1 /* 2 * Kernel Debugger Architecture Independent Support Functions 3 * 4 * This file is subject to the terms and conditions of the GNU General Public 5 * License. See the file "COPYING" in the main directory of this archive 6 * for more details. 7 * 8 * Copyright (c) 1999-2004 Silicon Graphics, Inc. All Rights Reserved. 9 * Copyright (c) 2009 Wind River Systems, Inc. All Rights Reserved. 10 * 03/02/13 added new 2.5 kallsyms <xavier.bru@bull.net> 11 */ 12 13 #include <stdarg.h> 14 #include <linux/types.h> 15 #include <linux/sched.h> 16 #include <linux/mm.h> 17 #include <linux/kallsyms.h> 18 #include <linux/stddef.h> 19 #include <linux/vmalloc.h> 20 #include <linux/ptrace.h> 21 #include <linux/module.h> 22 #include <linux/highmem.h> 23 #include <linux/hardirq.h> 24 #include <linux/delay.h> 25 #include <linux/uaccess.h> 26 #include <linux/kdb.h> 27 #include <linux/slab.h> 28 #include "kdb_private.h" 29 30 /* 31 * kdbgetsymval - Return the address of the given symbol. 32 * 33 * Parameters: 34 * symname Character string containing symbol name 35 * symtab Structure to receive results 36 * Returns: 37 * 0 Symbol not found, symtab zero filled 38 * 1 Symbol mapped to module/symbol/section, data in symtab 39 */ 40 int kdbgetsymval(const char *symname, kdb_symtab_t *symtab) 41 { 42 kdb_dbg_printf(AR, "symname=%s, symtab=%px\n", symname, symtab); 43 memset(symtab, 0, sizeof(*symtab)); 44 symtab->sym_start = kallsyms_lookup_name(symname); 45 if (symtab->sym_start) { 46 kdb_dbg_printf(AR, "returns 1, symtab->sym_start=0x%lx\n", 47 symtab->sym_start); 48 return 1; 49 } 50 kdb_dbg_printf(AR, "returns 0\n"); 51 return 0; 52 } 53 EXPORT_SYMBOL(kdbgetsymval); 54 55 static char *kdb_name_table[100]; /* arbitrary size */ 56 57 /* 58 * kdbnearsym - Return the name of the symbol with the nearest address 59 * less than 'addr'. 60 * 61 * Parameters: 62 * addr Address to check for symbol near 63 * symtab Structure to receive results 64 * Returns: 65 * 0 No sections contain this address, symtab zero filled 66 * 1 Address mapped to module/symbol/section, data in symtab 67 * Remarks: 68 * 2.6 kallsyms has a "feature" where it unpacks the name into a 69 * string. If that string is reused before the caller expects it 70 * then the caller sees its string change without warning. To 71 * avoid cluttering up the main kdb code with lots of kdb_strdup, 72 * tests and kfree calls, kdbnearsym maintains an LRU list of the 73 * last few unique strings. The list is sized large enough to 74 * hold active strings, no kdb caller of kdbnearsym makes more 75 * than ~20 later calls before using a saved value. 76 */ 77 int kdbnearsym(unsigned long addr, kdb_symtab_t *symtab) 78 { 79 int ret = 0; 80 unsigned long symbolsize = 0; 81 unsigned long offset = 0; 82 #define knt1_size 128 /* must be >= kallsyms table size */ 83 char *knt1 = NULL; 84 85 kdb_dbg_printf(AR, "addr=0x%lx, symtab=%px\n", addr, symtab); 86 memset(symtab, 0, sizeof(*symtab)); 87 88 if (addr < 4096) 89 goto out; 90 knt1 = debug_kmalloc(knt1_size, GFP_ATOMIC); 91 if (!knt1) { 92 kdb_func_printf("addr=0x%lx cannot kmalloc knt1\n", addr); 93 goto out; 94 } 95 symtab->sym_name = kallsyms_lookup(addr, &symbolsize , &offset, 96 (char **)(&symtab->mod_name), knt1); 