search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Ignore machine-check MSRs
[freebsd-src/fkvm-freebsd.git] / sys / kern / subr_witness.c
blob5548224063f31c5848a6c879da65e659550c4239
1 /*-
2 * Copyright (c) 2008 Isilon Systems, Inc.
3 * Copyright (c) 2008 Ilya Maykov <ivmaykov@gmail.com>
4 * Copyright (c) 1998 Berkeley Software Design, Inc.
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Berkeley Software Design Inc's name may not be used to endorse or
16 * promote products derived from this software without specific prior
17 * written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY BERKELEY SOFTWARE DESIGN INC ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL BERKELEY SOFTWARE DESIGN INC BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * SUCH DAMAGE.
30 *
31 * from BSDI $Id: mutex_witness.c,v 1.1.2.20 2000/04/27 03:10:27 cp Exp $
32 * and BSDI $Id: synch_machdep.c,v 2.3.2.39 2000/04/27 03:10:25 cp Exp $
33 */
34
35 /*
36 * Implementation of the `witness' lock verifier. Originally implemented for
37 * mutexes in BSD/OS. Extended to handle generic lock objects and lock
38 * classes in FreeBSD.
39 */
40
41 /*
42 * Main Entry: witness
43 * Pronunciation: 'wit-n&s
44 * Function: noun
45 * Etymology: Middle English witnesse, from Old English witnes knowledge,
46 * testimony, witness, from 2wit
47 * Date: before 12th century
48 * 1 : attestation of a fact or event : TESTIMONY
49 * 2 : one that gives evidence; specifically : one who testifies in
50 * a cause or before a judicial tribunal
51 * 3 : one asked to be present at a transaction so as to be able to
52 * testify to its having taken place
53 * 4 : one who has personal knowledge of something
54 * 5 a : something serving as evidence or proof : SIGN
55 * b : public affirmation by word or example of usually
56 * religious faith or conviction <the heroic witness to divine
57 * life -- Pilot>
58 * 6 capitalized : a member of the Jehovah's Witnesses
59 */
60
61 /*
62 * Special rules concerning Giant and lock orders:
63 *
64 * 1) Giant must be acquired before any other mutexes. Stated another way,
65 * no other mutex may be held when Giant is acquired.
66 *
67 * 2) Giant must be released when blocking on a sleepable lock.
68 *
69 * This rule is less obvious, but is a result of Giant providing the same
70 * semantics as spl(). Basically, when a thread sleeps, it must release
71 * Giant. When a thread blocks on a sleepable lock, it sleeps. Hence rule
72 * 2).
73 *
74 * 3) Giant may be acquired before or after sleepable locks.
75 *
76 * This rule is also not quite as obvious. Giant may be acquired after
77 * a sleepable lock because it is a non-sleepable lock and non-sleepable
78 * locks may always be acquired while holding a sleepable lock. The second
79 * case, Giant before a sleepable lock, follows from rule 2) above. Suppose
80 * you have two threads T1 and T2 and a sleepable lock X. Suppose that T1
81 * acquires X and blocks on Giant. Then suppose that T2 acquires Giant and
82 * blocks on X. When T2 blocks on X, T2 will release Giant allowing T1 to
83 * execute. Thus, acquiring Giant both before and after a sleepable lock
84 * will not result in a lock order reversal.
85 */
86
87 #include <sys/cdefs.h>
88 __FBSDID("$FreeBSD$");
89
90 #include "opt_ddb.h"
91 #include "opt_hwpmc_hooks.h"
92 #include "opt_stack.h"
93 #include "opt_witness.h"
94
95 #include <sys/param.h>
96 #include <sys/bus.h>
97 #include <sys/kdb.h>
98 #include <sys/kernel.h>
99 #include <sys/ktr.h>
100 #include <sys/lock.h>
101 #include <sys/malloc.h>
102 #include <sys/mutex.h>
103 #include <sys/priv.h>
104 #include <sys/proc.h>
105 #include <sys/sbuf.h>
106 #include <sys/stack.h>
107 #include <sys/sysctl.h>
108 #include <sys/systm.h>
109
110 #ifdef DDB
111 #include <ddb/ddb.h>
112 #endif
113
114 #include <machine/stdarg.h>
115
116 #if !defined(DDB) && !defined(STACK)
117 #error "DDB or STACK options are required for WITNESS"
118 #endif
119
120 /* Note that these traces do not work with KTR_ALQ. */
121 #if 0
122 #define KTR_WITNESS KTR_SUBSYS
123 #else
124 #define KTR_WITNESS 0
125 #endif
126
127 #define LI_RECURSEMASK 0x0000ffff /* Recursion depth of lock instance. */
128 #define LI_EXCLUSIVE 0x00010000 /* Exclusive lock instance. */
129
130 /* Define this to check for blessed mutexes */
131 #undef BLESSING
132
133 #define WITNESS_COUNT 1024
134 #define WITNESS_CHILDCOUNT (WITNESS_COUNT * 4)
135 #define WITNESS_HASH_SIZE 251 /* Prime, gives load factor < 2 */
136 #define WITNESS_PENDLIST 512
137
138 /* Allocate 256 KB of stack data space */
139 #define WITNESS_LO_DATA_COUNT 2048
140
141 /* Prime, gives load factor of ~2 at full load */
142 #define WITNESS_LO_HASH_SIZE 1021
143
144 /*
145 * XXX: This is somewhat bogus, as we assume here that at most 2048 threads
146 * will hold LOCK_NCHILDREN locks. We handle failure ok, and we should
147 * probably be safe for the most part, but it's still a SWAG.
148 */
149 #define LOCK_NCHILDREN 5
150 #define LOCK_CHILDCOUNT 2048
151
152 #define MAX_W_NAME 64
153
154 #define BADSTACK_SBUF_SIZE (256 * WITNESS_COUNT)
155 #define CYCLEGRAPH_SBUF_SIZE 8192
156 #define FULLGRAPH_SBUF_SIZE 32768
157
158 /*
159 * These flags go in the witness relationship matrix and describe the
160 * relationship between any two struct witness objects.
161 */
162 #define WITNESS_UNRELATED 0x00 /* No lock order relation. */
163 #define WITNESS_PARENT 0x01 /* Parent, aka direct ancestor. */
164 #define WITNESS_ANCESTOR 0x02 /* Direct or indirect ancestor. */
165 #define WITNESS_CHILD 0x04 /* Child, aka direct descendant. */
166 #define WITNESS_DESCENDANT 0x08 /* Direct or indirect descendant. */
167 #define WITNESS_ANCESTOR_MASK (WITNESS_PARENT | WITNESS_ANCESTOR)
168 #define WITNESS_DESCENDANT_MASK (WITNESS_CHILD | WITNESS_DESCENDANT)
169 #define WITNESS_RELATED_MASK \
170 (WITNESS_ANCESTOR_MASK | WITNESS_DESCENDANT_MASK)
171 #define WITNESS_REVERSAL 0x10 /* A lock order reversal has been
172 * observed. */
173 #define WITNESS_RESERVED1 0x20 /* Unused flag, reserved. */
174 #define WITNESS_RESERVED2 0x40 /* Unused flag, reserved. */
175 #define WITNESS_LOCK_ORDER_KNOWN 0x80 /* This lock order is known. */
176
177 /* Descendant to ancestor flags */
178 #define WITNESS_DTOA(x) (((x) & WITNESS_RELATED_MASK) >> 2)
179
180 /* Ancestor to descendant flags */
181 #define WITNESS_ATOD(x) (((x) & WITNESS_RELATED_MASK) << 2)
182
183 #define WITNESS_INDEX_ASSERT(i) \
184 MPASS((i) > 0 && (i) <= w_max_used_index && (i) < WITNESS_COUNT)
185
186 MALLOC_DEFINE(M_WITNESS, "Witness", "Witness");
187
188 /*
189 * Lock instances. A lock instance is the data associated with a lock while
190 * it is held by witness. For example, a lock instance will hold the
191 * recursion count of a lock. Lock instances are held in lists. Spin locks
192 * are held in a per-cpu list while sleep locks are held in per-thread list.
193 */
194 struct lock_instance {
195 struct lock_object *li_lock;
196 const char *li_file;
197 int li_line;
198 u_int li_flags;
199 };
200
201 /*
202 * A simple list type used to build the list of locks held by a thread
203 * or CPU. We can't simply embed the list in struct lock_object since a
204 * lock may be held by more than one thread if it is a shared lock. Locks
205 * are added to the head of the list, so we fill up each list entry from
206 * "the back" logically. To ease some of the arithmetic, we actually fill
207 * in each list entry the normal way (children[0] then children[1], etc.) but
208 * when we traverse the list we read children[count-1] as the first entry
209 * down to children[0] as the final entry.
210 */
211 struct lock_list_entry {
212 struct lock_list_entry *ll_next;
213 struct lock_instance ll_children[LOCK_NCHILDREN];
214 u_int ll_count;
215 };
216
217 /*
218 * The main witness structure. One of these per named lock type in the system
219 * (for example, "vnode interlock").
220 */
221 struct witness {
222 char w_name[MAX_W_NAME];
223 uint32_t w_index; /* Index in the relationship matrix */
224 struct lock_class *w_class;
225 STAILQ_ENTRY(witness) w_list; /* List of all witnesses. */
226 STAILQ_ENTRY(witness) w_typelist; /* Witnesses of a type. */
227 struct witness *w_hash_next; /* Linked list in hash buckets. */
228 const char *w_file; /* File where last acquired */
229 uint32_t w_line; /* Line where last acquired */
230 uint32_t w_refcount;
231 uint16_t w_num_ancestors; /* direct/indirect
232 * ancestor count */
233 uint16_t w_num_descendants; /* direct/indirect
234 * descendant count */
235 int16_t w_ddb_level;
236 int w_displayed:1;
237 int w_reversed:1;
238 };
239
240 STAILQ_HEAD(witness_list, witness);
241
242 /*
243 * The witness hash table. Keys are witness names (const char *), elements are
244 * witness objects (struct witness *).
245 */
246 struct witness_hash {
247 struct witness *wh_array[WITNESS_HASH_SIZE];
248 uint32_t wh_size;
249 uint32_t wh_count;
250 };
251
252 /*
253 * Key type for the lock order data hash table.
254 */
255 struct witness_lock_order_key {
256 uint16_t from;
257 uint16_t to;
258 };
259
260 struct witness_lock_order_data {
261 struct stack wlod_stack;
262 struct witness_lock_order_key wlod_key;
263 struct witness_lock_order_data *wlod_next;
264 };
265
266 /*
267 * The witness lock order data hash table. Keys are witness index tuples
268 * (struct witness_lock_order_key), elements are lock order data objects
269 * (struct witness_lock_order_data).
270 */
271 struct witness_lock_order_hash {
272 struct witness_lock_order_data *wloh_array[WITNESS_LO_HASH_SIZE];
273 u_int wloh_size;
274 u_int wloh_count;
275 };
276
277 #ifdef BLESSING
278 struct witness_blessed {
279 const char *b_lock1;
280 const char *b_lock2;
281 };
282 #endif
283
284 struct witness_pendhelp {
285 const char *wh_type;
286 struct lock_object *wh_lock;
287 };
288
289 struct witness_order_list_entry {
290 const char *w_name;
291 struct lock_class *w_class;
292 };
293
294 /*
295 * Returns 0 if one of the locks is a spin lock and the other is not.
296 * Returns 1 otherwise.
