linux/kernel/panic.c
<<
>>
Prefs
   1/*
   2 *  linux/kernel/panic.c
   3 *
   4 *  Copyright (C) 1991, 1992  Linus Torvalds
   5 */
   6
   7/*
   8 * This function is used through-out the kernel (including mm and fs)
   9 * to indicate a major problem.
  10 */
  11#include <linux/debug_locks.h>
  12#include <linux/interrupt.h>
  13#include <linux/kmsg_dump.h>
  14#include <linux/kallsyms.h>
  15#include <linux/notifier.h>
  16#include <linux/module.h>
  17#include <linux/random.h>
  18#include <linux/reboot.h>
  19#include <linux/delay.h>
  20#include <linux/kexec.h>
  21#include <linux/sched.h>
  22#include <linux/sysrq.h>
  23#include <linux/init.h>
  24#include <linux/nmi.h>
  25
  26#define PANIC_TIMER_STEP 100
  27#define PANIC_BLINK_SPD 18
  28
  29int panic_on_oops = CONFIG_PANIC_ON_OOPS_VALUE;
  30static unsigned long tainted_mask;
  31static int pause_on_oops;
  32static int pause_on_oops_flag;
  33static DEFINE_SPINLOCK(pause_on_oops_lock);
  34
  35int panic_timeout;
  36EXPORT_SYMBOL_GPL(panic_timeout);
  37
  38ATOMIC_NOTIFIER_HEAD(panic_notifier_list);
  39
  40EXPORT_SYMBOL(panic_notifier_list);
  41
  42static long no_blink(int state)
  43{
  44        return 0;
  45}
  46
  47/* Returns how long it waited in ms */
  48long (*panic_blink)(int state);
  49EXPORT_SYMBOL(panic_blink);
  50
  51/*
  52 * Stop ourself in panic -- architecture code may override this
  53 */
  54void __weak panic_smp_self_stop(void)
  55{
  56        while (1)
  57                cpu_relax();
  58}
  59
  60/**
  61 *      panic - halt the system
  62 *      @fmt: The text string to print
  63 *
  64 *      Display a message, then perform cleanups.
  65 *
  66 *      This function never returns.
  67 */
  68void panic(const char *fmt, ...)
  69{
  70        static DEFINE_SPINLOCK(panic_lock);
  71        static char buf[1024];
  72        va_list args;
  73        long i, i_next = 0;
  74        int state = 0;
  75
  76        /*
  77         * Disable local interrupts. This will prevent panic_smp_self_stop
  78         * from deadlocking the first cpu that invokes the panic, since
  79         * there is nothing to prevent an interrupt handler (that runs
  80         * after the panic_lock is acquired) from invoking panic again.
  81         */
  82        local_irq_disable();
  83
  84        /*
  85         * It's possible to come here directly from a panic-assertion and
  86         * not have preempt disabled. Some functions called from here want
  87         * preempt to be disabled. No point enabling it later though...
  88         *
  89         * Only one CPU is allowed to execute the panic code from here. For
  90         * multiple parallel invocations of panic, all other CPUs either
  91         * stop themself or will wait until they are stopped by the 1st CPU
  92         * with smp_send_stop().
  93         */
  94        if (!spin_trylock(&panic_lock))
  95                panic_smp_self_stop();
  96
  97        console_verbose();
  98        bust_spinlocks(1);
  99        va_start(args, fmt);
 100        vsnprintf(buf, sizeof(buf), fmt, args);
 101        va_end(args);
 102        printk(KERN_EMERG "Kernel panic - not syncing: %s\n",buf);
 103#ifdef CONFIG_DEBUG_BUGVERBOSE
 104        /*
 105         * Avoid nested stack-dumping if a panic occurs during oops processing
 106         */
 107        if (!test_taint(TAINT_DIE) && oops_in_progress <= 1)
 108                dump_stack();
 109#endif
 110
 111        /*
 112         * If we have crashed and we have a crash kernel loaded let it handle
 113         * everything else.
 114         * Do we want to call this before we try to display a message?
 115         */
 116        crash_kexec(NULL);
 117
 118        /*
 119         * Note smp_send_stop is the usual smp shutdown function, which
 120         * unfortunately means it may not be hardened to work in a panic
 121         * situation.