97 if (offset > 8*1024*1024) { 98 symtab->sym_name = NULL; 99 addr = offset = symbolsize = 0; 100 } 101 symtab->sym_start = addr - offset; 102 symtab->sym_end = symtab->sym_start + symbolsize; 103 ret = symtab->sym_name != NULL && *(symtab->sym_name) != '\0'; 104 105 if (ret) { 106 int i; 107 /* Another 2.6 kallsyms "feature". Sometimes the sym_name is 108 * set but the buffer passed into kallsyms_lookup is not used, 109 * so it contains garbage. The caller has to work out which 110 * buffer needs to be saved. 111 * 112 * What was Rusty smoking when he wrote that code? 113 */ 114 if (symtab->sym_name != knt1) { 115 strncpy(knt1, symtab->sym_name, knt1_size); 116 knt1[knt1_size-1] = '\0'; 117 } 118 for (i = 0; i < ARRAY_SIZE(kdb_name_table); ++i) { 119 if (kdb_name_table[i] && 120 strcmp(kdb_name_table[i], knt1) == 0) 121 break; 122 } 123 if (i >= ARRAY_SIZE(kdb_name_table)) { 124 debug_kfree(kdb_name_table[0]); 125 memmove(kdb_name_table, kdb_name_table+1, 126 sizeof(kdb_name_table[0]) * 127 (ARRAY_SIZE(kdb_name_table)-1)); 128 } else { 129 debug_kfree(knt1); 130 knt1 = kdb_name_table[i]; 131 memmove(kdb_name_table+i, kdb_name_table+i+1, 132 sizeof(kdb_name_table[0]) * 133 (ARRAY_SIZE(kdb_name_table)-i-1)); 134 } 135 i = ARRAY_SIZE(kdb_name_table) - 1; 136 kdb_name_table[i] = knt1; 137 symtab->sym_name = kdb_name_table[i]; 138 knt1 = NULL; 139 } 140 141 if (symtab->mod_name == NULL) 142 symtab->mod_name = "kernel"; 143 kdb_dbg_printf(AR, "returns %d symtab->sym_start=0x%lx, symtab->mod_name=%px, symtab->sym_name=%px (%s)\n", 144 ret, symtab->sym_start, symtab->mod_name, symtab->sym_name, symtab->sym_name); 145 146 out: 147 debug_kfree(knt1); 148 return ret; 149 } 150 151 void kdbnearsym_cleanup(void) 152 { 153 int i; 154 for (i = 0; i < ARRAY_SIZE(kdb_name_table); ++i) { 155 if (kdb_name_table[i]) { 156 debug_kfree(kdb_name_table[i]); 157 kdb_name_table[i] = NULL; 158 } 159 } 160 } 161 162 static char ks_namebuf[KSYM_NAME_LEN+1], ks_namebuf_prev[KSYM_NAME_LEN+1]; 163 164 /* 165 * kallsyms_symbol_complete 166 * 167 * Parameters: 168 * prefix_name prefix of a symbol name to lookup 169 * max_len maximum length that can be returned 170 * Returns: 171 * Number of symbols which match the given prefix. 172 * Notes: 173 * prefix_name is changed to contain the longest unique prefix that 174 * starts with this prefix (tab completion). 175 */ 176 int kallsyms_symbol_complete(char *prefix_name, int max_len) 177 { 178 loff_t pos = 0; 179 int prefix_len = strlen(prefix_name), prev_len = 0; 180 int i, number = 0; 181 const char *name; 182 183 while ((name = kdb_walk_kallsyms(&pos))) { 184 if (strncmp(name, prefix_name, prefix_len) == 0) { 185 strscpy(ks_namebuf, name, sizeof(ks_namebuf)); 186 /* Work out the longest name that matches the prefix */ 187 if (++number == 1) { 188 prev_len = min_t(int, max_len-1, 189 strlen(ks_namebuf)); 190 memcpy(ks_namebuf_prev, ks_namebuf, prev_len); 191 ks_namebuf_prev[prev_len] = '\0'; 192 continue; 193 } 194 for (i = 0; i < prev_len; i++) { 195 if (ks_namebuf[i] != ks_namebuf_prev[i]) { 196 prev_len = i; 197 ks_namebuf_prev[i] = '\0'; 198 break; 199 } 200 } 201 } 202 } 203 if (prev_len > prefix_len) 204 memcpy(prefix_name, ks_namebuf_prev, prev_len+1); 205 return number; 206 } 207 208 /* 209 * kallsyms_symbol_next 210 * 211 * Parameters: 212 * prefix_name prefix of a symbol name to lookup 213 * flag 0 means search from the head, 1 means continue search. 