297 */
298 static __inline int
299 witness_lock_type_equal(struct witness *w1, struct witness *w2)
300 {
301
302 return ((w1->w_class->lc_flags & (LC_SLEEPLOCK | LC_SPINLOCK)) ==
303 (w2->w_class->lc_flags & (LC_SLEEPLOCK | LC_SPINLOCK)));
304 }
305
306 static __inline int
307 witness_lock_order_key_empty(const struct witness_lock_order_key *key)
308 {
309
310 return (key->from == 0 && key->to == 0);
311 }
312
313 static __inline int
314 witness_lock_order_key_equal(const struct witness_lock_order_key *a,
315 const struct witness_lock_order_key *b)
316 {
317
318 return (a->from == b->from && a->to == b->to);
319 }
320
321 static int _isitmyx(struct witness *w1, struct witness *w2, int rmask,
322 const char *fname);
323 #ifdef KDB
324 static void _witness_debugger(int cond, const char *msg);
325 #endif
326 static void adopt(struct witness *parent, struct witness *child);
327 #ifdef BLESSING
328 static int blessed(struct witness *, struct witness *);
329 #endif
330 static void depart(struct witness *w);
331 static struct witness *enroll(const char *description,
332 struct lock_class *lock_class);
333 static struct lock_instance *find_instance(struct lock_list_entry *list,
334 struct lock_object *lock);
335 static int isitmychild(struct witness *parent, struct witness *child);
336 static int isitmydescendant(struct witness *parent, struct witness *child);
337 static void itismychild(struct witness *parent, struct witness *child);
338 static int sysctl_debug_witness_badstacks(SYSCTL_HANDLER_ARGS);
339 static int sysctl_debug_witness_watch(SYSCTL_HANDLER_ARGS);
340 static int sysctl_debug_witness_fullgraph(SYSCTL_HANDLER_ARGS);
341 static void witness_add_fullgraph(struct sbuf *sb, struct witness *parent);
342 #ifdef DDB
343 static void witness_ddb_compute_levels(void);
344 static void witness_ddb_display(void(*)(const char *fmt, ...));
345 static void witness_ddb_display_descendants(void(*)(const char *fmt, ...),
346 struct witness *, int indent);
347 static void witness_ddb_display_list(void(*prnt)(const char *fmt, ...),
348 struct witness_list *list);
349 static void witness_ddb_level_descendants(struct witness *parent, int l);
350 static void witness_ddb_list(struct thread *td);
351 #endif
352 static void witness_free(struct witness *m);
353 static struct witness *witness_get(void);
354 static uint32_t witness_hash_djb2(const uint8_t *key, uint32_t size);
355 static struct witness *witness_hash_get(const char *key);
356 static void witness_hash_put(struct witness *w);
357 static void witness_init_hash_tables(void);
358 static void witness_increment_graph_generation(void);
359 static void witness_lock_list_free(struct lock_list_entry *lle);
360 static struct lock_list_entry *witness_lock_list_get(void);
361 static int witness_lock_order_add(struct witness *parent,
362 struct witness *child);
363 static int witness_lock_order_check(struct witness *parent,
364 struct witness *child);
365 static struct witness_lock_order_data *witness_lock_order_get(
366 struct witness *parent,
367 struct witness *child);
368 static void witness_list_lock(struct lock_instance *instance);
369
370 #ifdef KDB
371 #define witness_debugger(c) _witness_debugger(c, __func__)
372 #else
373 #define witness_debugger(c)
374 #endif
375
376 SYSCTL_NODE(_debug, OID_AUTO, witness, CTLFLAG_RW, 0, "Witness Locking");
377
378 /*
379 * If set to 0, witness is disabled. Otherwise witness performs full lock order
380 * checking for all locks. At runtime, witness is allowed to be turned off.
381 * witness is not allowed be turned on once it is turned off, however.
382 */
383 static int witness_watch = 1;
384 TUNABLE_INT("debug.witness.watch", &witness_watch);
385 SYSCTL_PROC(_debug_witness, OID_AUTO, watch, CTLFLAG_RW | CTLTYPE_INT, NULL, 0,
386 sysctl_debug_witness_watch, "I", "witness is watching lock operations");
387
388 #ifdef KDB
389 /*
390 * When KDB is enabled and witness_kdb is 1, it will cause the system
391 * to drop into kdebug() when:
392 * - a lock hierarchy violation occurs
393 * - locks are held when going to sleep.
394 */
395 #ifdef WITNESS_KDB
396 int witness_kdb = 1;
397 #else
398 int witness_kdb = 0;
399 #endif
400 TUNABLE_INT("debug.witness.kdb", &witness_kdb);
401 SYSCTL_INT(_debug_witness, OID_AUTO, kdb, CTLFLAG_RW, &witness_kdb, 0, "");
402
403 /*
404 * When KDB is enabled and witness_trace is 1, it will cause the system
405 * to print a stack trace:
406 * - a lock hierarchy violation occurs
407 * - locks are held when going to sleep.
408 */
409 int witness_trace = 1;
410 TUNABLE_INT("debug.witness.trace", &witness_trace);
411 SYSCTL_INT(_debug_witness, OID_AUTO, trace, CTLFLAG_RW, &witness_trace, 0, "");
412 #endif /* KDB */
413
414 #ifdef WITNESS_SKIPSPIN
415 int witness_skipspin = 1;
416 #else
417 int witness_skipspin = 0;
418 #endif
419 TUNABLE_INT("debug.witness.skipspin", &witness_skipspin);
420 SYSCTL_INT(_debug_witness, OID_AUTO, skipspin, CTLFLAG_RDTUN, &witness_skipspin,
421 0, "");
422
423 /*
424 * Call this to print out the relations between locks.
425 */
426 SYSCTL_PROC(_debug_witness, OID_AUTO, fullgraph, CTLTYPE_STRING | CTLFLAG_RD,
427 NULL, 0, sysctl_debug_witness_fullgraph, "A", "Show locks relation graphs");
428
429 /*
430 * Call this to print out the witness faulty stacks.
431 */
432 SYSCTL_PROC(_debug_witness, OID_AUTO, badstacks, CTLTYPE_STRING | CTLFLAG_RD,
433 NULL, 0, sysctl_debug_witness_badstacks, "A", "Show bad witness stacks");
434
435 static struct mtx w_mtx;
436
437 /* w_list */
438 static struct witness_list w_free = STAILQ_HEAD_INITIALIZER(w_free);
439 static struct witness_list w_all = STAILQ_HEAD_INITIALIZER(w_all);
440
441 /* w_typelist */
442 static struct witness_list w_spin = STAILQ_HEAD_INITIALIZER(w_spin);
443 static struct witness_list w_sleep = STAILQ_HEAD_INITIALIZER(w_sleep);
444
445 /* lock list */
446 static struct lock_list_entry *w_lock_list_free = NULL;
447 static struct witness_pendhelp pending_locks[WITNESS_PENDLIST];
448 static u_int pending_cnt;
449
450 static int w_free_cnt, w_spin_cnt, w_sleep_cnt;
451 SYSCTL_INT(_debug_witness, OID_AUTO, free_cnt, CTLFLAG_RD, &w_free_cnt, 0, "");
452 SYSCTL_INT(_debug_witness, OID_AUTO, spin_cnt, CTLFLAG_RD, &w_spin_cnt, 0, "");
453 SYSCTL_INT(_debug_witness, OID_AUTO, sleep_cnt, CTLFLAG_RD, &w_sleep_cnt, 0,
454 "");
455
456 static struct witness *w_data;
457 static uint8_t w_rmatrix[WITNESS_COUNT+1][WITNESS_COUNT+1];
458 static struct lock_list_entry w_locklistdata[LOCK_CHILDCOUNT];
459 static struct witness_hash w_hash; /* The witness hash table. */
460
461 /* The lock order data hash */
462 static struct witness_lock_order_data w_lodata[WITNESS_LO_DATA_COUNT];
463 static struct witness_lock_order_data *w_lofree = NULL;
464 static struct witness_lock_order_hash w_lohash;
465 static int w_max_used_index = 0;
466 static unsigned int w_generation = 0;
467 static const char *w_notrunning = "Witness not running\n";
468 static const char *w_stillcold = "Witness is still cold\n";
469
470
471 static struct witness_order_list_entry order_lists[] = {
472 /*
473 * sx locks
474 */
475 { "proctree", &lock_class_sx },
476 { "allproc", &lock_class_sx },
477 { "allprison", &lock_class_sx },
478 { NULL, NULL },
479 /*
480 * Various mutexes
481 */
482 { "Giant", &lock_class_mtx_sleep },
483 { "pipe mutex", &lock_class_mtx_sleep },
484 { "sigio lock", &lock_class_mtx_sleep },
485 { "process group", &lock_class_mtx_sleep },
486 { "process lock", &lock_class_mtx_sleep },
487 { "session", &lock_class_mtx_sleep },
488 { "uidinfo hash", &lock_class_rw },
489 #ifdef HWPMC_HOOKS
490 { "pmc-sleep", &lock_class_mtx_sleep },
491 #endif
492 { NULL, NULL },
493 /*
494 * Sockets
495 */
496 { "accept", &lock_class_mtx_sleep },
497 { "so_snd", &lock_class_mtx_sleep },
498 { "so_rcv", &lock_class_mtx_sleep },
499 { "sellck", &lock_class_mtx_sleep },
500 { NULL, NULL },
501 /*
502 * Routing
503 */
504 { "so_rcv", &lock_class_mtx_sleep },
505 { "radix node head", &lock_class_mtx_sleep },
506 { "rtentry", &lock_class_mtx_sleep },
507 { "ifaddr", &lock_class_mtx_sleep },
508 { NULL, NULL },
509 /*
510 * Multicast - protocol locks before interface locks, after UDP locks.
511 */
512 { "udpinp", &lock_class_rw },
513 { "in_multi_mtx", &lock_class_mtx_sleep },
514 { "igmp_mtx", &lock_class_mtx_sleep },
515 { "if_addr_mtx", &lock_class_mtx_sleep },
516 { NULL, NULL },
517 /*
518 * UNIX Domain Sockets
519 */
520 { "unp", &lock_class_mtx_sleep },
521 { "so_snd", &lock_class_mtx_sleep },
522 { NULL, NULL },
523 /*
524 * UDP/IP
525 */
526 { "udp", &lock_class_rw },
527 { "udpinp", &lock_class_rw },
528 { "so_snd", &lock_class_mtx_sleep },
529 { NULL, NULL },
530 /*
531 * TCP/IP
532 */
533 { "tcp", &lock_class_rw },
534 { "tcpinp", &lock_class_rw },
535 { "so_snd", &lock_class_mtx_sleep },
536 { NULL, NULL },
537 /*
538 * SLIP
539 */
540 { "slip_mtx", &lock_class_mtx_sleep },
541 { "slip sc_mtx", &lock_class_mtx_sleep },
542 { NULL, NULL },
543 /*
544 * netatalk
545 */
546 { "ddp_list_mtx", &lock_class_mtx_sleep },
547 { "ddp_mtx", &lock_class_mtx_sleep },
548 { NULL, NULL },
549 /*
550 * BPF
551 */
552 { "bpf global lock", &lock_class_mtx_sleep },
553 { "bpf interface lock", &lock_class_mtx_sleep },
554 { "bpf cdev lock", &lock_class_mtx_sleep },
555 { NULL, NULL },
556 /*
557 * NFS server
558 */
559 { "nfsd_mtx", &lock_class_mtx_sleep },
560 { "so_snd", &lock_class_mtx_sleep },
561 { NULL, NULL },
562
563 /*
564 * IEEE 802.11
565 */
566 { "802.11 com lock", &lock_class_mtx_sleep},
567 { NULL, NULL },
568 /*
569 * Network drivers
570 */
571 { "network driver", &lock_class_mtx_sleep},
572 { NULL, NULL },
573
574 /*
575 * Netgraph
576 */
577 { "ng_node", &lock_class_mtx_sleep },
578 { "ng_worklist", &lock_class_mtx_sleep },
579 { NULL, NULL },
580 /*
581 * CDEV
582 */
583 { "system map", &lock_class_mtx_sleep },
584 { "vm page queue mutex", &lock_class_mtx_sleep },
585 { "vnode interlock", &lock_class_mtx_sleep },
586 { "cdev", &lock_class_mtx_sleep },
587 { NULL, NULL },
588 /*
589 * kqueue/VFS interaction
590 */
591 { "kqueue", &lock_class_mtx_sleep },
592 { "struct mount mtx", &lock_class_mtx_sleep },
593 { "vnode interlock", &lock_class_mtx_sleep },
594 { NULL, NULL },
595 /*
596 * spin locks
597 */
598 #ifdef SMP
599 { "ap boot", &lock_class_mtx_spin },
600 #endif
601 { "rm.mutex_mtx", &lock_class_mtx_spin },
602 { "sio", &lock_class_mtx_spin },
603 { "scrlock", &lock_class_mtx_spin },
604 #ifdef __i386__
605 { "cy", &lock_class_mtx_spin },
606 #endif
607 #ifdef __sparc64__
608 { "pcib_mtx", &lock_class_mtx_spin },
609 { "rtc_mtx", &lock_class_mtx_spin },
610 #endif
611 { "scc_hwmtx", &lock_class_mtx_spin },
612 { "uart_hwmtx", &lock_class_mtx_spin },
613 { "fast_taskqueue", &lock_class_mtx_spin },
614 { "intr table", &lock_class_mtx_spin },
615 #ifdef HWPMC_HOOKS
616 { "pmc-per-proc", &lock_class_mtx_spin },
617 #endif
618 { "process slock", &lock_class_mtx_spin },
619 { "sleepq chain", &lock_class_mtx_spin },
620 { "umtx lock", &lock_class_mtx_spin },
621 { "rm_spinlock", &lock_class_mtx_spin },
622 { "turnstile chain", &lock_class_mtx_spin },
623 { "turnstile lock", &lock_class_mtx_spin },
624 { "sched lock", &lock_class_mtx_spin },
625 { "td_contested", &lock_class_mtx_spin },
626 { "callout", &lock_class_mtx_spin },
627 { "entropy harvest mutex", &lock_class_mtx_spin },
628 { "syscons video lock", &lock_class_mtx_spin },
629 { "time lock", &lock_class_mtx_spin },
630 #ifdef SMP
631 { "smp rendezvous", &lock_class_mtx_spin },
632 #endif
633 #ifdef __powerpc__
634 { "tlb0", &lock_class_mtx_spin },
635 #endif
636 /*
637 * leaf locks
638 */
639 { "intrcnt", &lock_class_mtx_spin },
640 { "icu", &lock_class_mtx_spin },
641 #if defined(SMP) && defined(__sparc64__)
642 { "ipi", &lock_class_mtx_spin },
643 #endif
644 #ifdef __i386__
645 { "allpmaps", &lock_class_mtx_spin },
646 { "descriptor tables", &lock_class_mtx_spin },
647 #endif
648 { "clk", &lock_class_mtx_spin },
649 { "cpuset", &lock_class_mtx_spin },
650 { "mprof lock", &lock_class_mtx_spin },
651 { "zombie lock", &lock_class_mtx_spin },
652 { "ALD Queue", &lock_class_mtx_spin },
653 #ifdef __ia64__
654 { "MCA spin lock", &lock_class_mtx_spin },
655 #endif
656 #if defined(__i386__) || defined(__amd64__)
657 { "pcicfg", &lock_class_mtx_spin },
658 { "NDIS thread lock", &lock_class_mtx_spin },
659 #endif
660 { "tw_osl_io_lock", &lock_class_mtx_spin },
661 { "tw_osl_q_lock", &lock_class_mtx_spin },
662 { "tw_cl_io_lock", &lock_class_mtx_spin },
663 { "tw_cl_intr_lock", &lock_class_mtx_spin },
664 { "tw_cl_gen_lock", &lock_class_mtx_spin },
665 #ifdef HWPMC_HOOKS
666 { "pmc-leaf", &lock_class_mtx_spin },
667 #endif
668 { "blocked lock", &lock_class_mtx_spin },
669 { NULL, NULL },
670 { NULL, NULL }
671 };
672
673 #ifdef BLESSING
674 /*
675 * Pairs of locks which have been blessed
676 * Don't complain about order problems with blessed locks
677 */
678 static struct witness_blessed blessed_list[] = {
679 };
680 static int blessed_count =
681 sizeof(blessed_list) / sizeof(struct witness_blessed);
682 #endif
683
684 /*
685 * This global is set to 0 once it becomes safe to use the witness code.
