1/* 2 * Copyright (c) 2000-2013 Apple Inc. All rights reserved. 3 * 4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. The rights granted to you under the License 10 * may not be used to create, or enable the creation or redistribution of, 11 * unlawful or unlicensed copies of an Apple operating system, or to 12 * circumvent, violate, or enable the circumvention or violation of, any 13 * terms of an Apple operating system software license agreement. 14 * 15 * Please obtain a copy of the License at 16 * http://www.opensource.apple.com/apsl/ and read it before using this file. 17 * 18 * The Original Code and all software distributed under the License are 19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 23 * Please see the License for the specific language governing rights and 24 * limitations under the License. 25 * 26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ 27 */ 28/* 29 * @OSF_COPYRIGHT@ 30 */ 31/* 32 * Mach Operating System 33 * Copyright (c) 1991,1990,1989 Carnegie Mellon University 34 * All Rights Reserved. 35 * 36 * Permission to use, copy, modify and distribute this software and its 37 * documentation is hereby granted, provided that both the copyright 38 * notice and this permission notice appear in all copies of the 39 * software, derivative works or modified versions, and any portions 40 * thereof, and that both notices appear in supporting documentation. 41 * 42 * CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS "AS IS" 43 * CONDITION. CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND FOR 44 * ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE. 45 * 46 * Carnegie Mellon requests users of this software to return to 47 * 48 * Software Distribution Coordinator or Software.Distribution@CS.CMU.EDU 49 * School of Computer Science 50 * Carnegie Mellon University 51 * Pittsburgh PA 15213-3890 52 * 53 * any improvements or extensions that they make and grant Carnegie Mellon 54 * the rights to redistribute these changes. 55 */ 56 57#include <mach_assert.h> 58#include <mach_kdp.h> 59 60#include <kern/cpu_number.h> 61#include <kern/kalloc.h> 62#include <kern/lock.h> 63#include <kern/spl.h> 64#include <kern/thread.h> 65#include <kern/assert.h> 66#include <kern/sched_prim.h> 67#include <kern/misc_protos.h> 68#include <kern/clock.h> 69#include <kern/telemetry.h> 70#include <vm/vm_kern.h> 71#include <vm/pmap.h> 72#include <stdarg.h> 73#if !MACH_KDP 74#include <kdp/kdp_udp.h> 75#endif 76 77#if defined(__i386__) || defined(__x86_64__) 78#include <i386/cpu_threads.h> 79#include <i386/pmCPU.h> 80#endif 81 82#include <IOKit/IOPlatformExpert.h> 83#include <machine/pal_routines.h> 84 85#include <sys/kdebug.h> 86#include <libkern/OSKextLibPrivate.h> 87#include <libkern/OSAtomic.h> 88#include <libkern/kernel_mach_header.h> 89#include <uuid/uuid.h> 90 91unsigned int halt_in_debugger = 0; 92unsigned int switch_debugger = 0; 93unsigned int current_debugger = 0; 94unsigned int active_debugger = 0; 95unsigned int debug_mode=0; 96unsigned int disable_debug_output = TRUE; 97unsigned int systemLogDiags = FALSE; 