214 * buf_size maximum length that can be written to prefix_name 215 * buffer 216 * Returns: 217 * 1 if a symbol matches the given prefix. 218 * 0 if no string found 219 */ 220 int kallsyms_symbol_next(char *prefix_name, int flag, int buf_size) 221 { 222 int prefix_len = strlen(prefix_name); 223 static loff_t pos; 224 const char *name; 225 226 if (!flag) 227 pos = 0; 228 229 while ((name = kdb_walk_kallsyms(&pos))) { 230 if (!strncmp(name, prefix_name, prefix_len)) 231 return strscpy(prefix_name, name, buf_size); 232 } 233 return 0; 234 } 235 236 /* 237 * kdb_symbol_print - Standard method for printing a symbol name and offset. 238 * Inputs: 239 * addr Address to be printed. 240 * symtab Address of symbol data, if NULL this routine does its 241 * own lookup. 242 * punc Punctuation for string, bit field. 243 * Remarks: 244 * The string and its punctuation is only printed if the address 245 * is inside the kernel, except that the value is always printed 246 * when requested. 247 */ 248 void kdb_symbol_print(unsigned long addr, const kdb_symtab_t *symtab_p, 249 unsigned int punc) 250 { 251 kdb_symtab_t symtab, *symtab_p2; 252 if (symtab_p) { 253 symtab_p2 = (kdb_symtab_t *)symtab_p; 254 } else { 255 symtab_p2 = &symtab; 256 kdbnearsym(addr, symtab_p2); 257 } 258 if (!(symtab_p2->sym_name || (punc & KDB_SP_VALUE))) 259 return; 260 if (punc & KDB_SP_SPACEB) 261 kdb_printf(" "); 262 if (punc & KDB_SP_VALUE) 263 kdb_printf(kdb_machreg_fmt0, addr); 264 if (symtab_p2->sym_name) { 265 if (punc & KDB_SP_VALUE) 266 kdb_printf(" "); 267 if (punc & KDB_SP_PAREN) 268 kdb_printf("("); 269 if (strcmp(symtab_p2->mod_name, "kernel")) 270 kdb_printf("[%s]", symtab_p2->mod_name); 271 kdb_printf("%s", symtab_p2->sym_name); 272 if (addr != symtab_p2->sym_start) 273 kdb_printf("+0x%lx", addr - symtab_p2->sym_start); 274 if (punc & KDB_SP_SYMSIZE) 275 kdb_printf("/0x%lx", 276 symtab_p2->sym_end - symtab_p2->sym_start); 277 if (punc & KDB_SP_PAREN) 278 kdb_printf(")"); 279 } 280 if (punc & KDB_SP_SPACEA) 281 kdb_printf(" "); 282 if (punc & KDB_SP_NEWLINE) 283 kdb_printf("\n"); 284 } 285 286 /* 287 * kdb_strdup - kdb equivalent of strdup, for disasm code. 288 * Inputs: 289 * str The string to duplicate. 290 * type Flags to kmalloc for the new string. 291 * Returns: 292 * Address of the new string, NULL if storage could not be allocated. 293 * Remarks: 294 * This is not in lib/string.c because it uses kmalloc which is not 295 * available when string.o is used in boot loaders. 296 */ 297 char *kdb_strdup(const char *str, gfp_t type) 298 { 299 int n = strlen(str)+1; 300 char *s = kmalloc(n, type); 301 if (!s) 302 return NULL; 303 return strcpy(s, str); 304 } 305 306 /* 307 * kdb_getarea_size - Read an area of data. The kdb equivalent of 308 * copy_from_user, with kdb messages for invalid addresses. 309 * Inputs: 310 * res Pointer to the area to receive the result. 311 * addr Address of the area to copy. 312 * size Size of the area. 313 * Returns: 314 * 0 for success, < 0 for error. 