]> git.saurik.com Git - apple/xnu.git/blob - osfmk/kern/debug.c
projects / apple / xnu.git / blob
? search:


a09bb897f1a4f2959fbd2a59439a4ddecacc631f
[apple/xnu.git] / osfmk / kern / debug.c
1 /*
2 * Copyright (c) 2000-2016 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28 /*
29 * @OSF_COPYRIGHT@
30 */
31 /*
32 * Mach Operating System
33 * Copyright (c) 1991,1990,1989 Carnegie Mellon University
34 * All Rights Reserved.
35 *
36 * Permission to use, copy, modify and distribute this software and its
37 * documentation is hereby granted, provided that both the copyright
38 * notice and this permission notice appear in all copies of the
39 * software, derivative works or modified versions, and any portions
40 * thereof, and that both notices appear in supporting documentation.
41 *
42 * CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS "AS IS"
43 * CONDITION. CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND FOR
44 * ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE.
45 *
46 * Carnegie Mellon requests users of this software to return to
47 *
48 * Software Distribution Coordinator or Software.Distribution@CS.CMU.EDU
49 * School of Computer Science
50 * Carnegie Mellon University
51 * Pittsburgh PA 15213-3890
52 *
53 * any improvements or extensions that they make and grant Carnegie Mellon
54 * the rights to redistribute these changes.
55 */
56
57 #include <mach_assert.h>
58 #include <mach_kdp.h>
59 #include <kdp/kdp.h>
60 #include <kdp/kdp_core.h>
61 #include <kdp/kdp_internal.h>
62 #include <kdp/kdp_callout.h>
63 #include <kern/cpu_number.h>
64 #include <kern/kalloc.h>
65 #include <kern/spl.h>
66 #include <kern/thread.h>
67 #include <kern/assert.h>
68 #include <kern/sched_prim.h>
69 #include <kern/misc_protos.h>
70 #include <kern/clock.h>
71 #include <kern/telemetry.h>
72 #include <kern/ecc.h>
73 #include <kern/kern_cdata.h>
74 #include <kern/zalloc.h>
75 #include <vm/vm_kern.h>
76 #include <vm/pmap.h>
77 #include <stdarg.h>
78 #include <stdatomic.h>
79 #include <sys/pgo.h>
80 #include <console/serial_protos.h>
81
82 #if !(MACH_KDP && CONFIG_KDP_INTERACTIVE_DEBUGGING)
83 #include <kdp/kdp_udp.h>
84 #endif
85 #include <kern/processor.h>
86
87 #if defined(__i386__) || defined(__x86_64__)
88 #include <i386/cpu_threads.h>
89 #include <i386/pmCPU.h>
90 #endif
91
92 #include <IOKit/IOPlatformExpert.h>
93 #include <machine/pal_routines.h>
94
95 #include <sys/kdebug.h>
96 #include <libkern/OSKextLibPrivate.h>
97 #include <libkern/OSAtomic.h>
98 #include <libkern/kernel_mach_header.h>
99 #include <uuid/uuid.h>
100 #include <mach_debug/zone_info.h>
101
102 #include <os/log_private.h>
103
104 #if CONFIG_EMBEDDED
105 #include <pexpert/pexpert.h> /* For gPanicBase */
106 #include <arm/caches_internal.h>
107 #include <arm/misc_protos.h>
108 extern volatile struct xnu_hw_shmem_dbg_command_info *hwsd_info;
109 #endif
110
111
112 unsigned int halt_in_debugger = 0;
113 unsigned int current_debugger = 0;
114 unsigned int active_debugger = 0;
115 unsigned int panicDebugging = FALSE;
116 unsigned int kdebug_serial = FALSE;
117 unsigned int kernel_debugger_entry_count = 0;
118
119
120 #if defined(__arm__)
121 #define TRAP_DEBUGGER __asm__ volatile("trap")
122 #elif defined(__arm64__)
123 /*
124 * Magic number; this should be identical to the __arm__ encoding for trap.
125 */
126 #define TRAP_DEBUGGER __asm__ volatile(".long 0xe7ffdeff")
127 #elif defined (__x86_64__)
128 #define TRAP_DEBUGGER __asm__("int3")
129 #else
130 #error No TRAP_DEBUGGER for this architecture
131 #endif
132
133 #if defined(__i386__) || defined(__x86_64__)
134 #define panic_stop() pmCPUHalt(PM_HALT_PANIC)
135 #else
136 #define panic_stop() panic_spin_forever()
137 #endif
138
139 #define CPUDEBUGGEROP PROCESSOR_DATA(current_processor(), debugger_state).db_current_op
140 #define CPUDEBUGGERMSG PROCESSOR_DATA(current_processor(), debugger_state).db_message
141 #define CPUPANICSTR PROCESSOR_DATA(current_processor(), debugger_state).db_panic_str
142 #define CPUPANICARGS PROCESSOR_DATA(current_processor(), debugger_state).db_panic_args
143 #define CPUPANICOPTS PROCESSOR_DATA(current_processor(), debugger_state).db_panic_options
144 #define CPUDEBUGGERSYNC PROCESSOR_DATA(current_processor(), debugger_state).db_proceed_on_sync_failure
145 #define CPUDEBUGGERCOUNT PROCESSOR_DATA(current_processor(), debugger_state).db_entry_count
146 #define CPUDEBUGGERRET PROCESSOR_DATA(current_processor(), debugger_state).db_op_return
147 #define CPUPANICCALLER PROCESSOR_DATA(current_processor(), debugger_state).db_panic_caller
148
149 #if DEVELOPMENT || DEBUG
150 #define DEBUGGER_DEBUGGING_NESTED_PANIC_IF_REQUESTED(requested) \
151 MACRO_BEGIN \
152 if (requested) { \
153 volatile int *badpointer = (int *)4; \
154 *badpointer = 0; \
155 } \
156 MACRO_END
157 #endif /* DEVELOPMENT || DEBUG */
158
159 debugger_op debugger_current_op = DBOP_NONE;
160 const char *debugger_panic_str = NULL;
161 va_list *debugger_panic_args = NULL;
162 uint64_t debugger_panic_options = 0;
163 const char *debugger_message = NULL;
164 unsigned long debugger_panic_caller = 0;
165
166 void panic_trap_to_debugger(const char *panic_format_str, va_list *panic_args, unsigned int reason, void *ctx, uint64_t panic_options_mask, unsigned long panic_caller);
167 static void kdp_machine_reboot_type(unsigned int type);
168 __attribute__((noreturn)) void panic_spin_forever(void);
169 extern kern_return_t do_stackshot(void);
170
171 int mach_assert = 1;
172
173 #define NESTEDDEBUGGERENTRYMAX 5
174
175 #if CONFIG_EMBEDDED
176 #define DEBUG_BUF_SIZE (4096)
177 #define KDBG_TRACE_PANIC_FILENAME "/var/log/panic.trace"
178 #else
179 /*
180 * DEBUG_BUF_SIZE can't grow without updates to SMC and iBoot to store larger panic logs on co-processor systems */
181 #define DEBUG_BUF_SIZE ((3 * PAGE_SIZE) + offsetof(struct macos_panic_header, mph_data))
182 #define KDBG_TRACE_PANIC_FILENAME "/var/tmp/panic.trace"
183 #endif
184
185 /* debug_buf is directly linked with iBoot panic region for embedded targets */
186 #if CONFIG_EMBEDDED
187 char *debug_buf_base = NULL;
188 char *debug_buf_ptr = NULL;
189 unsigned int debug_buf_size = 0;
190 #else
191 char debug_buf[DEBUG_BUF_SIZE];
192 struct macos_panic_header *panic_info = (struct macos_panic_header *)debug_buf;
193 char *debug_buf_base = (debug_buf + offsetof(struct macos_panic_header, mph_data));
194 char *debug_buf_ptr = (debug_buf + offsetof(struct macos_panic_header, mph_data));
195
196 /*
197 * We don't include the size of the panic header in the length of the data we actually write.