98unsigned int panicDebugging = FALSE; 99unsigned int logPanicDataToScreen = FALSE; 100 101int mach_assert = 1; 102 103const char *panicstr = (char *) 0; 104decl_simple_lock_data(,panic_lock) 105int paniccpu; 106volatile int panicwait; 107volatile unsigned int nestedpanic= 0; 108unsigned int panic_is_inited = 0; 109unsigned int return_on_panic = 0; 110unsigned long panic_caller; 111 112#define DEBUG_BUF_SIZE (3 * PAGE_SIZE) 113 114char debug_buf[DEBUG_BUF_SIZE]; 115char *debug_buf_ptr = debug_buf; 116unsigned int debug_buf_size = sizeof(debug_buf); 117 118static char model_name[64]; 119unsigned char *kernel_uuid; 120/* uuid_string_t */ char kernel_uuid_string[37]; 121 122static spl_t panic_prologue(const char *str); 123static void panic_epilogue(spl_t s); 124 125struct pasc { 126 unsigned a: 7; 127 unsigned b: 7; 128 unsigned c: 7; 129 unsigned d: 7; 130 unsigned e: 7; 131 unsigned f: 7; 132 unsigned g: 7; 133 unsigned h: 7; 134} __attribute__((packed)); 135 136typedef struct pasc pasc_t; 137 138/* Prevent CPP from breaking the definition below */ 139#if CONFIG_NO_PANIC_STRINGS 140#undef Assert 141#endif 142 143void 144Assert( 145 const char *file, 146 int line, 147 const char *expression 148 ) 149{ 150 int saved_return_on_panic; 151 152 if (!mach_assert) { 153 return; 154 } 155 156 saved_return_on_panic = return_on_panic; 157 158 /* 159 * If we don't have a debugger configured, returning from an 160 * assert is a bad, bad idea; there is no guarantee that we 161 * didn't simply assert before we were able to restart the 162 * platform. 163 */ 164 if (current_debugger != NO_CUR_DB) 165 return_on_panic = 1; 166 167 panic_plain("%s:%d Assertion failed: %s", file, line, expression); 168 169 return_on_panic = saved_return_on_panic; 170} 171 172/* 173 * Carefully use the panic_lock. There's always a chance that 174 * somehow we'll call panic before getting to initialize the 175 * panic_lock -- in this case, we'll assume that the world is 176 * in uniprocessor mode and just avoid using the panic lock. 177 */ 178#define PANIC_LOCK() \ 179MACRO_BEGIN \ 180 if (panic_is_inited) \ 181 simple_lock(&panic_lock); \ 182MACRO_END 183 184#define PANIC_UNLOCK() \ 185MACRO_BEGIN \ 186 if (panic_is_inited) \ 187 simple_unlock(&panic_lock); \ 188MACRO_END 189 190void 191panic_init(void) 192{ 193 unsigned long uuidlen = 0; 194 void *uuid; 195 196 uuid = getuuidfromheader(&_mh_execute_header, &uuidlen); 197 if ((uuid != NULL) && (uuidlen == sizeof(uuid_t))) { 198 kernel_uuid = uuid; 199 uuid_unparse_upper(*(uuid_t *)uuid, kernel_uuid_string); 200 } 201 202 simple_lock_init(&panic_lock, 0); 203 panic_is_inited = 1; 204 panic_caller = 0; 205} 206 207void 208debug_log_init(void) 209{ 210 if (debug_buf_size != 0) 211 return; 212 debug_buf_ptr = debug_buf; 213 debug_buf_size = sizeof(debug_buf); 214} 215 216#if defined(__i386__) || defined(__x86_64__) 217#define panic_stop() pmCPUHalt(PM_HALT_PANIC) 218#define panic_safe() pmSafeMode(x86_lcpu(), PM_SAFE_FL_SAFE) 219#define panic_normal() pmSafeMode(x86_lcpu(), PM_SAFE_FL_NORMAL) 220#else 221#define panic_stop() { while (1) ; } 222#define panic_safe() 223#define panic_normal() 224#endif 225 226/* 227 * Prevent CPP from breaking the definition below, 228 * since all clients get a #define to prepend line numbers 229 */ 230#undef panic 231 232void _consume_panic_args(int a __unused, ...) 