315 */ 316 int kdb_getarea_size(void *res, unsigned long addr, size_t size) 317 { 318 int ret = copy_from_kernel_nofault((char *)res, (char *)addr, size); 319 if (ret) { 320 if (!KDB_STATE(SUPPRESS)) { 321 kdb_func_printf("Bad address 0x%lx\n", addr); 322 KDB_STATE_SET(SUPPRESS); 323 } 324 ret = KDB_BADADDR; 325 } else { 326 KDB_STATE_CLEAR(SUPPRESS); 327 } 328 return ret; 329 } 330 331 /* 332 * kdb_putarea_size - Write an area of data. The kdb equivalent of 333 * copy_to_user, with kdb messages for invalid addresses. 334 * Inputs: 335 * addr Address of the area to write to. 336 * res Pointer to the area holding the data. 337 * size Size of the area. 338 * Returns: 339 * 0 for success, < 0 for error. 340 */ 341 int kdb_putarea_size(unsigned long addr, void *res, size_t size) 342 { 343 int ret = copy_from_kernel_nofault((char *)addr, (char *)res, size); 344 if (ret) { 345 if (!KDB_STATE(SUPPRESS)) { 346 kdb_func_printf("Bad address 0x%lx\n", addr); 347 KDB_STATE_SET(SUPPRESS); 348 } 349 ret = KDB_BADADDR; 350 } else { 351 KDB_STATE_CLEAR(SUPPRESS); 352 } 353 return ret; 354 } 355 356 /* 357 * kdb_getphys - Read data from a physical address. Validate the 358 * address is in range, use kmap_atomic() to get data 359 * similar to kdb_getarea() - but for phys addresses 360 * Inputs: 361 * res Pointer to the word to receive the result 362 * addr Physical address of the area to copy 363 * size Size of the area 364 * Returns: 365 * 0 for success, < 0 for error. 366 */ 367 static int kdb_getphys(void *res, unsigned long addr, size_t size) 368 { 369 unsigned long pfn; 370 void *vaddr; 371 struct page *page; 372 373 pfn = (addr >> PAGE_SHIFT); 374 if (!pfn_valid(pfn)) 375 return 1; 376 page = pfn_to_page(pfn); 377 vaddr = kmap_atomic(page); 378 memcpy(res, vaddr + (addr & (PAGE_SIZE - 1)), size); 379 kunmap_atomic(vaddr); 380 381 return 0; 382 } 383 384 /* 385 * kdb_getphysword 386 * Inputs: 387 * word Pointer to the word to receive the result. 388 * addr Address of the area to copy. 389 * size Size of the area. 390 * Returns: 391 * 0 for success, < 0 for error. 392 */ 393 int kdb_getphysword(unsigned long *word, unsigned long addr, size_t size) 394 { 395 int diag; 396 __u8 w1; 397 __u16 w2; 398 __u32 w4; 399 __u64 w8; 400 *word = 0; /* Default value if addr or size is invalid */ 401 402 switch (size) { 403 case 1: 404 diag = kdb_getphys(&w1, addr, sizeof(w1)); 405 if (!diag) 406 *word = w1; 407 break; 408 case 2: 409 diag = kdb_getphys(&w2, addr, sizeof(w2)); 410 if (!diag) 411 *word = w2; 412 break; 413 case 4: 414 diag = kdb_getphys(&w4, addr, sizeof(w4)); 415 if (!diag) 416 *word = w4; 417 break; 418 case 8: 419 if (size <= sizeof(*word)) { 420 diag = kdb_getphys(&w8, addr, sizeof(w8)); 421 if (!diag) 422 *word = w8; 423 break; 424 } 425 fallthrough; 426 default: 427 diag = KDB_BADWIDTH; 428 kdb_func_printf("bad width %zu\n", size); 429 } 430 return diag; 431 } 432 433 /* 434 * kdb_getword - Read a binary value. Unlike kdb_getarea, this treats 435 * data as numbers. 436 * Inputs: 437 * word Pointer to the word to receive the result. 438 * addr Address of the area to copy. 439 * size Size of the area. 440 * Returns: 441 * 0 for success, < 0 for error. 