686 */
687 static int witness_cold = 1;
688
689 /*
690 * This global is set to 1 once the static lock orders have been enrolled
691 * so that a warning can be issued for any spin locks enrolled later.
692 */
693 static int witness_spin_warn = 0;
694
695 /*
696 * The WITNESS-enabled diagnostic code. Note that the witness code does
697 * assume that the early boot is single-threaded at least until after this
698 * routine is completed.
699 */
700 static void
701 witness_initialize(void *dummy __unused)
702 {
703 struct lock_object *lock;
704 struct witness_order_list_entry *order;
705 struct witness *w, *w1;
706 int i;
707
708 MALLOC(w_data, struct witness *,
709 sizeof (struct witness) * WITNESS_COUNT, M_WITNESS,
710 M_NOWAIT | M_ZERO);
711
712 /*
713 * We have to release Giant before initializing its witness
714 * structure so that WITNESS doesn't get confused.
715 */
716 mtx_unlock(&Giant);
717 mtx_assert(&Giant, MA_NOTOWNED);
718
719 CTR1(KTR_WITNESS, "%s: initializing witness", __func__);
720 mtx_init(&w_mtx, "witness lock", NULL, MTX_SPIN | MTX_QUIET |
721 MTX_NOWITNESS | MTX_NOPROFILE);
722 for (i = WITNESS_COUNT - 1; i >= 0; i--) {
723 w = &w_data[i];
724 memset(w, 0, sizeof(*w));
725 w_data[i].w_index = i; /* Witness index never changes. */
726 witness_free(w);
727 }
728 KASSERT(STAILQ_FIRST(&w_free)->w_index == 0,
729 ("%s: Invalid list of free witness objects", __func__));
730
731 /* Witness with index 0 is not used to aid in debugging. */
732 STAILQ_REMOVE_HEAD(&w_free, w_list);
733 w_free_cnt--;
734
735 memset(w_rmatrix, 0,
736 (sizeof(**w_rmatrix) * (WITNESS_COUNT+1) * (WITNESS_COUNT+1)));
737
738 for (i = 0; i < LOCK_CHILDCOUNT; i++)
739 witness_lock_list_free(&w_locklistdata[i]);
740 witness_init_hash_tables();
741
742 /* First add in all the specified order lists. */
743 for (order = order_lists; order->w_name != NULL; order++) {
744 w = enroll(order->w_name, order->w_class);
745 if (w == NULL)
746 continue;
747 w->w_file = "order list";
748 for (order++; order->w_name != NULL; order++) {
749 w1 = enroll(order->w_name, order->w_class);
750 if (w1 == NULL)
751 continue;
752 w1->w_file = "order list";
753 itismychild(w, w1);
754 w = w1;
755 }
756 }
757 witness_spin_warn = 1;
758
759 /* Iterate through all locks and add them to witness. */
760 for (i = 0; pending_locks[i].wh_lock != NULL; i++) {
761 lock = pending_locks[i].wh_lock;
762 KASSERT(lock->lo_flags & LO_WITNESS,
763 ("%s: lock %s is on pending list but not LO_WITNESS",
764 __func__, lock->lo_name));
765 lock->lo_witness = enroll(pending_locks[i].wh_type,
766 LOCK_CLASS(lock));
767 }
768
769 /* Mark the witness code as being ready for use. */
770 witness_cold = 0;
771
772 mtx_lock(&Giant);
773 }
774 SYSINIT(witness_init, SI_SUB_WITNESS, SI_ORDER_FIRST, witness_initialize,
775 NULL);
776
777 void
778 witness_init(struct lock_object *lock, const char *type)
779 {
780 struct lock_class *class;
781
782 /* Various sanity checks. */
783 class = LOCK_CLASS(lock);
784 if ((lock->lo_flags & LO_RECURSABLE) != 0 &&
785 (class->lc_flags & LC_RECURSABLE) == 0)
786 panic("%s: lock (%s) %s can not be recursable", __func__,
787 class->lc_name, lock->lo_name);
788 if ((lock->lo_flags & LO_SLEEPABLE) != 0 &&
789 (class->lc_flags & LC_SLEEPABLE) == 0)
790 panic("%s: lock (%s) %s can not be sleepable", __func__,
791 class->lc_name, lock->lo_name);
792 if ((lock->lo_flags & LO_UPGRADABLE) != 0 &&
793 (class->lc_flags & LC_UPGRADABLE) == 0)
794 panic("%s: lock (%s) %s can not be upgradable", __func__,
795 class->lc_name, lock->lo_name);
796
797 /*
798 * If we shouldn't watch this lock, then just clear lo_witness.
799 * Otherwise, if witness_cold is set, then it is too early to
800 * enroll this lock, so defer it to witness_initialize() by adding
801 * it to the pending_locks list. If it is not too early, then enroll
802 * the lock now.
803 */
804 if (witness_watch < 1 || panicstr != NULL ||
805 (lock->lo_flags & LO_WITNESS) == 0)
806 lock->lo_witness = NULL;
807 else if (witness_cold) {
808 pending_locks[pending_cnt].wh_lock = lock;
809 pending_locks[pending_cnt++].wh_type = type;
810 if (pending_cnt > WITNESS_PENDLIST)
811 panic("%s: pending locks list is too small, bump it\n",
812 __func__);
813 } else
814 lock->lo_witness = enroll(type, class);
815 }
816
817 void
818 witness_destroy(struct lock_object *lock)
819 {
820 struct lock_class *class;
821 struct witness *w;
822
823 class = LOCK_CLASS(lock);
824
825 if (witness_cold)
826 panic("lock (%s) %s destroyed while witness_cold",
827 class->lc_name, lock->lo_name);
828
829 /* XXX: need to verify that no one holds the lock */
830 if ((lock->lo_flags & LO_WITNESS) == 0 || lock->lo_witness == NULL)
831 return;
832 w = lock->lo_witness;
833
834 mtx_lock_spin(&w_mtx);
835 MPASS(w->w_refcount > 0);
836 w->w_refcount--;
837
838 if (w->w_refcount == 0)
839 depart(w);
840 mtx_unlock_spin(&w_mtx);
841 }
842
843 #ifdef DDB
844 static void
845 witness_ddb_compute_levels(void)
846 {
847 struct witness *w;
848
849 /*
850 * First clear all levels.
851 */
852 STAILQ_FOREACH(w, &w_all, w_list)
853 w->w_ddb_level = -1;
854
855 /*
856 * Look for locks with no parents and level all their descendants.
857 */
858 STAILQ_FOREACH(w, &w_all, w_list) {
859
860 /* If the witness has ancestors (is not a root), skip it. */
861 if (w->w_num_ancestors > 0)
862 continue;
863 witness_ddb_level_descendants(w, 0);
864 }
865 }
866
867 static void
868 witness_ddb_level_descendants(struct witness *w, int l)
869 {
870 int i;
871
872 if (w->w_ddb_level >= l)
873 return;
874
875 w->w_ddb_level = l;
876 l++;
877
878 for (i = 1; i <= w_max_used_index; i++) {
879 if (w_rmatrix[w->w_index][i] & WITNESS_PARENT)
880 witness_ddb_level_descendants(&w_data[i], l);
881 }
882 }
883
884 static void
885 witness_ddb_display_descendants(void(*prnt)(const char *fmt, ...),
886 struct witness *w, int indent)
887 {
888 int i;
889
890 for (i = 0; i < indent; i++)
891 prnt(" ");
892 prnt("%s (type: %s, depth: %d, active refs: %d)",
893 w->w_name, w->w_class->lc_name,
894 w->w_ddb_level, w->w_refcount);
895 if (w->w_displayed) {
896 prnt(" -- (already displayed)\n");
897 return;
898 }
899 w->w_displayed = 1;
900 if (w->w_file != NULL && w->w_line != 0)
901 prnt(" -- last acquired @ %s:%d\n", w->w_file,
902 w->w_line);
903 else
904 prnt(" -- never acquired\n");
905 indent++;
906 WITNESS_INDEX_ASSERT(w->w_index);
907 for (i = 1; i <= w_max_used_index; i++) {
908 if (w_rmatrix[w->w_index][i] & WITNESS_PARENT)
909 witness_ddb_display_descendants(prnt, &w_data[i],
910 indent);
911 }
912 }
913
914 static void
915 witness_ddb_display_list(void(*prnt)(const char *fmt, ...),
916 struct witness_list *list)
917 {
918 struct witness *w;
919
920 STAILQ_FOREACH(w, list, w_typelist) {
921 if (w->w_file == NULL || w->w_ddb_level > 0)
922 continue;
923
924 /* This lock has no anscestors - display its descendants. */
925 witness_ddb_display_descendants(prnt, w, 0);
926 }
927 }
928
929 static void
930 witness_ddb_display(void(*prnt)(const char *fmt, ...))
931 {
932 struct witness *w;
933
934 KASSERT(witness_cold == 0, ("%s: witness_cold", __func__));
935 witness_ddb_compute_levels();
936
937 /* Clear all the displayed flags. */
938 STAILQ_FOREACH(w, &w_all, w_list)
939 w->w_displayed = 0;
940
941 /*
942 * First, handle sleep locks which have been acquired at least
943 * once.
944 */
945 prnt("Sleep locks:\n");
946 witness_ddb_display_list(prnt, &w_sleep);
947
948 /*
949 * Now do spin locks which have been acquired at least once.
950 */
951 prnt("\nSpin locks:\n");
952 witness_ddb_display_list(prnt, &w_spin);
953
954 /*
955 * Finally, any locks which have not been acquired yet.
956 */
957 prnt("\nLocks which were never acquired:\n");
958 STAILQ_FOREACH(w, &w_all, w_list) {
959 if (w->w_file != NULL || w->w_refcount == 0)
960 continue;
961 prnt("%s (type: %s, depth: %d)\n", w->w_name,
962 w->w_class->lc_name, w->w_ddb_level);
963 }
964 }
965 #endif /* DDB */
966
967 /* Trim useless garbage from filenames. */
968 static const char *
969 fixup_filename(const char *file)
970 {
971
972 if (file == NULL)
973 return (NULL);
974 while (strncmp(file, "../", 3) == 0)
975 file += 3;
976 return (file);
977 }
978
979 int
980 witness_defineorder(struct lock_object *lock1, struct lock_object *lock2)
981 {
982
983 if (witness_watch == -1 || panicstr != NULL)
984 return (0);
985
986 /* Require locks that witness knows about. */
987 if (lock1 == NULL || lock1->lo_witness == NULL || lock2 == NULL ||
988 lock2->lo_witness == NULL)
989 return (EINVAL);
990
991 mtx_assert(&w_mtx, MA_NOTOWNED);
992 mtx_lock_spin(&w_mtx);
993
994 /*
995 * If we already have either an explicit or implied lock order that
996 * is the other way around, then return an error.