198 * On co-processor platforms, we lose sizeof(struct macos_panic_header) bytes from the end of
199 * the end of the log because we only support writing (3*PAGESIZE) bytes.
200 */
201 const unsigned int debug_buf_size = (DEBUG_BUF_SIZE - offsetof(struct macos_panic_header, mph_data));
202 #endif
203
204 /* Debugger state */
205 atomic_int debugger_cpu = ATOMIC_VAR_INIT(DEBUGGER_NO_CPU);
206 boolean_t debugger_allcpus_halted = FALSE;
207 boolean_t debugger_safe_to_return = TRUE;
208 unsigned int debugger_context = 0;
209
210 static char model_name[64];
211 unsigned char *kernel_uuid;
212
213 /*
214 * By default we treat Debugger() the same as calls to panic(), unless
215 * we have debug boot-args present and the DB_KERN_DUMP_ON_NMI *NOT* set.
216 * If DB_KERN_DUMP_ON_NMI is *NOT* set, return from Debugger() is supported.
217 *
218 * Return from Debugger() is currently only implemented on x86
219 */
220 static boolean_t debugger_is_panic = TRUE;
221
222
223 char kernel_uuid_string[37]; /* uuid_string_t */
224 char panic_disk_error_description[512];
225 size_t panic_disk_error_description_size = sizeof(panic_disk_error_description);
226
227 extern unsigned int write_trace_on_panic;
228
229 int kext_assertions_enable =
230 #if DEBUG || DEVELOPMENT
231 TRUE;
232 #else
233 FALSE;
234 #endif
235
236 void
237 panic_init(void)
238 {
239 unsigned long uuidlen = 0;
240 void *uuid;
241
242 uuid = getuuidfromheader(&_mh_execute_header, &uuidlen);
243 if ((uuid != NULL) && (uuidlen == sizeof(uuid_t))) {
244 kernel_uuid = uuid;
245 uuid_unparse_upper(*(uuid_t *)uuid, kernel_uuid_string);
246 }
247
248 if (!PE_parse_boot_argn("assertions", &mach_assert, sizeof(mach_assert))) {
249 mach_assert = 1;
250 }
251
252 #if !CONFIG_EMBEDDED
253 uint32_t debug_flags = 0;
254
255 if (PE_i_can_has_debugger(&debug_flags) && !(debug_flags & DB_KERN_DUMP_ON_NMI)) {
256 debugger_is_panic = FALSE;
257 }
258 #endif
259
260 }
261
262 void
263 debug_log_init(void)
264 {
265 #if CONFIG_EMBEDDED
266 if (!gPanicBase) {
267 printf("debug_log_init: Error!! gPanicBase is still not initialized\n");
268 return;
269 }
270 /* Shift debug buf start location and size by the length of the panic header */
271 debug_buf_base = (char *)gPanicBase + sizeof(struct embedded_panic_header);
272 debug_buf_ptr = debug_buf_base;
273 debug_buf_size = gPanicSize - sizeof(struct embedded_panic_header);
274 #else
275 assert(debug_buf_base != NULL);
276 assert(debug_buf_ptr != NULL);
277 assert(debug_buf_size != 0);
278 bzero(debug_buf, sizeof(debug_buf));
279 #endif
280 }
281
282 static void
283 DebuggerLock()
284 {
285 int my_cpu = cpu_number();
286 int debugger_exp_cpu = DEBUGGER_NO_CPU;
287 assert(ml_get_interrupts_enabled() == FALSE);
288
289 if (debugger_cpu == my_cpu) {
290 return;
291 }
292
293 while(!atomic_compare_exchange_strong(&debugger_cpu, &debugger_exp_cpu, my_cpu)) {
294 debugger_exp_cpu = DEBUGGER_NO_CPU;
295 }
296
297 return;
298 }
299
300 static void
301 DebuggerUnlock()
302 {
303 assert(debugger_cpu == cpu_number());
304
305 /*
306 * We don't do an atomic exchange here in case
307 * there's another CPU spinning to acquire the debugger_lock
308 * and we never get a chance to update it. We already have the
309 * lock so we can simply store DEBUGGER_NO_CPU and follow with
310 * a barrier.
311 */
312 debugger_cpu = DEBUGGER_NO_CPU;
313 OSMemoryBarrier();
314
315 return;
316 }
317
318 static kern_return_t
319 DebuggerHaltOtherCores(boolean_t proceed_on_failure)
320 {
321 #if CONFIG_EMBEDDED
322 return DebuggerXCallEnter(proceed_on_failure);
323 #else /* CONFIG_EMBEDDED */
324 #pragma unused(proceed_on_failure)
325 mp_kdp_enter(proceed_on_failure);
326 return KERN_SUCCESS;
327 #endif
328 }
329
330 static void
331 DebuggerResumeOtherCores()
332 {
333 #if CONFIG_EMBEDDED
334 DebuggerXCallReturn();
335 #else /* CONFIG_EMBEDDED */
336 mp_kdp_exit();
337 #endif
338 }
339
340 static void
341 DebuggerSaveState(debugger_op db_op, const char *db_message, const char *db_panic_str,
342 va_list *db_panic_args, uint64_t db_panic_options,
343 boolean_t db_proceed_on_sync_failure, unsigned long db_panic_caller)
344 {
345 CPUDEBUGGEROP = db_op;
346
347 /* Preserve the original panic message */
348 if (CPUDEBUGGERCOUNT == 1 || CPUPANICSTR == NULL) {
349 CPUDEBUGGERMSG = db_message;
350 CPUPANICSTR = db_panic_str;
351 CPUPANICARGS = db_panic_args;
352 CPUPANICCALLER = db_panic_caller;
353 } else if (CPUDEBUGGERCOUNT > 1 && db_panic_str != NULL) {
354 kprintf("Nested panic detected: %s", db_panic_str);
355 }
356
357 CPUDEBUGGERSYNC = db_proceed_on_sync_failure;
358 CPUDEBUGGERRET = KERN_SUCCESS;
359
360 /* Reset these on any nested panics */
361 CPUPANICOPTS = db_panic_options;
362
363 return;
364 }
365
366 /*
367 * Save the requested debugger state/action into the current processor's processor_data
368 * and trap to the debugger.
