1 /* 2 * Kernel Debugger Architecture Independent Support Functions 3 * 4 * This file is subject to the terms and conditions of the GNU General Public 5 * License. See the file "COPYING" in the main directory of this archive 6 * for more details. 7 * 8 * Copyright (c) 1999-2004 Silicon Graphics, Inc. All Rights Reserved. 9 * Copyright (c) 2009 Wind River Systems, Inc. All Rights Reserved. 10 * 03/02/13 added new 2.5 kallsyms <xavier.bru@bull.net> 11 */ 12 13 #include <stdarg.h> 14 #include <linux/types.h> 15 #include <linux/sched.h> 16 #include <linux/mm.h> 17 #include <linux/kallsyms.h> 18 #include <linux/stddef.h> 19 #include <linux/vmalloc.h> 20 #include <linux/ptrace.h> 21 #include <linux/module.h> 22 #include <linux/highmem.h> 23 #include <linux/hardirq.h> 24 #include <linux/delay.h> 25 #include <linux/uaccess.h> 26 #include <linux/kdb.h> 27 #include <linux/slab.h> 28 #include "kdb_private.h" 29 30 /* 31 * kdbgetsymval - Return the address of the given symbol. 32 * 33 * Parameters: 34 * symname Character string containing symbol name 35 * symtab Structure to receive results 36 * Returns: 37 * 0 Symbol not found, symtab zero filled 38 * 1 Symbol mapped to module/symbol/section, data in symtab 39 */ 40 int kdbgetsymval(const char *symname, kdb_symtab_t *symtab) 41 { 42 kdb_dbg_printf(AR, "symname=%s, symtab=%px\n", symname, symtab); 43 memset(symtab, 0, sizeof(*symtab)); 44 symtab->sym_start = kallsyms_lookup_name(symname); 45 if (symtab->sym_start) { 46 kdb_dbg_printf(AR, "returns 1, symtab->sym_start=0x%lx\n", 47 symtab->sym_start); 48 return 1; 49 } 50 kdb_dbg_printf(AR, "returns 0\n"); 51 return 0; 52 } 53 EXPORT_SYMBOL(kdbgetsymval); 54 55 static char *kdb_name_table[100]; /* arbitrary size */ 56 57 /* 58 * kdbnearsym - Return the name of the symbol with the nearest address 59 * less than 'addr'. 60 * 61 * Parameters: 62 * addr Address to check for symbol near 63 * symtab Structure to receive results 64 * Returns: 65 * 0 No sections contain this address, symtab zero filled 66 * 1 Address mapped to module/symbol/section, data in symtab 67 * Remarks: 68 * 2.6 kallsyms has a "feature" where it unpacks the name into a 69 * string. If that string is reused before the caller expects it 70 * then the caller sees its string change without warning. To 71 * avoid cluttering up the main kdb code with lots of kdb_strdup, 72 * tests and kfree calls, kdbnearsym maintains an LRU list of the 73 * last few unique strings. The list is sized large enough to 74 * hold active strings, no kdb caller of kdbnearsym makes more 75 * than ~20 later calls before using a saved value. 76 */ 77 int kdbnearsym(unsigned long addr, kdb_symtab_t *symtab) 78 { 79 int ret = 0; 80 unsigned long symbolsize = 0; 81 unsigned long offset = 0; 82 #define knt1_size 128 /* must be >= kallsyms table size */ 83 char *knt1 = NULL; 84 85 kdb_dbg_printf(AR, "addr=0x%lx, symtab=%px\n", addr, symtab); 86 memset(symtab, 0, sizeof(*symtab)); 87 88 if (addr < 4096) 89 goto out; 90 knt1 = debug_kmalloc(knt1_size, GFP_ATOMIC); 91 if (!knt1) { 92 kdb_func_printf("addr=0x%lx cannot kmalloc knt1\n", addr); 93 goto out; 94 } 95 symtab->sym_name = kallsyms_lookup(addr, &symbolsize , &offset, 96 (char **)(&symtab->mod_name), knt1); 97 if (offset > 8*1024*1024) { 98 symtab->sym_name = NULL; 99 addr = offset = symbolsize = 0; 100 } 101 symtab->sym_start = addr - offset; 102 symtab->sym_end = symtab->sym_start + symbolsize; 103 ret = symtab->sym_name != NULL && *(symtab->sym_name) != '\0'; 104 105 if (ret) { 106 int i; 107 /* Another 2.6 kallsyms "feature". Sometimes the sym_name is 108 * set but the buffer passed into kallsyms_lookup is not used, 109 * so it contains garbage. The caller has to work out which 110 * buffer needs to be saved. 111 * 112 * What was Rusty smoking when he wrote that code? 113 */ 114 if (symtab->sym_name != knt1) { 115 strncpy(knt1, symtab->sym_name, knt1_size); 116 knt1[knt1_size-1] = '\0'; 117 } 118 for (i = 0; i < ARRAY_SIZE(kdb_name_table); ++i) { 119 if (kdb_name_table[i] && 120 strcmp(kdb_name_table[i], knt1) == 0) 121 break; 122 } 123 if (i >= ARRAY_SIZE(kdb_name_table)) { 124 debug_kfree(kdb_name_table[0]); 125 memmove(kdb_name_table, kdb_name_table+1, 126 sizeof(kdb_name_table[0]) * 127 (ARRAY_SIZE(kdb_name_table)-1)); 128 } else { 129 debug_kfree(knt1); 130 knt1 = kdb_name_table[i]; 131 memmove(kdb_name_table+i, kdb_name_table+i+1, 132 sizeof(kdb_name_table[0]) * 133 (ARRAY_SIZE(kdb_name_table)-i-1)); 134 } 135 i = ARRAY_SIZE(kdb_name_table) - 1; 136 kdb_name_table[i] = knt1; 137 symtab->sym_name = kdb_name_table[i]; 138 knt1 = NULL; 139 } 140 141 if (symtab->mod_name == NULL) 142 symtab->mod_name = "kernel"; 143 kdb_dbg_printf(AR, "returns %d symtab->sym_start=0x%lx, symtab->mod_name=%px, symtab->sym_name=%px (%s)\n", 144 ret, symtab->sym_start, symtab->mod_name, symtab->sym_name, symtab->sym_name); 145 146 out: 147 debug_kfree(knt1); 148 return ret; 149 } 150 151 void kdbnearsym_cleanup(void) 152 { 153 int i; 154 for (i = 0; i < ARRAY_SIZE(kdb_name_table); ++i) { 155 if (kdb_name_table[i]) { 156 debug_kfree(kdb_name_table[i]); 157 kdb_name_table[i] = NULL; 158 } 159 } 160 } 161 162 static char ks_namebuf[KSYM_NAME_LEN+1], ks_namebuf_prev[KSYM_NAME_LEN+1]; 163 164 /* 165 * kallsyms_symbol_complete 166 * 167 * Parameters: 168 * prefix_name prefix of a symbol name to lookup 169 * max_len maximum length that can be returned 170 * Returns: 171 * Number of symbols which match the given prefix. 172 * Notes: 173 * prefix_name is changed to contain the longest unique prefix that 174 * starts with this prefix (tab completion). 175 */ 176 int kallsyms_symbol_complete(char *prefix_name, int max_len) 177 { 178 loff_t pos = 0; 179 int prefix_len = strlen(prefix_name), prev_len = 0; 180 int i, number = 0; 181 const char *name; 182 183 while ((name = kdb_walk_kallsyms(&pos))) { 184 if (strncmp(name, prefix_name, prefix_len) == 0) { 185 strscpy(ks_namebuf, name, sizeof(ks_namebuf)); 186 /* Work out the longest name that matches the prefix */ 187 if (++number == 1) { 188 prev_len = min_t(int, max_len-1, 189 strlen(ks_namebuf)); 190 memcpy(ks_namebuf_prev, ks_namebuf, prev_len); 191 ks_namebuf_prev[prev_len] = '\0'; 192 continue; 193 } 194 for (i = 0; i < prev_len; i++) { 195 if (ks_namebuf[i] != ks_namebuf_prev[i]) { 196 prev_len = i; 197 ks_namebuf_prev[i] = '\0'; 198 break; 199 } 200 } 201 } 202 } 203 if (prev_len > prefix_len) 204 memcpy(prefix_name, ks_namebuf_prev, prev_len+1); 205 return number; 206 } 207 208 /* 209 * kallsyms_symbol_next 210 * 211 * Parameters: 212 * prefix_name prefix of a symbol name to lookup 213 * flag 0 means search from the head, 1 means continue search. 