997 */
998 if (witness_watch &&
999 isitmydescendant(lock2->lo_witness, lock1->lo_witness)) {
1000 mtx_unlock_spin(&w_mtx);
1001 return (EDOOFUS);
1002 }
1003
1004 /* Try to add the new order. */
1005 CTR3(KTR_WITNESS, "%s: adding %s as a child of %s", __func__,
1006 lock2->lo_witness->w_name, lock1->lo_witness->w_name);
1007 itismychild(lock1->lo_witness, lock2->lo_witness);
1008 mtx_unlock_spin(&w_mtx);
1009 return (0);
1010 }
1011
1012 void
1013 witness_checkorder(struct lock_object *lock, int flags, const char *file,
1014 int line)
1015 {
1016 struct lock_list_entry **lock_list, *lle;
1017 struct lock_instance *lock1, *lock2;
1018 struct lock_class *class;
1019 struct witness *w, *w1;
1020 struct thread *td;
1021 int i, j;
1022
1023 if (witness_cold || witness_watch < 1 || lock->lo_witness == NULL ||
1024 panicstr != NULL)
1025 return;
1026
1027 w = lock->lo_witness;
1028 class = LOCK_CLASS(lock);
1029 td = curthread;
1030 file = fixup_filename(file);
1031
1032 if (class->lc_flags & LC_SLEEPLOCK) {
1033
1034 /*
1035 * Since spin locks include a critical section, this check
1036 * implicitly enforces a lock order of all sleep locks before
1037 * all spin locks.
1038 */
1039 if (td->td_critnest != 0 && !kdb_active)
1040 panic("blockable sleep lock (%s) %s @ %s:%d",
1041 class->lc_name, lock->lo_name, file, line);
1042
1043 /*
1044 * If this is the first lock acquired then just return as
1045 * no order checking is needed.
1046 */
1047 if (td->td_sleeplocks == NULL)
1048 return;
1049 lock_list = &td->td_sleeplocks;
1050 } else {
1051
1052 /*
1053 * If this is the first lock, just return as no order
1054 * checking is needed. We check this in both if clauses
1055 * here as unifying the check would require us to use a
1056 * critical section to ensure we don't migrate while doing
1057 * the check. Note that if this is not the first lock, we
1058 * are already in a critical section and are safe for the
1059 * rest of the check.
1060 */
1061 if (PCPU_GET(spinlocks) == NULL)
1062 return;
1063 lock_list = PCPU_PTR(spinlocks);
1064 }
1065
1066 /* Empty list? */
1067 if ((*lock_list)->ll_count == 0)
1068 return;
1069
1070 /*
1071 * Check to see if we are recursing on a lock we already own. If
1072 * so, make sure that we don't mismatch exclusive and shared lock
1073 * acquires.
1074 */
1075 lock1 = find_instance(*lock_list, lock);
1076 if (lock1 != NULL) {
1077 if ((lock1->li_flags & LI_EXCLUSIVE) != 0 &&
1078 (flags & LOP_EXCLUSIVE) == 0) {
1079 printf("shared lock of (%s) %s @ %s:%d\n",
1080 class->lc_name, lock->lo_name, file, line);
1081 printf("while exclusively locked from %s:%d\n",
1082 lock1->li_file, lock1->li_line);
1083 panic("share->excl");
1084 }
1085 if ((lock1->li_flags & LI_EXCLUSIVE) == 0 &&
1086 (flags & LOP_EXCLUSIVE) != 0) {
1087 printf("exclusive lock of (%s) %s @ %s:%d\n",
1088 class->lc_name, lock->lo_name, file, line);
1089 printf("while share locked from %s:%d\n",
1090 lock1->li_file, lock1->li_line);
1091 panic("excl->share");
1092 }
1093 return;
1094 }
1095
1096 /*
1097 * Try to perform most checks without a lock. If this succeeds we
1098 * can skip acquiring the lock and return success.
1099 */
1100 lock1 = &(*lock_list)->ll_children[(*lock_list)->ll_count - 1];
1101 w1 = lock1->li_lock->lo_witness;
1102 if (witness_lock_order_check(w1, w))
1103 return;
1104
1105 /*
1106 * Check for duplicate locks of the same type. Note that we only
1107 * have to check for this on the last lock we just acquired. Any
1108 * other cases will be caught as lock order violations.
1109 */
1110 mtx_lock_spin(&w_mtx);
1111 witness_lock_order_add(w1, w);
1112 if (w1 == w) {
1113 i = w->w_index;
1114 if (!(lock->lo_flags & LO_DUPOK) && !(flags & LOP_DUPOK) &&
1115 !(w_rmatrix[i][i] & WITNESS_REVERSAL)) {
1116 w_rmatrix[i][i] |= WITNESS_REVERSAL;
1117 w->w_reversed = 1;
1118 mtx_unlock_spin(&w_mtx);
1119 printf("acquiring duplicate lock of same type: \"%s\"\n",
1120 w->w_name);
1121 printf(" 1st %s @ %s:%d\n", lock1->li_lock->lo_name,
1122 lock1->li_file, lock1->li_line);
1123 printf(" 2nd %s @ %s:%d\n", lock->lo_name, file, line);
1124 witness_debugger(1);
1125 } else
1126 mtx_unlock_spin(&w_mtx);
1127 return;
1128 }
1129 mtx_assert(&w_mtx, MA_OWNED);
1130
1131 /*
1132 * If we know that the the lock we are acquiring comes after
1133 * the lock we most recently acquired in the lock order tree,
1134 * then there is no need for any further checks.
1135 */
1136 if (isitmychild(w1, w))
1137 goto out;
1138
1139 for (j = 0, lle = *lock_list; lle != NULL; lle = lle->ll_next) {
1140 for (i = lle->ll_count - 1; i >= 0; i--, j++) {
1141
1142 MPASS(j < WITNESS_COUNT);
1143 lock1 = &lle->ll_children[i];
1144 w1 = lock1->li_lock->lo_witness;
1145
1146 /*
1147 * If this lock doesn't undergo witness checking,
1148 * then skip it.
1149 */
1150 if (w1 == NULL) {
1151 KASSERT((lock1->li_lock->lo_flags & LO_WITNESS) == 0,
1152 ("lock missing witness structure"));
1153 continue;
1154 }
1155
1156 /*
1157 * If we are locking Giant and this is a sleepable
1158 * lock, then skip it.
1159 */
1160 if ((lock1->li_lock->lo_flags & LO_SLEEPABLE) != 0 &&
1161 lock == &Giant.lock_object)
1162 continue;
1163
1164 /*
1165 * If we are locking a sleepable lock and this lock
1166 * is Giant, then skip it.
1167 */
1168 if ((lock->lo_flags & LO_SLEEPABLE) != 0 &&
1169 lock1->li_lock == &Giant.lock_object)
1170 continue;
1171
1172 /*
1173 * If we are locking a sleepable lock and this lock
1174 * isn't sleepable, we want to treat it as a lock
1175 * order violation to enfore a general lock order of
1176 * sleepable locks before non-sleepable locks.
1177 */
1178 if (((lock->lo_flags & LO_SLEEPABLE) != 0 &&
1179 (lock1->li_lock->lo_flags & LO_SLEEPABLE) == 0))
1180 goto reversal;
1181
1182 /*
1183 * If we are locking Giant and this is a non-sleepable
1184 * lock, then treat it as a reversal.
1185 */
1186 if ((lock1->li_lock->lo_flags & LO_SLEEPABLE) == 0 &&
1187 lock == &Giant.lock_object)
1188 goto reversal;
1189
1190 /*
1191 * Check the lock order hierarchy for a reveresal.
1192 */
1193 if (!isitmydescendant(w, w1))
1194 continue;
1195 reversal:
1196
1197 /*
1198 * We have a lock order violation, check to see if it
1199 * is allowed or has already been yelled about.
1200 */
1201 #ifdef BLESSING
1202
1203 /*
1204 * If the lock order is blessed, just bail. We don't
1205 * look for other lock order violations though, which
1206 * may be a bug.
1207 */
1208 if (blessed(w, w1))
1209 goto out;
1210 #endif
1211
1212 /* Bail if this violation is known */
1213 if (w_rmatrix[w1->w_index][w->w_index] & WITNESS_REVERSAL)
1214 goto out;
1215
1216 /* Record this as a violation */
1217 w_rmatrix[w1->w_index][w->w_index] |= WITNESS_REVERSAL;
1218 w_rmatrix[w->w_index][w1->w_index] |= WITNESS_REVERSAL;
1219 w->w_reversed = w1->w_reversed = 1;
1220 witness_increment_graph_generation();
1221 mtx_unlock_spin(&w_mtx);
1222
1223 /*
1224 * Ok, yell about it.
1225 */
1226 if (((lock->lo_flags & LO_SLEEPABLE) != 0 &&
1227 (lock1->li_lock->lo_flags & LO_SLEEPABLE) == 0))
1228 printf(
1229 "lock order reversal: (sleepable after non-sleepable)\n");
1230 else if ((lock1->li_lock->lo_flags & LO_SLEEPABLE) == 0
1231 && lock == &Giant.lock_object)
1232 printf(
1233 "lock order reversal: (Giant after non-sleepable)\n");
1234 else
1235 printf("lock order reversal:\n");
1236
1237 /*
1238 * Try to locate an earlier lock with
1239 * witness w in our list.
1240 */
1241 do {
1242 lock2 = &lle->ll_children[i];
1243 MPASS(lock2->li_lock != NULL);
1244 if (lock2->li_lock->lo_witness == w)
1245 break;
1246 if (i == 0 && lle->ll_next != NULL) {
1247 lle = lle->ll_next;
1248 i = lle->ll_count - 1;
1249 MPASS(i >= 0 && i < LOCK_NCHILDREN);
1250 } else
1251 i--;
1252 } while (i >= 0);
1253 if (i < 0) {
1254 printf(" 1st %p %s (%s) @ %s:%d\n",
1255 lock1->li_lock, lock1->li_lock->lo_name,
1256 w1->w_name, lock1->li_file, lock1->li_line);
1257 printf(" 2nd %p %s (%s) @ %s:%d\n", lock,
1258 lock->lo_name, w->w_name, file, line);
1259 } else {
1260 printf(" 1st %p %s (%s) @ %s:%d\n",
1261 lock2->li_lock, lock2->li_lock->lo_name,
1262 lock2->li_lock->lo_witness->w_name,
1263 lock2->li_file, lock2->li_line);
1264 printf(" 2nd %p %s (%s) @ %s:%d\n",
1265 lock1->li_lock, lock1->li_lock->lo_name,
1266 w1->w_name, lock1->li_file, lock1->li_line);
1267 printf(" 3rd %p %s (%s) @ %s:%d\n", lock,
1268 lock->lo_name, w->w_name, file, line);
1269 }
1270 witness_debugger(1);
1271 return;
1272 }
1273 }
1274 lock1 = &(*lock_list)->ll_children[(*lock_list)->ll_count - 1];
1275
1276 /*
1277 * If requested, build a new lock order. However, don't build a new
1278 * relationship between a sleepable lock and Giant if it is in the
1279 * wrong direction. The correct lock order is that sleepable locks
1280 * always come before Giant.