369 */
370 kern_return_t
371 DebuggerTrapWithState(debugger_op db_op, const char *db_message, const char *db_panic_str,
372 va_list *db_panic_args, uint64_t db_panic_options,
373 boolean_t db_proceed_on_sync_failure, unsigned long db_panic_caller)
374 {
375 kern_return_t ret;
376
377 assert(ml_get_interrupts_enabled() == FALSE);
378 DebuggerSaveState(db_op, db_message, db_panic_str,
379 db_panic_args, db_panic_options, db_proceed_on_sync_failure,
380 db_panic_caller);
381
382 TRAP_DEBUGGER;
383
384 ret = CPUDEBUGGERRET;
385
386 DebuggerSaveState(DBOP_NONE, NULL, NULL, NULL, 0, FALSE, 0);
387
388 return ret;
389 }
390
391 void __attribute__((noinline))
392 Assert(
393 const char *file,
394 int line,
395 const char *expression
396 )
397 {
398 if (!mach_assert) {
399 kprintf("%s:%d non-fatal Assertion: %s", file, line, expression);
400 return;
401 }
402
403 panic_plain("%s:%d Assertion failed: %s", file, line, expression);
404 }
405
406
407 void
408 Debugger(const char *message)
409 {
410 DebuggerWithContext(0, NULL, message, DEBUGGER_OPTION_NONE);
411 }
412
413 void
414 DebuggerWithContext(unsigned int reason, void *ctx, const char *message,
415 uint64_t debugger_options_mask)
416 {
417 spl_t previous_interrupts_state;
418 boolean_t old_doprnt_hide_pointers = doprnt_hide_pointers;
419
420 previous_interrupts_state = ml_set_interrupts_enabled(FALSE);
421 disable_preemption();
422
423 CPUDEBUGGERCOUNT++;
424
425 if (CPUDEBUGGERCOUNT > NESTEDDEBUGGERENTRYMAX) {
426 static boolean_t in_panic_kprintf = FALSE;
427
428 /* Notify any listeners that we've started a panic */
429 PEHaltRestart(kPEPanicBegin);
430
431 if (!in_panic_kprintf) {
432 in_panic_kprintf = TRUE;
433 kprintf("Detected nested debugger entry count exceeding %d\n",
434 NESTEDDEBUGGERENTRYMAX);
435 in_panic_kprintf = FALSE;
436 }
437
438 if (!panicDebugging) {
439 kdp_machine_reboot_type(kPEPanicRestartCPU);
440 }
441
442 panic_spin_forever();
443 }
444
445 #if DEVELOPMENT || DEBUG
446 DEBUGGER_DEBUGGING_NESTED_PANIC_IF_REQUESTED((debugger_options_mask & DEBUGGER_OPTION_RECURPANIC_ENTRY));
447 #endif
448
449 doprnt_hide_pointers = FALSE;
450
451 if (ctx != NULL) {
452 DebuggerSaveState(DBOP_DEBUGGER, message,
453 NULL, NULL, debugger_options_mask, TRUE, 0);
454 handle_debugger_trap(reason, 0, 0, ctx);
455 DebuggerSaveState(DBOP_NONE, NULL, NULL,
456 NULL, 0, FALSE, 0);
457 } else {
458 DebuggerTrapWithState(DBOP_DEBUGGER, message,
459 NULL, NULL, debugger_options_mask, TRUE, 0);
460 }
461
462 CPUDEBUGGERCOUNT--;
463 doprnt_hide_pointers = old_doprnt_hide_pointers;
464 enable_preemption();
465 ml_set_interrupts_enabled(previous_interrupts_state);
466 }
467
468 static struct kdp_callout {
469 struct kdp_callout * callout_next;
470 kdp_callout_fn_t callout_fn;
471 boolean_t callout_in_progress;
472 void * callout_arg;
473 } * kdp_callout_list = NULL;
474
475 /*
476 * Called from kernel context to register a kdp event callout.
477 */
478 void
479 kdp_register_callout(kdp_callout_fn_t fn, void * arg)
480 {
481 struct kdp_callout * kcp;
482 struct kdp_callout * list_head;
483
484 kcp = kalloc(sizeof(*kcp));
485 if (kcp == NULL)
486 panic("kdp_register_callout() kalloc failed");
487
488 kcp->callout_fn = fn;
489 kcp->callout_arg = arg;
490 kcp->callout_in_progress = FALSE;
491
492 /* Lock-less list insertion using compare and exchange. */
493 do {
494 list_head = kdp_callout_list;
495 kcp->callout_next = list_head;
496 } while (!OSCompareAndSwapPtr(list_head, kcp, &kdp_callout_list));
497 }
498
499 static void
500 kdp_callouts(kdp_event_t event)
501 {
502 struct kdp_callout *kcp = kdp_callout_list;
503
504 while (kcp) {
505 if (!kcp->callout_in_progress) {
506 kcp->callout_in_progress = TRUE;
507 kcp->callout_fn(kcp->callout_arg, event);
508 kcp->callout_in_progress = FALSE;
509 }
510 kcp = kcp->callout_next;
511 }
512 }
513
514 /*
515 * An overview of the xnu panic path:
516 *
517 * Several panic wrappers (panic(), panic_with_options(), etc.) all funnel into panic_trap_to_debugger().
518 * panic_trap_to_debugger() sets the panic state in the current processor's processor_data_t prior
519 * to trapping into the debugger. Once we trap to the debugger, we end up in handle_debugger_trap()
520 * which tries to acquire the panic lock by atomically swapping the current CPU number into debugger_cpu.
