From: Manfred Spraul With the patch applied, echo "size-4096 0 0 0" > /proc/slabinfo walks the objects in the size-4096 slab, printing out the calling address of whoever allocated that object. It is for leak detection. Signed-off-by: Andrew Morton --- include/asm-alpha/types.h | 2 - include/asm-arm/types.h | 2 - include/asm-arm26/types.h | 2 - include/asm-cris/types.h | 2 - include/asm-frv/types.h | 2 - include/asm-h8300/types.h | 2 - include/asm-i386/types.h | 2 - include/asm-ia64/types.h | 2 - include/asm-m32r/types.h | 2 - include/asm-m68k/types.h | 2 - include/asm-mips/types.h | 2 - include/asm-parisc/types.h | 2 - include/asm-ppc/types.h | 2 - include/asm-ppc64/types.h | 2 - include/asm-s390/types.h | 2 - include/asm-sh/types.h | 2 - include/asm-sh64/types.h | 2 - include/asm-sparc/types.h | 2 - include/asm-sparc64/types.h | 2 - include/asm-v850/types.h | 2 - include/asm-x86_64/types.h | 2 - mm/slab.c | 54 ++++++++++++++++++++++++++++++++------------ 22 files changed, 61 insertions(+), 35 deletions(-) diff -puN include/asm-alpha/types.h~slab-leak-detector include/asm-alpha/types.h --- 25/include/asm-alpha/types.h~slab-leak-detector 2005-05-12 00:07:55.000000000 -0700 +++ 25-akpm/include/asm-alpha/types.h 2005-05-12 00:07:56.000000000 -0700 @@ -56,7 +56,7 @@ typedef unsigned long u64; typedef u64 dma_addr_t; typedef u64 dma64_addr_t; -typedef unsigned short kmem_bufctl_t; +typedef unsigned long kmem_bufctl_t; #endif /* __ASSEMBLY__ */ #endif /* __KERNEL__ */ diff -puN include/asm-arm26/types.h~slab-leak-detector include/asm-arm26/types.h --- 25/include/asm-arm26/types.h~slab-leak-detector 2005-05-12 00:07:55.000000000 -0700 +++ 25-akpm/include/asm-arm26/types.h 2005-05-12 00:07:56.000000000 -0700 @@ -52,7 +52,7 @@ typedef unsigned long long u64; typedef u32 dma_addr_t; typedef u32 dma64_addr_t; -typedef unsigned int kmem_bufctl_t; +typedef unsigned long kmem_bufctl_t; #endif /* __ASSEMBLY__ */ diff -puN include/asm-arm/types.h~slab-leak-detector include/asm-arm/types.h --- 25/include/asm-arm/types.h~slab-leak-detector 2005-05-12 00:07:55.000000000 -0700 +++ 25-akpm/include/asm-arm/types.h 2005-05-12 00:07:56.000000000 -0700 @@ -52,7 +52,7 @@ typedef unsigned long long u64; typedef u32 dma_addr_t; typedef u32 dma64_addr_t; -typedef unsigned int kmem_bufctl_t; +typedef unsigned long kmem_bufctl_t; #endif /* __ASSEMBLY__ */ diff -puN include/asm-cris/types.h~slab-leak-detector include/asm-cris/types.h --- 25/include/asm-cris/types.h~slab-leak-detector 2005-05-12 00:07:55.000000000 -0700 +++ 25-akpm/include/asm-cris/types.h 2005-05-12 00:07:56.000000000 -0700 @@ -52,7 +52,7 @@ typedef unsigned long long u64; typedef u32 dma_addr_t; typedef u32 dma64_addr_t; -typedef unsigned int kmem_bufctl_t; +typedef unsigned long kmem_bufctl_t; #endif /* __ASSEMBLY__ */ diff -puN include/asm-frv/types.h~slab-leak-detector include/asm-frv/types.h --- 25/include/asm-frv/types.h~slab-leak-detector 2005-05-12 00:07:55.000000000 -0700 +++ 25-akpm/include/asm-frv/types.h 2005-05-12 00:07:56.000000000 -0700 @@ -65,7 +65,7 @@ typedef u64 u_quad_t; typedef u32 dma_addr_t; -typedef unsigned short kmem_bufctl_t; +typedef unsigned long kmem_bufctl_t; #endif /* __ASSEMBLY__ */ diff -puN