1/*
2 * Copyright (c) 2000-2013 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28/*
29 * @OSF_COPYRIGHT@
30 */
31/*
32 * Mach Operating System
33 * Copyright (c) 1991,1990,1989 Carnegie Mellon University
34 * All Rights Reserved.
35 *
36 * Permission to use, copy, modify and distribute this software and its
37 * documentation is hereby granted, provided that both the copyright
38 * notice and this permission notice appear in all copies of the
39 * software, derivative works or modified versions, and any portions
40 * thereof, and that both notices appear in supporting documentation.
41 *
42 * CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS "AS IS"
43 * CONDITION.  CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND FOR
44 * ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE.
45 *
46 * Carnegie Mellon requests users of this software to return to
47 *
48 *  Software Distribution Coordinator  or  Software.Distribution@CS.CMU.EDU
49 *  School of Computer Science
50 *  Carnegie Mellon University
51 *  Pittsburgh PA 15213-3890
52 *
53 * any improvements or extensions that they make and grant Carnegie Mellon
54 * the rights to redistribute these changes.
55 */
56
57#include <mach_assert.h>
58#include <mach_kdp.h>
59
60#include <kern/cpu_number.h>
61#include <kern/kalloc.h>
62#include <kern/lock.h>
63#include <kern/spl.h>
64#include <kern/thread.h>
65#include <kern/assert.h>
66#include <kern/sched_prim.h>
67#include <kern/misc_protos.h>
68#include <kern/clock.h>
69#include <kern/telemetry.h>
70#include <vm/vm_kern.h>
71#include <vm/pmap.h>
72#include <stdarg.h>
73#if !MACH_KDP
74#include <kdp/kdp_udp.h>
75#endif
76
77#if defined(__i386__) || defined(__x86_64__)
78#include <i386/cpu_threads.h>
79#include <i386/pmCPU.h>
80#endif
81
82#include <IOKit/IOPlatformExpert.h>
83#include <machine/pal_routines.h>
84
85#include <sys/kdebug.h>
86#include <libkern/OSKextLibPrivate.h>
87#include <libkern/OSAtomic.h>
88#include <libkern/kernel_mach_header.h>
89#include <uuid/uuid.h>
90
91unsigned int	halt_in_debugger = 0;
92unsigned int	switch_debugger = 0;
93unsigned int	current_debugger = 0;
94unsigned int	active_debugger = 0;
95unsigned int	debug_mode=0;
96unsigned int 	disable_debug_output = TRUE;
97unsigned int 	systemLogDiags = FALSE;
98unsigned int 	panicDebugging = FALSE;
99unsigned int	logPanicDataToScreen = FALSE;
100
101int mach_assert = 1;
102
103const char		*panicstr = (char *) 0;
104decl_simple_lock_data(,panic_lock)
105int			paniccpu;
106volatile int		panicwait;
107volatile unsigned int	nestedpanic= 0;
108unsigned int		panic_is_inited = 0;
109unsigned int		return_on_panic = 0;
110unsigned long		panic_caller;
111
112#define DEBUG_BUF_SIZE (3 * PAGE_SIZE)
113
114char debug_buf[DEBUG_BUF_SIZE];
115char *debug_buf_ptr = debug_buf;
116unsigned int debug_buf_size = sizeof(debug_buf);
117
118static char model_name[64];
119unsigned char *kernel_uuid;
120/* uuid_string_t */ char kernel_uuid_string[37];
121
122static spl_t panic_prologue(const char *str);
123static void panic_epilogue(spl_t s);
124
125struct pasc {
126  unsigned a: 7;
127  unsigned b: 7;
128  unsigned c: 7;
129  unsigned d: 7;
130  unsigned e: 7;
131  unsigned f: 7;
132  unsigned g: 7;
133  unsigned h: 7;
134}  __attribute__((packed));
135
136typedef struct pasc pasc_t;
137
138/* Prevent CPP from breaking the definition below */
139#if CONFIG_NO_PANIC_STRINGS
140#undef Assert
141#endif
142
143void
144Assert(
145	const char	*file,
146	int		line,
147	const char	*expression
148      )
149{
150	int saved_return_on_panic;
151
152	if (!mach_assert) {
153		return;
154	}
155
156	saved_return_on_panic = return_on_panic;
157
158	/*
159	 * If we don't have a debugger configured, returning from an
160	 * assert is a bad, bad idea; there is no guarantee that we
161	 * didn't simply assert before we were able to restart the
162	 * platform.