233{ 234 panic("panic"); 235} 236 237static spl_t 238panic_prologue(const char *str) 239{ 240 spl_t s; 241 242 if (kdebug_enable) { 243 if (get_preemption_level() == 0 && !ml_at_interrupt_context()) { 244 ml_set_interrupts_enabled(TRUE); 245 kdbg_dump_trace_to_file("/var/tmp/panic.trace"); 246 } 247 } 248 249 s = splhigh(); 250 disable_preemption(); 251 252#if defined(__i386__) || defined(__x86_64__) 253 /* Attempt to display the unparsed panic string */ 254 const char *tstr = str; 255 256 kprintf("Panic initiated, string: "); 257 while (tstr && *tstr) 258 kprintf("%c", *tstr++); 259 kprintf("\n"); 260#endif 261 262 panic_safe(); 263 264 if( logPanicDataToScreen ) 265 disable_debug_output = FALSE; 266 267 debug_mode = TRUE; 268 269restart: 270 PANIC_LOCK(); 271 272 if (panicstr) { 273 if (cpu_number() != paniccpu) { 274 PANIC_UNLOCK(); 275 /* 276 * Wait until message has been printed to identify correct 277 * cpu that made the first panic. 278 */ 279 while (panicwait) 280 continue; 281 goto restart; 282 } else { 283 nestedpanic +=1; 284 PANIC_UNLOCK(); 285 Debugger("double panic"); 286 printf("double panic: We are hanging here...\n"); 287 panic_stop(); 288 /* NOTREACHED */ 289 } 290 } 291 panicstr = str; 292 paniccpu = cpu_number(); 293 panicwait = 1; 294 295 PANIC_UNLOCK(); 296 return(s); 297} 298 299 300static void 301panic_epilogue(spl_t s) 302{ 303 /* 304 * Release panicstr so that we can handle normally other panics. 305 */ 306 PANIC_LOCK(); 307 panicstr = (char *)0; 308 PANIC_UNLOCK(); 309 310 if (return_on_panic) { 311 panic_normal(); 312 enable_preemption(); 313 splx(s); 314 return; 315 } 316 kdb_printf("panic: We are hanging here...\n"); 317 panic_stop(); 318 /* NOTREACHED */ 319} 320 321void 322panic(const char *str, ...) 323{ 324 va_list listp; 325 spl_t s; 326 327 328 /* panic_caller is initialized to 0. If set, don't change it */ 329 if ( ! panic_caller ) 330 panic_caller = (unsigned long)(char *)__builtin_return_address(0); 331 332 s = panic_prologue(str); 333 kdb_printf("panic(cpu %d caller 0x%lx): ", (unsigned) paniccpu, panic_caller); 334 if (str) { 335 va_start(listp, str); 336 _doprnt(str, &listp, consdebug_putc, 0); 337 va_end(listp); 338 } 339 kdb_printf("\n"); 340 341 /* 342 * Release panicwait indicator so that other cpus may call Debugger(). 343 */ 344 panicwait = 0; 345 Debugger("panic"); 346 panic_epilogue(s); 347} 348 349void 350panic_context(unsigned int reason, void *ctx, const char *str, ...) 351{ 352 va_list listp; 353 spl_t s; 354 355 356 /* panic_caller is initialized to 0. If set, don't change it */ 357 if ( ! panic_caller ) 358 panic_caller = (unsigned long)(char *)__builtin_return_address(0); 359 360 s = panic_prologue(str); 361 kdb_printf("panic(cpu %d caller 0x%lx): ", (unsigned) paniccpu, panic_caller); 362 if (str) { 363 va_start(listp, str); 364 _doprnt(str, &listp, consdebug_putc, 0); 365 va_end(listp); 366 } 367 kdb_printf("\n"); 368 369 /* 370 * Release panicwait indicator so that other cpus may call Debugger(). 