @ %s:%d.", 1903 class->lc_name, lock->lo_name, file, line); 1904 break; 1905 case LA_LOCKED: 1906 case LA_LOCKED | LA_RECURSED: 1907 case LA_LOCKED | LA_NOTRECURSED: 1908 case LA_SLOCKED: 1909 case LA_SLOCKED | LA_RECURSED: 1910 case LA_SLOCKED | LA_NOTRECURSED: 1911 case LA_XLOCKED: 1912 case LA_XLOCKED | LA_RECURSED: 1913 case LA_XLOCKED | LA_NOTRECURSED: 1914 if (instance == NULL) { 1915 panic("Lock (%s) %s not locked @ %s:%d.", 1916 class->lc_name, lock->lo_name, file, line); 1917 break; 1918 } 1919 if ((flags & LA_XLOCKED) != 0 && 1920 (instance->li_flags & LI_EXCLUSIVE) == 0) 1921 panic("Lock (%s) %s not exclusively locked @ %s:%d.", 1922 class->lc_name, lock->lo_name, file, line); 1923 if ((flags & LA_SLOCKED) != 0 && 1924 (instance->li_flags & LI_EXCLUSIVE) != 0) 1925 panic("Lock (%s) %s exclusively locked @ %s:%d.", 1926 class->lc_name, lock->lo_name, file, line); 1927 if ((flags & LA_RECURSED) != 0 && 1928 (instance->li_flags & LI_RECURSEMASK) == 0) 1929 panic("Lock (%s) %s not recursed @ %s:%d.", 1930 class->lc_name, lock->lo_name, file, line); 1931 if ((flags & LA_NOTRECURSED) != 0 && 1932 (instance->li_flags & LI_RECURSEMASK) != 0) 1933 panic("Lock (%s) %s recursed @ %s:%d.", 1934 class->lc_name, lock->lo_name, file, line); 1935 break; 1936 default: 1937 panic("Invalid lock assertion at %s:%d.", file, line); 1938 1939 } 1940 #endif /* INVARIANT_SUPPORT */ 1941 } 1942 1943 #ifdef DDB 1944 static void 1945 witness_list(struct thread *td) 1946 { 1947 1948 KASSERT(!witness_cold, ("%s: witness_cold", __func__)); 1949 KASSERT(kdb_active, ("%s: not in the debugger", __func__)); 1950 1951 if (witness_watch == 0) 1952 return; 1953 1954 witness_list_locks(&td->td_sleeplocks); 1955 1956 /* 1957 * We only handle spinlocks if td == curthread. This is somewhat broken 1958 * if td is currently executing on some other CPU and holds spin locks 1959 * as we won't display those locks. If we had a MI way of getting 1960 * the per-cpu data for a given cpu then we could use 1961 * td->td_oncpu to get the list of spinlocks for this thread 1962 * and "fix" this. 1963 * 1964 * That still wouldn't really fix this unless we locked sched_lock 1965 * or stopped the other CPU to make sure it wasn't changing the list 1966 * out from under us. It is probably best to just not try to handle 1967 * threads on other CPU's for now. 1968 */ 1969 if (td == curthread && PCPU_GET(spinlocks) != NULL) 1970 witness_list_locks(PCPU_PTR(spinlocks)); 1971 } 1972 1973 DB_SHOW_COMMAND(locks, db_witness_list) 1974 { 1975 struct thread *td; 1976 1977 if (have_addr) 1978 td = db_lookup_thread(addr, TRUE); 1979 else 1980 td = kdb_thread; 1981 witness_list(td); 1982 } 1983 1984 DB_SHOW_COMMAND(alllocks, db_witness_list_all) 1985 { 1986 struct thread *td; 1987 struct proc *p; 1988 1989 /* 1990 * It would be nice to list only threads and processes that actually 1991 * held sleep locks, but that information is currently not exported 1992 * by WITNESS. 1993 */ 1994 FOREACH_PROC_IN_SYSTEM(p) { 1995 if (!witness_proc_has_locks(p)) 1996 continue; 1997 FOREACH_THREAD_IN_PROC(p, td) { 1998 if (!witness_thread_has_locks(td)) 1999 continue; 2000 db_printf("Process %d (%s) thread %p (%d)\n", p->p_pid, 2001 p->p_comm, td, td->td_tid); 2002 witness_list(td); 2003 } 2004 } 2005 } 2006 2007 DB_SHOW_COMMAND(witness, db_witness_display) 2008 { 2009 2010 witness_display(db_printf); 2011 } 2012 #endif 2013