163	 */
164	if (current_debugger != NO_CUR_DB)
165		return_on_panic = 1;
166
167	panic_plain("%s:%d Assertion failed: %s", file, line, expression);
168
169	return_on_panic = saved_return_on_panic;
170}
171
172/*
173 *	Carefully use the panic_lock.  There's always a chance that
174 *	somehow we'll call panic before getting to initialize the
175 *	panic_lock -- in this case, we'll assume that the world is
176 *	in uniprocessor mode and just avoid using the panic lock.
177 */
178#define	PANIC_LOCK()							\
179MACRO_BEGIN								\
180	if (panic_is_inited)						\
181		simple_lock(&panic_lock);				\
182MACRO_END
183
184#define	PANIC_UNLOCK()							\
185MACRO_BEGIN								\
186	if (panic_is_inited)						\
187		simple_unlock(&panic_lock);				\
188MACRO_END
189
190void
191panic_init(void)
192{
193	unsigned long uuidlen = 0;
194	void *uuid;
195
196	uuid = getuuidfromheader(&_mh_execute_header, &uuidlen);
197	if ((uuid != NULL) && (uuidlen == sizeof(uuid_t))) {
198		kernel_uuid = uuid;
199		uuid_unparse_upper(*(uuid_t *)uuid, kernel_uuid_string);
200	}
201
202	simple_lock_init(&panic_lock, 0);
203	panic_is_inited = 1;
204	panic_caller = 0;
205}
206
207void
208debug_log_init(void)
209{
210	if (debug_buf_size != 0)
211		return;
212	debug_buf_ptr = debug_buf;
213	debug_buf_size = sizeof(debug_buf);
214}
215
216#if defined(__i386__) || defined(__x86_64__)
217#define panic_stop()	pmCPUHalt(PM_HALT_PANIC)
218#define panic_safe()	pmSafeMode(x86_lcpu(), PM_SAFE_FL_SAFE)
219#define panic_normal()	pmSafeMode(x86_lcpu(), PM_SAFE_FL_NORMAL)
220#else
221#define panic_stop()	{ while (1) ; }
222#define panic_safe()
223#define panic_normal()
224#endif
225
226/*
227 * Prevent CPP from breaking the definition below,
228 * since all clients get a #define to prepend line numbers
229 */
230#undef panic
231
232void _consume_panic_args(int a __unused, ...)
233{
234    panic("panic");
235}
236
237static spl_t
238panic_prologue(const char *str)
239{
240	spl_t	s;
241
242	if (kdebug_enable) {
243		if (get_preemption_level() == 0 && !ml_at_interrupt_context()) {
244			ml_set_interrupts_enabled(TRUE);
245			kdbg_dump_trace_to_file("/var/tmp/panic.trace");
246		}
247	}
248
249	s = splhigh();
250	disable_preemption();
251
252#if	defined(__i386__) || defined(__x86_64__)
253	/* Attempt to display the unparsed panic string */
254	const char *tstr = str;
255
256	kprintf("Panic initiated, string: ");
257	while (tstr && *tstr)
258		kprintf("%c", *tstr++);
259	kprintf("\n");
260#endif
261
262	panic_safe();
263
264	if( logPanicDataToScreen )
265		disable_debug_output = FALSE;
266
267	debug_mode = TRUE;
268
269restart:
270	PANIC_LOCK();
271
272	if (panicstr) {
273		if (cpu_number() != paniccpu) {
274			PANIC_UNLOCK();
275			/*
276			 * Wait until message has been printed to identify correct
277			 * cpu that made the first panic.
278			 */
279			while (panicwait)
280				continue;
281			goto restart;
282	    } else {
283			nestedpanic +=1;
284			PANIC_UNLOCK();
285			Debugger("double panic");
286			printf("double panic:  We are hanging here...\n");
287			panic_stop();
288			/* NOTREACHED */
289		}
290	}
291	panicstr = str;
292	paniccpu = cpu_number();
293	panicwait = 1;
294
295	PANIC_UNLOCK();
296	return(s);
297}
298
299
300static void
301panic_epilogue(spl_t	s)
302{
303	/*
304	 * Release panicstr so that we can handle normally other panics.
305	 */
306	PANIC_LOCK();
307	panicstr = (char *)0;
308	PANIC_UNLOCK();
309
310	if (return_on_panic) {
311		panic_normal();
312		enable_preemption();
313		splx(s);
314		return;
315	}
316	kdb_printf("panic: We are hanging here...\n");
317	panic_stop();
318	/* NOTREACHED */
319}
320
321void
322panic(const char *str, ...)