1281 */
1282 if (flags & LOP_NEWORDER &&
1283 !(lock1->li_lock == &Giant.lock_object &&
1284 (lock->lo_flags & LO_SLEEPABLE) != 0)) {
1285 CTR3(KTR_WITNESS, "%s: adding %s as a child of %s", __func__,
1286 w->w_name, lock1->li_lock->lo_witness->w_name);
1287 itismychild(lock1->li_lock->lo_witness, w);
1288 }
1289 out:
1290 mtx_unlock_spin(&w_mtx);
1291 }
1292
1293 void
1294 witness_lock(struct lock_object *lock, int flags, const char *file, int line)
1295 {
1296 struct lock_list_entry **lock_list, *lle;
1297 struct lock_instance *instance;
1298 struct witness *w;
1299 struct thread *td;
1300
1301 if (witness_cold || witness_watch == -1 || lock->lo_witness == NULL ||
1302 panicstr != NULL)
1303 return;
1304 w = lock->lo_witness;
1305 td = curthread;
1306 file = fixup_filename(file);
1307
1308 /* Determine lock list for this lock. */
1309 if (LOCK_CLASS(lock)->lc_flags & LC_SLEEPLOCK)
1310 lock_list = &td->td_sleeplocks;
1311 else
1312 lock_list = PCPU_PTR(spinlocks);
1313
1314 /* Check to see if we are recursing on a lock we already own. */
1315 instance = find_instance(*lock_list, lock);
1316 if (instance != NULL) {
1317 instance->li_flags++;
1318 CTR4(KTR_WITNESS, "%s: pid %d recursed on %s r=%d", __func__,
1319 td->td_proc->p_pid, lock->lo_name,
1320 instance->li_flags & LI_RECURSEMASK);
1321 instance->li_file = file;
1322 instance->li_line = line;
1323 return;
1324 }
1325
1326 /* Update per-witness last file and line acquire. */
1327 w->w_file = file;
1328 w->w_line = line;
1329
1330 /* Find the next open lock instance in the list and fill it. */
1331 lle = *lock_list;
1332 if (lle == NULL || lle->ll_count == LOCK_NCHILDREN) {
1333 lle = witness_lock_list_get();
1334 if (lle == NULL)
1335 return;
1336 lle->ll_next = *lock_list;
1337 CTR3(KTR_WITNESS, "%s: pid %d added lle %p", __func__,
1338 td->td_proc->p_pid, lle);
1339 *lock_list = lle;
1340 }
1341 instance = &lle->ll_children[lle->ll_count++];
1342 instance->li_lock = lock;
1343 instance->li_line = line;
1344 instance->li_file = file;
1345 if ((flags & LOP_EXCLUSIVE) != 0)
1346 instance->li_flags = LI_EXCLUSIVE;
1347 else
1348 instance->li_flags = 0;
1349 CTR4(KTR_WITNESS, "%s: pid %d added %s as lle[%d]", __func__,
1350 td->td_proc->p_pid, lock->lo_name, lle->ll_count - 1);
1351 }
1352
1353 void
1354 witness_upgrade(struct lock_object *lock, int flags, const char *file, int line)
1355 {
1356 struct lock_instance *instance;
1357 struct lock_class *class;
1358
1359 KASSERT(witness_cold == 0, ("%s: witness_cold", __func__));
1360 if (lock->lo_witness == NULL || witness_watch == -1 || panicstr != NULL)
1361 return;
1362 class = LOCK_CLASS(lock);
1363 file = fixup_filename(file);
1364 if (witness_watch) {
1365 if ((lock->lo_flags & LO_UPGRADABLE) == 0)
1366 panic("upgrade of non-upgradable lock (%s) %s @ %s:%d",
1367 class->lc_name, lock->lo_name, file, line);
1368 if ((class->lc_flags & LC_SLEEPLOCK) == 0)
1369 panic("upgrade of non-sleep lock (%s) %s @ %s:%d",
1370 class->lc_name, lock->lo_name, file, line);
1371 }
1372 instance = find_instance(curthread->td_sleeplocks, lock);
1373 if (instance == NULL)
1374 panic("upgrade of unlocked lock (%s) %s @ %s:%d",
1375 class->lc_name, lock->lo_name, file, line);
1376 if (witness_watch) {
1377 if ((instance->li_flags & LI_EXCLUSIVE) != 0)
1378 panic("upgrade of exclusive lock (%s) %s @ %s:%d",
1379 class->lc_name, lock->lo_name, file, line);
1380 if ((instance->li_flags & LI_RECURSEMASK) != 0)
1381 panic("upgrade of recursed lock (%s) %s r=%d @ %s:%d",
1382 class->lc_name, lock->lo_name,
1383 instance->li_flags & LI_RECURSEMASK, file, line);
1384 }
1385 instance->li_flags |= LI_EXCLUSIVE;
1386 }
1387
1388 void
1389 witness_downgrade(struct lock_object *lock, int flags, const char *file,
1390 int line)
1391 {
1392 struct lock_instance *instance;
1393 struct lock_class *class;
1394
1395 KASSERT(witness_cold == 0, ("%s: witness_cold", __func__));
1396 if (lock->lo_witness == NULL || witness_watch == -1 || panicstr != NULL)
1397 return;
1398 class = LOCK_CLASS(lock);
1399 file = fixup_filename(file);
1400 if (witness_watch) {
1401 if ((lock->lo_flags & LO_UPGRADABLE) == 0)
1402 panic("downgrade of non-upgradable lock (%s) %s @ %s:%d",
1403 class->lc_name, lock->lo_name, file, line);
1404 if ((class->lc_flags & LC_SLEEPLOCK) == 0)
1405 panic("downgrade of non-sleep lock (%s) %s @ %s:%d",
1406 class->lc_name, lock->lo_name, file, line);
1407 }
1408 instance = find_instance(curthread->td_sleeplocks, lock);
1409 if (instance == NULL)
1410 panic("downgrade of unlocked lock (%s) %s @ %s:%d",
1411 class->lc_name, lock->lo_name, file, line);
1412 if (witness_watch) {
1413 if ((instance->li_flags & LI_EXCLUSIVE) == 0)
1414 panic("downgrade of shared lock (%s) %s @ %s:%d",
1415 class->lc_name, lock->lo_name, file, line);
1416 if ((instance->li_flags & LI_RECURSEMASK) != 0)
1417 panic("downgrade of recursed lock (%s) %s r=%d @ %s:%d",
1418 class->lc_name, lock->lo_name,
1419 instance->li_flags & LI_RECURSEMASK, file, line);
1420 }
1421 instance->li_flags &= ~LI_EXCLUSIVE;
1422 }
1423
1424 void
1425 witness_unlock(struct lock_object *lock, int flags, const char *file, int line)
1426 {
1427 struct lock_list_entry **lock_list, *lle;
1428 struct lock_instance *instance;
1429 struct lock_class *class;
1430 struct thread *td;
1431 register_t s;
1432 int i, j;
1433
1434 if (witness_cold || lock->lo_witness == NULL || panicstr != NULL)
1435 return;
1436 td = curthread;
1437 class = LOCK_CLASS(lock);
1438 file = fixup_filename(file);
1439
1440 /* Find lock instance associated with this lock. */
1441 if (class->lc_flags & LC_SLEEPLOCK)
1442 lock_list = &td->td_sleeplocks;
1443 else
1444 lock_list = PCPU_PTR(spinlocks);
1445 lle = *lock_list;
1446 for (; *lock_list != NULL; lock_list = &(*lock_list)->ll_next)
1447 for (i = 0; i < (*lock_list)->ll_count; i++) {
1448 instance = &(*lock_list)->ll_children[i];
1449 if (instance->li_lock == lock)
1450 goto found;
1451 }
1452
1453 /*
1454 * When disabling WITNESS through witness_watch we could end up in
1455 * having registered locks in the td_sleeplocks queue.
1456 * We have to make sure we flush these queues, so just search for
1457 * eventual register locks and remove them.
1458 */
1459 if (witness_watch > 0)
1460 panic("lock (%s) %s not locked @ %s:%d", class->lc_name,
1461 lock->lo_name, file, line);
1462 else
1463 return;
1464 found:
1465
1466 /* First, check for shared/exclusive mismatches. */
1467 if ((instance->li_flags & LI_EXCLUSIVE) != 0 && witness_watch > 0 &&
1468 (flags & LOP_EXCLUSIVE) == 0) {
1469 printf("shared unlock of (%s) %s @ %s:%d\n", class->lc_name,
1470 lock->lo_name, file, line);
1471 printf("while exclusively locked from %s:%d\n",
1472 instance->li_file, instance->li_line);
1473 panic("excl->ushare");
1474 }
1475 if ((instance->li_flags & LI_EXCLUSIVE) == 0 && witness_watch > 0 &&
1476 (flags & LOP_EXCLUSIVE) != 0) {
1477 printf("exclusive unlock of (%s) %s @ %s:%d\n", class->lc_name,
1478 lock->lo_name, file, line);
1479 printf("while share locked from %s:%d\n", instance->li_file,
1480 instance->li_line);
1481 panic("share->uexcl");
1482 }
1483
1484 /* If we are recursed, unrecurse. */
1485 if ((instance->li_flags & LI_RECURSEMASK) > 0) {
1486 CTR4(KTR_WITNESS, "%s: pid %d unrecursed on %s r=%d", __func__,
1487 td->td_proc->p_pid, instance->li_lock->lo_name,
1488 instance->li_flags);
1489 instance->li_flags--;
1490 return;
1491 }
1492
1493 /* Otherwise, remove this item from the list. */
1494 s = intr_disable();
1495 CTR4(KTR_WITNESS, "%s: pid %d removed %s from lle[%d]", __func__,
1496 td->td_proc->p_pid, instance->li_lock->lo_name,
1497 (*lock_list)->ll_count - 1);
1498 for (j = i; j < (*lock_list)->ll_count - 1; j++)
1499 (*lock_list)->ll_children[j] =
1500 (*lock_list)->ll_children[j + 1];
1501 (*lock_list)->ll_count--;
1502 intr_restore(s);
1503
1504 /*
1505 * If this lock list entry is not the first and is now empty, free it.
1506 */
1507 if (*lock_list != lle && (*lock_list)->ll_count == 0) {
1508 lle = *lock_list;
1509 *lock_list = lle->ll_next;
1510 CTR3(KTR_WITNESS, "%s: pid %d removed lle %p", __func__,
1511 td->td_proc->p_pid, lle);
1512 witness_lock_list_free(lle);
1513 }
1514 }
1515
1516 void
1517 witness_thread_exit(struct thread *td)
1518 {
1519 struct lock_list_entry *lle;
1520 int i, n;
1521
1522 lle = td->td_sleeplocks;
1523 if (lle == NULL || panicstr != NULL)
1524 return;
1525 if (lle->ll_count != 0) {
1526 for (n = 0; lle != NULL; lle = lle->ll_next)
1527 for (i = lle->ll_count - 1; i >= 0; i--) {
1528 if (n == 0)
1529 printf("Thread %p exiting with the following locks held:\n",
1530 td);
1531 n++;
1532 witness_list_lock(&lle->ll_children[i]);
1533
1534 }
1535 panic("Thread %p cannot exit while holding sleeplocks\n", td);
1536 }
1537 witness_lock_list_free(lle);
1538 }
1539
1540 /*
1541 * Warn if any locks other than 'lock' are held. Flags can be passed in to
1542 * exempt Giant and sleepable locks from the checks as well. If any
1543 * non-exempt locks are held, then a supplied message is printed to the
1544 * console along with a list of the offending locks. If indicated in the
1545 * flags then a failure results in a panic as well.
1546 */
1547 int
1548 witness_warn(int flags, struct lock_object *lock, const char *fmt, ...)
1549 {
1550 struct lock_list_entry **lock_list, *lle;
1551 struct lock_instance *lock1;
1552 struct thread *td;
1553 va_list ap;
1554 int i, n;
1555
1556 if (witness_cold || witness_watch < 1 || panicstr != NULL)
1557 return (0);
1558 n = 0;
1559 td = curthread;
1560 for (lle = td->td_sleeplocks; lle != NULL; lle = lle->ll_next)
1561 for (i = lle->ll_count - 1; i >= 0; i--) {
1562 lock1 = &lle->ll_children[i];
1563 if (lock1->li_lock == lock)
1564 continue;
1565 if (flags & WARN_GIANTOK &&
1566 lock1->li_lock == &Giant.lock_object)
1567 continue;
1568 if (flags & WARN_SLEEPOK &&
1569 (lock1->li_lock->lo_flags & LO_SLEEPABLE) != 0)
1570 continue;
1571 if (n == 0) {
1572 va_start(ap, fmt);
1573 vprintf(fmt, ap);
1574 va_end(ap);
1575 printf(" with the following");
1576 if (flags & WARN_SLEEPOK)
1577 printf(" non-sleepable");
1578 printf(" locks held:\n");
1579 }
1580 n++;
1581 witness_list_lock(lock1);
1582 }
1583 if (PCPU_GET(spinlocks) != NULL) {
1584 lock_list = PCPU_PTR(spinlocks);
1585
1586 /* Empty list? */
1587 if ((*lock_list)->ll_count == 0)
1588 return (n);
1589
1590 /*
1591 * Since we already hold a spinlock preemption is
1592 * already blocked.
1593 */
1594 if (n == 0) {
1595 va_start(ap, fmt);
1596 vprintf(fmt, ap);
1597 va_end(ap);
1598 printf(" with the following");
1599 if (flags & WARN_SLEEPOK)
1600 printf(" non-sleepable");
1601 printf(" locks held:\n");
1602 }
1603 n += witness_list_locks(PCPU_PTR(spinlocks));
1604 }
1605 if (flags & WARN_PANIC && n)
1606 panic("%s", __func__);
1607 else
1608 witness_debugger(n);
1609 return (n);
1610 }
1611
1612 const char *
1613 witness_file(struct lock_object *lock)
1614 {
1615 struct witness *w;
1616
1617 if (witness_cold || witness_watch < 1 || lock->lo_witness == NULL)
1618 return ("?");
1619 w = lock->lo_witness;
1620 return (w->w_file);
1621 }
1622
1623 int
1624 witness_line(struct lock_object *lock)
1625 {
1626 struct witness *w;
1627
1628 if (witness_cold || witness_watch < 1 || lock->lo_witness == NULL)
1629 return (0);
1630 w = lock->lo_witness;
1631 return (w->w_line);
1632 }
1633
1634 static struct witness *
1635 enroll(const char *description, struct lock_class *lock_class)
1636 {
1637 struct witness *w;
1638 struct witness_list *typelist;
1639
1640 MPASS(description != NULL);
1641
1642 if (witness_watch == -1 || panicstr != NULL)
1643 return (NULL);
1644 if ((lock_class->lc_flags & LC_SPINLOCK)) {
1645 if (witness_skipspin)
1646 return (NULL);
1647 else
1648 typelist = &w_spin;
1649 } else if ((lock_class->lc_flags & LC_SLEEPLOCK))
1650 typelist = &w_sleep;
1651 else
1652 panic("lock class %s is not sleep or spin",
1653 lock_class->lc_name);
1654
1655 mtx_lock_spin(&w_mtx);
1656 w = witness_hash_get(description);
1657 if (w)
1658 goto found;
1659 if ((w = witness_get()) == NULL)
1660 return (NULL);
1661 MPASS(strlen(description) < MAX_W_NAME);
1662 strcpy(w->w_name, description);
1663 w->w_class = lock_class;
1664 w->w_refcount = 1;
1665 STAILQ_INSERT_HEAD(&w_all, w, w_list);
1666 if (lock_class->lc_flags & LC_SPINLOCK) {
1667 STAILQ_INSERT_HEAD(&w_spin, w, w_typelist);
1668 w_spin_cnt++;
1669 } else if (lock_class->lc_flags & LC_SLEEPLOCK) {
1670 STAILQ_INSERT_HEAD(&w_sleep, w, w_typelist);
1671 w_sleep_cnt++;
1672 }
1673
1674 /* Insert new witness into the hash */
1675 witness_hash_put(w);
1676 witness_increment_graph_generation();
1677 mtx_unlock_spin(&w_mtx);
1678 return (w);
1679 found:
1680 w->w_refcount++;
1681 mtx_unlock_spin(&w_mtx);
1682 if (lock_class != w->w_class)
1683 panic(
1684 "lock (%s) %s does not match earlier (%s) lock",
1685 description, lock_class->lc_name,
1686 w->w_class->lc_name);
1687 return (w);
1688 }
1689
1690 static void
1691 depart(struct witness *w)
1692 {
1693 struct witness_list *list;
1694
1695 MPASS(w->w_refcount == 0);
1696 if (w->w_class->lc_flags & LC_SLEEPLOCK) {
1697 list = &w_sleep;
1698 w_sleep_cnt--;
1699 } else {
1700 list = &w_spin;
1701 w_spin_cnt--;
1702 }
1703 /*
1704 * Set file to NULL as it may point into a loadable module.