442 */ 443 int kdb_getword(unsigned long *word, unsigned long addr, size_t size) 444 { 445 int diag; 446 __u8 w1; 447 __u16 w2; 448 __u32 w4; 449 __u64 w8; 450 *word = 0; /* Default value if addr or size is invalid */ 451 switch (size) { 452 case 1: 453 diag = kdb_getarea(w1, addr); 454 if (!diag) 455 *word = w1; 456 break; 457 case 2: 458 diag = kdb_getarea(w2, addr); 459 if (!diag) 460 *word = w2; 461 break; 462 case 4: 463 diag = kdb_getarea(w4, addr); 464 if (!diag) 465 *word = w4; 466 break; 467 case 8: 468 if (size <= sizeof(*word)) { 469 diag = kdb_getarea(w8, addr); 470 if (!diag) 471 *word = w8; 472 break; 473 } 474 fallthrough; 475 default: 476 diag = KDB_BADWIDTH; 477 kdb_func_printf("bad width %zu\n", size); 478 } 479 return diag; 480 } 481 482 /* 483 * kdb_putword - Write a binary value. Unlike kdb_putarea, this 484 * treats data as numbers. 485 * Inputs: 486 * addr Address of the area to write to.. 487 * word The value to set. 488 * size Size of the area. 489 * Returns: 490 * 0 for success, < 0 for error. 491 */ 492 int kdb_putword(unsigned long addr, unsigned long word, size_t size) 493 { 494 int diag; 495 __u8 w1; 496 __u16 w2; 497 __u32 w4; 498 __u64 w8; 499 switch (size) { 500 case 1: 501 w1 = word; 502 diag = kdb_putarea(addr, w1); 503 break; 504 case 2: 505 w2 = word; 506 diag = kdb_putarea(addr, w2); 507 break; 508 case 4: 509 w4 = word; 510 diag = kdb_putarea(addr, w4); 511 break; 512 case 8: 513 if (size <= sizeof(word)) { 514 w8 = word; 515 diag = kdb_putarea(addr, w8); 516 break; 517 } 518 fallthrough; 519 default: 520 diag = KDB_BADWIDTH; 521 kdb_func_printf("bad width %zu\n", size); 522 } 523 return diag; 524 } 525 526 /* 527 * kdb_task_state_string - Convert a string containing any of the 528 * letters DRSTCZEUIMA to a mask for the process state field and 529 * return the value. If no argument is supplied, return the mask 530 * that corresponds to environment variable PS, DRSTCZEU by 531 * default. 532 * Inputs: 533 * s String to convert 534 * Returns: 535 * Mask for process state. 536 * Notes: 537 * The mask folds data from several sources into a single long value, so 538 * be careful not to overlap the bits. TASK_* bits are in the LSB, 539 * special cases like UNRUNNABLE are in the MSB. As of 2.6.10-rc1 there 540 * is no overlap between TASK_* and EXIT_* but that may not always be 541 * true, so EXIT_* bits are shifted left 16 bits before being stored in 542 * the mask. 543 */ 544 545 /* unrunnable is < 0 */ 546 #define UNRUNNABLE (1UL << (8*sizeof(unsigned long) - 1)) 547 #define RUNNING (1UL << (8*sizeof(unsigned long) - 2)) 548 #define IDLE (1UL << (8*sizeof(unsigned long) - 3)) 549 #define DAEMON (1UL << (8*sizeof(unsigned long) - 4)) 550 551 unsigned long kdb_task_state_string(const char *s) 552 { 553 long res = 0; 554 if (!s) { 555 s = kdbgetenv("PS"); 556 if (!s) 557 s = "DRSTCZEU"; /* default value for ps */ 558 } 559 while (*s) { 560 switch (*s) { 561 case 'D': 562 res |= TASK_UNINTERRUPTIBLE; 563 break; 564 case 'R': 565 res |= RUNNING; 566 break; 567 case 'S': 568 res |= TASK_INTERRUPTIBLE; 569 break; 570 case 'T': 571 res |= TASK_STOPPED; 572 break; 573 case 'C': 574 res |= TASK_TRACED; 575 break; 576 case 'Z': 577 res |= EXIT_ZOMBIE << 16; 578 break; 579 case 'E': 580 res |= EXIT_DEAD << 16; 581 break; 582 case 'U': 583 res |= UNRUNNABLE; 584 break; 585 case 'I': 586 res |= IDLE; 587 break; 588 case 'M': 589 res |= DAEMON; 590 break; 591 case 'A': 592 res = ~0UL; 593 break; 594 default: 595 kdb_func_printf("unknown flag '%c' ignored\n", *s); 596 break; 597 } 598 ++s; 599 } 600 return res; 601 } 602 603 /* 604 * kdb_task_state_char - Return the character that represents the task state. 