521 * debugger_cpu acts as a synchronization point, from which the winning CPU can halt the other cores and
522 * continue to debugger_collect_diagnostics() where we write the paniclog, corefile (if appropriate) and proceed
523 * according to the device's boot-args.
524 */
525 #undef panic
526 void
527 panic(const char *str, ...)
528 {
529 va_list panic_str_args;
530
531 va_start(panic_str_args, str);
532 panic_trap_to_debugger(str, &panic_str_args, 0, NULL, 0, (unsigned long)(char *)__builtin_return_address(0));
533 va_end(panic_str_args);
534 }
535
536 void
537 panic_with_options(unsigned int reason, void *ctx, uint64_t debugger_options_mask, const char *str, ...)
538 {
539 va_list panic_str_args;
540
541 va_start(panic_str_args, str);
542 panic_trap_to_debugger(str, &panic_str_args, reason, ctx, debugger_options_mask, (unsigned long)(char *)__builtin_return_address(0));
543 va_end(panic_str_args);
544 }
545
546 void
547 panic_context(unsigned int reason, void *ctx, const char *str, ...)
548 {
549 va_list panic_str_args;
550
551 va_start(panic_str_args, str);
552 panic_trap_to_debugger(str, &panic_str_args, reason, ctx, 0, (unsigned long)(char *)__builtin_return_address(0));
553 va_end(panic_str_args);
554 }
555
556 #pragma clang diagnostic push
557 #pragma clang diagnostic ignored "-Wmissing-noreturn"
558 void
559 panic_trap_to_debugger(const char *panic_format_str, va_list *panic_args, unsigned int reason, void
560 *ctx, uint64_t panic_options_mask, unsigned long panic_caller)
561 {
562 #pragma clang diagnostic pop
563
564 if (ml_wants_panic_trap_to_debugger()) {
565 ml_panic_trap_to_debugger(panic_format_str, panic_args, reason, ctx, panic_options_mask, panic_caller);
566
567 /*
568 * This should not return, but we return here for the tail call
569 * as it simplifies the backtrace.
570 */
571 return;
572 }
573
574 CPUDEBUGGERCOUNT++;
575
576 if (CPUDEBUGGERCOUNT > NESTEDDEBUGGERENTRYMAX) {
577 static boolean_t in_panic_kprintf = FALSE;
578
579 /* Notify any listeners that we've started a panic */
580 PEHaltRestart(kPEPanicBegin);
581
582 if (!in_panic_kprintf) {
583 in_panic_kprintf = TRUE;
584 kprintf("Detected nested debugger entry count exceeding %d\n",
585 NESTEDDEBUGGERENTRYMAX);
586 in_panic_kprintf = FALSE;
587 }
588
589 if (!panicDebugging) {
590 kdp_machine_reboot_type(kPEPanicRestartCPU);
591 }
592
593 panic_spin_forever();
594 }
595
596 #if DEVELOPMENT || DEBUG
597 DEBUGGER_DEBUGGING_NESTED_PANIC_IF_REQUESTED((panic_options_mask & DEBUGGER_OPTION_RECURPANIC_ENTRY));
598 #endif
599
600 #if CONFIG_EMBEDDED
601 if (PE_arm_debug_panic_hook)
602 PE_arm_debug_panic_hook(panic_format_str);
603 #endif
604
605 #if defined (__x86_64__)
606 plctrace_disable();
607 #endif
608
609 if (write_trace_on_panic && kdebug_enable) {
610 if (get_preemption_level() == 0 && !ml_at_interrupt_context()) {
611 ml_set_interrupts_enabled(TRUE);
612 KDBG(TRACE_PANIC);
613 kdbg_dump_trace_to_file(KDBG_TRACE_PANIC_FILENAME);
614 }
615 }
616
617 ml_set_interrupts_enabled(FALSE);
618 disable_preemption();
619
620 #if defined (__x86_64__)
621 pmSafeMode(x86_lcpu(), PM_SAFE_FL_SAFE);
622 #endif /* defined (__x86_64__) */
623
624 /* Never hide pointers from panic logs. */
625 doprnt_hide_pointers = FALSE;
626
627 if (ctx != NULL) {
628 /*
629 * We called into panic from a trap, no need to trap again. Set the
630 * state on the current CPU and then jump to handle_debugger_trap.
631 */
632 DebuggerSaveState(DBOP_PANIC, "panic",
633 panic_format_str, panic_args,
634 panic_options_mask, TRUE, panic_caller);
635 handle_debugger_trap(reason, 0, 0, ctx);
636 }
637
638 #if defined(__arm64__)
639 /*
640 * Signal to fastsim that it should open debug ports (nop on hardware)
641 */
642 __asm__ volatile("HINT 0x45");
643 #endif /* defined(__arm64__) */
644
645 DebuggerTrapWithState(DBOP_PANIC, "panic", panic_format_str,
646 panic_args, panic_options_mask, TRUE, panic_caller);
647
648 /*
649 * Not reached.
650 */
651 panic_stop();
652 }
653
654 __attribute__((noreturn))
655 void
656 panic_spin_forever()
657 {
658 paniclog_append_noflush("\nPlease go to https://panic.apple.com to report this panic\n");
659
660 for (;;) { }
661 }
662
663 static void
664 kdp_machine_reboot_type(unsigned int type)
665 {
666 printf("Attempting system restart...");
667 PEHaltRestart(type);
668 halt_all_cpus(TRUE);
669 }
670
671 void
672 kdp_machine_reboot(void)
673 {
674 kdp_machine_reboot_type(kPEPanicRestartCPU);
675 }
676
677 /*
678 * Gather and save diagnostic information about a panic (or Debugger call).
679 *
680 * On embedded, Debugger and Panic are treated very similarly -- WDT uses Debugger so we can
681 * theoretically return from it. On desktop, Debugger is treated as a conventional debugger -- i.e no
682 * paniclog is written and no core is written unless we request a core on NMI.
683 *
684 * This routine handles kicking off local coredumps, paniclogs, calling into the Debugger/KDP (if it's configured),
685 * and calling out to any other functions we have for collecting diagnostic info.
686 */
687 static void
688 debugger_collect_diagnostics(unsigned int exception, unsigned int code, unsigned int subcode, void *state)
689 {
690 #if DEVELOPMENT || DEBUG
691 DEBUGGER_DEBUGGING_NESTED_PANIC_IF_REQUESTED((debugger_panic_options & DEBUGGER_OPTION_RECURPANIC_PRELOG));
692 #endif
693
694 #if defined(__x86_64__)
695 kprintf("Debugger called: <%s>\n", debugger_message);
696 #endif
697 /*
698 * DB_HALT (halt_in_debugger) can be requested on startup, we shouldn't generate
699 * a coredump/paniclog for this type of debugger entry. If KDP isn't configured,
700 * we'll just spin in kdp_raise_exception.