371 */ 372 panicwait = 0; 373 DebuggerWithContext(reason, ctx, "panic"); 374 panic_epilogue(s); 375} 376 377void 378log(__unused int level, char *fmt, ...) 379{ 380 va_list listp; 381 382#ifdef lint 383 level++; 384#endif /* lint */ 385#ifdef MACH_BSD 386 disable_preemption(); 387 va_start(listp, fmt); 388 _doprnt(fmt, &listp, conslog_putc, 0); 389 va_end(listp); 390 enable_preemption(); 391#endif 392} 393 394void 395debug_putc(char c) 396{ 397 if ((debug_buf_size != 0) && 398 ((debug_buf_ptr-debug_buf) < (int)debug_buf_size)) { 399 *debug_buf_ptr=c; 400 debug_buf_ptr++; 401 } 402} 403 404/* In-place packing routines -- inefficient, but they're called at most once. 405 * Assumes "buflen" is a multiple of 8. 406 */ 407 408int packA(char *inbuf, uint32_t length, uint32_t buflen) 409{ 410 unsigned int i, j = 0; 411 pasc_t pack; 412 413 length = MIN(((length + 7) & ~7), buflen); 414 415 for (i = 0; i < length; i+=8) 416 { 417 pack.a = inbuf[i]; 418 pack.b = inbuf[i+1]; 419 pack.c = inbuf[i+2]; 420 pack.d = inbuf[i+3]; 421 pack.e = inbuf[i+4]; 422 pack.f = inbuf[i+5]; 423 pack.g = inbuf[i+6]; 424 pack.h = inbuf[i+7]; 425 bcopy ((char *) &pack, inbuf + j, 7); 426 j += 7; 427 } 428 return j; 429} 430 431void unpackA(char *inbuf, uint32_t length) 432{ 433 pasc_t packs; 434 unsigned i = 0; 435 length = (length * 8)/7; 436 437 while (i < length) { 438 packs = *(pasc_t *)&inbuf[i]; 439 bcopy(&inbuf[i+7], &inbuf[i+8], MAX(0, (int) (length - i - 8))); 440 inbuf[i++] = packs.a; 441 inbuf[i++] = packs.b; 442 inbuf[i++] = packs.c; 443 inbuf[i++] = packs.d; 444 inbuf[i++] = packs.e; 445 inbuf[i++] = packs.f; 446 inbuf[i++] = packs.g; 447 inbuf[i++] = packs.h; 448 } 449} 450 451extern void *proc_name_address(void *p); 452 453static void 454panic_display_process_name(void) { 455 char proc_name[32] = "Unknown"; 456 task_t ctask = 0; 457 void *cbsd_info = 0; 458 459 if (ml_nofault_copy((vm_offset_t)¤t_thread()->task, (vm_offset_t) &ctask, sizeof(task_t)) == sizeof(task_t)) 460 if(ml_nofault_copy((vm_offset_t)&ctask->bsd_info, (vm_offset_t)&cbsd_info, sizeof(&ctask->bsd_info)) == sizeof(&ctask->bsd_info)) 461 if (cbsd_info && (ml_nofault_copy((vm_offset_t) proc_name_address(cbsd_info), (vm_offset_t) &proc_name, sizeof(proc_name)) > 0)) 462 proc_name[sizeof(proc_name) - 1] = '\0'; 463 kdb_printf("\nBSD process name corresponding to current thread: %s\n", proc_name); 464} 465 466unsigned panic_active(void) { 467 return ((panicstr != (char *) 0)); 468} 469 470void populate_model_name(char *model_string) { 471 strlcpy(model_name, model_string, sizeof(model_name)); 472} 473 474static void panic_display_model_name(void) { 475 char tmp_model_name[sizeof(model_name)]; 476 477 if (ml_nofault_copy((vm_offset_t) &model_name, (vm_offset_t) &tmp_model_name, sizeof(model_name)) != sizeof(model_name)) 478 return; 479 480 tmp_model_name[sizeof(tmp_model_name) - 1] = '\0'; 481 