605 * Inputs: 606 * p struct task for the process 607 * Returns: 608 * One character to represent the task state. 609 */ 610 char kdb_task_state_char (const struct task_struct *p) 611 { 612 int cpu; 613 char state; 614 unsigned long tmp; 615 616 if (!p || 617 copy_from_kernel_nofault(&tmp, (char *)p, sizeof(unsigned long))) 618 return 'E'; 619 620 cpu = kdb_process_cpu(p); 621 state = (p->state == 0) ? 'R' : 622 (p->state < 0) ? 'U' : 623 (p->state & TASK_UNINTERRUPTIBLE) ? 'D' : 624 (p->state & TASK_STOPPED) ? 'T' : 625 (p->state & TASK_TRACED) ? 'C' : 626 (p->exit_state & EXIT_ZOMBIE) ? 'Z' : 627 (p->exit_state & EXIT_DEAD) ? 'E' : 628 (p->state & TASK_INTERRUPTIBLE) ? 'S' : '?'; 629 if (is_idle_task(p)) { 630 /* Idle task. Is it really idle, apart from the kdb 631 * interrupt? */ 632 if (!kdb_task_has_cpu(p) || kgdb_info[cpu].irq_depth == 1) { 633 if (cpu != kdb_initial_cpu) 634 state = 'I'; /* idle task */ 635 } 636 } else if (!p->mm && state == 'S') { 637 state = 'M'; /* sleeping system daemon */ 638 } 639 return state; 640 } 641 642 /* 643 * kdb_task_state - Return true if a process has the desired state 644 * given by the mask. 645 * Inputs: 646 * p struct task for the process 647 * mask mask from kdb_task_state_string to select processes 648 * Returns: 649 * True if the process matches at least one criteria defined by the mask. 650 */ 651 unsigned long kdb_task_state(const struct task_struct *p, unsigned long mask) 652 { 653 char state[] = { kdb_task_state_char(p), '\0' }; 654 return (mask & kdb_task_state_string(state)) != 0; 655 } 656 657 /* Last ditch allocator for debugging, so we can still debug even when 658 * the GFP_ATOMIC pool has been exhausted. The algorithms are tuned 659 * for space usage, not for speed. One smallish memory pool, the free 660 * chain is always in ascending address order to allow coalescing, 661 * allocations are done in brute force best fit. 662 */ 663 664 struct debug_alloc_header { 665 u32 next; /* offset of next header from start of pool */ 666 u32 size; 667 void *caller; 668 }; 669 670 /* The memory returned by this allocator must be aligned, which means 671 * so must the header size. Do not assume that sizeof(struct 672 * debug_alloc_header) is a multiple of the alignment, explicitly 673 * calculate the overhead of this header, including the alignment. 674 * The rest of this code must not use sizeof() on any header or 675 * pointer to a header. 676 */ 677 #define dah_align 8 678 #define dah_overhead ALIGN(sizeof(struct debug_alloc_header), dah_align) 679 680 static u64 debug_alloc_pool_aligned[256*1024/dah_align]; /* 256K pool */ 681 static char *debug_alloc_pool = (char *)debug_alloc_pool_aligned; 682 static u32 dah_first, dah_first_call = 1, dah_used, dah_used_max; 683 684 /* Locking is awkward. The debug code is called from all contexts, 685 * including non maskable interrupts. A normal spinlock is not safe 686 * in NMI context. Try to get the debug allocator lock, if it cannot 687 * be obtained after a second then give up. If the lock could not be 688 * previously obtained on this cpu then only try once. 689 * 690 * sparse has no annotation for "this function _sometimes_ acquires a 691 * lock", so fudge the acquire/release notation. 