701 */
702 if (debugger_current_op == DBOP_DEBUGGER && halt_in_debugger) {
703 kdp_raise_exception(exception, code, subcode, state);
704 if (debugger_safe_to_return && !debugger_is_panic) {
705 return;
706 }
707 }
708
709 if ((debugger_current_op == DBOP_PANIC) ||
710 (debugger_current_op == DBOP_DEBUGGER && debugger_is_panic)) {
711 /*
712 * Attempt to notify listeners once and only once that we've started
713 * panicking. Only do this for Debugger() calls if we're treating
714 * Debugger() calls like panic().
715 */
716 PEHaltRestart(kPEPanicBegin);
717
718 /*
719 * Set the begin pointer in the panic log structure. We key off of this
720 * static variable rather than contents from the panic header itself in case someone
721 * has stomped over the panic_info structure. Also initializes the header magic.
722 */
723 static boolean_t began_writing_paniclog = FALSE;
724 if (!began_writing_paniclog) {
725 PE_init_panicheader();
726 began_writing_paniclog = TRUE;
727 } else {
728 /*
729 * If we reached here, update the panic header to keep it as consistent
730 * as possible during a nested panic
731 */
732 PE_update_panicheader_nestedpanic();
733 }
734 }
735
736 /*
737 * Write panic string if this was a panic.
738 *
739 * TODO: Consider moving to SavePanicInfo as this is part of the panic log.
740 */
741 if (debugger_current_op == DBOP_PANIC) {
742 paniclog_append_noflush("panic(cpu %d caller 0x%lx): ", (unsigned) cpu_number(), debugger_panic_caller);
743 if (debugger_panic_str) {
744 _doprnt(debugger_panic_str, debugger_panic_args, consdebug_putc, 0);
745 }
746 paniclog_append_noflush("\n");
747 }
748
749 /*
750 * Debugger() is treated like panic() on embedded -- for example we use it for WDT
751 * panics (so we need to write a paniclog). On desktop Debugger() is used in the
752 * conventional sense.
753 */
754 #if defined(__x86_64__)
755 if (debugger_current_op == DBOP_PANIC)
756 #endif
757 {
758 kdp_callouts(KDP_EVENT_PANICLOG);
759
760 /*
761 * Write paniclog and panic stackshot (if supported)
762 * TODO: Need to clear panic log when return from debugger
763 * hooked up for embedded
764 */
765 SavePanicInfo(debugger_message, debugger_panic_options);
766
767 #if DEVELOPMENT || DEBUG
768 DEBUGGER_DEBUGGING_NESTED_PANIC_IF_REQUESTED((debugger_panic_options & DEBUGGER_OPTION_RECURPANIC_POSTLOG));
769 #endif
770
771 /* DEBUGGER_OPTION_PANICLOGANDREBOOT is used for two finger resets on embedded so we get a paniclog */
772 if (debugger_panic_options & DEBUGGER_OPTION_PANICLOGANDREBOOT)
773 PEHaltRestart(kPEPanicRestartCPU);
774 }
775
776 #if CONFIG_KDP_INTERACTIVE_DEBUGGING
777 uint32_t debug_flags = 0;
778 PE_i_can_has_debugger(&debug_flags);
779
780 /*
781 * If reboot on panic is enabled and the caller of panic indicated that we should skip
782 * local coredumps, don't try to write these and instead go straight to reboot. This
783 * allows us to persist any data that's stored in the panic log.
784 */
785 if ((debugger_panic_options & DEBUGGER_OPTION_SKIP_LOCAL_COREDUMP) &&
786 (debug_flags & DB_REBOOT_POST_CORE)) {
787 kdp_machine_reboot_type(kPEPanicRestartCPU);
788 }
789
790 /*
791 * Consider generating a local corefile if the infrastructure is configured
792 * and we haven't disabled on-device coredumps.
793 */
794 if (kdp_has_polled_corefile() && !(debug_flags & DB_DISABLE_LOCAL_CORE)) {
795 int ret = -1;
796
797 #if defined (__x86_64__)
798 /* On x86 we don't do a coredump on Debugger unless the DB_KERN_DUMP_ON_NMI boot-arg is specified. */
799 if (debugger_current_op != DBOP_DEBUGGER || (debug_flags & DB_KERN_DUMP_ON_NMI))
800 #endif
801 {
802 /*
803 * Doing an on-device coredump leaves the disk driver in a state
804 * that can not be resumed.
805 */
806 debugger_safe_to_return = FALSE;
807 begin_panic_transfer();
808 ret = kern_dump(KERN_DUMP_DISK);
809 abort_panic_transfer();
810
811 #if DEVELOPMENT || DEBUG
812 DEBUGGER_DEBUGGING_NESTED_PANIC_IF_REQUESTED((debugger_panic_options & DEBUGGER_OPTION_RECURPANIC_POSTCORE));
813 #endif
814 }
815
816 /* If we wrote a corefile and DB_REBOOT_POST_CORE is set, reboot */
817 if (ret == 0 && (debug_flags & DB_REBOOT_POST_CORE))
818 kdp_machine_reboot_type(kPEPanicRestartCPU);
819 }
820
821 /* If KDP is configured, try to trap to the debugger */
822 if (current_debugger != NO_CUR_DB) {
823 kdp_raise_exception(exception, code, subcode, state);
824 /*
825 * Only return if we entered via Debugger and it's safe to return
826 * (we halted the other cores successfully, this isn't a nested panic, etc)
827 */
828 if (debugger_current_op == DBOP_DEBUGGER &&
829 debugger_safe_to_return &&
830 kernel_debugger_entry_count == 1 &&
831 !debugger_is_panic) {
832 return;
833 }
834 }
835
836 #if CONFIG_EMBEDDED
837 if (panicDebugging) {
838 /* If panic debugging is configured, spin for astris to connect */
839 panic_spin_shmcon();
840 }
841 #endif /* CONFIG_EMBEDDED */
842 #endif /* CONFIG_KDP_INTERACTIVE_DEBUGGING */
843
844 if (!panicDebugging) {
845 kdp_machine_reboot_type(kPEPanicRestartCPU);
846 }
847
848 panic_spin_forever();
849 }
850
851 #if INTERRUPT_MASKED_DEBUG
852 uint64_t debugger_trap_timestamps[9];
853 # define DEBUGGER_TRAP_TIMESTAMP(i) debugger_trap_timestamps[i] = mach_absolute_time();
854 #else
855 # define DEBUGGER_TRAP_TIMESTAMP(i)
856 #endif
857
858 void
859 handle_debugger_trap(unsigned int exception, unsigned int code, unsigned int subcode, void *state)
860 {
861 unsigned int initial_not_in_kdp = not_in_kdp;
862 kern_return_t ret;
863 debugger_op db_prev_op = debugger_current_op;
864
865 DEBUGGER_TRAP_TIMESTAMP(0);
866
867 DebuggerLock();
868 ret = DebuggerHaltOtherCores(CPUDEBUGGERSYNC);
869
870 DEBUGGER_TRAP_TIMESTAMP(1);
871
872 #if INTERRUPT_MASKED_DEBUG
873 if (serialmode & SERIALMODE_OUTPUT) {
874 ml_spin_debug_reset(current_thread());
875 }
876 #endif
877 if (ret != KERN_SUCCESS) {
878 CPUDEBUGGERRET = ret;
879 DebuggerUnlock();
880 return;
881 }
882
883 /* Update the global panic/debugger nested entry level */
884 kernel_debugger_entry_count = CPUDEBUGGERCOUNT;
885
886 /*
887 * TODO: Should we do anything special for nested panics here? i.e. if we've trapped more than twice
888 * should we call into the debugger if it's configured and then reboot if the panic log has been written?