323{
324	va_list	listp;
325	spl_t	s;
326
327
328	/* panic_caller is initialized to 0.  If set, don't change it */
329	if ( ! panic_caller )
330		panic_caller = (unsigned long)(char *)__builtin_return_address(0);
331
332	s = panic_prologue(str);
333	kdb_printf("panic(cpu %d caller 0x%lx): ", (unsigned) paniccpu, panic_caller);
334	if (str) {
335		va_start(listp, str);
336		_doprnt(str, &listp, consdebug_putc, 0);
337		va_end(listp);
338	}
339	kdb_printf("\n");
340
341	/*
342	 * Release panicwait indicator so that other cpus may call Debugger().
343	 */
344	panicwait = 0;
345	Debugger("panic");
346	panic_epilogue(s);
347}
348
349void
350panic_context(unsigned int reason, void *ctx, const char *str, ...)
351{
352	va_list	listp;
353	spl_t	s;
354
355
356	/* panic_caller is initialized to 0.  If set, don't change it */
357	if ( ! panic_caller )
358		panic_caller = (unsigned long)(char *)__builtin_return_address(0);
359
360	s = panic_prologue(str);
361	kdb_printf("panic(cpu %d caller 0x%lx): ", (unsigned) paniccpu, panic_caller);
362	if (str) {
363		va_start(listp, str);
364		_doprnt(str, &listp, consdebug_putc, 0);
365		va_end(listp);
366	}
367	kdb_printf("\n");
368
369	/*
370	 * Release panicwait indicator so that other cpus may call Debugger().
371	 */
372	panicwait = 0;
373	DebuggerWithContext(reason, ctx, "panic");
374	panic_epilogue(s);
375}
376
377void
378log(__unused int level, char *fmt, ...)
379{
380	va_list	listp;
381
382#ifdef lint
383	level++;
384#endif /* lint */
385#ifdef	MACH_BSD
386	disable_preemption();
387	va_start(listp, fmt);
388	_doprnt(fmt, &listp, conslog_putc, 0);
389	va_end(listp);
390	enable_preemption();
391#endif
392}
393
394void
395debug_putc(char c)
396{
397	if ((debug_buf_size != 0) &&
398		((debug_buf_ptr-debug_buf) < (int)debug_buf_size)) {
399		*debug_buf_ptr=c;
400		debug_buf_ptr++;
401	}
402}
403
404/* In-place packing routines -- inefficient, but they're called at most once.
405 * Assumes "buflen" is a multiple of 8.
406 */
407
408int packA(char *inbuf, uint32_t length, uint32_t buflen)
409{
410  unsigned int i, j = 0;
411  pasc_t pack;
412
413  length = MIN(((length + 7) & ~7), buflen);
414
415  for (i = 0; i < length; i+=8)
416    {
417      pack.a = inbuf[i];
418      pack.b = inbuf[i+1];
419      pack.c = inbuf[i+2];
420      pack.d = inbuf[i+3];
421      pack.e = inbuf[i+4];
422      pack.f = inbuf[i+5];
423      pack.g = inbuf[i+6];
424      pack.h = inbuf[i+7];
425      bcopy ((char *) &pack, inbuf + j, 7);
426      j += 7;
427    }
428  return j;
429}
430
431void unpackA(char *inbuf, uint32_t length)
432{
433	pasc_t packs;
434	unsigned i = 0;
435	length = (length * 8)/7;
436
437	while (i < length) {
438	  packs = *(pasc_t *)&inbuf[i];
439	  bcopy(&inbuf[i+7], &inbuf[i+8], MAX(0, (int) (length - i - 8)));
440	  inbuf[i++] = packs.a;
441	  inbuf[i++] = packs.b;
442	  inbuf[i++] = packs.c;
443	  inbuf[i++] = packs.d;
444	  inbuf[i++] = packs.e;
445	  inbuf[i++] = packs.f;
446	  inbuf[i++] = packs.g;
447	  inbuf[i++] = packs.h;
448	}
449}
450
451extern void *proc_name_address(void *p);
452
453static void
454panic_display_process_name(void) {
455	char proc_name[32] = "Unknown";
456	task_t ctask = 0;
457	void *cbsd_info = 0;
458
459	if (ml_nofault_copy((vm_offset_t)&current_thread()->task, (vm_offset_t) &ctask, sizeof(task_t)) == sizeof(task_t))
460		if(ml_nofault_copy((vm_offset_t)&ctask->bsd_info, (vm_offset_t)&cbsd_info, sizeof(&ctask->bsd_info)) == sizeof(&ctask->bsd_info))
461			if (cbsd_info && (ml_nofault_copy((vm_offset_t) proc_name_address(cbsd_info), (vm_offset_t) &proc_name, sizeof(proc_name)) > 0))
462				proc_name[sizeof(proc_name) - 1] = '\0';
463	kdb_printf("\nBSD process name corresponding to current thread: %s\n", proc_name);
464}
465
466unsigned	panic_active(void) {
467	return ((panicstr != (char *) 0));