214 * buf_size maximum length that can be written to prefix_name 215 * buffer 216 * Returns: 217 * 1 if a symbol matches the given prefix. 218 * 0 if no string found 219 */ 220 int kallsyms_symbol_next(char *prefix_name, int flag, int buf_size) 221 { 222 int prefix_len = strlen(prefix_name); 223 static loff_t pos; 224 const char *name; 225 226 if (!flag) 227 pos = 0; 228 229 while ((name = kdb_walk_kallsyms(&pos))) { 230 if (!strncmp(name, prefix_name, prefix_len)) 231 return strscpy(prefix_name, name, buf_size); 232 } 233 return 0; 234 } 235 236 /* 237 * kdb_symbol_print - Standard method for printing a symbol name and offset. 238 * Inputs: 239 * addr Address to be printed. 240 * symtab Address of symbol data, if NULL this routine does its 241 * own lookup. 242 * punc Punctuation for string, bit field. 243 * Remarks: 244 * The string and its punctuation is only printed if the address 245 * is inside the kernel, except that the value is always printed 246 * when requested. 247 */ 248 void kdb_symbol_print(unsigned long addr, const kdb_symtab_t *symtab_p, 249 unsigned int punc) 250 { 251 kdb_symtab_t symtab, *symtab_p2; 252 if (symtab_p) { 253 symtab_p2 = (kdb_symtab_t *)symtab_p; 254 } else { 255 symtab_p2 = &symtab; 256 kdbnearsym(addr, symtab_p2); 257 } 258 if (!(symtab_p2->sym_name || (punc & KDB_SP_VALUE))) 259 return; 260 if (punc & KDB_SP_SPACEB) 261 kdb_printf(" "); 262 if (punc & KDB_SP_VALUE) 263 kdb_printf(kdb_machreg_fmt0, addr); 264 if (symtab_p2->sym_name) { 265 if (punc & KDB_SP_VALUE) 266 kdb_printf(" "); 267 if (punc & KDB_SP_PAREN) 268 kdb_printf("("); 269 if (strcmp(symtab_p2->mod_name, "kernel")) 270 kdb_printf("[%s]", symtab_p2->mod_name); 271 kdb_printf("%s", symtab_p2->sym_name); 272 if (addr != symtab_p2->sym_start) 273 kdb_printf("+0x%lx", addr - symtab_p2->sym_start); 274 if (punc & KDB_SP_SYMSIZE) 275 kdb_printf("/0x%lx", 276 symtab_p2->sym_end - symtab_p2->sym_start); 277 if (punc & KDB_SP_PAREN) 278 kdb_printf(")"); 279 } 280 if (punc & KDB_SP_SPACEA) 281 kdb_printf(" "); 282 if (punc & KDB_SP_NEWLINE) 283 kdb_printf("\n"); 284 } 285 286 /* 287 * kdb_strdup - kdb equivalent of strdup, for disasm code. 288 * Inputs: 289 * str The string to duplicate. 290 * type Flags to kmalloc for the new string. 291 * Returns: 292 * Address of the new string, NULL if storage could not be allocated. 293 * Remarks: 294 * This is not in lib/string.c because it uses kmalloc which is not 295 * available when string.o is used in boot loaders. 296 */ 297 char *kdb_strdup(const char *str, gfp_t type) 298 { 299 int n = strlen(str)+1; 300 char *s = kmalloc(n, type); 301 if (!s) 302 return NULL; 303 return strcpy(s, str); 304 } 305 306 /* 307 * kdb_getarea_size - Read an area of data. The kdb equivalent of 308 * copy_from_user, with kdb messages for invalid addresses. 309 * Inputs: 310 * res Pointer to the area to receive the result. 311 * addr Address of the area to copy. 312 * size Size of the area. 313 * Returns: 314 * 0 for success, < 0 for error. 