889 */
890
891 if (CPUDEBUGGEROP == DBOP_NONE) {
892 /* If there was no debugger context setup, we trapped due to a software breakpoint */
893 debugger_current_op = DBOP_BREAKPOINT;
894 } else {
895 /* Not safe to return from a nested panic/debugger call */
896 if (debugger_current_op == DBOP_PANIC ||
897 debugger_current_op == DBOP_DEBUGGER) {
898 debugger_safe_to_return = FALSE;
899 }
900
901 debugger_current_op = CPUDEBUGGEROP;
902
903 /* Only overwrite the panic message if there is none already - save the data from the first call */
904 if (debugger_panic_str == NULL) {
905 debugger_panic_str = CPUPANICSTR;
906 debugger_panic_args = CPUPANICARGS;
907 debugger_message = CPUDEBUGGERMSG;
908 debugger_panic_caller = CPUPANICCALLER;
909 }
910
911 debugger_panic_options = CPUPANICOPTS;
912 }
913
914 /*
915 * Clear the op from the processor debugger context so we can handle
916 * breakpoints in the debugger
917 */
918 CPUDEBUGGEROP = DBOP_NONE;
919
920 DEBUGGER_TRAP_TIMESTAMP(2);
921
922 kdp_callouts(KDP_EVENT_ENTER);
923 not_in_kdp = 0;
924
925 DEBUGGER_TRAP_TIMESTAMP(3);
926
927 if (debugger_current_op == DBOP_BREAKPOINT) {
928 kdp_raise_exception(exception, code, subcode, state);
929 } else if (debugger_current_op == DBOP_STACKSHOT) {
930 CPUDEBUGGERRET = do_stackshot();
931 #if PGO
932 } else if (debugger_current_op == DBOP_RESET_PGO_COUNTERS) {
933 CPUDEBUGGERRET = do_pgo_reset_counters();
934 #endif
935 } else {
936 debugger_collect_diagnostics(exception, code, subcode, state);
937 }
938
939 DEBUGGER_TRAP_TIMESTAMP(4);
940
941 not_in_kdp = initial_not_in_kdp;
942 kdp_callouts(KDP_EVENT_EXIT);
943
944 DEBUGGER_TRAP_TIMESTAMP(5);
945
946 if (debugger_current_op != DBOP_BREAKPOINT) {
947 debugger_panic_str = NULL;
948 debugger_panic_args = NULL;
949 debugger_panic_options = 0;
950 debugger_message = NULL;
951 }
952
953 /* Restore the previous debugger state */
954 debugger_current_op = db_prev_op;
955
956 DEBUGGER_TRAP_TIMESTAMP(6);
957
958 DebuggerResumeOtherCores();
959
960 DEBUGGER_TRAP_TIMESTAMP(7);
961
962 DebuggerUnlock();
963
964 DEBUGGER_TRAP_TIMESTAMP(8);
965
966 return;
967 }
968
969 __attribute__((noinline,not_tail_called))
970 void log(__unused int level, char *fmt, ...)
971 {
972 void *caller = __builtin_return_address(0);
973 va_list listp;
974 va_list listp2;
975
976
977 #ifdef lint
978 level++;
979 #endif /* lint */
980 #ifdef MACH_BSD
981 va_start(listp, fmt);
982 va_copy(listp2, listp);
983
984 disable_preemption();
985 _doprnt(fmt, &listp, cons_putc_locked, 0);
986 enable_preemption();
987
988 va_end(listp);
989
990 os_log_with_args(OS_LOG_DEFAULT, OS_LOG_TYPE_DEFAULT, fmt, listp2, caller);
991 va_end(listp2);
992 #endif
993 }
994
995 /*
996 * Per <rdar://problem/24974766>, skip appending log messages to
997 * the new logging infrastructure in contexts where safety is
998 * uncertain. These contexts include:
999 * - When we're in the debugger
1000 * - We're in a panic
1001 * - Interrupts are disabled
1002 * - Or Pre-emption is disabled
1003 * In all the above cases, it is potentially unsafe to log messages.
1004 */
1005
1006 boolean_t
1007 oslog_is_safe(void) {
1008 return (kernel_debugger_entry_count == 0 &&
1009 not_in_kdp == 1 &&
1010 get_preemption_level() == 0 &&
1011 ml_get_interrupts_enabled() == TRUE);
1012 }
1013
1014 boolean_t
1015 debug_mode_active(void)
1016 {
1017 return ((0 != kernel_debugger_entry_count != 0) || (0 == not_in_kdp));
1018 }
1019
1020 void
1021 debug_putc(char c)
1022 {
1023 if ((debug_buf_size != 0) &&
1024 ((debug_buf_ptr - debug_buf_base) < (int)debug_buf_size)) {
1025 *debug_buf_ptr=c;
1026 debug_buf_ptr++;
1027 }
1028 }
1029
1030 #if defined (__x86_64__)
1031 struct pasc {
1032 unsigned a: 7;
1033 unsigned b: 7;
1034 unsigned c: 7;
1035 unsigned d: 7;
1036 unsigned e: 7;
1037 unsigned f: 7;
1038 unsigned g: 7;
1039 unsigned h: 7;
1040 } __attribute__((packed));
1041
1042 typedef struct pasc pasc_t;
1043
1044 /*
1045 * In-place packing routines -- inefficient, but they're called at most once.