 122         */
 123        smp_send_stop();
 124
 125        kmsg_dump(KMSG_DUMP_PANIC);
 126
 127        atomic_notifier_call_chain(&panic_notifier_list, 0, buf);
 128
 129        bust_spinlocks(0);
 130
 131        if (!panic_blink)
 132                panic_blink = no_blink;
 133
 134        if (panic_timeout > 0) {
 135                /*
 136                 * Delay timeout seconds before rebooting the machine.
 137                 * We can't use the "normal" timers since we just panicked.
 138                 */
 139                printk(KERN_EMERG "Rebooting in %d seconds..", panic_timeout);
 140
 141                for (i = 0; i < panic_timeout * 1000; i += PANIC_TIMER_STEP) {
 142                        touch_nmi_watchdog();
 143                        if (i >= i_next) {
 144                                i += panic_blink(state ^= 1);
 145                                i_next = i + 3600 / PANIC_BLINK_SPD;
 146                        }
 147                        mdelay(PANIC_TIMER_STEP);
 148                }
 149        }
 150        if (panic_timeout != 0) {
 151                /*
 152                 * This will not be a clean reboot, with everything
 153                 * shutting down.  But if there is a chance of
 154                 * rebooting the system it will be rebooted.
 155                 */
 156                emergency_restart();
 157        }
 158#ifdef __sparc__
 159        {
 160                extern int stop_a_enabled;
 161                /* Make sure the user can actually press Stop-A (L1-A) */
 162                stop_a_enabled = 1;
 163                printk(KERN_EMERG "Press Stop-A (L1-A) to return to the boot prom\n");
 164        }
 165#endif
 166#if defined(CONFIG_S390)
 167        {
 168                unsigned long caller;
 169
 170                caller = (unsigned long)__builtin_return_address(0);
 171                disabled_wait(caller);
 172        }
 173#endif
 174        local_irq_enable();
 175        for (i = 0; ; i += PANIC_TIMER_STEP) {
 176                touch_softlockup_watchdog();
 177                if (i >= i_next) {
 178                        i += panic_blink(state ^= 1);
 179                        i_next = i + 3600 / PANIC_BLINK_SPD;
 180                }
 181                mdelay(PANIC_TIMER_STEP);
 182        }
 183}
 184
 185EXPORT_SYMBOL(panic);
 186
 187
 188struct tnt {
 189        u8      bit;
 190        char    true;
 191        char    false;
 192};
 193
 194static const struct tnt tnts[] = {
 195        { TAINT_PROPRIETARY_MODULE,     'P', 'G' },
 196        { TAINT_FORCED_MODULE,          'F', ' ' },
 197        { TAINT_UNSAFE_SMP,             'S', ' ' },
 198        { TAINT_FORCED_RMMOD,           'R', ' ' },
 199        { TAINT_MACHINE_CHECK,          'M', ' ' },
 200        { TAINT_BAD_PAGE,               'B', ' ' },
 201        { TAINT_USER,                   'U', ' ' },
 202        { TAINT_DIE,                    'D', ' ' },
 203        { TAINT_OVERRIDDEN_ACPI_TABLE,  'A', ' ' },
 204        { TAINT_WARN,                   'W', ' ' },
 205        { TAINT_CRAP,                   'C', ' ' },
 206        { TAINT_FIRMWARE_WORKAROUND,    'I', ' ' },
 207        { TAINT_OOT_MODULE,             'O', ' ' },
 208};
 209
 210/**
 211 *      print_tainted - return a string to represent the kernel taint state.
 212 *
 213 *  'P' - Proprietary module has been loaded.
 214 *  'F' - Module has been forcibly loaded.
 215 *  'S' - SMP with CPUs not designed for SMP.
 216 *  'R' - User forced a module unload.
 217 *  'M' - System experienced a machine check exception.
 218 *  'B' - System has hit bad_page.
 219 *  'U' - Userspace-defined naughtiness.
 220 *  'D' - Kernel has oopsed before
 221 *  'A' - ACPI table overridden.
 222 *  'W' - Taint on warning.
 223 *  'C' - modules from drivers/staging are loaded.
 224 *  'I' - Working around severe firmware bug.
 225 *  'O' - Out-of-tree module has been loaded.