315 */ 316 int kdb_getarea_size(void *res, unsigned long addr, size_t size) 317 { 318 int ret = copy_from_kernel_nofault((char *)res, (char *)addr, size); 319 if (ret) { 320 if (!KDB_STATE(SUPPRESS)) { 321 kdb_func_printf("Bad address 0x%lx\n", addr); 322 KDB_STATE_SET(SUPPRESS); 323 } 324 ret = KDB_BADADDR; 325 } else { 326 KDB_STATE_CLEAR(SUPPRESS); 327 } 328 return ret; 329 } 330 331 /* 332 * kdb_putarea_size - Write an area of data. The kdb equivalent of 333 * copy_to_user, with kdb messages for invalid addresses. 334 * Inputs: 335 * addr Address of the area to write to. 336 * res Pointer to the area holding the data. 337 * size Size of the area. 338 * Returns: 339 * 0 for success, < 0 for error. 340 */ 341 int kdb_putarea_size(unsigned long addr, void *res, size_t size) 342 { 343 int ret = copy_from_kernel_nofault((char *)addr, (char *)res, size); 344 if (ret) { 345 if (!KDB_STATE(SUPPRESS)) { 346 kdb_func_printf("Bad address 0x%lx\n", addr); 347 KDB_STATE_SET(SUPPRESS); 348 } 349 ret = KDB_BADADDR; 350 } else { 351 KDB_STATE_CLEAR(SUPPRESS); 352 } 353 return ret; 354 } 355 356 /* 357 * kdb_getphys - Read data from a physical address. Validate the 358 * address is in range, use kmap_atomic() to get data 359 * similar to kdb_getarea() - but for phys addresses 360 * Inputs: 361 * res Pointer to the word to receive the result 362 * addr Physical address of the area to copy 363 * size Size of the area 364 * Returns: 365 * 0 for success, < 0 for error. 366 */ 367 static int kdb_getphys(void *res, unsigned long addr, size_t size) 368 { 369 unsigned long pfn; 370 void *vaddr; 371 struct page *page; 372 373 pfn = (addr >> PAGE_SHIFT); 374 if (!pfn_valid(pfn)) 375 return 1; 376 page = pfn_to_page(pfn); 377 vaddr = kmap_atomic(page); 378 memcpy(res, vaddr + (addr & (PAGE_SIZE - 1)), size); 379 kunmap_atomic(vaddr); 380 381 return 0; 382 } 383 384 /* 385 * kdb_getphysword 386 * Inputs: 387 * word Pointer to the word to receive the result. 388 * addr Address of the area to copy. 389 * size Size of the area. 390 * Returns: 391 * 0 for success, < 0 for error. 392 */ 393 int kdb_getphysword(unsigned long *word, unsigned long addr, size_t size) 394 { 395 int diag; 396 __u8 w1; 397 __u16 w2; 398 __u32 w4; 399 __u64 w8; 400 *word = 0; /* Default value if addr or size is invalid */ 401 402 switch (size) { 403 case 1: 404 diag = kdb_getphys(&w1, addr, sizeof(w1)); 405 if (!diag) 406 *word = w1; 407 break; 408 case 2: 409 diag = kdb_getphys(&w2, addr, sizeof(w2)); 410 if (!diag) 411 *word = w2; 412 break; 413 case 4: 414 diag = kdb_getphys(&w4, addr, sizeof(w4)); 415 if (!diag) 416 *word = w4; 417 break; 418 case 8: 419 if (size <= sizeof(*word)) { 420 diag = kdb_getphys(&w8, addr, sizeof(w8)); 421 if (!diag) 422 *word = w8; 423 break; 424 } 425 fallthrough; 426 default: 427 diag = KDB_BADWIDTH; 428 kdb_func_printf("bad width %zu\n", size); 429 } 430 return diag; 431 } 432 433 /* 434 * kdb_getword - Read a binary value. Unlike kdb_getarea, this treats 435 * data as numbers. 436 * Inputs: 437 * word Pointer to the word to receive the result. 438 * addr Address of the area to copy. 439 * size Size of the area. 440 * Returns: 441 * 0 for success, < 0 for error. 