1046 * Assumes "buflen" is a multiple of 8. Used for compressing paniclogs on x86.
1047 */
1048 int
1049 packA(char *inbuf, uint32_t length, uint32_t buflen)
1050 {
1051 unsigned int i, j = 0;
1052 pasc_t pack;
1053
1054 length = MIN(((length + 7) & ~7), buflen);
1055
1056 for (i = 0; i < length; i+=8)
1057 {
1058 pack.a = inbuf[i];
1059 pack.b = inbuf[i+1];
1060 pack.c = inbuf[i+2];
1061 pack.d = inbuf[i+3];
1062 pack.e = inbuf[i+4];
1063 pack.f = inbuf[i+5];
1064 pack.g = inbuf[i+6];
1065 pack.h = inbuf[i+7];
1066 bcopy ((char *) &pack, inbuf + j, 7);
1067 j += 7;
1068 }
1069 return j;
1070 }
1071
1072 void
1073 unpackA(char *inbuf, uint32_t length)
1074 {
1075 pasc_t packs;
1076 unsigned i = 0;
1077 length = (length * 8)/7;
1078
1079 while (i < length) {
1080 packs = *(pasc_t *)&inbuf[i];
1081 bcopy(&inbuf[i+7], &inbuf[i+8], MAX(0, (int) (length - i - 8)));
1082 inbuf[i++] = packs.a;
1083 inbuf[i++] = packs.b;
1084 inbuf[i++] = packs.c;
1085 inbuf[i++] = packs.d;
1086 inbuf[i++] = packs.e;
1087 inbuf[i++] = packs.f;
1088 inbuf[i++] = packs.g;
1089 inbuf[i++] = packs.h;
1090 }
1091 }
1092 #endif /* defined (__x86_64__) */
1093
1094 extern void *proc_name_address(void *p);
1095
1096 static void
1097 panic_display_process_name(void) {
1098 /* because of scoping issues len(p_comm) from proc_t is hard coded here */
1099 char proc_name[17] = "Unknown";
1100 task_t ctask = 0;
1101 void *cbsd_info = 0;
1102
1103 if (ml_nofault_copy((vm_offset_t)&current_thread()->task, (vm_offset_t) &ctask, sizeof(task_t)) == sizeof(task_t))
1104 if(ml_nofault_copy((vm_offset_t)&ctask->bsd_info, (vm_offset_t)&cbsd_info, sizeof(cbsd_info)) == sizeof(cbsd_info))
1105 if (cbsd_info && (ml_nofault_copy((vm_offset_t) proc_name_address(cbsd_info), (vm_offset_t) &proc_name, sizeof(proc_name)) > 0))
1106 proc_name[sizeof(proc_name) - 1] = '\0';
1107 paniclog_append_noflush("\nBSD process name corresponding to current thread: %s\n", proc_name);
1108 }
1109
1110 unsigned
1111 panic_active(void) {
1112 return ((debugger_panic_str != (char *) 0));
1113 }
1114
1115 void
1116 populate_model_name(char *model_string) {
1117 strlcpy(model_name, model_string, sizeof(model_name));
1118 }
1119
1120 void
1121 panic_display_model_name(void) {
1122 char tmp_model_name[sizeof(model_name)];
1123
1124 if (ml_nofault_copy((vm_offset_t) &model_name, (vm_offset_t) &tmp_model_name, sizeof(model_name)) != sizeof(model_name))
1125 return;
1126
1127 tmp_model_name[sizeof(tmp_model_name) - 1] = '\0';
1128
1129 if (tmp_model_name[0] != 0)
1130 paniclog_append_noflush("System model name: %s\n", tmp_model_name);
1131 }
1132
1133 void
1134 panic_display_kernel_uuid(void) {
1135 char tmp_kernel_uuid[sizeof(kernel_uuid_string)];
1136
1137 if (ml_nofault_copy((vm_offset_t) &kernel_uuid_string, (vm_offset_t) &tmp_kernel_uuid, sizeof(kernel_uuid_string)) != sizeof(kernel_uuid_string))
1138 return;
1139
1140 if (tmp_kernel_uuid[0] != '\0')
1141 paniclog_append_noflush("Kernel UUID: %s\n", tmp_kernel_uuid);
1142 }
1143
1144 void
1145 panic_display_kernel_aslr(void) {
1146 if (vm_kernel_slide) {
1147 paniclog_append_noflush("Kernel slide: 0x%016lx\n", (unsigned long) vm_kernel_slide);
1148 paniclog_append_noflush("Kernel text base: %p\n", (void *) vm_kernel_stext);
1149 }
1150 }
1151
1152 void
1153 panic_display_hibb(void) {
1154 #if defined(__i386__) || defined (__x86_64__)
1155 paniclog_append_noflush("__HIB text base: %p\n", (void *) vm_hib_base);
1156 #endif
1157 }
1158
1159 static void
1160 panic_display_uptime(void) {
1161 uint64_t uptime;
1162 absolutetime_to_nanoseconds(mach_absolute_time(), &uptime);
1163
1164 paniclog_append_noflush("\nSystem uptime in nanoseconds: %llu\n", uptime);
1165 }
1166
1167 static void
1168 panic_display_disk_errors(void) {
1169
1170 if (panic_disk_error_description[0]) {
1171 panic_disk_error_description[sizeof(panic_disk_error_description) - 1] = '\0';
1172 paniclog_append_noflush("Root disk errors: \"%s\"\n", panic_disk_error_description);
1173 }
1174 };
1175
1176 extern const char version[];
1177 extern char osversion[];
1178
1179 static volatile uint32_t config_displayed = 0;
1180
1181 __private_extern__ void
1182 panic_display_system_configuration(boolean_t launchd_exit) {
1183
1184 if (!launchd_exit) panic_display_process_name();
1185 if (OSCompareAndSwap(0, 1, &config_displayed)) {
1186 char buf[256];
1187 if (!launchd_exit && strlcpy(buf, PE_boot_args(), sizeof(buf)))
1188 paniclog_append_noflush("Boot args: %s\n", buf);
1189 paniclog_append_noflush("\nMac OS version:\n%s\n",
1190 (osversion[0] != 0) ? osversion : "Not yet set");
1191 paniclog_append_noflush("\nKernel version:\n%s\n",version);
1192 panic_display_kernel_uuid();
1193 if (!launchd_exit) {
1194 panic_display_kernel_aslr();
1195 panic_display_hibb();
1196 panic_display_pal_info();
1197 }
1198 panic_display_model_name();
1199 panic_display_disk_errors();
1200 if (!launchd_exit) {