 226 *
 227 *      The string is overwritten by the next call to print_tainted().
 228 */
 229const char *print_tainted(void)
 230{
 231        static char buf[ARRAY_SIZE(tnts) + sizeof("Tainted: ") + 1];
 232
 233        if (tainted_mask) {
 234                char *s;
 235                int i;
 236
 237                s = buf + sprintf(buf, "Tainted: ");
 238                for (i = 0; i < ARRAY_SIZE(tnts); i++) {
 239                        const struct tnt *t = &tnts[i];
 240                        *s++ = test_bit(t->bit, &tainted_mask) ?
 241                                        t->true : t->false;
 242                }
 243                *s = 0;
 244        } else
 245                snprintf(buf, sizeof(buf), "Not tainted");
 246
 247        return buf;
 248}
 249
 250int test_taint(unsigned flag)
 251{
 252        return test_bit(flag, &tainted_mask);
 253}
 254EXPORT_SYMBOL(test_taint);
 255
 256unsigned long get_taint(void)
 257{
 258        return tainted_mask;
 259}
 260
 261/**
 262 * add_taint: add a taint flag if not already set.
 263 * @flag: one of the TAINT_* constants.
 264 * @lockdep_ok: whether lock debugging is still OK.
 265 *
 266 * If something bad has gone wrong, you'll want @lockdebug_ok = false, but for
 267 * some notewortht-but-not-corrupting cases, it can be set to true.
 268 */
 269void add_taint(unsigned flag, enum lockdep_ok lockdep_ok)
 270{
 271        if (lockdep_ok == LOCKDEP_NOW_UNRELIABLE && __debug_locks_off())
 272                printk(KERN_WARNING
 273                       "Disabling lock debugging due to kernel taint\n");
 274
 275        set_bit(flag, &tainted_mask);
 276}
 277EXPORT_SYMBOL(add_taint);
 278
 279static void spin_msec(int msecs)
 280{
 281        int i;
 282
 283        for (i = 0; i < msecs; i++) {
 284                touch_nmi_watchdog();
 285                mdelay(1);
 286        }
 287}
 288
 289/*
 290 * It just happens that oops_enter() and oops_exit() are identically
 291 * implemented...
 292 */
 293static void do_oops_enter_exit(void)
 294{
 295        unsigned long flags;
 296        static int spin_counter;
 297
 298        if (!pause_on_oops)
 299                return;
 300
 301        spin_lock_irqsave(&pause_on_oops_lock, flags);
 302        if (pause_on_oops_flag == 0) {
 303                /* This CPU may now print the oops message */
 304                pause_on_oops_flag = 1;
 305        } else {
 306                /* We need to stall this CPU */
 307                if (!spin_counter) {
 308                        /* This CPU gets to do the counting */
 309                        spin_counter = pause_on_oops;
 310                        do {
 311                                spin_unlock(&pause_on_oops_lock);
 312                                spin_msec(MSEC_PER_SEC);
 313                                spin_lock(&pause_on_oops_lock);
 314                        } while (--spin_counter);
 315                        pause_on_oops_flag = 0;
 316                } else {
 317                        /* This CPU waits for a different one */
 318                        while (spin_counter) {
 319                                spin_unlock(&pause_on_oops_lock);
 320                                spin_msec(1);
 321                                spin_lock(&pause_on_oops_lock);
 322                        }
 323                }
 324        }
 325        spin_unlock_irqrestore(&pause_on_oops_lock, flags);
 326}
 327
 328/*
 329 * Return true if the calling CPU is allowed to print oops-related info.
 330 * This is a bit racy..
 331 */
 332int oops_may_print(void)
 333{
 334        return pause_on_oops_flag == 0;
 335}
 336
 337/*
 338 * Called when the architecture enters its oops handler, before it prints
 339 * anything.  If this is the first CPU to oops, and it's oopsing the first
 340 * time then let it proceed.
 341 *
 342 * This is all enabled by the pause_on_oops kernel boot option.  We do all
 343 * this to ensure that oopses don't scroll off the screen.  It has the
 344 * side-effect of preventing later-oopsing CPUs from mucking up the display,
 345 * too.