442 */ 443 int kdb_getword(unsigned long *word, unsigned long addr, size_t size) 444 { 445 int diag; 446 __u8 w1; 447 __u16 w2; 448 __u32 w4; 449 __u64 w8; 450 *word = 0; /* Default value if addr or size is invalid */ 451 switch (size) { 452 case 1: 453 diag = kdb_getarea(w1, addr); 454 if (!diag) 455 *word = w1; 456 break; 457 case 2: 458 diag = kdb_getarea(w2, addr); 459 if (!diag) 460 *word = w2; 461 break; 462 case 4: 463 diag = kdb_getarea(w4, addr); 464 if (!diag) 465 *word = w4; 466 break; 467 case 8: 468 if (size <= sizeof(*word)) { 469 diag = kdb_getarea(w8, addr); 470 if (!diag) 471 *word = w8; 472 break; 473 } 474 fallthrough; 475 default: 476 diag = KDB_BADWIDTH; 477 kdb_func_printf("bad width %zu\n", size); 478 } 479 return diag; 480 } 481 482 /* 483 * kdb_putword - Write a binary value. Unlike kdb_putarea, this 484 * treats data as numbers. 485 * Inputs: 486 * addr Address of the area to write to.. 487 * word The value to set. 488 * size Size of the area. 489 * Returns: 490 * 0 for success, < 0 for error. 491 */ 492 int kdb_putword(unsigned long addr, unsigned long word, size_t size) 493 { 494 int diag; 495 __u8 w1; 496 __u16 w2; 497 __u32 w4; 498 __u64 w8; 499 switch (size) { 500 case 1: 501 w1 = word; 502 diag = kdb_putarea(addr, w1); 503 break; 504 case 2: 505 w2 = word; 506 diag = kdb_putarea(addr, w2); 507 break; 508 case 4: 509 w4 = word; 510 diag = kdb_putarea(addr, w4); 511 break; 512 case 8: 513 if (size <= sizeof(word)) { 514 w8 = word; 515 diag = kdb_putarea(addr, w8); 516 break; 517 } 518 fallthrough; 519 default: 520 diag = KDB_BADWIDTH; 521 kdb_func_printf("bad width %zu\n", size); 522 } 523 return diag; 524 } 525 526 /* 527 * kdb_task_state_string - Convert a string containing any of the 528 * letters DRSTCZEUIMA to a mask for the process state field and 529 * return the value. If no argument is supplied, return the mask 530 * that corresponds to environment variable PS, DRSTCZEU by 531 * default. 532 * Inputs: 533 * s String to convert 534 * Returns: 535 * Mask for process state. 536 * Notes: 537 * The mask folds data from several sources into a single long value, so 538 * be careful not to overlap the bits. TASK_* bits are in the LSB, 539 * special cases like UNRUNNABLE are in the MSB. As of 2.6.10-rc1 there 540 * is no overlap between TASK_* and EXIT_* but that may not always be 541 * true, so EXIT_* bits are shifted left 16 bits before being stored in 542 * the mask. 543 */ 544 545 /* unrunnable is < 0 */ 546 #define UNRUNNABLE (1UL << (8*sizeof(unsigned long) - 1)) 547 #define RUNNING (1UL << (8*sizeof(unsigned long) - 2)) 548 #define IDLE (1UL << (8*sizeof(unsigned long) - 3)) 549 #define DAEMON (1UL << (8*sizeof(unsigned long) - 4)) 550 551 unsigned long kdb_task_state_string(const char *s) 552 { 553 long res = 0; 554 if (!s) { 555 s = kdbgetenv("PS"); 556 if (!s) 557 s = "DRSTCZEU"; /* default value for ps */ 558 } 559 while (*s) { 560 switch (*s) { 561 case 'D': 562 res |= TASK_UNINTERRUPTIBLE; 563 break; 564 case 'R': 565 res |= RUNNING; 566 break; 567 case 'S': 568 res |= TASK_INTERRUPTIBLE; 569 break; 570 case 'T': 571 res |= TASK_STOPPED; 572 break; 573 case 'C': 574 res |= TASK_TRACED; 575 break; 576 case 'Z': 577 res |= EXIT_ZOMBIE << 16; 578 break; 579 case 'E': 580 res |= EXIT_DEAD << 16; 581 break; 582 case 'U': 583 res |= UNRUNNABLE; 584 break; 585 case 'I': 586 res |= IDLE; 587 break; 588 case 'M': 589 res |= DAEMON; 590 break; 591 case 'A': 592 res = ~0UL; 593 break; 594 default: 595 kdb_func_printf("unknown flag '%c' ignored\n", *s); 596 break; 597 } 598 ++s; 599 } 600 return res; 601 } 602 603 /* 604 * kdb_task_state_char - Return the character that represents the task state. 