692 */ 693 static DEFINE_SPINLOCK(dap_lock); 694 static int get_dap_lock(void) 695 __acquires(dap_lock) 696 { 697 static int dap_locked = -1; 698 int count; 699 if (dap_locked == smp_processor_id()) 700 count = 1; 701 else 702 count = 1000; 703 while (1) { 704 if (spin_trylock(&dap_lock)) { 705 dap_locked = -1; 706 return 1; 707 } 708 if (!count--) 709 break; 710 udelay(1000); 711 } 712 dap_locked = smp_processor_id(); 713 __acquire(dap_lock); 714 return 0; 715 } 716 717 void *debug_kmalloc(size_t size, gfp_t flags) 718 { 719 unsigned int rem, h_offset; 720 struct debug_alloc_header *best, *bestprev, *prev, *h; 721 void *p = NULL; 722 if (!get_dap_lock()) { 723 __release(dap_lock); /* we never actually got it */ 724 return NULL; 725 } 726 h = (struct debug_alloc_header *)(debug_alloc_pool + dah_first); 727 if (dah_first_call) { 728 h->size = sizeof(debug_alloc_pool_aligned) - dah_overhead; 729 dah_first_call = 0; 730 } 731 size = ALIGN(size, dah_align); 732 prev = best = bestprev = NULL; 733 while (1) { 734 if (h->size >= size && (!best || h->size < best->size)) { 735 best = h; 736 bestprev = prev; 737 if (h->size == size) 738 break; 739 } 740 if (!h->next) 741 break; 742 prev = h; 743 h = (struct debug_alloc_header *)(debug_alloc_pool + h->next); 744 } 745 if (!best) 746 goto out; 747 rem = best->size - size; 748 /* The pool must always contain at least one header */ 749 if (best->next == 0 && bestprev == NULL && rem < dah_overhead) 750 goto out; 751 if (rem >= dah_overhead) { 752 best->size = size; 753 h_offset = ((char *)best - debug_alloc_pool) + 754 dah_overhead + best->size; 755 h = (struct debug_alloc_header *)(debug_alloc_pool + h_offset); 756 h->size = rem - dah_overhead; 757 h->next = best->next; 758 } else 759 h_offset = best->next; 760 best->caller = __builtin_return_address(0); 761 dah_used += best->size; 762 dah_used_max = max(dah_used, dah_used_max); 763 if (bestprev) 764 bestprev->next = h_offset; 765 else 766 dah_first = h_offset; 767 p = (char *)best + dah_overhead; 768 memset(p, POISON_INUSE, best->size - 1); 769 *((char *)p + best->size - 1) = POISON_END; 770 out: 771 spin_unlock(&dap_lock); 772 return p; 773 } 774 775 void debug_kfree(void *p) 776 { 777 struct debug_alloc_header *h; 778 unsigned int h_offset; 779 if (!p) 780 return; 781 if ((char *)p < debug_alloc_pool || 782 (char *)p >= debug_alloc_pool + sizeof(debug_alloc_pool_aligned)) { 783 kfree(p); 784 return; 785 } 786 if (!get_dap_lock()) { 787 __release(dap_lock); /* we never actually got it */ 788 return; /* memory leak, cannot be helped */ 789 } 790 h = (struct debug_alloc_header *)((char *)p - dah_overhead); 791 memset(p, POISON_FREE, h->size - 1); 792 *((char *)p + h->size - 1) = POISON_END; 793 h->caller = NULL; 794 dah_used -= h->size; 795 h_offset = (char *)h - debug_alloc_pool; 796 if (h_offset < dah_first) { 797 h->next = dah_first; 798 dah_first = h_offset; 799 } else { 800 struct debug_alloc_header *prev; 801 unsigned int prev_offset; 802 prev = (struct debug_alloc_header *)(debug_alloc_pool + 803 dah_first); 804 while (1) { 805 if (!prev->next || prev->next > h_offset) 806 break; 807 prev = (struct debug_alloc_header *) 808 (debug_alloc_pool + prev->next); 809 } 810 prev_offset = (char *)prev - debug_alloc_pool; 811 if (prev_offset + dah_overhead + prev->size == h_offset) { 812 prev->size += dah_overhead + h->size; 813 memset(h, POISON_FREE, dah_overhead - 1); 814 *((char *)h + dah_overhead - 1) = POISON_END; 815 h = prev; 816 h_offset = prev_offset; 817 } else { 818 h->next = prev->next; 819 prev->next = h_offset; 820 } 821 } 822 if (h_offset + dah_overhead + h->size == h->next) { 823 struct debug_alloc_header *next; 824 next = (struct debug_alloc_header *) 825 (debug_alloc_pool + h->next); 826 h->size += dah_overhead + next->size; 827 h->next = next->next; 828 memset(next, POISON_FREE, dah_overhead - 1); 829 *((char *)next + dah_overhead - 1) = POISON_END; 830 } 831 spin_unlock(&dap_lock); 832 } 833 834 void debug_kusage(void) 835 { 836 struct debug_alloc_header *h_free, *h_used; 837 #ifdef CONFIG_IA64 838 /* FIXME: using dah for ia64 unwind always results in a memory leak. 839 * Fix that memory leak first, then set debug_kusage_one_time = 1 for 840 * all architectures. 841 */ 842 static int debug_kusage_one_time; 843 #else 844 static int debug_kusage_one_time = 1; 845 #endif 846 if (!get_dap_lock()) { 847 __release(dap_lock); /* we never actually got it */ 848 return; 849 } 850 h_free = (struct debug_alloc_header *)(debug_alloc_pool + dah_first); 851 if (dah_first == 0 && 852 (h_free->size == sizeof(debug_alloc_pool_aligned) - dah_overhead || 853 dah_first_call)) 854 goto out; 855 if (!debug_kusage_one_time) 856 goto out; 857 debug_kusage_one_time = 0; 858 kdb_func_printf("debug_kmalloc memory leak dah_first %d\n", dah_first); 859 if (dah_first) { 860 h_used = (struct debug_alloc_header *)debug_alloc_pool; 861 kdb_func_printf("h_used %px size %d\n", h_used, h_used->size); 862 } 863 do { 864 h_used = (struct debug_alloc_header *) 865 ((char *)h_free + dah_overhead + h_free->size); 866 kdb_func_printf("h_used %px size %d caller %px\n", 867 h_used, h_used->size, h_used->caller); 868 h_free = (struct debug_alloc_header *) 869 (debug_alloc_pool + h_free->next); 870 } while (h_free->next); 871 h_used = (struct debug_alloc_header *) 872 ((char *)h_free + dah_overhead + h_free->size); 873 if ((char *)h_used - debug_alloc_pool != 874 sizeof(debug_alloc_pool_aligned)) 875 kdb_func_printf("h_used %px size %d caller %px\n", 876 h_used, h_used->size, h_used->caller); 877 out: 878 spin_unlock(&dap_lock); 879 } 880 881 /* Maintain a small stack of kdb_flags to allow recursion without disturbing 882 * the global kdb state. 883 */ 884 885 static int kdb_flags_stack[4], kdb_flags_index; 886 887 void kdb_save_flags(void) 888 { 889 BUG_ON(kdb_flags_index >= ARRAY_SIZE(kdb_flags_stack)); 890 kdb_flags_stack[kdb_flags_index++] = kdb_flags; 891 } 892 893 void kdb_restore_flags(void) 894 { 895 BUG_ON(kdb_flags_index <= 0); 896 kdb_flags = kdb_flags_stack[--kdb_flags_index]; 897 } 898