1705 */
1706 w->w_file = NULL;
1707 w->w_line = 0;
1708 witness_increment_graph_generation();
1709 }
1710
1711
1712 static void
1713 adopt(struct witness *parent, struct witness *child)
1714 {
1715 int pi, ci, i, j;
1716
1717 if (witness_cold == 0)
1718 mtx_assert(&w_mtx, MA_OWNED);
1719
1720 /* If the relationship is already known, there's no work to be done. */
1721 if (isitmychild(parent, child))
1722 return;
1723
1724 /* When the structure of the graph changes, bump up the generation. */
1725 witness_increment_graph_generation();
1726
1727 /*
1728 * The hard part ... create the direct relationship, then propagate all
1729 * indirect relationships.
1730 */
1731 pi = parent->w_index;
1732 ci = child->w_index;
1733 WITNESS_INDEX_ASSERT(pi);
1734 WITNESS_INDEX_ASSERT(ci);
1735 MPASS(pi != ci);
1736 w_rmatrix[pi][ci] |= WITNESS_PARENT;
1737 w_rmatrix[ci][pi] |= WITNESS_CHILD;
1738
1739 /*
1740 * If parent was not already an ancestor of child,
1741 * then we increment the descendant and ancestor counters.
1742 */
1743 if ((w_rmatrix[pi][ci] & WITNESS_ANCESTOR) == 0) {
1744 parent->w_num_descendants++;
1745 child->w_num_ancestors++;
1746 }
1747
1748 /*
1749 * Find each ancestor of 'pi'. Note that 'pi' itself is counted as
1750 * an ancestor of 'pi' during this loop.
1751 */
1752 for (i = 1; i <= w_max_used_index; i++) {
1753 if ((w_rmatrix[i][pi] & WITNESS_ANCESTOR_MASK) == 0 &&
1754 (i != pi))
1755 continue;
1756
1757 /* Find each descendant of 'i' and mark it as a descendant. */
1758 for (j = 1; j <= w_max_used_index; j++) {
1759
1760 /*
1761 * Skip children that are already marked as
1762 * descendants of 'i'.
1763 */
1764 if (w_rmatrix[i][j] & WITNESS_ANCESTOR_MASK)
1765 continue;
1766
1767 /*
1768 * We are only interested in descendants of 'ci'. Note
1769 * that 'ci' itself is counted as a descendant of 'ci'.
1770 */
1771 if ((w_rmatrix[ci][j] & WITNESS_ANCESTOR_MASK) == 0 &&
1772 (j != ci))
1773 continue;
1774 w_rmatrix[i][j] |= WITNESS_ANCESTOR;
1775 w_rmatrix[j][i] |= WITNESS_DESCENDANT;
1776 w_data[i].w_num_descendants++;
1777 w_data[j].w_num_ancestors++;
1778
1779 /*
1780 * Make sure we aren't marking a node as both an
1781 * ancestor and descendant. We should have caught
1782 * this as a lock order reversal earlier.
1783 */
1784 if ((w_rmatrix[i][j] & WITNESS_ANCESTOR_MASK) &&
1785 (w_rmatrix[i][j] & WITNESS_DESCENDANT_MASK)) {
1786 printf("witness rmatrix paradox! [%d][%d]=%d "
1787 "both ancestor and descendant\n",
1788 i, j, w_rmatrix[i][j]);
1789 kdb_backtrace();
1790 printf("Witness disabled.\n");
1791 witness_watch = -1;
1792 }
1793 if ((w_rmatrix[j][i] & WITNESS_ANCESTOR_MASK) &&
1794 (w_rmatrix[j][i] & WITNESS_DESCENDANT_MASK)) {
1795 printf("witness rmatrix paradox! [%d][%d]=%d "
1796 "both ancestor and descendant\n",
1797 j, i, w_rmatrix[j][i]);
1798 kdb_backtrace();
1799 printf("Witness disabled.\n");
1800 witness_watch = -1;
1801 }
1802 }
1803 }
1804 }
1805
1806 static void
1807 itismychild(struct witness *parent, struct witness *child)
1808 {
1809
1810 MPASS(child != NULL && parent != NULL);
1811 if (witness_cold == 0)
1812 mtx_assert(&w_mtx, MA_OWNED);
1813
1814 if (!witness_lock_type_equal(parent, child)) {
1815 if (witness_cold == 0)
1816 mtx_unlock_spin(&w_mtx);
1817 panic("%s: parent \"%s\" (%s) and child \"%s\" (%s) are not "
1818 "the same lock type", __func__, parent->w_name,
1819 parent->w_class->lc_name, child->w_name,
1820 child->w_class->lc_name);
1821 }
1822 adopt(parent, child);
1823 }
1824
1825 /*
1826 * Generic code for the isitmy*() functions. The rmask parameter is the
1827 * expected relationship of w1 to w2.
1828 */
1829 static int
1830 _isitmyx(struct witness *w1, struct witness *w2, int rmask, const char *fname)
1831 {
1832 unsigned char r1, r2;
1833 int i1, i2;
1834
1835 i1 = w1->w_index;
1836 i2 = w2->w_index;
1837 WITNESS_INDEX_ASSERT(i1);
1838 WITNESS_INDEX_ASSERT(i2);
1839 r1 = w_rmatrix[i1][i2] & WITNESS_RELATED_MASK;
1840 r2 = w_rmatrix[i2][i1] & WITNESS_RELATED_MASK;
1841
1842 /* The flags on one better be the inverse of the flags on the other */
1843 if (!((WITNESS_ATOD(r1) == r2 && WITNESS_DTOA(r2) == r1) ||
1844 (WITNESS_DTOA(r1) == r2 && WITNESS_ATOD(r2) == r1))) {
1845 printf("%s: rmatrix mismatch between %s (index %d) and %s "
1846 "(index %d): w_rmatrix[%d][%d] == %hhx but "
1847 "w_rmatrix[%d][%d] == %hhx\n",
1848 fname, w1->w_name, i1, w2->w_name, i2, i1, i2, r1,
1849 i2, i1, r2);
1850 kdb_backtrace();
1851 printf("Witness disabled.\n");
1852 witness_watch = -1;
1853 }
1854 return (r1 & rmask);
1855 }
1856
1857 /*
1858 * Checks if @child is a direct child of @parent.
1859 */
1860 static int
1861 isitmychild(struct witness *parent, struct witness *child)
1862 {
1863
1864 return (_isitmyx(parent, child, WITNESS_PARENT, __func__));
1865 }
1866
1867 /*
1868 * Checks if @descendant is a direct or inderect descendant of @ancestor.
1869 */
1870 static int
1871 isitmydescendant(struct witness *ancestor, struct witness *descendant)
1872 {
1873
1874 return (_isitmyx(ancestor, descendant, WITNESS_ANCESTOR_MASK,
1875 __func__));
1876 }
1877
1878 #ifdef BLESSING
1879 static int
1880 blessed(struct witness *w1, struct witness *w2)
1881 {
1882 int i;
1883 struct witness_blessed *b;
1884
1885 for (i = 0; i < blessed_count; i++) {
1886 b = &blessed_list[i];
1887 if (strcmp(w1->w_name, b->b_lock1) == 0) {
1888 if (strcmp(w2->w_name, b->b_lock2) == 0)
1889 return (1);
1890 continue;
1891 }
1892 if (strcmp(w1->w_name, b->b_lock2) == 0)
1893 if (strcmp(w2->w_name, b->b_lock1) == 0)
1894 return (1);
1895 }
1896 return (0);
1897 }
1898 #endif
1899
1900 static struct witness *
1901 witness_get(void)
1902 {
1903 struct witness *w;
1904 int index;
1905
1906 if (witness_cold == 0)
1907 mtx_assert(&w_mtx, MA_OWNED);
1908
1909 if (witness_watch == -1) {
1910 mtx_unlock_spin(&w_mtx);
1911 return (NULL);
1912 }
1913 if (STAILQ_EMPTY(&w_free)) {
1914 witness_watch = -1;
1915 mtx_unlock_spin(&w_mtx);
1916 printf("WITNESS: unable to allocate a new witness object\n");
1917 return (NULL);
1918 }
1919 w = STAILQ_FIRST(&w_free);
1920 STAILQ_REMOVE_HEAD(&w_free, w_list);
1921 w_free_cnt--;
1922 index = w->w_index;
1923 MPASS(index > 0 && index == w_max_used_index+1 &&
1924 index < WITNESS_COUNT);
1925 bzero(w, sizeof(*w));
1926 w->w_index = index;
1927 if (index > w_max_used_index)
1928 w_max_used_index = index;
1929 return (w);
1930 }
1931
1932 static void
1933 witness_free(struct witness *w)
1934 {
1935
1936 STAILQ_INSERT_HEAD(&w_free, w, w_list);
1937 w_free_cnt++;
1938 }
1939
1940 static struct lock_list_entry *
1941 witness_lock_list_get(void)
1942 {
1943 struct lock_list_entry *lle;
1944
1945 if (witness_watch == -1)
1946 return (NULL);
1947 mtx_lock_spin(&w_mtx);
1948 lle = w_lock_list_free;
1949 if (lle == NULL) {
1950 witness_watch = -1;
1951 mtx_unlock_spin(&w_mtx);
1952 printf("%s: witness exhausted\n", __func__);
1953 return (NULL);
1954 }
1955 w_lock_list_free = lle->ll_next;
1956 mtx_unlock_spin(&w_mtx);
1957 bzero(lle, sizeof(*lle));
1958 return (lle);
1959 }
1960
1961 static void
1962 witness_lock_list_free(struct lock_list_entry *lle)
1963 {
1964
1965 mtx_lock_spin(&w_mtx);
1966 lle->ll_next = w_lock_list_free;
1967 w_lock_list_free = lle;
1968 mtx_unlock_spin(&w_mtx);
1969 }
1970
1971 static struct lock_instance *
1972 find_instance(struct lock_list_entry *list, struct lock_object *lock)
1973 {
1974 struct lock_list_entry *lle;
1975 struct lock_instance *instance;
1976 int i;
1977
1978 for (lle = list; lle != NULL; lle = lle->ll_next)
1979 for (i = lle->ll_count - 1; i >= 0; i--) {
1980 instance = &lle->ll_children[i];
1981 if (instance->li_lock == lock)
1982 return (instance);
1983 }
1984 return (NULL);
1985 }
1986
1987 static void
1988 witness_list_lock(struct lock_instance *instance)
1989 {
1990 struct lock_object *lock;
1991
1992 lock = instance->li_lock;
1993 printf("%s %s %s", (instance->li_flags & LI_EXCLUSIVE) != 0 ?