605 * Inputs: 606 * p struct task for the process 607 * Returns: 608 * One character to represent the task state. 609 */ 610 char kdb_task_state_char (const struct task_struct *p) 611 { 612 unsigned int p_state; 613 unsigned long tmp; 614 char state; 615 int cpu; 616 617 if (!p || 618 copy_from_kernel_nofault(&tmp, (char *)p, sizeof(unsigned long))) 619 return 'E'; 620 621 cpu = kdb_process_cpu(p); 622 p_state = READ_ONCE(p->__state); 623 state = (p_state == 0) ? 'R' : 624 (p_state < 0) ? 'U' : 625 (p_state & TASK_UNINTERRUPTIBLE) ? 'D' : 626 (p_state & TASK_STOPPED) ? 'T' : 627 (p_state & TASK_TRACED) ? 'C' : 628 (p->exit_state & EXIT_ZOMBIE) ? 'Z' : 629 (p->exit_state & EXIT_DEAD) ? 'E' : 630 (p_state & TASK_INTERRUPTIBLE) ? 'S' : '?'; 631 if (is_idle_task(p)) { 632 /* Idle task. Is it really idle, apart from the kdb 633 * interrupt? */ 634 if (!kdb_task_has_cpu(p) || kgdb_info[cpu].irq_depth == 1) { 635 if (cpu != kdb_initial_cpu) 636 state = 'I'; /* idle task */ 637 } 638 } else if (!p->mm && state == 'S') { 639 state = 'M'; /* sleeping system daemon */ 640 } 641 return state; 642 } 643 644 /* 645 * kdb_task_state - Return true if a process has the desired state 646 * given by the mask. 647 * Inputs: 648 * p struct task for the process 649 * mask mask from kdb_task_state_string to select processes 650 * Returns: 651 * True if the process matches at least one criteria defined by the mask. 652 */ 653 unsigned long kdb_task_state(const struct task_struct *p, unsigned long mask) 654 { 655 char state[] = { kdb_task_state_char(p), '\0' }; 656 return (mask & kdb_task_state_string(state)) != 0; 657 } 658 659 /* Last ditch allocator for debugging, so we can still debug even when 660 * the GFP_ATOMIC pool has been exhausted. The algorithms are tuned 661 * for space usage, not for speed. One smallish memory pool, the free 662 * chain is always in ascending address order to allow coalescing, 663 * allocations are done in brute force best fit. 664 */ 665 666 struct debug_alloc_header { 667 u32 next; /* offset of next header from start of pool */ 668 u32 size; 669 void *caller; 670 }; 671 672 /* The memory returned by this allocator must be aligned, which means 673 * so must the header size. Do not assume that sizeof(struct 674 * debug_alloc_header) is a multiple of the alignment, explicitly 675 * calculate the overhead of this header, including the alignment. 676 * The rest of this code must not use sizeof() on any header or 677 * pointer to a header. 