482 if (tmp_model_name[0] != 0) 483 kdb_printf("System model name: %s\n", tmp_model_name); 484} 485 486static void panic_display_kernel_uuid(void) { 487 char tmp_kernel_uuid[sizeof(kernel_uuid_string)]; 488 489 if (ml_nofault_copy((vm_offset_t) &kernel_uuid_string, (vm_offset_t) &tmp_kernel_uuid, sizeof(kernel_uuid_string)) != sizeof(kernel_uuid_string)) 490 return; 491 492 if (tmp_kernel_uuid[0] != '\0') 493 kdb_printf("Kernel UUID: %s\n", tmp_kernel_uuid); 494} 495 496void panic_display_kernel_aslr(void) { 497 if (vm_kernel_slide) { 498 kdb_printf("Kernel slide: 0x%016lx\n", (unsigned long) vm_kernel_slide); 499 kdb_printf("Kernel text base: %p\n", (void *) vm_kernel_stext); 500 } 501} 502 503static void panic_display_uptime(void) { 504 uint64_t uptime; 505 absolutetime_to_nanoseconds(mach_absolute_time(), &uptime); 506 507 kdb_printf("\nSystem uptime in nanoseconds: %llu\n", uptime); 508} 509 510extern const char version[]; 511extern char osversion[]; 512 513static volatile uint32_t config_displayed = 0; 514 515__private_extern__ void panic_display_system_configuration(void) { 516 517 panic_display_process_name(); 518 if (OSCompareAndSwap(0, 1, &config_displayed)) { 519 char buf[256]; 520 if (strlcpy(buf, PE_boot_args(), sizeof(buf))) 521 kdb_printf("Boot args: %s\n", buf); 522 kdb_printf("\nMac OS version:\n%s\n", 523 (osversion[0] != 0) ? osversion : "Not yet set"); 524 kdb_printf("\nKernel version:\n%s\n",version); 525 panic_display_kernel_uuid(); 526 panic_display_kernel_aslr(); 527 panic_display_pal_info(); 528 panic_display_model_name(); 529 panic_display_uptime(); 530 panic_display_zprint(); 531#if CONFIG_ZLEAKS 532 panic_display_ztrace(); 533#endif /* CONFIG_ZLEAKS */ 534 kext_dump_panic_lists(&kdb_log); 535 } 536} 537 538extern zone_t first_zone; 539extern unsigned int num_zones, stack_total; 540extern unsigned long long stack_allocs; 541 542#if defined(__i386__) || defined (__x86_64__) 543extern unsigned int inuse_ptepages_count; 544extern long long alloc_ptepages_count; 545#endif 546 547extern boolean_t panic_include_zprint; 548 549__private_extern__ void panic_display_zprint() 550{ 551 if(panic_include_zprint == TRUE) { 552 553 unsigned int i; 554 struct zone zone_copy; 555 556 if(first_zone!=NULL) { 557 if(ml_nofault_copy((vm_offset_t)first_zone, (vm_offset_t)&zone_copy, sizeof(struct zone)) == sizeof(struct zone)) { 558 for (i = 0; i < num_zones; i++) { 559 if(zone_copy.cur_size > (1024*1024)) { 560 kdb_printf("%.20s:%lu\n",zone_copy.zone_name,(uintptr_t)zone_copy.cur_size); 561 } 562 563 if(zone_copy.next_zone == NULL) { 564 break; 565 } 566 567 if(ml_nofault_copy((vm_offset_t)zone_copy.next_zone, (vm_offset_t)&zone_copy, sizeof(struct zone)) != sizeof(struct zone)) { 568 break; 569 } 570 } 571 } 572 } 573 574 kdb_printf("Kernel Stacks:%lu\n",(uintptr_t)(kernel_stack_size * stack_total)); 575 576#if defined(__i386__) || defined (__x86_64__) 577 kdb_printf("PageTables:%lu\n",(uintptr_t)(PAGE_SIZE * inuse_ptepages_count)); 578#endif 579 580 kdb_printf("Kalloc.Large:%lu\n",(uintptr_t)kalloc_large_total); 581 } 582} 583 584#if CONFIG_ZLEAKS 585extern boolean_t panic_include_ztrace; 586extern struct ztrace* top_ztrace; 587/* 588 * Prints the backtrace most suspected of being a leaker, if we paniced in the zone allocator. 