 346 *
 347 * It turns out that the CPU which is allowed to print ends up pausing for
 348 * the right duration, whereas all the other CPUs pause for twice as long:
 349 * once in oops_enter(), once in oops_exit().
 350 */
 351void oops_enter(void)
 352{
 353        tracing_off();
 354        /* can't trust the integrity of the kernel anymore: */
 355        debug_locks_off();
 356        do_oops_enter_exit();
 357}
 358
 359/*
 360 * 64-bit random ID for oopses:
 361 */
 362static u64 oops_id;
 363
 364static int init_oops_id(void)
 365{
 366        if (!oops_id)
 367                get_random_bytes(&oops_id, sizeof(oops_id));
 368        else
 369                oops_id++;
 370
 371        return 0;
 372}
 373late_initcall(init_oops_id);
 374
 375void print_oops_end_marker(void)
 376{
 377        init_oops_id();
 378        printk(KERN_WARNING "---[ end trace %016llx ]---\n",
 379                (unsigned long long)oops_id);
 380}
 381
 382/*
 383 * Called when the architecture exits its oops handler, after printing
 384 * everything.
 385 */
 386void oops_exit(void)
 387{
 388        do_oops_enter_exit();
 389        print_oops_end_marker();
 390        kmsg_dump(KMSG_DUMP_OOPS);
 391}
 392
 393#ifdef WANT_WARN_ON_SLOWPATH
 394struct slowpath_args {
 395        const char *fmt;
 396        va_list args;
 397};
 398
 399static void warn_slowpath_common(const char *file, int line, void *caller,
 400                                 unsigned taint, struct slowpath_args *args)
 401{
 402        printk(KERN_WARNING "------------[ cut here ]------------\n");
 403        printk(KERN_WARNING "WARNING: at %s:%d %pS()\n", file, line, caller);
 404
 405        if (args)
 406                vprintk(args->fmt, args->args);
 407
 408        print_modules();
 409        dump_stack();
 410        print_oops_end_marker();
 411        /* Just a warning, don't kill lockdep. */
 412        add_taint(taint, LOCKDEP_STILL_OK);
 413}
 414
 415void warn_slowpath_fmt(const char *file, int line, const char *fmt, ...)
 416{
 417        struct slowpath_args args;
 418
 419        args.fmt = fmt;
 420        va_start(args.args, fmt);
 421        warn_slowpath_common(file, line, __builtin_return_address(0),
 422                             TAINT_WARN, &args);
 423        va_end(args.args);
 424}
 425EXPORT_SYMBOL(warn_slowpath_fmt);
 426
 427void warn_slowpath_fmt_taint(const char *file, int line,
 428                             unsigned taint, const char *fmt, ...)
 429{
 430        struct slowpath_args args;
 431
 432        args.fmt = fmt;
 433        va_start(args.args, fmt);
 434        warn_slowpath_common(file, line, __builtin_return_address(0),
 435                             taint, &args);
 436        va_end(args.args);
 437}
 438EXPORT_SYMBOL(warn_slowpath_fmt_taint);
 439
 440void warn_slowpath_null(const char *file, int line)
 441{
 442        warn_slowpath_common(file, line, __builtin_return_address(0),
 443                             TAINT_WARN, NULL);
 444}
 445EXPORT_SYMBOL(warn_slowpath_null);
 446#endif
 447
 448#ifdef CONFIG_CC_STACKPROTECTOR
 449
 450/*
 451 * Called when gcc's -fstack-protector feature is used, and
 452 * gcc detects corruption of the on-stack canary value
 453 */
 454void __stack_chk_fail(void)
 455{
 456        panic("stack-protector: Kernel stack is corrupted in: %p\n",
 457                __builtin_return_address(0));
 458}
 459EXPORT_SYMBOL(__stack_chk_fail);
 460
 461#endif
 462
 463core_param(panic, panic_timeout, int, 0644);
 464core_param(pause_on_oops, pause_on_oops, int, 0644);
 465
 466static int __init oops_setup(char *s)
 467{
 468        if (!s)
 469                return -EINVAL;
 470        if (!strcmp(s, "panic"))
 471                panic_on_oops = 1;
 472        return 0;
 473}
 474early_param("oops", oops_setup);
 475
lxr.linux.no kindly hosted by Redpill Linpro AS, provider of Linux consulting and operations services since 1995.