468}
469
470void populate_model_name(char *model_string) {
471	strlcpy(model_name, model_string, sizeof(model_name));
472}
473
474static void panic_display_model_name(void) {
475	char tmp_model_name[sizeof(model_name)];
476
477	if (ml_nofault_copy((vm_offset_t) &model_name, (vm_offset_t) &tmp_model_name, sizeof(model_name)) != sizeof(model_name))
478		return;
479
480	tmp_model_name[sizeof(tmp_model_name) - 1] = '\0';
481
482	if (tmp_model_name[0] != 0)
483		kdb_printf("System model name: %s\n", tmp_model_name);
484}
485
486static void panic_display_kernel_uuid(void) {
487	char tmp_kernel_uuid[sizeof(kernel_uuid_string)];
488
489	if (ml_nofault_copy((vm_offset_t) &kernel_uuid_string, (vm_offset_t) &tmp_kernel_uuid, sizeof(kernel_uuid_string)) != sizeof(kernel_uuid_string))
490		return;
491
492	if (tmp_kernel_uuid[0] != '\0')
493		kdb_printf("Kernel UUID: %s\n", tmp_kernel_uuid);
494}
495
496void panic_display_kernel_aslr(void) {
497	if (vm_kernel_slide) {
498		kdb_printf("Kernel slide:     0x%016lx\n", (unsigned long) vm_kernel_slide);
499		kdb_printf("Kernel text base: %p\n", (void *) vm_kernel_stext);
500	}
501}
502
503static void panic_display_uptime(void) {
504	uint64_t	uptime;
505	absolutetime_to_nanoseconds(mach_absolute_time(), &uptime);
506
507	kdb_printf("\nSystem uptime in nanoseconds: %llu\n", uptime);
508}
509
510extern const char version[];
511extern char osversion[];
512
513static volatile uint32_t config_displayed = 0;
514
515__private_extern__ void panic_display_system_configuration(void) {
516
517	panic_display_process_name();
518	if (OSCompareAndSwap(0, 1, &config_displayed)) {
519		char buf[256];
520		if (strlcpy(buf, PE_boot_args(), sizeof(buf)))
521			kdb_printf("Boot args: %s\n", buf);
522		kdb_printf("\nMac OS version:\n%s\n",
523		    (osversion[0] != 0) ? osversion : "Not yet set");
524		kdb_printf("\nKernel version:\n%s\n",version);
525		panic_display_kernel_uuid();
526		panic_display_kernel_aslr();
527		panic_display_pal_info();
528		panic_display_model_name();
529		panic_display_uptime();
530		panic_display_zprint();
531#if CONFIG_ZLEAKS
532		panic_display_ztrace();
533#endif /* CONFIG_ZLEAKS */
534		kext_dump_panic_lists(&kdb_log);
535	}
536}
537
538extern zone_t		first_zone;
539extern unsigned int	num_zones, stack_total;
540extern unsigned long long stack_allocs;
541
542#if defined(__i386__) || defined (__x86_64__)
543extern unsigned int	inuse_ptepages_count;
544extern long long alloc_ptepages_count;
545#endif
546
547extern boolean_t	panic_include_zprint;
548
549__private_extern__ void panic_display_zprint()
550{
551	if(panic_include_zprint == TRUE) {
552
553		unsigned int	i;
554		struct zone	zone_copy;
555
556		if(first_zone!=NULL) {
557			if(ml_nofault_copy((vm_offset_t)first_zone, (vm_offset_t)&zone_copy, sizeof(struct zone)) == sizeof(struct zone)) {
558				for (i = 0; i < num_zones; i++) {
559					if(zone_copy.cur_size > (1024*1024)) {
560						kdb_printf("%.20s:%lu\n",zone_copy.zone_name,(uintptr_t)zone_copy.cur_size);
561					}
562
563					if(zone_copy.next_zone == NULL) {
564						break;
565					}
566
567					if(ml_nofault_copy((vm_offset_t)zone_copy.next_zone, (vm_offset_t)&zone_copy, sizeof(struct zone)) != sizeof(struct zone)) {
568						break;
569					}
570				}
571			}
572		}
573
574		kdb_printf("Kernel Stacks:%lu\n",(uintptr_t)(kernel_stack_size * stack_total));
575
576#if defined(__i386__) || defined (__x86_64__)
577		kdb_printf("PageTables:%lu\n",(uintptr_t)(PAGE_SIZE * inuse_ptepages_count));
578#endif
579
580		kdb_printf("Kalloc.Large:%lu\n",(uintptr_t)kalloc_large_total);
581	}
582}
583
584#if CONFIG_ZLEAKS
585extern boolean_t	panic_include_ztrace;
586extern struct ztrace* top_ztrace;
587/*
588 * Prints the backtrace most suspected of being a leaker, if we paniced in the zone allocator.