include/asm-h8300/types.h~slab-leak-detector include/asm-h8300/types.h --- 25/include/asm-h8300/types.h~slab-leak-detector 2005-05-12 00:07:55.000000000 -0700 +++ 25-akpm/include/asm-h8300/types.h 2005-05-12 00:07:56.000000000 -0700 @@ -58,7 +58,7 @@ typedef u32 dma_addr_t; #define HAVE_SECTOR_T typedef u64 sector_t; -typedef unsigned int kmem_bufctl_t; +typedef unsigned long kmem_bufctl_t; #endif /* __KERNEL__ */ diff -puN include/asm-i386/types.h~slab-leak-detector include/asm-i386/types.h --- 25/include/asm-i386/types.h~slab-leak-detector 2005-05-12 00:07:55.000000000 -0700 +++ 25-akpm/include/asm-i386/types.h 2005-05-12 00:07:56.000000000 -0700 @@ -63,7 +63,7 @@ typedef u64 sector_t; #define HAVE_SECTOR_T #endif -typedef unsigned short kmem_bufctl_t; +typedef unsigned long kmem_bufctl_t; #endif /* __ASSEMBLY__ */ diff -puN include/asm-ia64/types.h~slab-leak-detector include/asm-ia64/types.h --- 25/include/asm-ia64/types.h~slab-leak-detector 2005-05-12 00:07:55.000000000 -0700 +++ 25-akpm/include/asm-ia64/types.h 2005-05-12 00:07:56.000000000 -0700 @@ -67,7 +67,7 @@ typedef __u64 u64; typedef u64 dma_addr_t; -typedef unsigned short kmem_bufctl_t; +typedef unsigned long kmem_bufctl_t; # endif /* __KERNEL__ */ #endif /* !__ASSEMBLY__ */ diff -puN include/asm-m32r/types.h~slab-leak-detector include/asm-m32r/types.h --- 25/include/asm-m32r/types.h~slab-leak-detector 2005-05-12 00:07:55.000000000 -0700 +++ 25-akpm/include/asm-m32r/types.h 2005-05-12 00:07:56.000000000 -0700 @@ -55,7 +55,7 @@ typedef unsigned long long u64; typedef u32 dma_addr_t; typedef u64 dma64_addr_t; -typedef unsigned short kmem_bufctl_t; +typedef unsigned long kmem_bufctl_t; #endif /* __ASSEMBLY__ */ diff -puN include/asm-m68k/types.h~slab-leak-detector include/asm-m68k/types.h --- 25/include/asm-m68k/types.h~slab-leak-detector 2005-05-12 00:07:55.000000000 -0700 +++ 25-akpm/include/asm-m68k/types.h 2005-05-12 00:07:56.000000000 -0700 @@ -60,7 +60,7 @@ typedef unsigned long long u64; typedef u32 dma_addr_t; typedef u32 dma64_addr_t; -typedef unsigned short kmem_bufctl_t; +typedef unsigned long kmem_bufctl_t; #endif /* __ASSEMBLY__ */ diff -puN include/asm-mips/types.h~slab-leak-detector include/asm-mips/types.h --- 25/include/asm-mips/types.h~slab-leak-detector 2005-05-12 00:07:55.000000000 -0700 +++ 25-akpm/include/asm-mips/types.h 2005-05-12 00:07:56.000000000 -0700 @@ -99,7 +99,7 @@ typedef u64 sector_t; #define HAVE_SECTOR_T #endif -typedef unsigned short kmem_bufctl_t; +typedef unsigned long kmem_bufctl_t; #endif /* __ASSEMBLY__ */ diff -puN include/asm-parisc/types.h~slab-leak-detector include/asm-parisc/types.h --- 25/include/asm-parisc/types.h~slab-leak-detector 2005-05-12 00:07:55.000000000 -0700 +++ 25-akpm/include/asm-parisc/types.h 2005-05-12 00:07:56.000000000 -0700 @@ -56,7 +56,7 @@ typedef unsigned long long u64; typedef u32 dma_addr_t; typedef u64 dma64_addr_t; -typedef unsigned int kmem_bufctl_t; +typedef unsigned long kmem_bufctl_t; #endif /* __ASSEMBLY__ */ diff -puN include/asm-ppc64/types.h~slab-leak-detector include/asm-ppc64/types.h --- 25/include/asm-ppc64/types.h~slab-leak-detector 2005-05-12 00:07:55.000000000 -0700 +++ 25-akpm/include/asm-ppc64/types.h 2005-05-12 00:07:56.000000000 -0700 @@ -72,7 +72,7 @@ typedef struct { unsigned long env; } func_descr_t; -typedef unsigned int kmem_bufctl_t; +typedef unsigned long kmem_bufctl_t; #endif /* __ASSEMBLY__ */ #endif /* __KERNEL__ */ diff -puN include/asm-ppc/types.h~slab-leak-detector include/asm-ppc/types.h --- 25/include/asm-ppc/types.h~slab-leak-detector 2005-05-12 00:07:56.000000000 -0700 +++ 25-akpm/include/asm-ppc/types.h 2005-05-12 00:07:56.000000000 -0700 @@ -62,7 +62,7 @@ typedef u64 sector_t; #define HAVE_SECTOR_T #endif -typedef unsigned int kmem_bufctl_t; +typedef unsigned long kmem_bufctl_t; #endif /* __ASSEMBLY__ */ diff -puN include/asm-s390/types.h~slab-leak-detector include/asm-s390/types.h --- 25/include/asm-s390/types.h~slab-leak-detector 2005-05-12 00:07:56.000000000 -0700 +++ 25-akpm/include/asm-s390/types.h 2005-05-12 00:07:56.000000000 -0700 @@ -79,7 +79,7 @@ typedef unsigned long u64; typedef u32 dma_addr_t; -typedef unsigned int kmem_bufctl_t; +typedef unsigned long kmem_bufctl_t; #ifndef __s390x__ typedef union { diff -puN include/asm-sh64/types.h~slab-leak-detector include/asm-sh64/types.h --- 25/include/asm-sh64/types.h~slab-leak-detector 2005-05-12 00:07:56.000000000 -0700 +++ 25-akpm/include/asm-sh64/types.h 2005-05-12 00:07:56.000000000 -0700 @@ -65,7 +65,7 @@ typedef u32 dma_addr_t; #endif typedef u64 dma64_addr_t; -typedef unsigned int kmem_bufctl_t; +typedef unsigned long kmem_bufctl_t; #endif /* __ASSEMBLY__ */ diff -puN include/asm-sh/types.h~slab-leak-detector include/asm-sh/types.h --- 25/include/asm-sh/types.h~slab-leak-detector 2005-05-12 00:07:56.000000000 -0700 +++ 25-akpm/include/asm-sh/types.h 2005-05-12 00:07:56.000000000 -0700 @@ -58,7 +58,7 @@ typedef u64 sector_t; #define HAVE_SECTOR_T #endif -typedef unsigned int kmem_bufctl_t; +typedef unsigned long kmem_bufctl_t; #endif /* __ASSEMBLY__ */ diff -puN include/asm-sparc64/types.h~slab-leak-detector include/asm-sparc64/types.h --- 25/include/asm-sparc64/types.h~slab-leak-detector 2005-05-12 00:07:56.000000000 -0700 +++ 25-akpm/include/asm-sparc64/types.h 2005-05-12 00:07:56.000000000 -0700 @@ -56,7 +56,7 @@ typedef unsigned long u64; typedef u32 dma_addr_t; typedef u64 dma64_addr_t; -typedef unsigned short kmem_bufctl_t; +typedef unsigned long kmem_bufctl_t; #endif /* __ASSEMBLY__ */ diff -puN include/asm-sparc/types.h~slab-leak-detector include/asm-sparc/types.h --- 25/include/asm-sparc/types.h~slab-leak-detector 2005-05-12 00:07:56.000000000 -0700 +++ 25-akpm/include/asm-sparc/types.h 2005-05-12 00:07:56.000000000 -0700 @@ -54,7 +54,7 @@ typedef unsigned long long u64; typedef u32 dma_addr_t; typedef u32 dma64_addr_t; -typedef unsigned short kmem_bufctl_t; +typedef unsigned long kmem_bufctl_t; #endif /* __ASSEMBLY__ */ diff -puN include/asm-v850/types.h~slab-leak-detector include/asm-v850/types.h --- 25/include/asm-v850/types.h~slab-leak-detector 2005-05-12 00:07:56.000000000 -0700 +++ 25-akpm/include/asm-v850/types.h 2005-05-12 00:07:56.000000000 -0700 @@ -59,7 +59,7 @@ typedef unsigned long long u64; typedef u32 dma_addr_t; -typedef unsigned int kmem_bufctl_t; +typedef unsigned long kmem_bufctl_t; #endif /* !