589 * top_ztrace and panic_include_ztrace comes from osfmk/kern/zalloc.c 590 */ 591__private_extern__ void panic_display_ztrace(void) 592{ 593 if(panic_include_ztrace == TRUE) { 594 unsigned int i = 0; 595 struct ztrace top_ztrace_copy; 596 597 /* Make sure not to trip another panic if there's something wrong with memory */ 598 if(ml_nofault_copy((vm_offset_t)top_ztrace, (vm_offset_t)&top_ztrace_copy, sizeof(struct ztrace)) == sizeof(struct ztrace)) { 599 kdb_printf("\nBacktrace suspected of leaking: (outstanding bytes: %lu)\n", (uintptr_t)top_ztrace_copy.zt_size); 600 /* Print the backtrace addresses */ 601 for (i = 0; (i < top_ztrace_copy.zt_depth && i < MAX_ZTRACE_DEPTH) ; i++) { 602 kdb_printf("%p\n", top_ztrace_copy.zt_stack[i]); 603 } 604 /* Print any kexts in that backtrace, along with their link addresses so we can properly blame them */ 605 kmod_panic_dump((vm_offset_t *)&top_ztrace_copy.zt_stack[0], top_ztrace_copy.zt_depth); 606 } 607 else { 608 kdb_printf("\nCan't access top_ztrace...\n"); 609 } 610 kdb_printf("\n"); 611 } 612} 613#endif /* CONFIG_ZLEAKS */ 614 615#if !MACH_KDP 616static struct kdp_ether_addr kdp_current_mac_address = {{0, 0, 0, 0, 0, 0}}; 617 618/* XXX ugly forward declares to stop warnings */ 619void *kdp_get_interface(void); 620void kdp_set_ip_and_mac_addresses(struct kdp_in_addr *, struct kdp_ether_addr *); 621void kdp_set_gateway_mac(void *); 622void kdp_set_interface(void *); 623void kdp_register_send_receive(void *, void *); 624void kdp_unregister_send_receive(void *, void *); 625void kdp_snapshot_preflight(int, void *, uint32_t, uint32_t); 626int kdp_stack_snapshot_geterror(void); 627int kdp_stack_snapshot_bytes_traced(void); 628 629void * 630kdp_get_interface( void) 631{ 632 return(void *)0; 633} 634 635unsigned int 636kdp_get_ip_address(void ) 637{ return 0; } 638 639struct kdp_ether_addr 640kdp_get_mac_addr(void) 641{ 642 return kdp_current_mac_address; 643} 644 645void 646kdp_set_ip_and_mac_addresses( 647 __unused struct kdp_in_addr *ipaddr, 648 __unused struct kdp_ether_addr *macaddr) 649{} 650 651void 652kdp_set_gateway_mac(__unused void *gatewaymac) 653{} 654 655void 656kdp_set_interface(__unused void *ifp) 657{} 658 659void 660kdp_register_send_receive(__unused void *send, __unused void *receive) 661{} 662 663void 664kdp_unregister_send_receive(__unused void *send, __unused void *receive) 665{} 666 667void 668kdp_snapshot_preflight(__unused int pid, __unused void * tracebuf, 669 __unused uint32_t tracebuf_size, __unused uint32_t options) 670{} 671 672int 673kdp_stack_snapshot_geterror(void) 674{ 675 return -1; 676} 677 678int 679kdp_stack_snapshot_bytes_traced(void) 680{ 681 return 0; 682} 683 684#endif 685 686#if !CONFIG_TELEMETRY 687int telemetry_gather(user_addr_t buffer __unused, uint32_t *length __unused, boolean_t mark __unused) 688{ 689 return KERN_NOT_SUPPORTED; 690} 691#endif 692