1994 "exclusive" : "shared", LOCK_CLASS(lock)->lc_name, lock->lo_name);
1995 if (lock->lo_witness->w_name != lock->lo_name)
1996 printf(" (%s)", lock->lo_witness->w_name);
1997 printf(" r = %d (%p) locked @ %s:%d\n",
1998 instance->li_flags & LI_RECURSEMASK, lock, instance->li_file,
1999 instance->li_line);
2000 }
2001
2002 #ifdef DDB
2003 static int
2004 witness_thread_has_locks(struct thread *td)
2005 {
2006
2007 return (td->td_sleeplocks != NULL);
2008 }
2009
2010 static int
2011 witness_proc_has_locks(struct proc *p)
2012 {
2013 struct thread *td;
2014
2015 FOREACH_THREAD_IN_PROC(p, td) {
2016 if (witness_thread_has_locks(td))
2017 return (1);
2018 }
2019 return (0);
2020 }
2021 #endif
2022
2023 int
2024 witness_list_locks(struct lock_list_entry **lock_list)
2025 {
2026 struct lock_list_entry *lle;
2027 int i, nheld;
2028
2029 nheld = 0;
2030 for (lle = *lock_list; lle != NULL; lle = lle->ll_next)
2031 for (i = lle->ll_count - 1; i >= 0; i--) {
2032 witness_list_lock(&lle->ll_children[i]);
2033 nheld++;
2034 }
2035 return (nheld);
2036 }
2037
2038 /*
2039 * This is a bit risky at best. We call this function when we have timed
2040 * out acquiring a spin lock, and we assume that the other CPU is stuck
2041 * with this lock held. So, we go groveling around in the other CPU's
2042 * per-cpu data to try to find the lock instance for this spin lock to
2043 * see when it was last acquired.
2044 */
2045 void
2046 witness_display_spinlock(struct lock_object *lock, struct thread *owner)
2047 {
2048 struct lock_instance *instance;
2049 struct pcpu *pc;
2050
2051 if (owner->td_critnest == 0 || owner->td_oncpu == NOCPU)
2052 return;
2053 pc = pcpu_find(owner->td_oncpu);
2054 instance = find_instance(pc->pc_spinlocks, lock);
2055 if (instance != NULL)
2056 witness_list_lock(instance);
2057 }
2058
2059 void
2060 witness_save(struct lock_object *lock, const char **filep, int *linep)
2061 {
2062 struct lock_list_entry *lock_list;
2063 struct lock_instance *instance;
2064 struct lock_class *class;
2065
2066 KASSERT(witness_cold == 0, ("%s: witness_cold", __func__));
2067 if (lock->lo_witness == NULL || witness_watch == -1 || panicstr != NULL)
2068 return;
2069 class = LOCK_CLASS(lock);
2070 if (class->lc_flags & LC_SLEEPLOCK)
2071 lock_list = curthread->td_sleeplocks;
2072 else {
2073 if (witness_skipspin)
2074 return;
2075 lock_list = PCPU_GET(spinlocks);
2076 }
2077 instance = find_instance(lock_list, lock);
2078 if (instance == NULL)
2079 panic("%s: lock (%s) %s not locked", __func__,
2080 class->lc_name, lock->lo_name);
2081 *filep = instance->li_file;
2082 *linep = instance->li_line;
2083 }
2084
2085 void
2086 witness_restore(struct lock_object *lock, const char *file, int line)
2087 {
2088 struct lock_list_entry *lock_list;
2089 struct lock_instance *instance;
2090 struct lock_class *class;
2091
2092 KASSERT(witness_cold == 0, ("%s: witness_cold", __func__));
2093 if (lock->lo_witness == NULL || witness_watch == -1 || panicstr != NULL)
2094 return;
2095 class = LOCK_CLASS(lock);
2096 if (class->lc_flags & LC_SLEEPLOCK)
2097 lock_list = curthread->td_sleeplocks;
2098 else {
2099 if (witness_skipspin)
2100 return;
2101 lock_list = PCPU_GET(spinlocks);
2102 }
2103 instance = find_instance(lock_list, lock);
2104 if (instance == NULL)
2105 panic("%s: lock (%s) %s not locked", __func__,
2106 class->lc_name, lock->lo_name);
2107 lock->lo_witness->w_file = file;
2108 lock->lo_witness->w_line = line;
2109 instance->li_file = file;
2110 instance->li_line = line;
2111 }
2112
2113 void
2114 witness_assert(struct lock_object *lock, int flags, const char *file, int line)
2115 {
2116 #ifdef INVARIANT_SUPPORT
2117 struct lock_instance *instance;
2118 struct lock_class *class;
2119
2120 if (lock->lo_witness == NULL || witness_watch < 1 || panicstr != NULL)
2121 return;
2122 class = LOCK_CLASS(lock);
2123 if ((class->lc_flags & LC_SLEEPLOCK) != 0)
2124 instance = find_instance(curthread->td_sleeplocks, lock);
2125 else if ((class->lc_flags & LC_SPINLOCK) != 0)
2126 instance = find_instance(PCPU_GET(spinlocks), lock);
2127 else {
2128 panic("Lock (%s) %s is not sleep or spin!",
2129 class->lc_name, lock->lo_name);
2130 }
2131 file = fixup_filename(file);
2132 switch (flags) {
2133 case LA_UNLOCKED:
2134 if (instance != NULL)
2135 panic("Lock (%s) %s locked @ %s:%d.",
2136 class->lc_name, lock->lo_name, file, line);
2137 break;
2138 case LA_LOCKED:
2139 case LA_LOCKED | LA_RECURSED:
2140 case LA_LOCKED | LA_NOTRECURSED:
2141 case LA_SLOCKED:
2142 case LA_SLOCKED | LA_RECURSED:
2143 case LA_SLOCKED | LA_NOTRECURSED:
2144 case LA_XLOCKED:
2145 case LA_XLOCKED | LA_RECURSED:
2146 case LA_XLOCKED | LA_NOTRECURSED:
2147 if (instance == NULL) {
2148 panic("Lock (%s) %s not locked @ %s:%d.",
2149 class->lc_name, lock->lo_name, file, line);
2150 break;
2151 }
2152 if ((flags & LA_XLOCKED) != 0 &&
2153 (instance->li_flags & LI_EXCLUSIVE) == 0)
2154 panic("Lock (%s) %s not exclusively locked @ %s:%d.",
2155 class->lc_name, lock->lo_name, file, line);
2156 if ((flags & LA_SLOCKED) != 0 &&
2157 (instance->li_flags & LI_EXCLUSIVE) != 0)
2158 panic("Lock (%s) %s exclusively locked @ %s:%d.",
2159 class->lc_name, lock->lo_name, file, line);
2160 if ((flags & LA_RECURSED) != 0 &&
2161 (instance->li_flags & LI_RECURSEMASK) == 0)
2162 panic("Lock (%s) %s not recursed @ %s:%d.",
2163 class->lc_name, lock->lo_name, file, line);
2164 if ((flags & LA_NOTRECURSED) != 0 &&
2165 (instance->li_flags & LI_RECURSEMASK) != 0)
2166 panic("Lock (%s) %s recursed @ %s:%d.",
2167 class->lc_name, lock->lo_name, file, line);
2168 break;
2169 default:
2170 panic("Invalid lock assertion at %s:%d.", file, line);
2171
2172 }
2173 #endif /* INVARIANT_SUPPORT */
2174 }
2175
2176 #ifdef DDB
2177 static void
2178 witness_ddb_list(struct thread *td)
2179 {
2180
2181 KASSERT(witness_cold == 0, ("%s: witness_cold", __func__));
2182 KASSERT(kdb_active, ("%s: not in the debugger", __func__));
2183
2184 if (witness_watch < 1)
2185 return;
2186
2187 witness_list_locks(&td->td_sleeplocks);
2188
2189 /*
2190 * We only handle spinlocks if td == curthread. This is somewhat broken
2191 * if td is currently executing on some other CPU and holds spin locks
2192 * as we won't display those locks. If we had a MI way of getting
2193 * the per-cpu data for a given cpu then we could use
2194 * td->td_oncpu to get the list of spinlocks for this thread
2195 * and "fix" this.
2196 *
2197 * That still wouldn't really fix this unless we locked the scheduler
2198 * lock or stopped the other CPU to make sure it wasn't changing the
2199 * list out from under us. It is probably best to just not try to
2200 * handle threads on other CPU's for now.
2201 */
2202 if (td == curthread && PCPU_GET(spinlocks) != NULL)
2203 witness_list_locks(PCPU_PTR(spinlocks));
2204 }
2205
2206 DB_SHOW_COMMAND(locks, db_witness_list)
2207 {
2208 struct thread *td;
2209
2210 if (have_addr)
2211 td = db_lookup_thread(addr, TRUE);
2212 else
2213 td = kdb_thread;
2214 witness_ddb_list(td);
2215 }
2216
2217 DB_SHOW_COMMAND(alllocks, db_witness_list_all)
2218 {
2219 struct thread *td;
2220 struct proc *p;
2221
2222 /*
2223 * It would be nice to list only threads and processes that actually
2224 * held sleep locks, but that information is currently not exported
2225 * by WITNESS.
2226 */
2227 FOREACH_PROC_IN_SYSTEM(p) {
2228 if (!witness_proc_has_locks(p))
2229 continue;
2230 FOREACH_THREAD_IN_PROC(p, td) {
2231 if (!witness_thread_has_locks(td))
2232 continue;
2233 db_printf("Process %d (%s) thread %p (%d)\n", p->p_pid,
2234 td->td_name, td, td->td_tid);
2235 witness_ddb_list(td);
2236 }
2237 }
2238 }
2239
2240 DB_SHOW_COMMAND(witness, db_witness_display)
2241 {
2242
2243 witness_ddb_display(db_printf);
2244 }
2245 #endif
2246
2247 static int
2248 sysctl_debug_witness_badstacks(SYSCTL_HANDLER_ARGS)
2249 {
2250 struct witness_lock_order_data *data1, *data2, *tmp_data1, *tmp_data2;
2251 struct witness *tmp_w1, *tmp_w2, *w1, *w2;
2252 struct sbuf *sb;
2253 u_int w_rmatrix1, w_rmatrix2;
2254 int error, generation, i, j;
2255
2256 tmp_data1 = NULL;
2257 tmp_data2 = NULL;
2258 tmp_w1 = NULL;
2259 tmp_w2 = NULL;
2260 if (witness_watch < 1) {
2261 error = SYSCTL_OUT(req, w_notrunning, sizeof(w_notrunning));
2262 return (error);
2263 }
2264 if (witness_cold) {
2265 error = SYSCTL_OUT(req, w_stillcold, sizeof(w_stillcold));
2266 return (error);
2267 }
2268 error = 0;
2269 sb = sbuf_new(NULL, NULL, BADSTACK_SBUF_SIZE, SBUF_AUTOEXTEND);
2270 if (sb == NULL)
2271 return (ENOMEM);
2272
2273 /* Allocate and init temporary storage space. */
2274 tmp_w1 = malloc(sizeof(struct witness), M_TEMP, M_WAITOK | M_ZERO);
2275 tmp_w2 = malloc(sizeof(struct witness), M_TEMP, M_WAITOK | M_ZERO);
2276 tmp_data1 = malloc(sizeof(struct witness_lock_order_data), M_TEMP,
2277 M_WAITOK | M_ZERO);
2278 tmp_data2 = malloc(sizeof(struct witness_lock_order_data), M_TEMP,
2279 M_WAITOK | M_ZERO);
2280 stack_zero(&tmp_data1->wlod_stack);
2281 stack_zero(&tmp_data2->wlod_stack);
2282
2283 restart:
2284 mtx_lock_spin(&w_mtx);
2285 generation = w_generation;
2286 mtx_unlock_spin(&w_mtx);
2287 sbuf_printf(sb, "Number of known direct relationships is %d\n",
2288 w_lohash.wloh_count);
2289 for (i = 1; i < w_max_used_index; i++) {
2290 mtx_lock_spin(&w_mtx);
2291 if (generation != w_generation) {
2292 mtx_unlock_spin(&w_mtx);
2293
2294 /* The graph has changed, try again. */
2295 req->oldidx = 0;
2296 sbuf_clear(sb);
2297 goto restart;
2298 }
2299
2300 w1 = &w_data[i];
2301 if (w1->w_reversed == 0) {
2302 mtx_unlock_spin(&w_mtx);
2303 continue;
2304 }
2305
2306 /* Copy w1 locally so we can release the spin lock. */
2307 *tmp_w1 = *w1;
2308 mtx_unlock_spin(&w_mtx);
2309
2310 if (tmp_w1->w_reversed == 0)
2311 continue;
2312 for (j = 1; j < w_max_used_index; j++) {
2313 if ((w_rmatrix[i][j] & WITNESS_REVERSAL) == 0 || i > j)
2314 continue;
2315
2316 mtx_lock_spin(&w_mtx);
2317 if (generation != w_generation) {
2318 mtx_unlock_spin(&w_mtx);
2319
2320 /* The graph has changed, try again. */
2321 req->oldidx = 0;
2322 sbuf_clear(sb);
2323 goto restart;
2324 }
2325
2326 w2 = &w_data[j];
2327 data1 = witness_lock_order_get(w1, w2);
2328 data2 = witness_lock_order_get(w2, w1);
2329
2330 /*
2331 * Copy information locally so we can release the
2332 * spin lock.