589 * top_ztrace and panic_include_ztrace comes from osfmk/kern/zalloc.c
590 */
591__private_extern__ void panic_display_ztrace(void)
592{
593	if(panic_include_ztrace == TRUE) {
594		unsigned int i = 0;
595		struct ztrace top_ztrace_copy;
596
597		/* Make sure not to trip another panic if there's something wrong with memory */
598		if(ml_nofault_copy((vm_offset_t)top_ztrace, (vm_offset_t)&top_ztrace_copy, sizeof(struct ztrace)) == sizeof(struct ztrace)) {
599			kdb_printf("\nBacktrace suspected of leaking: (outstanding bytes: %lu)\n", (uintptr_t)top_ztrace_copy.zt_size);
600			/* Print the backtrace addresses */
601			for (i = 0; (i < top_ztrace_copy.zt_depth && i < MAX_ZTRACE_DEPTH) ; i++) {
602				kdb_printf("%p\n", top_ztrace_copy.zt_stack[i]);
603			}
604			/* Print any kexts in that backtrace, along with their link addresses so we can properly blame them */
605			kmod_panic_dump((vm_offset_t *)&top_ztrace_copy.zt_stack[0], top_ztrace_copy.zt_depth);
606		}
607		else {
608			kdb_printf("\nCan't access top_ztrace...\n");
609		}
610		kdb_printf("\n");
611	}
612}
613#endif /* CONFIG_ZLEAKS */
614
615#if !MACH_KDP
616static struct kdp_ether_addr kdp_current_mac_address = {{0, 0, 0, 0, 0, 0}};
617
618/* XXX ugly forward declares to stop warnings */
619void *kdp_get_interface(void);
620void kdp_set_ip_and_mac_addresses(struct kdp_in_addr *, struct kdp_ether_addr *);
621void kdp_set_gateway_mac(void *);
622void kdp_set_interface(void *);
623void kdp_register_send_receive(void *, void *);
624void kdp_unregister_send_receive(void *, void *);
625void kdp_snapshot_preflight(int, void *, uint32_t, uint32_t);
626int kdp_stack_snapshot_geterror(void);
627int kdp_stack_snapshot_bytes_traced(void);
628
629void *
630kdp_get_interface( void)
631{
632        return(void *)0;
633}
634
635unsigned int
636kdp_get_ip_address(void )
637{ return 0; }
638
639struct kdp_ether_addr
640kdp_get_mac_addr(void)
641{
642        return kdp_current_mac_address;
643}
644
645void
646kdp_set_ip_and_mac_addresses(
647        __unused struct kdp_in_addr          *ipaddr,
648        __unused struct kdp_ether_addr       *macaddr)
649{}
650
651void
652kdp_set_gateway_mac(__unused void *gatewaymac)
653{}
654
655void
656kdp_set_interface(__unused void *ifp)
657{}
658
659void
660kdp_register_send_receive(__unused void *send, __unused void *receive)
661{}
662
663void
664kdp_unregister_send_receive(__unused void *send, __unused void *receive)
665{}
666
667void
668kdp_snapshot_preflight(__unused int pid, __unused void * tracebuf,
669		__unused uint32_t tracebuf_size, __unused uint32_t options)
670{}
671
672int
673kdp_stack_snapshot_geterror(void)
674{
675        return -1;
676}
677
678int
679kdp_stack_snapshot_bytes_traced(void)
680{
681        return 0;
682}
683
684#endif
685
686#if !CONFIG_TELEMETRY
687int telemetry_gather(user_addr_t buffer __unused, uint32_t *length __unused, boolean_t mark __unused)
688{
689	return KERN_NOT_SUPPORTED;
690}
691#endif
692