1201 panic_display_uptime();
1202 panic_display_zprint();
1203 #if CONFIG_ZLEAKS
1204 panic_display_ztrace();
1205 #endif /* CONFIG_ZLEAKS */
1206 kext_dump_panic_lists(&paniclog_append_noflush);
1207 }
1208 }
1209 }
1210
1211 extern unsigned int stack_total;
1212 extern unsigned long long stack_allocs;
1213
1214 #if defined (__x86_64__)
1215 extern unsigned int inuse_ptepages_count;
1216 extern long long alloc_ptepages_count;
1217 #endif
1218
1219 extern boolean_t panic_include_zprint;
1220 extern mach_memory_info_t *panic_kext_memory_info;
1221 extern vm_size_t panic_kext_memory_size;
1222
1223 __private_extern__ void
1224 panic_display_zprint()
1225 {
1226 if(panic_include_zprint == TRUE) {
1227
1228 unsigned int i;
1229 struct zone zone_copy;
1230
1231 paniclog_append_noflush("%-20s %10s %10s\n", "Zone Name", "Cur Size", "Free Size");
1232 for (i = 0; i < num_zones; i++) {
1233 if(ml_nofault_copy((vm_offset_t)(&zone_array[i]), (vm_offset_t)&zone_copy, sizeof(struct zone)) == sizeof(struct zone)) {
1234 if(zone_copy.cur_size > (1024*1024)) {
1235 paniclog_append_noflush("%-20s %10lu %10lu\n",zone_copy.zone_name, (uintptr_t)zone_copy.cur_size,(uintptr_t)(zone_copy.countfree * zone_copy.elem_size));
1236 }
1237 }
1238 }
1239
1240 paniclog_append_noflush("%-20s %10lu\n", "Kernel Stacks", (uintptr_t)(kernel_stack_size * stack_total));
1241
1242 #if defined (__x86_64__)
1243 paniclog_append_noflush("%-20s %10lu\n", "PageTables",(uintptr_t)(PAGE_SIZE * inuse_ptepages_count));
1244 #endif
1245
1246 paniclog_append_noflush("%-20s %10lu\n", "Kalloc.Large", (uintptr_t)kalloc_large_total);
1247 if (panic_kext_memory_info) {
1248 mach_memory_info_t *mem_info = panic_kext_memory_info;
1249 paniclog_append_noflush("\n%-5s %10s\n", "Kmod", "Size");
1250 for (i = 0; i < (panic_kext_memory_size / sizeof(mach_zone_info_t)); i++) {
1251 if (((mem_info[i].flags & VM_KERN_SITE_TYPE) == VM_KERN_SITE_KMOD) && (mem_info[i].size > (1024 * 1024))) {
1252 paniclog_append_noflush("%-5lld %10lld\n", mem_info[i].site, mem_info[i].size);
1253 }
1254 }
1255 }
1256 }
1257 }
1258
1259 #if CONFIG_ECC_LOGGING
1260 __private_extern__ void
1261 panic_display_ecc_errors()
1262 {
1263 uint32_t count = ecc_log_get_correction_count();
1264
1265 if (count > 0) {
1266 paniclog_append_noflush("ECC Corrections:%u\n", count);
1267 }
1268 }
1269 #endif /* CONFIG_ECC_LOGGING */
1270
1271 #if CONFIG_ZLEAKS
1272 extern boolean_t panic_include_ztrace;
1273 extern struct ztrace* top_ztrace;
1274 void panic_print_symbol_name(vm_address_t search);
1275
1276 /*
1277 * Prints the backtrace most suspected of being a leaker, if we paniced in the zone allocator.
1278 * top_ztrace and panic_include_ztrace comes from osfmk/kern/zalloc.c
1279 */
1280 __private_extern__ void
1281 panic_display_ztrace(void)
1282 {
1283 if(panic_include_ztrace == TRUE) {
1284 unsigned int i = 0;
1285 boolean_t keepsyms = FALSE;
1286
1287 PE_parse_boot_argn("keepsyms", &keepsyms, sizeof (keepsyms));
1288 struct ztrace top_ztrace_copy;
1289
1290 /* Make sure not to trip another panic if there's something wrong with memory */
1291 if(ml_nofault_copy((vm_offset_t)top_ztrace, (vm_offset_t)&top_ztrace_copy, sizeof(struct ztrace)) == sizeof(struct ztrace)) {
1292 paniclog_append_noflush("\nBacktrace suspected of leaking: (outstanding bytes: %lu)\n", (uintptr_t)top_ztrace_copy.zt_size);
1293 /* Print the backtrace addresses */
1294 for (i = 0; (i < top_ztrace_copy.zt_depth && i < MAX_ZTRACE_DEPTH) ; i++) {
1295 paniclog_append_noflush("%p ", top_ztrace_copy.zt_stack[i]);
1296 if (keepsyms) {
1297 panic_print_symbol_name((vm_address_t)top_ztrace_copy.zt_stack[i]);
1298 }
1299 paniclog_append_noflush("\n");
1300 }
1301 /* Print any kexts in that backtrace, along with their link addresses so we can properly blame them */
1302 kmod_panic_dump((vm_offset_t *)&top_ztrace_copy.zt_stack[0], top_ztrace_copy.zt_depth);
1303 }
1304 else {
1305 paniclog_append_noflush("\nCan't access top_ztrace...\n");
1306 }
1307 paniclog_append_noflush("\n");
1308 }
1309 }
1310 #endif /* CONFIG_ZLEAKS */
1311
1312 #if !CONFIG_TELEMETRY
1313 int
1314 telemetry_gather(user_addr_t buffer __unused, uint32_t *length __unused, boolean_t mark __unused)
1315 {
1316 return KERN_NOT_SUPPORTED;
1317 }
1318 #endif
1319
1320 #include <machine/machine_cpu.h>
1321
1322 uint32_t kern_feature_overrides = 0;
1323
1324 boolean_t kern_feature_override(uint32_t fmask) {
1325 if (kern_feature_overrides == 0) {
1326 uint32_t fdisables = 0;
1327 /* Expected to be first invoked early, in a single-threaded
1328 * environment
1329 */
1330 if (PE_parse_boot_argn("validation_disables", &fdisables, sizeof(fdisables))) {
1331 fdisables |= KF_INITIALIZED;
1332 kern_feature_overrides = fdisables;
1333 } else {
1334 kern_feature_overrides |= KF_INITIALIZED;
1335 }
1336 }
1337 return ((kern_feature_overrides & fmask) == fmask);
1338 }
mirror of XNU