2333 */
2334 *tmp_w2 = *w2;
2335 w_rmatrix1 = (unsigned int)w_rmatrix[i][j];
2336 w_rmatrix2 = (unsigned int)w_rmatrix[j][i];
2337
2338 if (data1) {
2339 stack_zero(&tmp_data1->wlod_stack);
2340 stack_copy(&data1->wlod_stack,
2341 &tmp_data1->wlod_stack);
2342 }
2343 if (data2 && data2 != data1) {
2344 stack_zero(&tmp_data2->wlod_stack);
2345 stack_copy(&data2->wlod_stack,
2346 &tmp_data2->wlod_stack);
2347 }
2348 mtx_unlock_spin(&w_mtx);
2349
2350 sbuf_printf(sb,
2351 "\nLock order reversal between \"%s\"(%s) and \"%s\"(%s)!\n",
2352 tmp_w1->w_name, tmp_w1->w_class->lc_name,
2353 tmp_w2->w_name, tmp_w2->w_class->lc_name);
2354 #if 0
2355 sbuf_printf(sb,
2356 "w_rmatrix[%s][%s] == %x, w_rmatrix[%s][%s] == %x\n",
2357 tmp_w1->name, tmp_w2->w_name, w_rmatrix1,
2358 tmp_w2->name, tmp_w1->w_name, w_rmatrix2);
2359 #endif
2360 if (data1) {
2361 sbuf_printf(sb,
2362 "Lock order \"%s\"(%s) -> \"%s\"(%s) first seen at:\n",
2363 tmp_w1->w_name, tmp_w1->w_class->lc_name,
2364 tmp_w2->w_name, tmp_w2->w_class->lc_name);
2365 stack_sbuf_print(sb, &tmp_data1->wlod_stack);
2366 sbuf_printf(sb, "\n");
2367 }
2368 if (data2 && data2 != data1) {
2369 sbuf_printf(sb,
2370 "Lock order \"%s\"(%s) -> \"%s\"(%s) first seen at:\n",
2371 tmp_w2->w_name, tmp_w2->w_class->lc_name,
2372 tmp_w1->w_name, tmp_w1->w_class->lc_name);
2373 stack_sbuf_print(sb, &tmp_data2->wlod_stack);
2374 sbuf_printf(sb, "\n");
2375 }
2376 }
2377 }
2378 mtx_lock_spin(&w_mtx);
2379 if (generation != w_generation) {
2380 mtx_unlock_spin(&w_mtx);
2381
2382 /*
2383 * The graph changed while we were printing stack data,
2384 * try again.
2385 */
2386 req->oldidx = 0;
2387 sbuf_clear(sb);
2388 goto restart;
2389 }
2390 mtx_unlock_spin(&w_mtx);
2391
2392 /* Free temporary storage space. */
2393 free(tmp_data1, M_TEMP);
2394 free(tmp_data2, M_TEMP);
2395 free(tmp_w1, M_TEMP);
2396 free(tmp_w2, M_TEMP);
2397
2398 sbuf_finish(sb);
2399 error = SYSCTL_OUT(req, sbuf_data(sb), sbuf_len(sb) + 1);
2400 sbuf_delete(sb);
2401
2402 return (error);
2403 }
2404
2405 static int
2406 sysctl_debug_witness_fullgraph(SYSCTL_HANDLER_ARGS)
2407 {
2408 struct witness *w;
2409 struct sbuf *sb;
2410 int error;
2411
2412 if (witness_watch < 1) {
2413 error = SYSCTL_OUT(req, w_notrunning, sizeof(w_notrunning));
2414 return (error);
2415 }
2416 if (witness_cold) {
2417 error = SYSCTL_OUT(req, w_stillcold, sizeof(w_stillcold));
2418 return (error);
2419 }
2420 error = 0;
2421 sb = sbuf_new(NULL, NULL, FULLGRAPH_SBUF_SIZE, SBUF_FIXEDLEN);
2422 if (sb == NULL)
2423 return (ENOMEM);
2424 sbuf_printf(sb, "\n");
2425
2426 mtx_lock_spin(&w_mtx);
2427 STAILQ_FOREACH(w, &w_all, w_list)
2428 w->w_displayed = 0;
2429 STAILQ_FOREACH(w, &w_all, w_list)
2430 witness_add_fullgraph(sb, w);
2431 mtx_unlock_spin(&w_mtx);
2432
2433 /*
2434 * While using SBUF_FIXEDLEN, check if the sbuf overflowed.
2435 */
2436 if (sbuf_overflowed(sb)) {
2437 sbuf_delete(sb);
2438 panic("%s: sbuf overflowed, bump FULLGRAPH_SBUF_SIZE value\n",
2439 __func__);
2440 }
2441
2442 /*
2443 * Close the sbuf and return to userland.
2444 */
2445 sbuf_finish(sb);
2446 error = SYSCTL_OUT(req, sbuf_data(sb), sbuf_len(sb) + 1);
2447 sbuf_delete(sb);
2448
2449 return (error);
2450 }
2451
2452 static int
2453 sysctl_debug_witness_watch(SYSCTL_HANDLER_ARGS)
2454 {
2455 int error, value;
2456
2457 value = witness_watch;
2458 error = sysctl_handle_int(oidp, &value, 0, req);
2459 if (error != 0 || req->newptr == NULL)
2460 return (error);
2461 if (value > 1 || value < -1 ||
2462 (witness_watch == -1 && value != witness_watch))
2463 return (EINVAL);
2464 witness_watch = value;
2465 return (0);
2466 }
2467
2468 static void
2469 witness_add_fullgraph(struct sbuf *sb, struct witness *w)
2470 {
2471 int i;
2472
2473 if (w->w_displayed != 0 || (w->w_file == NULL && w->w_line == 0))
2474 return;
2475 w->w_displayed = 1;
2476
2477 WITNESS_INDEX_ASSERT(w->w_index);
2478 for (i = 1; i <= w_max_used_index; i++) {
2479 if (w_rmatrix[w->w_index][i] & WITNESS_PARENT) {
2480 sbuf_printf(sb, "\"%s\",\"%s\"\n", w->w_name,
2481 w_data[i].w_name);
2482 witness_add_fullgraph(sb, &w_data[i]);
2483 }
2484 }
2485 }
2486
2487 /*
2488 * A simple hash function. Takes a key pointer and a key size. If size == 0,
2489 * interprets the key as a string and reads until the null
2490 * terminator. Otherwise, reads the first size bytes. Returns an unsigned 32-bit
2491 * hash value computed from the key.
2492 */
2493 static uint32_t
2494 witness_hash_djb2(const uint8_t *key, uint32_t size)
2495 {
2496 unsigned int hash = 5381;
2497 int i;
2498
2499 /* hash = hash * 33 + key[i] */
2500 if (size)
2501 for (i = 0; i < size; i++)
2502 hash = ((hash << 5) + hash) + (unsigned int)key[i];
2503 else
2504 for (i = 0; key[i] != 0; i++)
2505 hash = ((hash << 5) + hash) + (unsigned int)key[i];
2506
2507 return (hash);
2508 }
2509
2510
2511 /*
2512 * Initializes the two witness hash tables. Called exactly once from
2513 * witness_initialize().
2514 */
2515 static void
2516 witness_init_hash_tables(void)
2517 {
2518 int i;
2519
2520 MPASS(witness_cold);
2521
2522 /* Initialize the hash tables. */
2523 for (i = 0; i < WITNESS_HASH_SIZE; i++)
2524 w_hash.wh_array[i] = NULL;
2525
2526 w_hash.wh_size = WITNESS_HASH_SIZE;
2527 w_hash.wh_count = 0;
2528
2529 /* Initialize the lock order data hash. */
2530 w_lofree = NULL;
2531 for (i = 0; i < WITNESS_LO_DATA_COUNT; i++) {
2532 memset(&w_lodata[i], 0, sizeof(w_lodata[i]));
2533 w_lodata[i].wlod_next = w_lofree;
2534 w_lofree = &w_lodata[i];
2535 }
2536 w_lohash.wloh_size = WITNESS_LO_HASH_SIZE;
2537 w_lohash.wloh_count = 0;
2538 for (i = 0; i < WITNESS_LO_HASH_SIZE; i++)
2539 w_lohash.wloh_array[i] = NULL;
2540 }
2541
2542 static struct witness *
2543 witness_hash_get(const char *key)
2544 {
2545 struct witness *w;
2546 uint32_t hash;
2547
2548 MPASS(key != NULL);
2549 if (witness_cold == 0)
2550 mtx_assert(&w_mtx, MA_OWNED);
2551 hash = witness_hash_djb2(key, 0) % w_hash.wh_size;
2552 w = w_hash.wh_array[hash];
2553 while (w != NULL) {
2554 if (strcmp(w->w_name, key) == 0)
2555 goto out;
2556 w = w->w_hash_next;
2557 }
2558
2559 out:
2560 return (w);
2561 }
2562
2563 static void
2564 witness_hash_put(struct witness *w)
2565 {
2566 uint32_t hash;
2567
2568 MPASS(w != NULL);
2569 MPASS(w->w_name != NULL);
2570 if (witness_cold == 0)
2571 mtx_assert(&w_mtx, MA_OWNED);
2572 KASSERT(witness_hash_get(w->w_name) == NULL,
2573 ("%s: trying to add a hash entry that already exists!", __func__));
2574 KASSERT(w->w_hash_next == NULL,
2575 ("%s: w->w_hash_next != NULL", __func__));
2576
2577 hash = witness_hash_djb2(w->w_name, 0) % w_hash.wh_size;
2578 w->w_hash_next = w_hash.wh_array[hash];
2579 w_hash.wh_array[hash] = w;
2580 w_hash.wh_count++;
2581 }
2582
2583
2584 static struct witness_lock_order_data *
2585 witness_lock_order_get(struct witness *parent, struct witness *child)
2586 {
2587 struct witness_lock_order_data *data = NULL;
2588 struct witness_lock_order_key key;
2589 unsigned int hash;
2590
2591 MPASS(parent != NULL && child != NULL);
2592 key.from = parent->w_index;
2593 key.to = child->w_index;
2594 WITNESS_INDEX_ASSERT(key.from);
2595 WITNESS_INDEX_ASSERT(key.to);
2596 if ((w_rmatrix[parent->w_index][child->w_index]
2597 & WITNESS_LOCK_ORDER_KNOWN) == 0)
2598 goto out;
2599
2600 hash = witness_hash_djb2((const char*)&key,
2601 sizeof(key)) % w_lohash.wloh_size;
2602 data = w_lohash.wloh_array[hash];
2603 while (data != NULL) {
2604 if (witness_lock_order_key_equal(&data->wlod_key, &key))
2605 break;
2606 data = data->wlod_next;
2607 }
2608
2609 out:
2610 return (data);
2611 }
2612
2613 /*
2614 * Verify that parent and child have a known relationship, are not the same,
2615 * and child is actually a child of parent. This is done without w_mtx
2616 * to avoid contention in the common case.
2617 */
2618 static int
2619 witness_lock_order_check(struct witness *parent, struct witness *child)
2620 {
2621
2622 if (parent != child &&
2623 w_rmatrix[parent->w_index][child->w_index]
2624 & WITNESS_LOCK_ORDER_KNOWN &&
2625 isitmychild(parent, child))
2626 return (1);
2627
2628 return (0);
2629 }
2630
2631 static int
2632 witness_lock_order_add(struct witness *parent, struct witness *child)
2633 {
2634 struct witness_lock_order_data *data = NULL;
2635 struct witness_lock_order_key key;
2636 unsigned int hash;
2637
2638 MPASS(parent != NULL && child != NULL);
2639 key.from = parent->w_index;
2640 key.to = child->w_index;
2641 WITNESS_INDEX_ASSERT(key.from);
2642 WITNESS_INDEX_ASSERT(key.to);
2643 if (w_rmatrix[parent->w_index][child->w_index]
2644 & WITNESS_LOCK_ORDER_KNOWN)
2645 return (1);
2646
2647 hash = witness_hash_djb2((const char*)&key,
2648 sizeof(key)) % w_lohash.wloh_size;
2649 w_rmatrix[parent->w_index][child->w_index] |= WITNESS_LOCK_ORDER_KNOWN;
2650 data = w_lofree;
2651 if (data == NULL)
2652 return (0);
2653 w_lofree = data->wlod_next;
2654 data->wlod_next = w_lohash.wloh_array[hash];
2655 data->wlod_key = key;
2656 w_lohash.wloh_array[hash] = data;
2657 w_lohash.wloh_count++;
2658 stack_zero(&data->wlod_stack);
2659 stack_save(&data->wlod_stack);
2660 return (1);
2661 }
2662
2663 /* Call this whenver the structure of the witness graph changes. */
2664 static void
2665 witness_increment_graph_generation(void)
2666 {
2667
2668 if (witness_cold == 0)
2669 mtx_assert(&w_mtx, MA_OWNED);
2670 w_generation++;
2671 }
2672
2673 #ifdef KDB
2674 static void
2675 _witness_debugger(int cond, const char *msg)
2676 {
2677
2678 if (witness_trace && cond)
2679 kdb_backtrace();
2680 if (witness_kdb && cond)
2681 kdb_enter(KDB_WHY_WITNESS, msg);
2682 }
2683 #endif
FreeBSD kvm: FreeBSD sources