678 */ 679 #define dah_align 8 680 #define dah_overhead ALIGN(sizeof(struct debug_alloc_header), dah_align) 681 682 static u64 debug_alloc_pool_aligned[256*1024/dah_align]; /* 256K pool */ 683 static char *debug_alloc_pool = (char *)debug_alloc_pool_aligned; 684 static u32 dah_first, dah_first_call = 1, dah_used, dah_used_max; 685 686 /* Locking is awkward. The debug code is called from all contexts, 687 * including non maskable interrupts. A normal spinlock is not safe 688 * in NMI context. Try to get the debug allocator lock, if it cannot 689 * be obtained after a second then give up. If the lock could not be 690 * previously obtained on this cpu then only try once. 691 * 692 * sparse has no annotation for "this function _sometimes_ acquires a 693 * lock", so fudge the acquire/release notation. 694 */ 695 static DEFINE_SPINLOCK(dap_lock); 696 static int get_dap_lock(void) 697 __acquires(dap_lock) 698 { 699 static int dap_locked = -1; 700 int count; 701 if (dap_locked == smp_processor_id()) 702 count = 1; 703 else 704 count = 1000; 705 while (1) { 706 if (spin_trylock(&dap_lock)) { 707 dap_locked = -1; 708 return 1; 709 } 710 if (!count--) 711 break; 712 udelay(1000); 713 } 714 dap_locked = smp_processor_id(); 715 __acquire(dap_lock); 716 return 0; 717 } 718 719 void *debug_kmalloc(size_t size, gfp_t flags) 720 { 721 unsigned int rem, h_offset; 722 struct debug_alloc_header *best, *bestprev, *prev, *h; 723 void *p = NULL; 724 if (!get_dap_lock()) { 725 __release(dap_lock); /* we never actually got it */ 726 return NULL; 727 } 728 h = (struct debug_alloc_header *)(debug_alloc_pool + dah_first); 729 if (dah_first_call) { 730 h->size = sizeof(debug_alloc_pool_aligned) - dah_overhead; 731 dah_first_call = 0; 732 } 733 size = ALIGN(size, dah_align); 734 prev = best = bestprev = NULL; 735 while (1) { 736 if (h->size >= size && (!best || h->size < best->size)) { 737 best = h; 738 bestprev = prev; 739 if (h->size == size) 740 break; 741 } 742 if (!h->next) 743 break; 744 prev = h; 745 h = (struct debug_alloc_header *)(debug_alloc_pool + h->next); 746 } 747 if (!best) 748 goto out; 749 rem = best->size - size; 750 /* The pool must always contain at least one header */ 751 if (best->next == 0 && bestprev == NULL && rem < dah_overhead) 752 goto out; 753 if (rem >= dah_overhead) { 754 best->size = size; 755 h_offset = ((char *)best - debug_alloc_pool) + 756 dah_overhead + best->size; 757 h = (struct debug_alloc_header *)(debug_alloc_pool + h_offset); 758 h->size = rem - dah_overhead; 759 h->next = best->next; 760 } else 761 h_offset = best->next; 762 best->caller = __builtin_return_address(0); 763 dah_used += best->size; 764 dah_used_max = max(dah_used, dah_used_max); 765 if (bestprev) 766 bestprev->next = h_offset; 767 else 768 dah_first = h_offset; 769 p = (char *)best + dah_overhead; 770 memset(p, POISON_INUSE, best->size - 1); 771 *((char *)p + best->size - 1) = POISON_END; 772 out: 773 spin_unlock(&dap_lock); 774 return p; 775 } 776 777 void debug_kfree(void *p) 778 { 779 struct debug_alloc_header *h; 780 unsigned int h_offset; 781 if (!p) 782 return; 783 if ((char *)p < debug_alloc_pool || 784 (char *)p >= debug_alloc_pool + sizeof(debug_alloc_pool_aligned)) { 785 kfree(p); 786 return; 787 } 788 if (!get_dap_lock()) { 789 __release(dap_lock); /* we never actually got it */ 790 return; /* memory leak, cannot be helped */ 791 } 792 h = (struct debug_alloc_header *)((char *)p - dah_overhead); 793 memset(p, POISON_FREE, h->size - 1); 794 *((char *)p + h->size - 1) = POISON_END; 795 h->caller = NULL; 796 dah_used -= h->size; 797 h_offset = (char *)h - debug_alloc_pool; 798 if (h_offset < dah_first) { 799 h->next = dah_first; 800 dah_first = h_offset; 801 } else { 802 struct debug_alloc_header *prev; 803 unsigned int prev_offset; 804 prev = (struct debug_alloc_header *)(debug_alloc_pool + 805 dah_first); 806 while (1) { 807 if (!prev->next || prev->next > h_offset) 808 break; 809 prev = (struct debug_alloc_header *) 810 (debug_alloc_pool + prev->next); 811 } 812 prev_offset = (char *)prev - debug_alloc_pool; 813 if (prev_offset + dah_overhead + prev->size == h_offset) { 814 prev->size += dah_overhead + h->size; 815 memset(h, POISON_FREE, dah_overhead - 1); 816 *((char *)h + dah_overhead - 1) = POISON_END; 817 h = prev; 818 h_offset = prev_offset; 819 } else { 820 h->next = prev->next; 821 prev->next = h_offset; 822 } 823 } 824 if (h_offset + dah_overhead + h->size == h->next) { 825 struct debug_alloc_header *next; 826 next = (struct debug_alloc_header *) 827 (debug_alloc_pool + h->next); 828 h->size += dah_overhead + next->size; 829 h->next = next->next; 830 memset(next, POISON_FREE, dah_overhead - 1); 831 *((char *)next + dah_overhead - 1) = POISON_END; 832 } 833 spin_unlock(&dap_lock); 834 } 835 836 void debug_kusage(void) 837 { 838 struct debug_alloc_header *h_free, *h_used; 839 #ifdef CONFIG_IA64 840 /* FIXME: using dah for ia64 unwind always results in a memory leak. 841 * Fix that memory leak first, then set debug_kusage_one_time = 1 for 842 * all architectures. 843 */ 844 static int debug_kusage_one_time; 845 #else 846 static int debug_kusage_one_time = 1; 847 #endif 848 if (!get_dap_lock()) { 849 __release(dap_lock); /* we never actually got it */ 850 return; 851 } 852 h_free = (struct debug_alloc_header *)(debug_alloc_pool + dah_first); 853 if (dah_first == 0 && 854 (h_free->size == sizeof(debug_alloc_pool_aligned) - dah_overhead || 855 dah_first_call)) 856 goto out; 857 if (!debug_kusage_one_time) 858 goto out; 859 debug_kusage_one_time = 0; 860 kdb_func_printf("debug_kmalloc memory leak dah_first %d\n", dah_first); 861 if (dah_first) { 862 h_used = (struct debug_alloc_header *)debug_alloc_pool; 863 kdb_func_printf("h_used %px size %d\n", h_used, h_used->size); 864 } 865 do { 866 h_used = (struct debug_alloc_header *) 867 ((char *)h_free + dah_overhead + h_free->size); 868 kdb_func_printf("h_used %px size %d caller %px\n", 869 h_used, h_used->size, h_used->caller); 870 h_free = (struct debug_alloc_header *) 871 (debug_alloc_pool + h_free->next); 872 } while (h_free->next); 873 h_used = (struct debug_alloc_header *) 874 ((char *)h_free + dah_overhead + h_free->size); 875 if ((char *)h_used - debug_alloc_pool != 876 sizeof(debug_alloc_pool_aligned)) 877 kdb_func_printf("h_used %px size %d caller %px\n", 878 h_used, h_used->size, h_used->caller); 879 out: 880 spin_unlock(&dap_lock); 881 } 882 883 /* Maintain a small stack of kdb_flags to allow recursion without disturbing 884 * the global kdb state. 885 */ 886 887 static int kdb_flags_stack[4], kdb_flags_index; 888 889 void kdb_save_flags(void) 890 { 891 BUG_ON(kdb_flags_index >= ARRAY_SIZE(kdb_flags_stack)); 892 kdb_flags_stack[kdb_flags_index++] = kdb_flags; 893 } 894 895 void kdb_restore_flags(void) 896 { 897 BUG_ON(kdb_flags_index <= 0); 898 kdb_flags = kdb_flags_stack[--kdb_flags_index]; 899 } 900