__ASSEMBLY__ */ diff -puN include/asm-x86_64/types.h~slab-leak-detector include/asm-x86_64/types.h --- 25/include/asm-x86_64/types.h~slab-leak-detector 2005-05-12 00:07:56.000000000 -0700 +++ 25-akpm/include/asm-x86_64/types.h 2005-05-12 00:07:56.000000000 -0700 @@ -51,7 +51,7 @@ typedef u64 dma_addr_t; typedef u64 sector_t; #define HAVE_SECTOR_T -typedef unsigned short kmem_bufctl_t; +typedef unsigned long kmem_bufctl_t; #endif /* __ASSEMBLY__ */ diff -puN mm/slab.c~slab-leak-detector mm/slab.c --- 25/mm/slab.c~slab-leak-detector 2005-05-12 00:07:56.000000000 -0700 +++ 25-akpm/mm/slab.c 2005-05-12 00:07:56.000000000 -0700 @@ -2134,6 +2134,15 @@ cache_alloc_debugcheck_after(kmem_cache_ *dbg_redzone1(cachep, objp) = RED_ACTIVE; *dbg_redzone2(cachep, objp) = RED_ACTIVE; } + { + int objnr; + struct slab *slabp; + + slabp = GET_PAGE_SLAB(virt_to_page(objp)); + + objnr = (objp - slabp->s_mem) / cachep->objsize; + slab_bufctl(slabp)[objnr] = (unsigned long)caller; + } objp += obj_dbghead(cachep); if (cachep->ctor && cachep->flags & SLAB_POISON) { unsigned long ctor_flags = SLAB_CTOR_CONSTRUCTOR; @@ -2196,7 +2205,7 @@ static void free_block(kmem_cache_t *cac list_del(&slabp->list); objnr = (objp - slabp->s_mem) / cachep->objsize; check_slabp(cachep, slabp); -#if DEBUG +#if 0 /* disabled, not compatible with leak detection */ if (slab_bufctl(slabp)[objnr] != BUFCTL_ALLOC) { printk(KERN_ERR "slab: double free detected in cache " "'%s', objp %p\n", cachep->name, objp); @@ -2650,18 +2659,10 @@ static void check_slabuse(kmem_cache_t * red1 = *dbg_redzone1(cachep, objp); red2 = *dbg_redzone2(cachep, objp); - /* simplest case: marked as inactive */ - if (red1 == RED_INACTIVE && red2 == RED_INACTIVE) - continue; - - /* tricky case: if the bufctl value is BUFCTL_ALLOC, then - * the object is either allocated or somewhere in a cpu - * cache. The cpu caches are lockless and there might be - * a concurrent alloc/free call, thus we must accept random - * combinations of RED_ACTIVE and _INACTIVE + /* leak detection stores the caller address in the bufctl, + * thus random combinations of active and inactive are ok */ - if (slab_bufctl(slabp)[i] == BUFCTL_ALLOC && - (red1 == RED_INACTIVE || red1 == RED_ACTIVE) && + if ((red1 == RED_INACTIVE || red1 == RED_ACTIVE) && (red2 == RED_INACTIVE || red2 == RED_ACTIVE)) continue; @@ -3107,6 +3108,29 @@ struct seq_operations slabinfo_op = { .show = s_show, }; +static void do_dump_slabp(kmem_cache_t *cachep) +{ +#if DEBUG + struct list_head *q; + + check_irq_on(); + spin_lock_irq(&cachep->spinlock); + list_for_each(q,&cachep->lists.slabs_full) { + struct slab *slabp; + int i; + slabp = list_entry(q, struct slab, list); + for (i = 0; i < cachep->num; i++) { + unsigned long sym = slab_bufctl(slabp)[i]; + + printk("obj %p/%d: %p", slabp, i, (void *)sym); + print_symbol(" <%s>", sym); + printk("\n"); + } + } + spin_unlock_irq(&cachep->spinlock); +#endif +} + #define MAX_SLABINFO_WRITE 128 /** * slabinfo_write - Tuning for the slab allocator @@ -3147,9 +3171,11 @@ ssize_t slabinfo_write(struct file *file batchcount < 1 || batchcount > limit || shared < 0) { - res = -EINVAL; + do_dump_slabp(cachep); + res = 0; } else { - res = do_tune_cpucache(cachep, limit, batchcount, shared); + res = do_tune_cpucache(cachep, limit, + batchcount, shared); } break; } _